catalog/stable/minio-console/1.0.23/security.md

155 lines
109 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
hide:
- toc
---
# Security Overview
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
## Helm-Chart
##### Scan Results
#### Chart Object: minio-console/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;RELEASE-NAME-minio-console&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV013 | Image tag &#39;:latest&#39; used | LOW | <details><summary>Expand...</summary> It is best to avoid using the &#39;:latest&#39; image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version. <br> <hr> <br> Container &#39;RELEASE-NAME-minio-console&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should specify an image tag </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/configuration/overview/#container-images">https://kubernetes.io/docs/concepts/configuration/overview/#container-images</a><br><a href="https://avd.aquasec.com/appshield/ksv013">https://avd.aquasec.com/appshield/ksv013</a><br></details> |
| Kubernetes Security Check | KSV013 | Image tag &#39;:latest&#39; used | LOW | <details><summary>Expand...</summary> It is best to avoid using the &#39;:latest&#39; image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should specify an image tag </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/configuration/overview/#container-images">https://kubernetes.io/docs/concepts/configuration/overview/#container-images</a><br><a href="https://avd.aquasec.com/appshield/ksv013">https://avd.aquasec.com/appshield/ksv013</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;RELEASE-NAME-minio-console&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV019 | Seccomp policies disabled | MEDIUM | <details><summary>Expand...</summary> A program inside the container can bypass Seccomp protection policies. <br> <hr> <br> Container &#39;RELEASE-NAME-minio-console&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should specify a seccomp profile </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/">https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/</a><br><a href="https://avd.aquasec.com/appshield/ksv019">https://avd.aquasec.com/appshield/ksv019</a><br></details> |
| Kubernetes Security Check | KSV019 | Seccomp policies disabled | MEDIUM | <details><summary>Expand...</summary> A program inside the container can bypass Seccomp protection policies. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should specify a seccomp profile </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/">https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/</a><br><a href="https://avd.aquasec.com/appshield/ksv019">https://avd.aquasec.com/appshield/ksv019</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-minio-console&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-minio-console&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-minio-console&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
tccr.io/truecharts/minio-console:v0.12.6@sha256:8349d1c47a108195bf5bab5e3dfc08a7b1f3d4e58c6173c2e506079fbcb1fda2
##### Scan Results
#### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
| busybox | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| busybox | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
| ssl_client | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42379 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42380 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42381 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42382 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42383 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
| ssl_client | CVE-2021-42384 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42385 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374</a><br><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br><a href="https://ubuntu.com/security/notices/USN-5179-1">https://ubuntu.com/security/notices/USN-5179-1</a><br></details> |
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
#### Container: tccr.io/truecharts/minio-console:v0.12.6@sha256:8349d1c47a108195bf5bab5e3dfc08a7b1f3d4e58c6173c2e506079fbcb1fda2 (redhat 8.5)
**redhat**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| bzip2-libs | CVE-2019-12900 | LOW | 1.0.6-26.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html">http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html">http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html">http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html">http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html</a><br><a href="http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html">http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html</a><br><a href="http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html">http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494">https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900</a><br><a href="https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc">https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc</a><br><a href="https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E">https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774@%3Cuser.flink.apache.org%3E">https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774@%3Cuser.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E">https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html">https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html">https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html">https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html</a><br><a href="https://seclists.org/bugtraq/2019/Aug/4">https://seclists.org/bugtraq/2019/Aug/4</a><br><a href="https://seclists.org/bugtraq/2019/Jul/22">https://seclists.org/bugtraq/2019/Jul/22</a><br><a href="https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc">https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc</a><br><a href="https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp;amp;utm_medium=RSS">https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp;amp;utm_medium=RSS</a><br><a href="https://ubuntu.com/security/notices/USN-4038-1">https://ubuntu.com/security/notices/USN-4038-1</a><br><a href="https://ubuntu.com/security/notices/USN-4038-2">https://ubuntu.com/security/notices/USN-4038-2</a><br><a href="https://ubuntu.com/security/notices/USN-4038-3">https://ubuntu.com/security/notices/USN-4038-3</a><br><a href="https://ubuntu.com/security/notices/USN-4038-4">https://ubuntu.com/security/notices/USN-4038-4</a><br><a href="https://ubuntu.com/security/notices/USN-4146-1">https://ubuntu.com/security/notices/USN-4146-1</a><br><a href="https://ubuntu.com/security/notices/USN-4146-2">https://ubuntu.com/security/notices/USN-4146-2</a><br><a href="https://usn.ubuntu.com/4038-1/">https://usn.ubuntu.com/4038-1/</a><br><a href="https://usn.ubuntu.com/4038-2/">https://usn.ubuntu.com/4038-2/</a><br><a href="https://usn.ubuntu.com/4146-1/">https://usn.ubuntu.com/4146-1/</a><br><a href="https://usn.ubuntu.com/4146-2/">https://usn.ubuntu.com/4146-2/</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| coreutils-single | CVE-2017-18018 | MEDIUM | 8.30-12.el8 | | <details><summary>Expand...