@ -70,38 +70,48 @@ hide:
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' frontend' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' postgresql-init' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' proxy' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-vikunja' of Deployment ' RELEASE-NAME-vikunja' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' frontend' of Deployment ' RELEASE-NAME-vikunja' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' proxy' of Deployment ' RELEASE-NAME-vikunja' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | < details > < summary > Expand...< / summary > Enforcing CPU limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' frontend' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.limits.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv011" > https://avd.aquasec.com/appshield/ksv011< / a > < br > < / details > |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | < details > < summary > Expand...< / summary > Enforcing CPU limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.limits.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv011" > https://avd.aquasec.com/appshield/ksv011< / a > < br > < / details > |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | < details > < summary > Expand...< / summary > Enforcing CPU limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' proxy' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.limits.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv011" > https://avd.aquasec.com/appshield/ksv011< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' RELEASE-NAME-vikunja' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' frontend' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' postgresql-init' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' proxy' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' RELEASE-NAME-vikunja' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' frontend' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' postgresql-init' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' proxy' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' frontend' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.requests.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv015" > https://avd.aquasec.com/appshield/ksv015< / a > < br > < / details > |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.requests.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv015" > https://avd.aquasec.com/appshield/ksv015< / a > < br > < / details > |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' proxy' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.requests.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv015" > https://avd.aquasec.com/appshield/ksv015< / a > < br > < / details > |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' frontend' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.requests.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv016" > https://avd.aquasec.com/appshield/ksv016< / a > < br > < / details > |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.requests.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv016" > https://avd.aquasec.com/appshield/ksv016< / a > < br > < / details > |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' proxy' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.requests.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv016" > https://avd.aquasec.com/appshield/ksv016< / a > < br > < / details > |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | < details > < summary > Expand...< / summary > Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.privileged' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv017" > https://avd.aquasec.com/appshield/ksv017< / a > < br > < / details > |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | < details > < summary > Expand...< / summary > Enforcing memory limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' frontend' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.limits.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv018" > https://avd.aquasec.com/appshield/ksv018< / a > < br > < / details > |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | < details > < summary > Expand...< / summary > Enforcing memory limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.limits.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv018" > https://avd.aquasec.com/appshield/ksv018< / a > < br > < / details > |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | < details > < summary > Expand...< / summary > Enforcing memory limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' proxy' of Deployment ' RELEASE-NAME-vikunja' should set ' resources.limits.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv018" > https://avd.aquasec.com/appshield/ksv018< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-vikunja' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' frontend' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' postgresql-init' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' proxy' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' RELEASE-NAME-vikunja' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' frontend' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' postgresql-init' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ s user table. < br > < hr > < br > Container ' proxy' of Deployment ' RELEASE-NAME-vikunja' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | < details > < summary > Expand...< / summary > HostPath volumes must be forbidden. < br > < hr > < br > Deployment ' RELEASE-NAME-vikunja' should not set ' spec.template.volumes.hostPath' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv023" > https://avd.aquasec.com/appshield/ksv023< / a > < br > < / details > |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-vikunja' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
