131 lines
108 KiB
Markdown
131 lines
108 KiB
Markdown
---
|
||
hide:
|
||
- toc
|
||
---
|
||
|
||
# Security Overview
|
||
|
||
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
|
||
|
||
## Helm-Chart
|
||
|
||
##### Scan Results
|
||
|
||
#### Chart Object: sickgear/templates/common.yaml
|
||
|
||
|
||
|
||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'RELEASE-NAME-sickgear' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
|
||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
|
||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-sickgear' of Deployment 'RELEASE-NAME-sickgear' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/misconfig/ksv003">https://avd.aquasec.com/misconfig/ksv003</a><br></details> |
|
||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-sickgear' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/misconfig/ksv003">https://avd.aquasec.com/misconfig/ksv003</a><br></details> |
|
||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'RELEASE-NAME-sickgear' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv012">https://avd.aquasec.com/misconfig/ksv012</a><br></details> |
|
||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv012">https://avd.aquasec.com/misconfig/ksv012</a><br></details> |
|
||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'RELEASE-NAME-sickgear' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/misconfig/ksv014">https://avd.aquasec.com/misconfig/ksv014</a><br></details> |
|
||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/misconfig/ksv014">https://avd.aquasec.com/misconfig/ksv014</a><br></details> |
|
||
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.privileged' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/misconfig/ksv017">https://avd.aquasec.com/misconfig/ksv017</a><br></details> |
|
||
| Kubernetes Security Check | KSV020 | Runs with low user ID | LOW | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'RELEASE-NAME-sickgear' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv020">https://avd.aquasec.com/misconfig/ksv020</a><br></details> |
|
||
| Kubernetes Security Check | KSV020 | Runs with low user ID | LOW | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv020">https://avd.aquasec.com/misconfig/ksv020</a><br></details> |
|
||
| Kubernetes Security Check | KSV021 | Runs with low group ID | LOW | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'RELEASE-NAME-sickgear' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv021">https://avd.aquasec.com/misconfig/ksv021</a><br></details> |
|
||
| Kubernetes Security Check | KSV021 | Runs with low group ID | LOW | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-sickgear' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv021">https://avd.aquasec.com/misconfig/ksv021</a><br></details> |
|
||
| Kubernetes Security Check | KSV030 | Default Seccomp profile not set | LOW | <details><summary>Expand...</summary> The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles. <br> <hr> <br> Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault' </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv030">https://avd.aquasec.com/misconfig/ksv030</a><br></details> |
|
||
| Kubernetes Security Check | KSV030 | Default Seccomp profile not set | LOW | <details><summary>Expand...</summary> The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles. <br> <hr> <br> Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault' </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv030">https://avd.aquasec.com/misconfig/ksv030</a><br></details> |
|
||
| Kubernetes Security Check | KSV105 | Containers must not set runAsUser to 0 | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root UID. <br> <hr> <br> securityContext.runAsUser should be set to a value greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv105">https://avd.aquasec.com/misconfig/ksv105</a><br></details> |
|
||
| Kubernetes Security Check | KSV105 | Containers must not set runAsUser to 0 | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root UID. <br> <hr> <br> securityContext.runAsUser should be set to a value greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv105">https://avd.aquasec.com/misconfig/ksv105</a><br></details> |
|
||
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | <details><summary>Expand...</summary> Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. <br> <hr> <br> container should drop all </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv106">https://avd.aquasec.com/misconfig/ksv106</a><br></details> |
|
||
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | <details><summary>Expand...</summary> Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. <br> <hr> <br> container should drop all </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv106">https://avd.aquasec.com/misconfig/ksv106</a><br></details> |
|
||
|
||
## Containers
|
||
|
||
##### Detected Containers
|
||
|
||
tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730
|
||
tccr.io/truecharts/sickgear:version-release_0.25.4@sha256:6a78e9f784cf298552402143bee239858956f4783c7619e9a2b960c0d0d15d73
|
||
|
||
##### Scan Results
|
||
|
||
|
||
#### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)
|
||
|
||
|
||
**alpine**
|
||
|
||
|
||
| No Vulnerabilities found |
|
||
|:---------------------------------|
|
||
|
||
|
||
|
||
|