</summary><a href="http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html">http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html</a><br></details> |
| dbus | CVE-2020-35512 | LOW | 1:1.12.8-14.el8 | | <details><summary>Expand...</summary><a href="https://bugs.gentoo.org/755392">https://bugs.gentoo.org/755392</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1909101">https://bugzilla.redhat.com/show_bug.cgi?id=1909101</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2020-35512">https://security-tracker.debian.org/tracker/CVE-2020-35512</a><br></details> |
| dbus-common | CVE-2020-35512 | LOW | 1:1.12.8-14.el8 | | <details><summary>Expand...</summary><a href="https://bugs.gentoo.org/755392">https://bugs.gentoo.org/755392</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1909101">https://bugzilla.redhat.com/show_bug.cgi?id=1909101</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2020-35512">https://security-tracker.debian.org/tracker/CVE-2020-35512</a><br></details> |
| dbus-daemon | CVE-2020-35512 | LOW | 1:1.12.8-14.el8 | | <details><summary>Expand...</summary><a href="https://bugs.gentoo.org/755392">https://bugs.gentoo.org/755392</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1909101">https://bugzilla.redhat.com/show_bug.cgi?id=1909101</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2020-35512">https://security-tracker.debian.org/tracker/CVE-2020-35512</a><br></details> |
| dbus-libs | CVE-2020-35512 | LOW | 1:1.12.8-14.el8 | | <details><summary>Expand...</summary><a href="https://bugs.gentoo.org/755392">https://bugs.gentoo.org/755392</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1909101">https://bugzilla.redhat.com/show_bug.cgi?id=1909101</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2020-35512">https://security-tracker.debian.org/tracker/CVE-2020-35512</a><br></details> |
| dbus-tools | CVE-2020-35512 | LOW | 1:1.12.8-14.el8 | | <details><summary>Expand...</summary><a href="https://bugs.gentoo.org/755392">https://bugs.gentoo.org/755392</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1909101">https://bugzilla.redhat.com/show_bug.cgi?id=1909101</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)">https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305</a><br><a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128">https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2020-35512">https://security-tracker.debian.org/tracker/CVE-2020-35512</a><br></details> |
| file-libs | CVE-2019-8905 | LOW | 5.33-20.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html">http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html</a><br><a href="http://www.securityfocus.com/bid/107137">http://www.securityfocus.com/bid/107137</a><br><a href="https://bugs.astron.com/view.php?id=63">https://bugs.astron.com/view.php?id=63</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html">https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html</a><br><a href="https://ubuntu.com/security/notices/USN-3911-1">https://ubuntu.com/security/notices/USN-3911-1</a><br><a href="https://usn.ubuntu.com/3911-1/">https://usn.ubuntu.com/3911-1/</a><br></details> |
| file-libs | CVE-2019-8906 | LOW | 5.33-20.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html">http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html</a><br><a href="https://bugs.astron.com/view.php?id=64">https://bugs.astron.com/view.php?id=64</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906</a><br><a href="https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f">https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f</a><br><a href="https://support.apple.com/kb/HT209599">https://support.apple.com/kb/HT209599</a><br><a href="https://support.apple.com/kb/HT209600">https://support.apple.com/kb/HT209600</a><br><a href="https://support.apple.com/kb/HT209601">https://support.apple.com/kb/HT209601</a><br><a href="https://support.apple.com/kb/HT209602">https://support.apple.com/kb/HT209602</a><br><a href="https://ubuntu.com/security/notices/USN-3911-1">https://ubuntu.com/security/notices/USN-3911-1</a><br><a href="https://usn.ubuntu.com/3911-1/">https://usn.ubuntu.com/3911-1/</a><br></details> |
| glib2 | CVE-2018-16428 | LOW | 2.56.4-156.el8 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2020/02/14/3">http://www.openwall.com/lists/oss-security/2020/02/14/3</a><br><a href="http://www.securityfocus.com/bid/105210">http://www.securityfocus.com/bid/105210</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16428">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16428</a><br><a href="https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9">https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9</a><br><a href="https://gitlab.gnome.org/GNOME/glib/issues/1364">https://gitlab.gnome.org/GNOME/glib/issues/1364</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html</a><br><a href="https://ubuntu.com/security/notices/USN-3767-1">https://ubuntu.com/security/notices/USN-3767-1</a><br><a href="https://ubuntu.com/security/notices/USN-3767-2">https://ubuntu.com/security/notices/USN-3767-2</a><br><a href="https://usn.ubuntu.com/3767-1/">https://usn.ubuntu.com/3767-1/</a><br><a href="https://usn.ubuntu.com/3767-2/">https://usn.ubuntu.com/3767-2/</a><br></details> |