@ -113,7 +123,8 @@ hide:
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/postgresql:v14.2.0@sha256:a5c260910866d65cef95aa623141abf4eb4241bb239d19b7d1cb769c6f2915c6
tccr.io/truecharts/vikunja-api:v0.18.1@sha256:c79ee38ad40783d6098f302735ca0388b938230aa8f1c6cddfa7a903e2191389
'tccr.io/truecharts/vikunja-frontend:v0.18.2@sha256:a5b2600ad6854e34d4ded50504b89dc37189ac80140edfbfbcbb25c1124b88ab'
- 'tccr.io/truecharts/vikunja-frontend:v0.18.2@sha256:a5b2600ad6854e34d4ded50504b89dc37189ac80140edfbfbcbb25c1124b88ab'
- 'tccr.io/truecharts/nginx:v1.21.6@sha256:e530cd55de35803870c5c54ff5140f79807137937f7cfd9841fba73bee83d554'
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/postgresql:v14.2.0@sha256:797177c01e1b7f363278dd2ec7fa0e63bfe85a92e0cc785042b12c533a56737c
@ -134,7 +145,7 @@ hide:
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"> https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
@ -147,7 +158,7 @@ hide:
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"> https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
#### Container: tccr.io/truecharts/postgresql:v14.2.0@sha256:a5c260910866d65cef95aa623141abf4eb4241bb239d19b7d1cb769c6f2915c6 (debian 10.12)
@ -175,7 +186,7 @@ hide:
| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2018-12886" > https://access.redhat.com/security/cve/CVE-2018-12886< / a > < br > < a href = "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup" > https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379& view=markup< / a > < br > < a href = "https://www.gnu.org/software/gcc/gcc-8/changes.html" > https://www.gnu.org/software/gcc/gcc-8/changes.html< / a > < br > < / details > |
| gcc-8-base | CVE-2019-15847 | HIGH | 8.3.0-6 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html" > http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-15847" > https://access.redhat.com/security/cve/CVE-2019-15847< / a > < br > < a href = "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-15847.html" > https://linux.oracle.com/cve/CVE-2019-15847.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-1864.html" > https://linux.oracle.com/errata/ELSA-2020-1864.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-15847" > https://nvd.nist.gov/vuln/detail/CVE-2019-15847< / a > < br > < / details > |
| gpgv | CVE-2019-14855 | LOW | 2.2.12-1+deb10u1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2019-14855" > https://access.redhat.com/security/cve/CVE-2019-14855< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855< / a > < br > < a href = "https://dev.gnupg.org/T4755" > https://dev.gnupg.org/T4755< / a > < br > < a href = "https://eprint.iacr.org/2020/014.pdf" > https://eprint.iacr.org/2020/014.pdf< / a > < br > < a href = "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html" > https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html< / a > < br > < a href = "https://rwc.iacr.org/2020/slides/Leurent.pdf" > https://rwc.iacr.org/2020/slides/Leurent.pdf< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4516-1" > https://ubuntu.com/security/notices/USN-4516-1< / a > < br > < a href = "https://usn.ubuntu.com/4516-1/" > https://usn.ubuntu.com/4516-1/< / a > < br > < / details > |
| gzip | CVE-2022-1271 | HIGH | 1.9-3 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| gzip | CVE-2022-1271 | HIGH | 1.9-3 | 1.9-3+deb10u1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| libapt-pkg5.0 | CVE-2011-3374 | LOW | 1.8.2.3 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/cve-2011-3374" > https://access.redhat.com/security/cve/cve-2011-3374< / a > < br > < a href = "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480" > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480< / a > < br > < a href = "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html" > https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html< / a > < br > < a href = "https://seclists.org/fulldisclosure/2011/Sep/221" > https://seclists.org/fulldisclosure/2011/Sep/221< / a > < br > < a href = "https://security-tracker.debian.org/tracker/CVE-2011-3374" > https://security-tracker.debian.org/tracker/CVE-2011-3374< / a > < br > < a href = "https://snyk.io/vuln/SNYK-LINUX-APT-116518" > https://snyk.io/vuln/SNYK-LINUX-APT-116518< / a > < br > < a href = "https://ubuntu.com/security/CVE-2011-3374" > https://ubuntu.com/security/CVE-2011-3374< / a > < br > < / details > |