||
#### Container: tccr.io/truecharts/sickgear:version-release_0.25.4@sha256:6a78e9f784cf298552402143bee239858956f4783c7619e9a2b960c0d0d15d73 (alpine 3.13)
|
||
|
||
|
||
**alpine**
|
||
|
||
|
||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||
| busybox | CVE-2022-28391 | CRITICAL | 1.32.1-r6 | 1.32.1-r8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
|
||
| busybox | CVE-2021-42378 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42378">https://access.redhat.com/security/cve/CVE-2021-42378</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42378">https://nvd.nist.gov/vuln/detail/CVE-2021-42378</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| busybox | CVE-2021-42379 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42379">https://access.redhat.com/security/cve/CVE-2021-42379</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42379">https://nvd.nist.gov/vuln/detail/CVE-2021-42379</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| busybox | CVE-2021-42380 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42380">https://access.redhat.com/security/cve/CVE-2021-42380</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42380">https://nvd.nist.gov/vuln/detail/CVE-2021-42380</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| busybox | CVE-2021-42381 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42381">https://access.redhat.com/security/cve/CVE-2021-42381</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42381">https://nvd.nist.gov/vuln/detail/CVE-2021-42381</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| busybox | CVE-2021-42382 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42382">https://access.redhat.com/security/cve/CVE-2021-42382</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42382">https://nvd.nist.gov/vuln/detail/CVE-2021-42382</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| busybox | CVE-2021-42383 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42383">https://access.redhat.com/security/cve/CVE-2021-42383</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
|
||
| busybox | CVE-2021-42384 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42384">https://access.redhat.com/security/cve/CVE-2021-42384</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42384">https://nvd.nist.gov/vuln/detail/CVE-2021-42384</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| busybox | CVE-2021-42385 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42385">https://access.redhat.com/security/cve/CVE-2021-42385</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42385">https://nvd.nist.gov/vuln/detail/CVE-2021-42385</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| busybox | CVE-2021-42386 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42386">https://access.redhat.com/security/cve/CVE-2021-42386</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42386">https://nvd.nist.gov/vuln/detail/CVE-2021-42386</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| busybox | CVE-2021-42374 | MEDIUM | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42374">https://access.redhat.com/security/cve/CVE-2021-42374</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42374">https://nvd.nist.gov/vuln/detail/CVE-2021-42374</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| busybox | CVE-2021-42375 | MEDIUM | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42375">https://access.redhat.com/security/cve/CVE-2021-42375</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
|
||
| curl | CVE-2022-22576 | HIGH | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://hackerone.com/reports/1526328">https://hackerone.com/reports/1526328</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22576">https://nvd.nist.gov/vuln/detail/CVE-2022-22576</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| curl | CVE-2022-27775 | HIGH | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://hackerone.com/reports/1546268">https://hackerone.com/reports/1546268</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27775">https://nvd.nist.gov/vuln/detail/CVE-2022-27775</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| curl | CVE-2022-27774 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://hackerone.com/reports/1543773">https://hackerone.com/reports/1543773</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27774">https://nvd.nist.gov/vuln/detail/CVE-2022-27774</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| curl | CVE-2022-27776 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://hackerone.com/reports/1547048">https://hackerone.com/reports/1547048</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27776">https://nvd.nist.gov/vuln/detail/CVE-2022-27776</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| expat | CVE-2022-22822 | CRITICAL | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22822">https://access.redhat.com/security/cve/CVE-2022-22822</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22822.html">https://linux.oracle.com/cve/CVE-2022-22822.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22822">https://nvd.nist.gov/vuln/detail/CVE-2022-22822</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||