| glib2 | CVE-2018-16429 | LOW | 2.56.4-156.el8 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16429">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16429</a><br><a href="https://gitlab.gnome.org/GNOME/glib/commit/cec71705406f0b2790422f0c1aa0ff3b4b464b1b">https://gitlab.gnome.org/GNOME/glib/commit/cec71705406f0b2790422f0c1aa0ff3b4b464b1b</a><br><a href="https://gitlab.gnome.org/GNOME/glib/issues/1361">https://gitlab.gnome.org/GNOME/glib/issues/1361</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html</a><br><a href="https://ubuntu.com/security/notices/USN-3767-1">https://ubuntu.com/security/notices/USN-3767-1</a><br><a href="https://ubuntu.com/security/notices/USN-3767-2">https://ubuntu.com/security/notices/USN-3767-2</a><br><a href="https://usn.ubuntu.com/3767-1/">https://usn.ubuntu.com/3767-1/</a><br><a href="https://usn.ubuntu.com/3767-2/">https://usn.ubuntu.com/3767-2/</a><br></details> |
| glibc | CVE-2019-1010022 | CRITICAL | 2.28-164.el8 | | <details><summary>Expand...</summary><a href="https://security-tracker.debian.org/tracker/CVE-2019-1010022">https://security-tracker.debian.org/tracker/CVE-2019-1010022</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22850">https://sourceware.org/bugzilla/show_bug.cgi?id=22850</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3">https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3</a><br><a href="https://ubuntu.com/security/CVE-2019-1010022">https://ubuntu.com/security/CVE-2019-1010022</a><br></details> |
| glibc-common | CVE-2019-1010022 | CRITICAL | 2.28-164.el8 | | <details><summary>Expand...</summary><a href="https://security-tracker.debian.org/tracker/CVE-2019-1010022">https://security-tracker.debian.org/tracker/CVE-2019-1010022</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22850">https://sourceware.org/bugzilla/show_bug.cgi?id=22850</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3">https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3</a><br><a href="https://ubuntu.com/security/CVE-2019-1010022">https://ubuntu.com/security/CVE-2019-1010022</a><br></details> |
| glibc-langpack-en | CVE-2019-1010022 | CRITICAL | 2.28-164.el8 | | <details><summary>Expand...</summary><a href="https://security-tracker.debian.org/tracker/CVE-2019-1010022">https://security-tracker.debian.org/tracker/CVE-2019-1010022</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22850">https://sourceware.org/bugzilla/show_bug.cgi?id=22850</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3">https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3</a><br><a href="https://ubuntu.com/security/CVE-2019-1010022">https://ubuntu.com/security/CVE-2019-1010022</a><br></details> |
| glibc-minimal-langpack | CVE-2019-1010022 | CRITICAL | 2.28-164.el8 | | <details><summary>Expand...</summary><a href="https://security-tracker.debian.org/tracker/CVE-2019-1010022">https://security-tracker.debian.org/tracker/CVE-2019-1010022</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22850">https://sourceware.org/bugzilla/show_bug.cgi?id=22850</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3">https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3</a><br><a href="https://ubuntu.com/security/CVE-2019-1010022">https://ubuntu.com/security/CVE-2019-1010022</a><br></details> |
| gmp | CVE-2021-43618 | LOW | 1:6.1.2-10.el8 | | <details><summary>Expand...</summary><a href="https://bugs.debian.org/994405">https://bugs.debian.org/994405</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618</a><br><a href="https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html">https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html</a><br><a href="https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e">https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html</a><br></details> |
| krb5-libs | CVE-2020-17049 | MEDIUM | 1.18.2-14.el8 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/11/10/3">http://www.openwall.com/lists/oss-security/2021/11/10/3</a><br><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049</a><br><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049</a><br></details> |
| libarchive | CVE-2020-21674 | MEDIUM | 3.3.3-1.el8 | | <details><summary>Expand...</summary><a href="https://github.com/libarchive/libarchive/commit/4f085eea879e2be745f4d9bf57e8513ae48157f4">https://github.com/libarchive/libarchive/commit/4f085eea879e2be745f4d9bf57e8513ae48157f4</a><br><a href="https://github.com/libarchive/libarchive/issues/1298">https://github.com/libarchive/libarchive/issues/1298</a><br></details> |
| libarchive | CVE-2017-14166 | LOW | 3.3.3-1.el8 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2017/09/06/5">http://www.openwall.com/lists/oss-security/2017/09/06/5</a><br><a href="https://blogs.gentoo.org/ago/2017/09/06/libarchive-heap-based-buffer-overflow-in-xml_data-archive_read_support_format_xar-c/">https://blogs.gentoo.org/ago/2017/09/06/libarchive-heap-based-buffer-overflow-in-xml_data-archive_read_support_format_xar-c/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166</a><br><a href="https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71">https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71</a><br><a href="https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html">https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html</a><br><a href="https://security.gentoo.org/glsa/201908-11">https://security.gentoo.org/glsa/201908-11</a><br><a href="https://ubuntu.com/security/notices/USN-3736-1">https://ubuntu.com/security/notices/USN-3736-1</a><br><a href="https://usn.ubuntu.com/3736-1/">https://usn.ubuntu.com/3736-1/</a><br><a href="https://www.debian.org/security/2018/dsa-4360">https://www.debian.org/security/2018/dsa-4360</a><br></details> |
| libarchive | CVE-2017-14501 | LOW | 3.3.3-1.el8 | | <details><summary>Expand...</summary><a href="https://bugs.debian.org/875966">https://bugs.debian.org/875966</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501</a><br><a href="https://github.com/libarchive/libarchive/issues/949">https://github.com/libarchive/libarchive/issues/949</a><br><a href="https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html">https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html</a><br><a href="https://security.gentoo.org/glsa/201908-11">https://security.gentoo.org/glsa/201908-11</a><br><a href="https://ubuntu.com/security/notices/USN-3736-1">https://ubuntu.com/security/notices/USN-3736-1</a><br><a href="https://usn.ubuntu.com/3736-1/">https://usn.ubuntu.com/3736-1/</a><br><a href="https://www.debian.org/security/2018/dsa-4360">https://www.debian.org/security/2018/dsa-4360</a><br></details> |