| libblkid1 | CVE-2021-37600 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37600" > https://access.redhat.com/security/cve/CVE-2021-37600< / a > < br > < a href = "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c" > https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c< / a > < br > < a href = "https://github.com/karelzak/util-linux/issues/1395" > https://github.com/karelzak/util-linux/issues/1395< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37600" > https://nvd.nist.gov/vuln/detail/CVE-2021-37600< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210902-0002/" > https://security.netapp.com/advisory/ntap-20210902-0002/< / a > < br > < / details > |
| libblkid1 | CVE-2022-0563 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
@ -279,7 +290,7 @@ hide:
| libldap-common | CVE-2017-17740 | LOW | 2.4.47+dfsg-3+deb10u6 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html" > http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html" > http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html< / a > < br > < a href = "http://www.openldap.org/its/index.cgi/Incoming?id=8759" > http://www.openldap.org/its/index.cgi/Incoming?id=8759< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-17740" > https://access.redhat.com/security/cve/CVE-2017-17740< / a > < br > < a href = "https://kc.mcafee.com/corporate/index?page=content&id=SB10365" > https://kc.mcafee.com/corporate/index?page=content& id=SB10365< / a > < br > < / details > |
| libldap-common | CVE-2020-15719 | LOW | 2.4.47+dfsg-3+deb10u6 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html" > http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html" > http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html< / a > < br > < a href = "https://access.redhat.com/errata/RHBA-2019:3674" > https://access.redhat.com/errata/RHBA-2019:3674< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-15719" > https://access.redhat.com/security/cve/CVE-2020-15719< / a > < br > < a href = "https://bugs.openldap.org/show_bug.cgi?id=9266" > https://bugs.openldap.org/show_bug.cgi?id=9266< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1740070" > https://bugzilla.redhat.com/show_bug.cgi?id=1740070< / a > < br > < a href = "https://kc.mcafee.com/corporate/index?page=content&id=SB10365" > https://kc.mcafee.com/corporate/index?page=content& id=SB10365< / a > < br > < / details > |
| liblz4-1 | CVE-2019-17543 | LOW | 1.8.3-1+deb10u1 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-17543" > https://access.redhat.com/security/cve/CVE-2019-17543< / a > < br > < a href = "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941" > https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941< / a > < br > < a href = "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2" > https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2< / a > < br > < a href = "https://github.com/lz4/lz4/issues/801" > https://github.com/lz4/lz4/issues/801< / a > < br > < a href = "https://github.com/lz4/lz4/pull/756" > https://github.com/lz4/lz4/pull/756< / a > < br > < a href = "https://github.com/lz4/lz4/pull/760" > https://github.com/lz4/lz4/pull/760< / a > < br > < a href = "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E" > https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E" > https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E" > https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E" > https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| liblzma5 | CVE-2022-1271 | HIGH | 5.2.4-1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| liblzma5 | CVE-2022-1271 | HIGH | 5.2.4-1 | 5.2.4-1+deb10u1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| libmount1 | CVE-2021-37600 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37600" > https://access.redhat.com/security/cve/CVE-2021-37600< / a > < br > < a href = "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c" > https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c< / a > < br > < a href = "https://github.com/karelzak/util-linux/issues/1395" > https://github.com/karelzak/util-linux/issues/1395< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37600" > https://nvd.nist.gov/vuln/detail/CVE-2021-37600< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210902-0002/" > https://security.netapp.com/advisory/ntap-20210902-0002/< / a > < br > < / details > |
| libmount1 | CVE-2022-0563 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| libncurses6 | CVE-2021-39537 | LOW | 6.1+20181013-2+deb10u2 | | < details > < summary > Expand...< / summary > < a href = "http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup" > http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1& content-type=text/x-cvsweb-markup< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-39537" > https://access.redhat.com/security/cve/CVE-2021-39537< / a > < br > < a href = "https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html" > https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html< / a > < br > < a href = "https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html" > https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-39537" > https://nvd.nist.gov/vuln/detail/CVE-2021-39537< / a > < br > < / details > |