| expat | CVE-2022-22823 | CRITICAL | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22823">https://access.redhat.com/security/cve/CVE-2022-22823</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22823.html">https://linux.oracle.com/cve/CVE-2022-22823.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22823">https://nvd.nist.gov/vuln/detail/CVE-2022-22823</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||
| expat | CVE-2022-22824 | CRITICAL | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22824">https://access.redhat.com/security/cve/CVE-2022-22824</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22824.html">https://linux.oracle.com/cve/CVE-2022-22824.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22824">https://nvd.nist.gov/vuln/detail/CVE-2022-22824</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||
| expat | CVE-2022-23852 | CRITICAL | 2.2.10-r1 | 2.2.10-r3 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-23852">https://access.redhat.com/security/cve/CVE-2022-23852</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852</a><br><a href="https://github.com/libexpat/libexpat/pull/550">https://github.com/libexpat/libexpat/pull/550</a><br><a href="https://linux.oracle.com/cve/CVE-2022-23852.html">https://linux.oracle.com/cve/CVE-2022-23852.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-23852">https://nvd.nist.gov/vuln/detail/CVE-2022-23852</a><br><a href="https://security.netapp.com/advisory/ntap-20220217-0001/">https://security.netapp.com/advisory/ntap-20220217-0001/</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||
| expat | CVE-2022-23990 | CRITICAL | 2.2.10-r1 | 2.2.10-r3 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-23990">https://access.redhat.com/security/cve/CVE-2022-23990</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990</a><br><a href="https://github.com/libexpat/libexpat/pull/551">https://github.com/libexpat/libexpat/pull/551</a><br><a href="https://linux.oracle.com/cve/CVE-2022-23990.html">https://linux.oracle.com/cve/CVE-2022-23990.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9232.html">https://linux.oracle.com/errata/ELSA-2022-9232.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-23990">https://nvd.nist.gov/vuln/detail/CVE-2022-23990</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||
| expat | CVE-2022-25235 | CRITICAL | 2.2.10-r1 | 2.2.10-r4 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25235">https://access.redhat.com/security/cve/CVE-2022-25235</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235</a><br><a href="https://github.com/libexpat/libexpat/pull/562">https://github.com/libexpat/libexpat/pull/562</a><br><a href="https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)">https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)</a><br><a href="https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)">https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)</a><br><a href="https://linux.oracle.com/cve/CVE-2022-25235.html">https://linux.oracle.com/cve/CVE-2022-25235.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9359.html">https://linux.oracle.com/errata/ELSA-2022-9359.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25235">https://nvd.nist.gov/vuln/detail/CVE-2022-25235</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||
| expat | CVE-2022-25236 | CRITICAL | 2.2.10-r1 | 2.2.10-r4 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html">http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html</a><br><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25236">https://access.redhat.com/security/cve/CVE-2022-25236</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236</a><br><a href="https://github.com/libexpat/libexpat/pull/561">https://github.com/libexpat/libexpat/pull/561</a><br><a href="https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)">https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)</a><br><a href="https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)">https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)</a><br><a href="https://github.com/libexpat/libexpat/pull/577">https://github.com/libexpat/libexpat/pull/577</a><br><a href="https://linux.oracle.com/cve/CVE-2022-25236.html">https://linux.oracle.com/cve/CVE-2022-25236.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9359.html">https://linux.oracle.com/errata/ELSA-2022-9359.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25236">https://nvd.nist.gov/vuln/detail/CVE-2022-25236</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||
| expat | CVE-2022-25315 | CRITICAL | 2.2.10-r1 | 2.2.10-r4 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25315">https://access.redhat.com/security/cve/CVE-2022-25315</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315</a><br><a href="https://github.com/libexpat/libexpat/pull/559">https://github.com/libexpat/libexpat/pull/559</a><br><a href="https://linux.oracle.com/cve/CVE-2022-25315.html">https://linux.oracle.com/cve/CVE-2022-25315.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9359.html">https://linux.oracle.com/errata/ELSA-2022-9359.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25315">https://nvd.nist.gov/vuln/detail/CVE-2022-25315</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5320-1">https://ubuntu.com/security/notices/USN-5320-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||