| libarchive | CVE-2018-1000879 | LOW | 3.3.3-1.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html</a><br><a href="http://www.securityfocus.com/bid/106324">http://www.securityfocus.com/bid/106324</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909">https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909</a><br><a href="https://github.com/libarchive/libarchive/pull/1105">https://github.com/libarchive/libarchive/pull/1105</a><br><a href="https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175">https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/</a><br></details> |
| libarchive | CVE-2018-1000880 | LOW | 3.3.3-1.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html</a><br><a href="http://www.securityfocus.com/bid/106324">http://www.securityfocus.com/bid/106324</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909">https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880</a><br><a href="https://github.com/libarchive/libarchive/pull/1105">https://github.com/libarchive/libarchive/pull/1105</a><br><a href="https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680">https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/</a><br><a href="https://ubuntu.com/security/notices/USN-3859-1">https://ubuntu.com/security/notices/USN-3859-1</a><br><a href="https://usn.ubuntu.com/3859-1/">https://usn.ubuntu.com/3859-1/</a><br><a href="https://www.debian.org/security/2018/dsa-4360">https://www.debian.org/security/2018/dsa-4360</a><br></details> |
| libgcc | CVE-2021-42694 | MEDIUM | 8.5.0-4.el8_5 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/11/01/1">http://www.openwall.com/lists/oss-security/2021/11/01/1</a><br><a href="http://www.openwall.com/lists/oss-security/2021/11/01/6">http://www.openwall.com/lists/oss-security/2021/11/01/6</a><br><a href="http://www.unicode.org/versions/Unicode14.0.0/">http://www.unicode.org/versions/Unicode14.0.0/</a><br><a href="https://trojansource.codes">https://trojansource.codes</a><br><a href="https://trojansource.codes/">https://trojansource.codes/</a><br><a href="https://www.kb.cert.org/vuls/id/999008">https://www.kb.cert.org/vuls/id/999008</a><br><a href="https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/">https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/</a><br><a href="https://www.scyon.nl/post/trojans-in-your-source-code">https://www.scyon.nl/post/trojans-in-your-source-code</a><br><a href="https://www.unicode.org/reports/tr36/#Canonical_Represenation">https://www.unicode.org/reports/tr36/#Canonical_Represenation</a><br></details> |
| libgcc | CVE-2018-20657 | LOW | 8.5.0-4.el8_5 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/106444">http://www.securityfocus.com/bid/106444</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3352">https://access.redhat.com/errata/RHSA-2019:3352</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657</a><br><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539</a><br><a href="https://linux.oracle.com/cve/CVE-2018-20657.html">https://linux.oracle.com/cve/CVE-2018-20657.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-3352.html">https://linux.oracle.com/errata/ELSA-2019-3352.html</a><br><a href="https://support.f5.com/csp/article/K62602089">https://support.f5.com/csp/article/K62602089</a><br></details> |
| libgcc | CVE-2019-14250 | LOW | 8.5.0-4.el8_5 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html">http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html">http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html">http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html</a><br><a href="http://www.securityfocus.com/bid/109354">http://www.securityfocus.com/bid/109354</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250</a><br><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924</a><br><a href="https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html">https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html</a><br><a href="https://security.gentoo.org/glsa/202007-39">https://security.gentoo.org/glsa/202007-39</a><br><a href="https://security.netapp.com/advisory/ntap-20190822-0002/">https://security.netapp.com/advisory/ntap-20190822-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-4326-1">https://ubuntu.com/security/notices/USN-4326-1</a><br><a href="https://ubuntu.com/security/notices/USN-4336-1">https://ubuntu.com/security/notices/USN-4336-1</a><br><a href="https://ubuntu.com/security/notices/USN-4336-2">https://ubuntu.com/security/notices/USN-4336-2</a><br><a href="https://usn.ubuntu.com/4326-1/">https://usn.ubuntu.com/4326-1/</a><br><a href="https://usn.ubuntu.com/4336-1/">https://usn.ubuntu.com/4336-1/</a><br></details> |
| libgcrypt | CVE-2019-12904 | MEDIUM | 1.8.5-6.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html">http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html</a><br><a href="https://dev.gnupg.org/T4541">https://dev.gnupg.org/T4541</a><br><a href="https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020">https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020</a><br><a href="https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762">https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html">https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html</a><br></details> |
| libgcrypt | CVE-2021-40528 | MEDIUM | 1.8.5-6.el8 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528</a><br><a href="https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13">https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13</a><br><a href="https://eprint.iacr.org/2021/923">https://eprint.iacr.org/2021/923</a><br><a href="https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320">https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320</a><br><a href="https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1">https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1</a><br><a href="https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2">https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2</a><br><a href="https://ubuntu.com/security/notices/USN-5080-1">https://ubuntu.com/security/notices/USN-5080-1</a><br><a href="https://ubuntu.com/security/notices/USN-5080-2">https://ubuntu.com/security/notices/USN-5080-2</a><br></details> |