@ -424,7 +435,7 @@ hide:
| ssl_client | CVE-2021-42385 | HIGH | 1.31.1-r20 | 1.31.1-r21 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-42385" > https://access.redhat.com/security/cve/CVE-2021-42385< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-42385" > https://nvd.nist.gov/vuln/detail/CVE-2021-42385< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42386 | HIGH | 1.31.1-r20 | 1.31.1-r21 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-42386" > https://access.redhat.com/security/cve/CVE-2021-42386< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-42386" > https://nvd.nist.gov/vuln/detail/CVE-2021-42386< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| ssl_client | CVE-2021-42374 | MEDIUM | 1.31.1-r20 | 1.31.1-r21 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-42374" > https://access.redhat.com/security/cve/CVE-2021-42374< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374< / a > < br > < a href = "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/" > https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-42374" > https://nvd.nist.gov/vuln/detail/CVE-2021-42374< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211223-0002/" > https://security.netapp.com/advisory/ntap-20211223-0002/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5179-1" > https://ubuntu.com/security/notices/USN-5179-1< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"> https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
**gobinary**
@ -436,17 +447,10 @@ hide:
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
@ -459,7 +463,20 @@ hide:
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
#### Container: tccr.io/truecharts/postgresql:v14.2.0@sha256:797177c01e1b7f363278dd2ec7fa0e63bfe85a92e0cc785042b12c533a56737c (debian 10.12)
@ -487,7 +504,7 @@ hide:
| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2018-12886" > https://access.redhat.com/security/cve/CVE-2018-12886< / a > < br > < a href = "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup" > https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379& view=markup< / a > < br > < a href = "https://www.gnu.org/software/gcc/gcc-8/changes.html" > https://www.gnu.org/software/gcc/gcc-8/changes.html< / a > < br > < / details > |
| gcc-8-base | CVE-2019-15847 | HIGH | 8.3.0-6 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html" > http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-15847" > https://access.redhat.com/security/cve/CVE-2019-15847< / a > < br > < a href = "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-15847.html" > https://linux.oracle.com/cve/CVE-2019-15847.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-1864.html" > https://linux.oracle.com/errata/ELSA-2020-1864.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-15847" > https://nvd.nist.gov/vuln/detail/CVE-2019-15847< / a > < br > < / details > |
| gpgv | CVE-2019-14855 | LOW | 2.2.12-1+deb10u1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2019-14855" > https://access.redhat.com/security/cve/CVE-2019-14855< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855< / a > < br > < a href = "https://dev.gnupg.org/T4755" > https://dev.gnupg.org/T4755< / a > < br > < a href = "https://eprint.iacr.org/2020/014.pdf" > https://eprint.iacr.org/2020/014.pdf< / a > < br > < a href = "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html" > https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html< / a > < br > < a href = "https://rwc.iacr.org/2020/slides/Leurent.pdf" > https://rwc.iacr.org/2020/slides/Leurent.pdf< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4516-1" > https://ubuntu.com/security/notices/USN-4516-1< / a > < br > < a href = "https://usn.ubuntu.com/4516-1/" > https://usn.ubuntu.com/4516-1/< / a > < br > < / details > |
| gzip | CVE-2022-1271 | HIGH | 1.9-3 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| gzip | CVE-2022-1271 | HIGH | 1.9-3 | 1.9-3+deb10u1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| libapt-pkg5.0 | CVE-2011-3374 | LOW | 1.8.2.3 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/cve-2011-3374" > https://access.redhat.com/security/cve/cve-2011-3374< / a > < br > < a href = "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480" > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480< / a > < br > < a href = "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html" > https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html< / a > < br > < a href = "https://seclists.org/fulldisclosure/2011/Sep/221" > https://seclists.org/fulldisclosure/2011/Sep/221< / a > < br > < a href = "https://security-tracker.debian.org/tracker/CVE-2011-3374" > https://security-tracker.debian.org/tracker/CVE-2011-3374< / a > < br > < a href = "https://snyk.io/vuln/SNYK-LINUX-APT-116518" > https://snyk.io/vuln/SNYK-LINUX-APT-116518< / a > < br > < a href = "https://ubuntu.com/security/CVE-2011-3374" > https://ubuntu.com/security/CVE-2011-3374< / a > < br > < / details > |