| expat | CVE-2021-45960 | HIGH | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-45960">https://access.redhat.com/security/cve/CVE-2021-45960</a><br><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1217609">https://bugzilla.mozilla.org/show_bug.cgi?id=1217609</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960</a><br><a href="https://github.com/libexpat/libexpat/issues/531">https://github.com/libexpat/libexpat/issues/531</a><br><a href="https://github.com/libexpat/libexpat/pull/534">https://github.com/libexpat/libexpat/pull/534</a><br><a href="https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea">https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea</a><br><a href="https://linux.oracle.com/cve/CVE-2021-45960.html">https://linux.oracle.com/cve/CVE-2021-45960.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-45960">https://nvd.nist.gov/vuln/detail/CVE-2021-45960</a><br><a href="https://security.netapp.com/advisory/ntap-20220121-0004/">https://security.netapp.com/advisory/ntap-20220121-0004/</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||
| expat | CVE-2021-46143 | HIGH | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-46143">https://access.redhat.com/security/cve/CVE-2021-46143</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143</a><br><a href="https://github.com/libexpat/libexpat/issues/532">https://github.com/libexpat/libexpat/issues/532</a><br><a href="https://github.com/libexpat/libexpat/pull/538">https://github.com/libexpat/libexpat/pull/538</a><br><a href="https://linux.oracle.com/cve/CVE-2021-46143.html">https://linux.oracle.com/cve/CVE-2021-46143.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9227.html">https://linux.oracle.com/errata/ELSA-2022-9227.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-46143">https://nvd.nist.gov/vuln/detail/CVE-2021-46143</a><br><a href="https://security.netapp.com/advisory/ntap-20220121-0006/">https://security.netapp.com/advisory/ntap-20220121-0006/</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||
| expat | CVE-2022-22825 | HIGH | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22825">https://access.redhat.com/security/cve/CVE-2022-22825</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22825.html">https://linux.oracle.com/cve/CVE-2022-22825.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22825">https://nvd.nist.gov/vuln/detail/CVE-2022-22825</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||
| expat | CVE-2022-22826 | HIGH | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22826">https://access.redhat.com/security/cve/CVE-2022-22826</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22826.html">https://linux.oracle.com/cve/CVE-2022-22826.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22826">https://nvd.nist.gov/vuln/detail/CVE-2022-22826</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||
| expat | CVE-2022-22827 | HIGH | 2.2.10-r1 | 2.2.10-r2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/01/17/3">http://www.openwall.com/lists/oss-security/2022/01/17/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-22827">https://access.redhat.com/security/cve/CVE-2022-22827</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827</a><br><a href="https://github.com/libexpat/libexpat/pull/539">https://github.com/libexpat/libexpat/pull/539</a><br><a href="https://linux.oracle.com/cve/CVE-2022-22827.html">https://linux.oracle.com/cve/CVE-2022-22827.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1069.html">https://linux.oracle.com/errata/ELSA-2022-1069.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22827">https://nvd.nist.gov/vuln/detail/CVE-2022-22827</a><br><a href="https://ubuntu.com/security/notices/USN-5288-1">https://ubuntu.com/security/notices/USN-5288-1</a><br><a href="https://www.debian.org/security/2022/dsa-5073">https://www.debian.org/security/2022/dsa-5073</a><br><a href="https://www.tenable.com/security/tns-2022-05">https://www.tenable.com/security/tns-2022-05</a><br></details> |
|
||
| expat | CVE-2022-25314 | HIGH | 2.2.10-r1 | 2.2.10-r4 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25314">https://access.redhat.com/security/cve/CVE-2022-25314</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314</a><br><a href="https://github.com/libexpat/libexpat/pull/560">https://github.com/libexpat/libexpat/pull/560</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25314">https://nvd.nist.gov/vuln/detail/CVE-2022-25314</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5320-1">https://ubuntu.com/security/notices/USN-5320-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||
| expat | CVE-2022-25313 | MEDIUM | 2.2.10-r1 | 2.2.10-r4 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/02/19/1">http://www.openwall.com/lists/oss-security/2022/02/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-25313">https://access.redhat.com/security/cve/CVE-2022-25313</a><br><a href="https://blog.hartwork.org/posts/expat-2-4-5-released/">https://blog.hartwork.org/posts/expat-2-4-5-released/</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313</a><br><a href="https://github.com/libexpat/libexpat/pull/558">https://github.com/libexpat/libexpat/pull/558</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25313">https://nvd.nist.gov/vuln/detail/CVE-2022-25313</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0008/">https://security.netapp.com/advisory/ntap-20220303-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5320-1">https://ubuntu.com/security/notices/USN-5320-1</a><br><a href="https://www.debian.org/security/2022/dsa-5085">https://www.debian.org/security/2022/dsa-5085</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||