| libssh | CVE-2021-3634 | LOW | 0.9.4-3.el8 | | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1978810">https://bugzilla.redhat.com/show_bug.cgi?id=1978810</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3634">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3634</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRK67AJCWYYVAGF5SGAHNZXCX3PN3ZFP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRK67AJCWYYVAGF5SGAHNZXCX3PN3ZFP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKYD3ZRAMDAQX3ZW6THHUF3GXN7FF6B4/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKYD3ZRAMDAQX3ZW6THHUF3GXN7FF6B4/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWAAB2XMKEUMPMDALINKAA4U2QM4LNG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWAAB2XMKEUMPMDALINKAA4U2QM4LNG/</a><br><a href="https://security.netapp.com/advisory/ntap-20211004-0003/">https://security.netapp.com/advisory/ntap-20211004-0003/</a><br><a href="https://ubuntu.com/security/notices/USN-5053-1">https://ubuntu.com/security/notices/USN-5053-1</a><br><a href="https://www.debian.org/security/2021/dsa-4965">https://www.debian.org/security/2021/dsa-4965</a><br></details> |
| libssh-config | CVE-2021-3634 | LOW | 0.9.4-3.el8 | | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1978810">https://bugzilla.redhat.com/show_bug.cgi?id=1978810</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3634">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3634</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRK67AJCWYYVAGF5SGAHNZXCX3PN3ZFP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRK67AJCWYYVAGF5SGAHNZXCX3PN3ZFP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKYD3ZRAMDAQX3ZW6THHUF3GXN7FF6B4/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKYD3ZRAMDAQX3ZW6THHUF3GXN7FF6B4/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWAAB2XMKEUMPMDALINKAA4U2QM4LNG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWAAB2XMKEUMPMDALINKAA4U2QM4LNG/</a><br><a href="https://security.netapp.com/advisory/ntap-20211004-0003/">https://security.netapp.com/advisory/ntap-20211004-0003/</a><br><a href="https://ubuntu.com/security/notices/USN-5053-1">https://ubuntu.com/security/notices/USN-5053-1</a><br><a href="https://www.debian.org/security/2021/dsa-4965">https://www.debian.org/security/2021/dsa-4965</a><br></details> |
| libstdc++ | CVE-2021-42694 | MEDIUM | 8.5.0-4.el8_5 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/11/01/1">http://www.openwall.com/lists/oss-security/2021/11/01/1</a><br><a href="http://www.openwall.com/lists/oss-security/2021/11/01/6">http://www.openwall.com/lists/oss-security/2021/11/01/6</a><br><a href="http://www.unicode.org/versions/Unicode14.0.0/">http://www.unicode.org/versions/Unicode14.0.0/</a><br><a href="https://trojansource.codes">https://trojansource.codes</a><br><a href="https://trojansource.codes/">https://trojansource.codes/</a><br><a href="https://www.kb.cert.org/vuls/id/999008">https://www.kb.cert.org/vuls/id/999008</a><br><a href="https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/">https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/</a><br><a href="https://www.scyon.nl/post/trojans-in-your-source-code">https://www.scyon.nl/post/trojans-in-your-source-code</a><br><a href="https://www.unicode.org/reports/tr36/#Canonical_Represenation">https://www.unicode.org/reports/tr36/#Canonical_Represenation</a><br></details> |
| libstdc++ | CVE-2018-20657 | LOW | 8.5.0-4.el8_5 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/106444">http://www.securityfocus.com/bid/106444</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3352">https://access.redhat.com/errata/RHSA-2019:3352</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657</a><br><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539</a><br><a href="https://linux.oracle.com/cve/CVE-2018-20657.html">https://linux.oracle.com/cve/CVE-2018-20657.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-3352.html">https://linux.oracle.com/errata/ELSA-2019-3352.html</a><br><a href="https://support.f5.com/csp/article/K62602089">https://support.f5.com/csp/article/K62602089</a><br></details> |
| libstdc++ | CVE-2019-14250 | LOW | 8.5.0-4.el8_5 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html">http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html">http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html">http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html</a><br><a href="http://www.securityfocus.com/bid/109354">http://www.securityfocus.com/bid/109354</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250</a><br><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924</a><br><a href="https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html">https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html</a><br><a href="https://security.gentoo.org/glsa/202007-39">https://security.gentoo.org/glsa/202007-39</a><br><a href="https://security.netapp.com/advisory/ntap-20190822-0002/">https://security.netapp.com/advisory/ntap-20190822-0002/</a><br><a href="https://ubuntu.com/security/notices/USN-4326-1">https://ubuntu.com/security/notices/USN-4326-1</a><br><a href="https://ubuntu.com/security/notices/USN-4336-1">https://ubuntu.com/security/notices/USN-4336-1</a><br><a href="https://ubuntu.com/security/notices/USN-4336-2">https://ubuntu.com/security/notices/USN-4336-2</a><br><a href="https://usn.ubuntu.com/4326-1/">https://usn.ubuntu.com/4326-1/</a><br><a href="https://usn.ubuntu.com/4336-1/">https://usn.ubuntu.com/4336-1/</a><br></details> |
| libtasn1 | CVE-2018-1000654 | LOW | 4.13-3.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html">http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html">http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html</a><br><a href="http://www.securityfocus.com/bid/105151">http://www.securityfocus.com/bid/105151</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654</a><br><a href="https://gitlab.com/gnutls/libtasn1/issues/4">https://gitlab.com/gnutls/libtasn1/issues/4</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libzstd | CVE-2021-24032 | LOW | 1.4.4-1.el8 | | <details><summary>Expand...</summary><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032</a><br><a href="https://github.com/facebook/zstd/issues/2491">https://github.com/facebook/zstd/issues/2491</a><br><a href="https://ubuntu.com/security/notices/USN-4760-1">https://ubuntu.com/security/notices/USN-4760-1</a><br><a href="https://www.facebook.com/security/advisories/cve-2021-24032">https://www.facebook.com/security/advisories/cve-2021-24032</a><br></details> |