| libblkid1 | CVE-2021-37600 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37600" > https://access.redhat.com/security/cve/CVE-2021-37600< / a > < br > < a href = "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c" > https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c< / a > < br > < a href = "https://github.com/karelzak/util-linux/issues/1395" > https://github.com/karelzak/util-linux/issues/1395< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37600" > https://nvd.nist.gov/vuln/detail/CVE-2021-37600< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210902-0002/" > https://security.netapp.com/advisory/ntap-20210902-0002/< / a > < br > < / details > |
| libblkid1 | CVE-2022-0563 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
@ -591,7 +608,7 @@ hide:
| libldap-common | CVE-2017-17740 | LOW | 2.4.47+dfsg-3+deb10u6 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html" > http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html" > http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html< / a > < br > < a href = "http://www.openldap.org/its/index.cgi/Incoming?id=8759" > http://www.openldap.org/its/index.cgi/Incoming?id=8759< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-17740" > https://access.redhat.com/security/cve/CVE-2017-17740< / a > < br > < a href = "https://kc.mcafee.com/corporate/index?page=content&id=SB10365" > https://kc.mcafee.com/corporate/index?page=content& id=SB10365< / a > < br > < / details > |
| libldap-common | CVE-2020-15719 | LOW | 2.4.47+dfsg-3+deb10u6 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html" > http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html" > http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html< / a > < br > < a href = "https://access.redhat.com/errata/RHBA-2019:3674" > https://access.redhat.com/errata/RHBA-2019:3674< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-15719" > https://access.redhat.com/security/cve/CVE-2020-15719< / a > < br > < a href = "https://bugs.openldap.org/show_bug.cgi?id=9266" > https://bugs.openldap.org/show_bug.cgi?id=9266< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1740070" > https://bugzilla.redhat.com/show_bug.cgi?id=1740070< / a > < br > < a href = "https://kc.mcafee.com/corporate/index?page=content&id=SB10365" > https://kc.mcafee.com/corporate/index?page=content& id=SB10365< / a > < br > < / details > |
| liblz4-1 | CVE-2019-17543 | LOW | 1.8.3-1+deb10u1 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-17543" > https://access.redhat.com/security/cve/CVE-2019-17543< / a > < br > < a href = "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941" > https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941< / a > < br > < a href = "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2" > https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2< / a > < br > < a href = "https://github.com/lz4/lz4/issues/801" > https://github.com/lz4/lz4/issues/801< / a > < br > < a href = "https://github.com/lz4/lz4/pull/756" > https://github.com/lz4/lz4/pull/756< / a > < br > < a href = "https://github.com/lz4/lz4/pull/760" > https://github.com/lz4/lz4/pull/760< / a > < br > < a href = "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E" > https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E" > https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E" > https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E" > https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| liblzma5 | CVE-2022-1271 | HIGH | 5.2.4-1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| liblzma5 | CVE-2022-1271 | HIGH | 5.2.4-1 | 5.2.4-1+deb10u1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| libmount1 | CVE-2021-37600 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37600" > https://access.redhat.com/security/cve/CVE-2021-37600< / a > < br > < a href = "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c" > https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c< / a > < br > < a href = "https://github.com/karelzak/util-linux/issues/1395" > https://github.com/karelzak/util-linux/issues/1395< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37600" > https://nvd.nist.gov/vuln/detail/CVE-2021-37600< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210902-0002/" > https://security.netapp.com/advisory/ntap-20210902-0002/< / a > < br > < / details > |
| libmount1 | CVE-2022-0563 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| libncurses6 | CVE-2021-39537 | LOW | 6.1+20181013-2+deb10u2 | | < details > < summary > Expand...< / summary > < a href = "http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup" > http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1& content-type=text/x-cvsweb-markup< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-39537" > https://access.redhat.com/security/cve/CVE-2021-39537< / a > < br > < a href = "https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html" > https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html< / a > < br > < a href = "https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html" > https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-39537" > https://nvd.nist.gov/vuln/detail/CVE-2021-39537< / a > < br > < / details > |
@ -714,7 +731,7 @@ hide:
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"> https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