| libcrypto1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html">http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html</a><br><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-0778">https://access.redhat.com/security/cve/CVE-2022-0778</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf</a><br><a href="https://crates.io/crates/openssl-src">https://crates.io/crates/openssl-src</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1065.html">https://errata.almalinux.org/8/ALSA-2022-1065.html</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0778.html">https://linux.oracle.com/cve/CVE-2022-0778.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9272.html">https://linux.oracle.com/errata/ELSA-2022-9272.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0778">https://nvd.nist.gov/vuln/detail/CVE-2022-0778</a><br><a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2022-0014.html">https://rustsec.org/advisories/RUSTSEC-2022-0014.html</a><br><a href="https://security.netapp.com/advisory/ntap-20220321-0002/">https://security.netapp.com/advisory/ntap-20220321-0002/</a><br><a href="https://security.netapp.com/advisory/ntap-20220429-0005/">https://security.netapp.com/advisory/ntap-20220429-0005/</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://ubuntu.com/security/notices/USN-5328-1">https://ubuntu.com/security/notices/USN-5328-1</a><br><a href="https://ubuntu.com/security/notices/USN-5328-2">https://ubuntu.com/security/notices/USN-5328-2</a><br><a href="https://www.debian.org/security/2022/dsa-5103">https://www.debian.org/security/2022/dsa-5103</a><br><a href="https://www.openssl.org/news/secadv/20220315.txt">https://www.openssl.org/news/secadv/20220315.txt</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.tenable.com/security/tns-2022-06">https://www.tenable.com/security/tns-2022-06</a><br><a href="https://www.tenable.com/security/tns-2022-07">https://www.tenable.com/security/tns-2022-07</a><br><a href="https://www.tenable.com/security/tns-2022-08">https://www.tenable.com/security/tns-2022-08</a><br><a href="https://www.tenable.com/security/tns-2022-09">https://www.tenable.com/security/tns-2022-09</a><br></details> |
|
||
| libcurl | CVE-2022-22576 | HIGH | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://hackerone.com/reports/1526328">https://hackerone.com/reports/1526328</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22576">https://nvd.nist.gov/vuln/detail/CVE-2022-22576</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-27775 | HIGH | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://hackerone.com/reports/1546268">https://hackerone.com/reports/1546268</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27775">https://nvd.nist.gov/vuln/detail/CVE-2022-27775</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-27774 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://hackerone.com/reports/1543773">https://hackerone.com/reports/1543773</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27774">https://nvd.nist.gov/vuln/detail/CVE-2022-27774</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-27776 | MEDIUM | 7.79.1-r0 | 7.79.1-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://hackerone.com/reports/1547048">https://hackerone.com/reports/1547048</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27776">https://nvd.nist.gov/vuln/detail/CVE-2022-27776</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libssl1.1 | CVE-2022-0778 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html">http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html</a><br><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-0778">https://access.redhat.com/security/cve/CVE-2022-0778</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf</a><br><a href="https://crates.io/crates/openssl-src">https://crates.io/crates/openssl-src</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1065.html">https://errata.almalinux.org/8/ALSA-2022-1065.html</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246</a><br><a href="https://linux.oracle.com/cve/CVE-2022-0778.html">https://linux.oracle.com/cve/CVE-2022-0778.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9272.html">https://linux.oracle.com/errata/ELSA-2022-9272.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0778">https://nvd.nist.gov/vuln/detail/CVE-2022-0778</a><br><a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002</a><br><a href="https://rustsec.org/advisories/RUSTSEC-2022-0014.html">https://rustsec.org/advisories/RUSTSEC-2022-0014.html</a><br><a href="https://security.netapp.com/advisory/ntap-20220321-0002/">https://security.netapp.com/advisory/ntap-20220321-0002/</a><br><a href="https://security.netapp.com/advisory/ntap-20220429-0005/">https://security.netapp.com/advisory/ntap-20220429-0005/</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://ubuntu.com/security/notices/USN-5328-1">https://ubuntu.com/security/notices/USN-5328-1</a><br><a href="https://ubuntu.com/security/notices/USN-5328-2">https://ubuntu.com/security/notices/USN-5328-2</a><br><a href="https://www.debian.org/security/2022/dsa-5103">https://www.debian.org/security/2022/dsa-5103</a><br><a href="https://www.openssl.org/news/secadv/20220315.txt">https://www.openssl.org/news/secadv/20220315.txt</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.tenable.com/security/tns-2022-06">https://www.tenable.com/security/tns-2022-06</a><br><a href="https://www.tenable.com/security/tns-2022-07">https://www.tenable.com/security/tns-2022-07</a><br><a href="https://www.tenable.com/security/tns-2022-08">https://www.tenable.com/security/tns-2022-08</a><br><a href="https://www.tenable.com/security/tns-2022-09">https://www.tenable.com/security/tns-2022-09</a><br></details> |