| lz4-libs | CVE-2019-17543 | MEDIUM | 1.8.3-3.el8_4 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941</a><br><a href="https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2">https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2</a><br><a href="https://github.com/lz4/lz4/issues/801">https://github.com/lz4/lz4/issues/801</a><br><a href="https://github.com/lz4/lz4/pull/756">https://github.com/lz4/lz4/pull/756</a><br><a href="https://github.com/lz4/lz4/pull/760">https://github.com/lz4/lz4/pull/760</a><br><a href="https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E">https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| ncurses-base | CVE-2021-39537 | MEDIUM | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup">http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html">https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html">https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html</a><br></details> |
| ncurses-base | CVE-2018-19211 | LOW | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1643754">https://bugzilla.redhat.com/show_bug.cgi?id=1643754</a><br></details> |
| ncurses-base | CVE-2018-19217 | LOW | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1643753">https://bugzilla.redhat.com/show_bug.cgi?id=1643753</a><br></details> |
| ncurses-libs | CVE-2021-39537 | MEDIUM | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup">http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&amp;content-type=text/x-cvsweb-markup</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html">https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html">https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html</a><br></details> |
| ncurses-libs | CVE-2018-19211 | LOW | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1643754">https://bugzilla.redhat.com/show_bug.cgi?id=1643754</a><br></details> |
| ncurses-libs | CVE-2018-19217 | LOW | 6.1-9.20180224.el8 | | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1643753">https://bugzilla.redhat.com/show_bug.cgi?id=1643753</a><br></details> |
| openssl | CVE-2021-3712 | MEDIUM | 1:1.1.1k-4.el8 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/08/26/2">http://www.openwall.com/lists/oss-security/2021/08/26/2</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10366">https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10366</a><br><a href="https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html">https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html">https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html</a><br><a href="https://security.netapp.com/advisory/ntap-20210827-0010/">https://security.netapp.com/advisory/ntap-20210827-0010/</a><br><a href="https://ubuntu.com/security/notices/USN-5051-1">https://ubuntu.com/security/notices/USN-5051-1</a><br><a href="https://ubuntu.com/security/notices/USN-5051-2">https://ubuntu.com/security/notices/USN-5051-2</a><br><a href="https://ubuntu.com/security/notices/USN-5051-3">https://ubuntu.com/security/notices/USN-5051-3</a><br><a href="https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)">https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)</a><br><a href="https://ubuntu.com/security/notices/USN-5088-1">https://ubuntu.com/security/notices/USN-5088-1</a><br><a href="https://www.debian.org/security/2021/dsa-4963">https://www.debian.org/security/2021/dsa-4963</a><br><a href="https://www.openssl.org/news/secadv/20210824.txt">https://www.openssl.org/news/secadv/20210824.txt</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.tenable.com/security/tns-2021-16">https://www.tenable.com/security/tns-2021-16</a><br></details> |
| openssl-libs | CVE-2021-3712 | MEDIUM | 1:1.1.1k-4.el8 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/08/26/2">http://www.openwall.com/lists/oss-security/2021/08/26/2</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10366">https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10366</a><br><a href="https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html">https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html">https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html</a><br><a href="https://security.netapp.com/advisory/ntap-20210827-0010/">https://security.netapp.com/advisory/ntap-20210827-0010/</a><br><a href="https://ubuntu.com/security/notices/USN-5051-1">https://ubuntu.com/security/notices/USN-5051-1</a><br><a href="https://ubuntu.com/security/notices/USN-5051-2">https://ubuntu.com/security/notices/USN-5051-2</a><br><a href="https://ubuntu.com/security/notices/USN-5051-3">https://ubuntu.com/security/notices/USN-5051-3</a><br><a href="https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)">https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)</a><br><a href="https://ubuntu.com/security/notices/USN-5088-1">https://ubuntu.com/security/notices/USN-5088-1</a><br><a href="https://www.debian.org/security/2021/dsa-4963">https://www.debian.org/security/2021/dsa-4963</a><br><a href="https://www.openssl.org/news/secadv/20210824.txt">https://www.openssl.org/news/secadv/20210824.txt</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.tenable.com/security/tns-2021-16">https://www.tenable.com/security/tns-2021-16</a><br></details> |
| platform-python | CVE-2019-9674 | LOW | 3.6.8-41.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html">http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html">http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html</a><br><a href="https://bugs.python.org/issue36260">https://bugs.python.org/issue36260</a><br><a href="https://bugs.python.org/issue36462">https://bugs.python.org/issue36462</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9674">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9674</a><br><a href="https://github.com/python/cpython/blob/master/Lib/zipfile.py">https://github.com/python/cpython/blob/master/Lib/zipfile.py</a><br><a href="https://python-security.readthedocs.io/security.html#archives-and-zip-bomb">https://python-security.readthedocs.io/security.html#archives-and-zip-bomb</a><br><a href="https://security.netapp.com/advisory/ntap-20200221-0003/">https://security.netapp.com/advisory/ntap-20200221-0003/</a><br><a href="https://ubuntu.com/security/notices/USN-4428-1">https://ubuntu.com/security/notices/USN-4428-1</a><br><a href="https://ubuntu.com/security/notices/USN-4754-3">https://ubuntu.com/security/notices/USN-4754-3</a><br><a href="https://usn.ubuntu.com/4428-1/">https://usn.ubuntu.com/4428-1/</a><br><a href="https://www.python.org/news/security/">https://www.python.org/news/security/</a><br></details> |