@ -727,7 +744,7 @@ hide:
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-28391" > https://nvd.nist.gov/vuln/detail/CVE-2022-28391< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https:// lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"> https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/< / a > < br > < a href = "https:// nvd.nist.gov/vuln/detail/CVE-2018-25032"> https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
#### Container: tccr.io/truecharts/redis:v6.2.6@sha256:4e0c69a1a35386837be91c6c403aad1cf177a4dc7a7d3eb7d23eeaf60faa4d40 (debian 10.12)
@ -755,7 +772,7 @@ hide:
| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2018-12886" > https://access.redhat.com/security/cve/CVE-2018-12886< / a > < br > < a href = "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup" > https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379& view=markup< / a > < br > < a href = "https://www.gnu.org/software/gcc/gcc-8/changes.html" > https://www.gnu.org/software/gcc/gcc-8/changes.html< / a > < br > < / details > |
| gcc-8-base | CVE-2019-15847 | HIGH | 8.3.0-6 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html" > http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-15847" > https://access.redhat.com/security/cve/CVE-2019-15847< / a > < br > < a href = "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-15847.html" > https://linux.oracle.com/cve/CVE-2019-15847.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-1864.html" > https://linux.oracle.com/errata/ELSA-2020-1864.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-15847" > https://nvd.nist.gov/vuln/detail/CVE-2019-15847< / a > < br > < / details > |
| gpgv | CVE-2019-14855 | LOW | 2.2.12-1+deb10u1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2019-14855" > https://access.redhat.com/security/cve/CVE-2019-14855< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855< / a > < br > < a href = "https://dev.gnupg.org/T4755" > https://dev.gnupg.org/T4755< / a > < br > < a href = "https://eprint.iacr.org/2020/014.pdf" > https://eprint.iacr.org/2020/014.pdf< / a > < br > < a href = "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html" > https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html< / a > < br > < a href = "https://rwc.iacr.org/2020/slides/Leurent.pdf" > https://rwc.iacr.org/2020/slides/Leurent.pdf< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4516-1" > https://ubuntu.com/security/notices/USN-4516-1< / a > < br > < a href = "https://usn.ubuntu.com/4516-1/" > https://usn.ubuntu.com/4516-1/< / a > < br > < / details > |
| gzip | CVE-2022-1271 | HIGH | 1.9-3 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| gzip | CVE-2022-1271 | HIGH | 1.9-3 | 1.9-3+deb10u1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| libapt-pkg5.0 | CVE-2011-3374 | LOW | 1.8.2.3 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/cve-2011-3374" > https://access.redhat.com/security/cve/cve-2011-3374< / a > < br > < a href = "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480" > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480< / a > < br > < a href = "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html" > https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html< / a > < br > < a href = "https://seclists.org/fulldisclosure/2011/Sep/221" > https://seclists.org/fulldisclosure/2011/Sep/221< / a > < br > < a href = "https://security-tracker.debian.org/tracker/CVE-2011-3374" > https://security-tracker.debian.org/tracker/CVE-2011-3374< / a > < br > < a href = "https://snyk.io/vuln/SNYK-LINUX-APT-116518" > https://snyk.io/vuln/SNYK-LINUX-APT-116518< / a > < br > < a href = "https://ubuntu.com/security/CVE-2011-3374" > https://ubuntu.com/security/CVE-2011-3374< / a > < br > < / details > |
| libblkid1 | CVE-2021-37600 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37600" > https://access.redhat.com/security/cve/CVE-2021-37600< / a > < br > < a href = "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c" > https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c< / a > < br > < a href = "https://github.com/karelzak/util-linux/issues/1395" > https://github.com/karelzak/util-linux/issues/1395< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37600" > https://nvd.nist.gov/vuln/detail/CVE-2021-37600< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210902-0002/" > https://security.netapp.com/advisory/ntap-20210902-0002/< / a > < br > < / details > |
| libblkid1 | CVE-2022-0563 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
@ -837,7 +854,7 @@ hide:
| libldap-common | CVE-2017-17740 | LOW | 2.4.47+dfsg-3+deb10u6 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html" > http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html" > http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html< / a > < br > < a href = "http://www.openldap.org/its/index.cgi/Incoming?id=8759" > http://www.openldap.org/its/index.cgi/Incoming?id=8759< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-17740" > https://access.redhat.com/security/cve/CVE-2017-17740< / a > < br > < a href = "https://kc.mcafee.com/corporate/index?page=content&id=SB10365" > https://kc.mcafee.com/corporate/index?page=content& id=SB10365< / a > < br > < / details > |