|
||
| libxml2 | CVE-2022-23308 | HIGH | 2.9.12-r0 | 2.9.13-r0 | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/34">http://seclists.org/fulldisclosure/2022/May/34</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/36">http://seclists.org/fulldisclosure/2022/May/36</a><br><a href="http://seclists.org/fulldisclosure/2022/May/37">http://seclists.org/fulldisclosure/2022/May/37</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-23308">https://access.redhat.com/security/cve/CVE-2022-23308</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308</a><br><a href="https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e">https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS">https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS</a><br><a href="https://linux.oracle.com/cve/CVE-2022-23308.html">https://linux.oracle.com/cve/CVE-2022-23308.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0899.html">https://linux.oracle.com/errata/ELSA-2022-0899.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-23308">https://nvd.nist.gov/vuln/detail/CVE-2022-23308</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0008/">https://security.netapp.com/advisory/ntap-20220331-0008/</a><br><a href="https://support.apple.com/kb/HT213253">https://support.apple.com/kb/HT213253</a><br><a href="https://support.apple.com/kb/HT213254">https://support.apple.com/kb/HT213254</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://support.apple.com/kb/HT213258">https://support.apple.com/kb/HT213258</a><br><a href="https://ubuntu.com/security/notices/USN-5324-1">https://ubuntu.com/security/notices/USN-5324-1</a><br><a href="https://ubuntu.com/security/notices/USN-5422-1">https://ubuntu.com/security/notices/USN-5422-1</a><br></details> |
|
||
| libxml2 | CVE-2022-29824 | MEDIUM | 2.9.12-r0 | 2.9.14-r0 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html">http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-29824">https://access.redhat.com/security/cve/CVE-2022-29824</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab">https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)">https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab (v2.9.14)</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd">https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)">https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd (master)</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14">https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14</a><br><a href="https://gitlab.gnome.org/GNOME/libxslt/-/tags">https://gitlab.gnome.org/GNOME/libxslt/-/tags</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29824">https://nvd.nist.gov/vuln/detail/CVE-2022-29824</a><br><a href="https://ubuntu.com/security/notices/USN-5422-1">https://ubuntu.com/security/notices/USN-5422-1</a><br><a href="https://www.debian.org/security/2022/dsa-5142">https://www.debian.org/security/2022/dsa-5142</a><br></details> |
|
||
| libxslt | CVE-2021-30560 | HIGH | 1.1.34-r0 | 1.1.35-r0 | <details><summary>Expand...</summary><a href="https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html">https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html</a><br><a href="https://crbug.com/1219209">https://crbug.com/1219209</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-30560">https://nvd.nist.gov/vuln/detail/CVE-2021-30560</a><br></details> |
|
||
| ssl_client | CVE-2022-28391 | CRITICAL | 1.32.1-r6 | 1.32.1-r8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
|
||
| ssl_client | CVE-2021-42378 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42378">https://access.redhat.com/security/cve/CVE-2021-42378</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42378">https://nvd.nist.gov/vuln/detail/CVE-2021-42378</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| ssl_client | CVE-2021-42379 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42379">https://access.redhat.com/security/cve/CVE-2021-42379</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42379">https://nvd.nist.gov/vuln/detail/CVE-2021-42379</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| ssl_client | CVE-2021-42380 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42380">https://access.redhat.com/security/cve/CVE-2021-42380</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42380">https://nvd.nist.gov/vuln/detail/CVE-2021-42380</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| ssl_client | CVE-2021-42381 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42381">https://access.redhat.com/security/cve/CVE-2021-42381</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42381">https://nvd.nist.gov/vuln/detail/CVE-2021-42381</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| ssl_client | CVE-2021-42382 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42382">https://access.redhat.com/security/cve/CVE-2021-42382</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42382">https://nvd.nist.gov/vuln/detail/CVE-2021-42382</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| ssl_client | CVE-2021-42383 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42383">https://access.redhat.com/security/cve/CVE-2021-42383</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