| platform-python | CVE-2021-3737 | LOW | 3.6.8-41.el8 | | <details><summary>Expand...</summary><a href="https://bugs.python.org/issue44022">https://bugs.python.org/issue44022</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737</a><br><a href="https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)">https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)</a><br><a href="https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)">https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)</a><br><a href="https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14">https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14</a><br><a href="https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)">https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)</a><br><a href="https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)">https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)</a><br><a href="https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)">https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)</a><br><a href="https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)">https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)</a><br><a href="https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)">https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)</a><br><a href="https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)">https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)</a><br><a href="https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)">https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)</a><br><a href="https://github.com/python/cpython/pull/25916">https://github.com/python/cpython/pull/25916</a><br><a href="https://github.com/python/cpython/pull/26503">https://github.com/python/cpython/pull/26503</a><br><a href="https://ubuntu.com/security/notices/USN-5083-1">https://ubuntu.com/security/notices/USN-5083-1</a><br></details> |
| platform-python-pip | CVE-2018-20225 | LOW | 9.0.3-20.el8 | | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1835736">https://bugzilla.redhat.com/show_bug.cgi?id=1835736</a><br><a href="https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html">https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html</a><br><a href="https://lists.apache.org/thread.html/rb1adce798445facd032870d644eb39c4baaf9c4a7dd5477d12bb6ab2@%3Cgithub.arrow.apache.org%3E">https://lists.apache.org/thread.html/rb1adce798445facd032870d644eb39c4baaf9c4a7dd5477d12bb6ab2@%3Cgithub.arrow.apache.org%3E</a><br><a href="https://pip.pypa.io/en/stable/news/">https://pip.pypa.io/en/stable/news/</a><br></details> |
| python3-libs | CVE-2019-9674 | LOW | 3.6.8-41.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html">http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html">http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html</a><br><a href="https://bugs.python.org/issue36260">https://bugs.python.org/issue36260</a><br><a href="https://bugs.python.org/issue36462">https://bugs.python.org/issue36462</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9674">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9674</a><br><a href="https://github.com/python/cpython/blob/master/Lib/zipfile.py">https://github.com/python/cpython/blob/master/Lib/zipfile.py</a><br><a href="https://python-security.readthedocs.io/security.html#archives-and-zip-bomb">https://python-security.readthedocs.io/security.html#archives-and-zip-bomb</a><br><a href="https://security.netapp.com/advisory/ntap-20200221-0003/">https://security.netapp.com/advisory/ntap-20200221-0003/</a><br><a href="https://ubuntu.com/security/notices/USN-4428-1">https://ubuntu.com/security/notices/USN-4428-1</a><br><a href="https://ubuntu.com/security/notices/USN-4754-3">https://ubuntu.com/security/notices/USN-4754-3</a><br><a href="https://usn.ubuntu.com/4428-1/">https://usn.ubuntu.com/4428-1/</a><br><a href="https://www.python.org/news/security/">https://www.python.org/news/security/</a><br></details> |
| python3-libs | CVE-2021-3737 | LOW | 3.6.8-41.el8 | | <details><summary>Expand...</summary><a href="https://bugs.python.org/issue44022">https://bugs.python.org/issue44022</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737</a><br><a href="https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)">https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)</a><br><a href="https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)">https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)</a><br><a href="https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14">https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14</a><br><a href="https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)">https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)</a><br><a href="https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)">https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)</a><br><a href="https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)">https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)</a><br><a href="https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)">https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)</a><br><a href="https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)">https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)</a><br><a href="https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)">https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)</a><br><a href="https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)">https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)</a><br><a href="https://github.com/python/cpython/pull/25916">https://github.com/python/cpython/pull/25916</a><br><a href="https://github.com/python/cpython/pull/26503">https://github.com/python/cpython/pull/26503</a><br><a href="https://ubuntu.com/security/notices/USN-5083-1">https://ubuntu.com/security/notices/USN-5083-1</a><br></details> |
| python3-pip-wheel | CVE-2018-20225 | LOW | 9.0.3-20.el8 | | <details><summary>Expand...</summary><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1835736">https://bugzilla.redhat.com/show_bug.cgi?id=1835736</a><br><a href="https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html">https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html</a><br><a href="https://lists.apache.org/thread.html/rb1adce798445facd032870d644eb39c4baaf9c4a7dd5477d12bb6ab2@%3Cgithub.arrow.apache.org%3E">https://lists.apache.org/thread.html/rb1adce798445facd032870d644eb39c4baaf9c4a7dd5477d12bb6ab2@%3Cgithub.arrow.apache.org%3E</a><br><a href="https://pip.pypa.io/en/stable/news/">https://pip.pypa.io/en/stable/news/</a><br></details> |