| libldap-common | CVE-2020-15719 | LOW | 2.4.47+dfsg-3+deb10u6 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html" > http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html" > http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html< / a > < br > < a href = "https://access.redhat.com/errata/RHBA-2019:3674" > https://access.redhat.com/errata/RHBA-2019:3674< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-15719" > https://access.redhat.com/security/cve/CVE-2020-15719< / a > < br > < a href = "https://bugs.openldap.org/show_bug.cgi?id=9266" > https://bugs.openldap.org/show_bug.cgi?id=9266< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1740070" > https://bugzilla.redhat.com/show_bug.cgi?id=1740070< / a > < br > < a href = "https://kc.mcafee.com/corporate/index?page=content&id=SB10365" > https://kc.mcafee.com/corporate/index?page=content& id=SB10365< / a > < br > < / details > |
| liblz4-1 | CVE-2019-17543 | LOW | 1.8.3-1+deb10u1 | | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html" > http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-17543" > https://access.redhat.com/security/cve/CVE-2019-17543< / a > < br > < a href = "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941" > https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941< / a > < br > < a href = "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2" > https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2< / a > < br > < a href = "https://github.com/lz4/lz4/issues/801" > https://github.com/lz4/lz4/issues/801< / a > < br > < a href = "https://github.com/lz4/lz4/pull/756" > https://github.com/lz4/lz4/pull/756< / a > < br > < a href = "https://github.com/lz4/lz4/pull/760" > https://github.com/lz4/lz4/pull/760< / a > < br > < a href = "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E" > https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E" > https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E" > https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E" > https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E" > https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| liblzma5 | CVE-2022-1271 | HIGH | 5.2.4-1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| liblzma5 | CVE-2022-1271 | HIGH | 5.2.4-1 | 5.2.4-1+deb10u1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-1271" > https://access.redhat.com/security/cve/CVE-2022-1271< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271< / a > < br > < a href = "https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html" > https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-1" > https://ubuntu.com/security/notices/USN-5378-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-2" > https://ubuntu.com/security/notices/USN-5378-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-3" > https://ubuntu.com/security/notices/USN-5378-3< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5378-4" > https://ubuntu.com/security/notices/USN-5378-4< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/04/07/8" > https://www.openwall.com/lists/oss-security/2022/04/07/8< / a > < br > < / details > |
| libmount1 | CVE-2021-37600 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-37600" > https://access.redhat.com/security/cve/CVE-2021-37600< / a > < br > < a href = "https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c" > https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c< / a > < br > < a href = "https://github.com/karelzak/util-linux/issues/1395" > https://github.com/karelzak/util-linux/issues/1395< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-37600" > https://nvd.nist.gov/vuln/detail/CVE-2021-37600< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210902-0002/" > https://security.netapp.com/advisory/ntap-20210902-0002/< / a > < br > < / details > |
| libmount1 | CVE-2022-0563 | LOW | 2.33.1-0.1 | | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-0563" > https://access.redhat.com/security/cve/CVE-2022-0563< / a > < br > < a href = "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u" > https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-0563" > https://nvd.nist.gov/vuln/detail/CVE-2022-0563< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220331-0002/" > https://security.netapp.com/advisory/ntap-20220331-0002/< / a > < br > < / details > |
| libncurses6 | CVE-2021-39537 | LOW | 6.1+20181013-2+deb10u2 | | < details > < summary > Expand...< / summary > < a href = "http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup" > http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1& content-type=text/x-cvsweb-markup< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-39537" > https://access.redhat.com/security/cve/CVE-2021-39537< / a > < br > < a href = "https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html" > https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html< / a > < br > < a href = "https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html" > https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-39537" > https://nvd.nist.gov/vuln/detail/CVE-2021-39537< / a > < br > < / details > |