|
||
| ssl_client | CVE-2021-42384 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42384">https://access.redhat.com/security/cve/CVE-2021-42384</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42384">https://nvd.nist.gov/vuln/detail/CVE-2021-42384</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| ssl_client | CVE-2021-42385 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42385">https://access.redhat.com/security/cve/CVE-2021-42385</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42385">https://nvd.nist.gov/vuln/detail/CVE-2021-42385</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| ssl_client | CVE-2021-42386 | HIGH | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42386">https://access.redhat.com/security/cve/CVE-2021-42386</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42386">https://nvd.nist.gov/vuln/detail/CVE-2021-42386</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| ssl_client | CVE-2021-42374 | MEDIUM | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42374">https://access.redhat.com/security/cve/CVE-2021-42374</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42374">https://nvd.nist.gov/vuln/detail/CVE-2021-42374</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
|
||
| ssl_client | CVE-2021-42375 | MEDIUM | 1.32.1-r6 | 1.32.1-r7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42375">https://access.redhat.com/security/cve/CVE-2021-42375</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://security.netapp.com/advisory/ntap-20211223-0002/">https://security.netapp.com/advisory/ntap-20211223-0002/</a><br></details> |
|
||
| xz | CVE-2022-1271 | HIGH | 5.2.5-r0 | 5.2.5-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1271">https://access.redhat.com/security/cve/CVE-2022-1271</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1537.html">https://errata.almalinux.org/8/ALSA-2022-1537.html</a><br><a href="https://linux.oracle.com/cve/CVE-2022-1271.html">https://linux.oracle.com/cve/CVE-2022-1271.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-5052.html">https://linux.oracle.com/errata/ELSA-2022-5052.html</a><br><a href="https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html">https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html</a><br><a href="https://ubuntu.com/security/notices/USN-5378-1">https://ubuntu.com/security/notices/USN-5378-1</a><br><a href="https://ubuntu.com/security/notices/USN-5378-2">https://ubuntu.com/security/notices/USN-5378-2</a><br><a href="https://ubuntu.com/security/notices/USN-5378-3">https://ubuntu.com/security/notices/USN-5378-3</a><br><a href="https://ubuntu.com/security/notices/USN-5378-4">https://ubuntu.com/security/notices/USN-5378-4</a><br><a href="https://www.openwall.com/lists/oss-security/2022/04/07/8">https://www.openwall.com/lists/oss-security/2022/04/07/8</a><br></details> |
|
||
| xz-libs | CVE-2022-1271 | HIGH | 5.2.5-r0 | 5.2.5-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1271">https://access.redhat.com/security/cve/CVE-2022-1271</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1537.html">https://errata.almalinux.org/8/ALSA-2022-1537.html</a><br><a href="https://linux.oracle.com/cve/CVE-2022-1271.html">https://linux.oracle.com/cve/CVE-2022-1271.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-5052.html">https://linux.oracle.com/errata/ELSA-2022-5052.html</a><br><a href="https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html">https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html</a><br><a href="https://ubuntu.com/security/notices/USN-5378-1">https://ubuntu.com/security/notices/USN-5378-1</a><br><a href="https://ubuntu.com/security/notices/USN-5378-2">https://ubuntu.com/security/notices/USN-5378-2</a><br><a href="https://ubuntu.com/security/notices/USN-5378-3">https://ubuntu.com/security/notices/USN-5378-3</a><br><a href="https://ubuntu.com/security/notices/USN-5378-4">https://ubuntu.com/security/notices/USN-5378-4</a><br><a href="https://www.openwall.com/lists/oss-security/2022/04/07/8">https://www.openwall.com/lists/oss-security/2022/04/07/8</a><br></details> |
|
||
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-2201.html">https://errata.almalinux.org/8/ALSA-2022-2201.html</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-2213.html">https://linux.oracle.com/errata/ELSA-2022-2213.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://security.netapp.com/advisory/ntap-20220526-0009/">https://security.netapp.com/advisory/ntap-20220526-0009/</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://ubuntu.com/security/notices/USN-5359-2">https://ubuntu.com/security/notices/USN-5359-2</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
|
||
|
||
****
|
||
|
||
|
||
| No Vulnerabilities found |
|
||
|:---------------------------------|
|