| rpm | CVE-2021-3521 | MEDIUM | 4.14.3-19.el8 | | <details><summary>Expand...</summary></details> |
| rpm | CVE-2021-35937 | MEDIUM | 4.14.3-19.el8 | | <details><summary>Expand...</summary></details> |
| rpm | CVE-2021-35938 | MEDIUM | 4.14.3-19.el8 | | <details><summary>Expand...</summary></details> |
| rpm | CVE-2021-35939 | MEDIUM | 4.14.3-19.el8 | | <details><summary>Expand...</summary></details> |
| rpm-libs | CVE-2021-3521 | MEDIUM | 4.14.3-19.el8 | | <details><summary>Expand...</summary></details> |
| rpm-libs | CVE-2021-35937 | MEDIUM | 4.14.3-19.el8 | | <details><summary>Expand...</summary></details> |
| rpm-libs | CVE-2021-35938 | MEDIUM | 4.14.3-19.el8 | | <details><summary>Expand...</summary></details> |
| rpm-libs | CVE-2021-35939 | MEDIUM | 4.14.3-19.el8 | | <details><summary>Expand...</summary></details> |
| sqlite-libs | CVE-2019-19244 | LOW | 3.26.0-15.el8 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244</a><br><a href="https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348">https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348</a><br><a href="https://ubuntu.com/security/notices/USN-4205-1">https://ubuntu.com/security/notices/USN-4205-1</a><br><a href="https://usn.ubuntu.com/4205-1/">https://usn.ubuntu.com/4205-1/</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br></details> |
| sqlite-libs | CVE-2019-9936 | LOW | 3.26.0-15.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html">http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html</a><br><a href="http://www.securityfocus.com/bid/107562">http://www.securityfocus.com/bid/107562</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9936">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9936</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html">https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/</a><br><a href="https://security.gentoo.org/glsa/201908-09">https://security.gentoo.org/glsa/201908-09</a><br><a href="https://security.netapp.com/advisory/ntap-20190416-0005/">https://security.netapp.com/advisory/ntap-20190416-0005/</a><br><a href="https://sqlite.org/src/info/b3fa58dd7403dbd4">https://sqlite.org/src/info/b3fa58dd7403dbd4</a><br><a href="https://ubuntu.com/security/notices/USN-4019-1">https://ubuntu.com/security/notices/USN-4019-1</a><br><a href="https://usn.ubuntu.com/4019-1/">https://usn.ubuntu.com/4019-1/</a><br><a href="https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114382.html">https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114382.html</a><br><a href="https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114394.html">https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114394.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| sqlite-libs | CVE-2019-9937 | LOW | 3.26.0-15.el8 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html">http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html</a><br><a href="http://www.securityfocus.com/bid/107562">http://www.securityfocus.com/bid/107562</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9937">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9937</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html">https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/</a><br><a href="https://security.gentoo.org/glsa/201908-09">https://security.gentoo.org/glsa/201908-09</a><br><a href="https://security.netapp.com/advisory/ntap-20190416-0005/">https://security.netapp.com/advisory/ntap-20190416-0005/</a><br><a href="https://sqlite.org/src/info/45c73deb440496e8">https://sqlite.org/src/info/45c73deb440496e8</a><br><a href="https://ubuntu.com/security/notices/USN-4019-1">https://ubuntu.com/security/notices/USN-4019-1</a><br><a href="https://usn.ubuntu.com/4019-1/">https://usn.ubuntu.com/4019-1/</a><br><a href="https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114383.html">https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114383.html</a><br><a href="https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114393.html">https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114393.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| systemd | CVE-2018-20839 | MEDIUM | 239-51.el8 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/108389">http://www.securityfocus.com/bid/108389</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993">https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993</a><br><a href="https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f">https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f</a><br><a href="https://github.com/systemd/systemd/pull/12378">https://github.com/systemd/systemd/pull/12378</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security.netapp.com/advisory/ntap-20190530-0002/">https://security.netapp.com/advisory/ntap-20190530-0002/</a><br></details> |
| systemd-libs | CVE-2018-20839 | MEDIUM | 239-51.el8 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/108389">http://www.securityfocus.com/bid/108389</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993">https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993</a><br><a href="https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f">https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f</a><br><a href="https://github.com/systemd/systemd/pull/12378">https://github.com/systemd/systemd/pull/12378</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security.netapp.com/advisory/ntap-20190530-0002/">https://security.netapp.com/advisory/ntap-20190530-0002/</a><br></details> |
| systemd-pam | CVE-2018-20839 | MEDIUM | 239-51.el8 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/108389">http://www.securityfocus.com/bid/108389</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993">https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993</a><br><a href="https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f">https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f</a><br><a href="https://github.com/systemd/systemd/pull/12378">https://github.com/systemd/systemd/pull/12378</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security.netapp.com/advisory/ntap-20190530-0002/">https://security.netapp.com/advisory/ntap-20190530-0002/</a><br></details> |
**gobinary**
| No Vulnerabilities found |
|:---------------------------------|