189 lines
164 KiB
Markdown
189 lines
164 KiB
Markdown
---
|
||
hide:
|
||
- toc
|
||
---
|
||
|
||
# Security Overview
|
||
|
||
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
|
||
|
||
## Helm-Chart
|
||
|
||
##### Scan Results
|
||
|
||
#### Chart Object: dillinger/templates/common.yaml
|
||
|
||
|
||
|
||
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|
||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-dillinger' of Deployment 'RELEASE-NAME-dillinger' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should set 'resources.limits.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details> |
|
||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'RELEASE-NAME-dillinger' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should set 'resources.requests.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details> |
|
||
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should set 'resources.requests.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details> |
|
||
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.privileged' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv017">https://avd.aquasec.com/appshield/ksv017</a><br></details> |
|
||
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should set 'resources.limits.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details> |
|
||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'RELEASE-NAME-dillinger' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'RELEASE-NAME-dillinger' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-dillinger' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | <details><summary>Expand...</summary> HostPath volumes must be forbidden. <br> <hr> <br> Deployment 'RELEASE-NAME-dillinger' should not set 'spec.template.volumes.hostPath' </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv023">https://avd.aquasec.com/appshield/ksv023</a><br></details> |
|
||
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> Deployment 'RELEASE-NAME-dillinger' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
|
||
|
||
## Containers
|
||
|
||
##### Detected Containers
|
||
|
||
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
|
||
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
|
||
tccr.io/truecharts/dillinger:v3.39.1
|
||
|
||
##### Scan Results
|
||
|
||
|
||
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
|
||
|
||
|
||
**alpine**
|
||
|
||
|
||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
|
||
| curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
|
||
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1642.html">https://errata.almalinux.org/8/ALSA-2022-1642.html</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-2213.html">https://linux.oracle.com/errata/ELSA-2022-2213.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
|
||
|
||
|
||
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
|
||
|
||
|
||
**alpine**
|
||
|
||
|
||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
|
||
| curl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| curl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-22576 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| libcurl | CVE-2022-27775 | LOW | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
|
||
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
|
||
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1642.html">https://errata.almalinux.org/8/ALSA-2022-1642.html</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-2213.html">https://linux.oracle.com/errata/ELSA-2022-2213.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
|
||
|
||
|
||
#### Container: Node.js
|
||
|
||
|
||
**node-pkg**
|
||
|
||
|
||
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|
||
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
|
||
| acorn | GHSA-6chw-6frg-f759 | HIGH | 5.7.3 | 5.7.4, 7.1.1, 6.4.1 | <details><summary>Expand...</summary><a href="https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802">https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802</a><br><a href="https://github.com/acornjs/acorn/issues/929">https://github.com/acornjs/acorn/issues/929</a><br><a href="https://github.com/advisories/GHSA-6chw-6frg-f759">https://github.com/advisories/GHSA-6chw-6frg-f759</a><br><a href="https://snyk.io/vuln/SNYK-JS-ACORN-559469">https://snyk.io/vuln/SNYK-JS-ACORN-559469</a><br><a href="https://www.npmjs.com/advisories/1488">https://www.npmjs.com/advisories/1488</a><br></details> |
|
||
| acorn | GHSA-6chw-6frg-f759 | HIGH | 7.1.0 | 5.7.4, 7.1.1, 6.4.1 | <details><summary>Expand...</summary><a href="https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802">https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802</a><br><a href="https://github.com/acornjs/acorn/issues/929">https://github.com/acornjs/acorn/issues/929</a><br><a href="https://github.com/advisories/GHSA-6chw-6frg-f759">https://github.com/advisories/GHSA-6chw-6frg-f759</a><br><a href="https://snyk.io/vuln/SNYK-JS-ACORN-559469">https://snyk.io/vuln/SNYK-JS-ACORN-559469</a><br><a href="https://www.npmjs.com/advisories/1488">https://www.npmjs.com/advisories/1488</a><br></details> |
|
||
| ajv | CVE-2020-15366 | MEDIUM | 6.10.2 | 6.12.3 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-15366">https://access.redhat.com/security/cve/CVE-2020-15366</a><br><a href="https://errata.almalinux.org/8/ALSA-2021-0551.html">https://errata.almalinux.org/8/ALSA-2021-0551.html</a><br><a href="https://github.com/advisories/GHSA-v88g-cgmw-v5xw">https://github.com/advisories/GHSA-v88g-cgmw-v5xw</a><br><a href="https://github.com/ajv-validator/ajv/commit/65b2f7d76b190ac63a0d4e9154c712d7aa37049f">https://github.com/ajv-validator/ajv/commit/65b2f7d76b190ac63a0d4e9154c712d7aa37049f</a><br><a href="https://github.com/ajv-validator/ajv/releases/tag/v6.12.3">https://github.com/ajv-validator/ajv/releases/tag/v6.12.3</a><br><a href="https://github.com/ajv-validator/ajv/tags">https://github.com/ajv-validator/ajv/tags</a><br><a href="https://hackerone.com/bugs?subject=user&report_id=894259">https://hackerone.com/bugs?subject=user&report_id=894259</a><br><a href="https://linux.oracle.com/cve/CVE-2020-15366.html">https://linux.oracle.com/cve/CVE-2020-15366.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-0551.html">https://linux.oracle.com/errata/ELSA-2021-0551.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-15366">https://nvd.nist.gov/vuln/detail/CVE-2020-15366</a><br><a href="https://snyk.io/vuln/SNYK-JS-AJV-584908">https://snyk.io/vuln/SNYK-JS-AJV-584908</a><br></details> |
|
||
| angular | CVE-2020-7676 | MEDIUM | 1.7.9 | 1.8.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-7676">https://access.redhat.com/security/cve/CVE-2020-7676</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7676">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7676</a><br><a href="https://github.com/advisories/GHSA-mhp6-pxh8-r675">https://github.com/advisories/GHSA-mhp6-pxh8-r675</a><br><a href="https://github.com/angular/angular.js/pull/17028">https://github.com/angular/angular.js/pull/17028</a><br><a href="https://github.com/angular/angular.js/pull/17028,">https://github.com/angular/angular.js/pull/17028,</a><br><a href="https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b@%3Cozone-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b@%3Cozone-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20@%3Cozone-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20@%3Cozone-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1@%3Cozone-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1@%3Cozone-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b@%3Cozone-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b@%3Cozone-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b@%3Cozone-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b@%3Cozone-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7@%3Cozone-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7@%3Cozone-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1@%3Cozone-commits.hadoop.apache.org%3E">https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1@%3Cozone-commits.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02@%3Cozone-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02@%3Cozone-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a@%3Cozone-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a@%3Cozone-issues.hadoop.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-7676">https://nvd.nist.gov/vuln/detail/CVE-2020-7676</a><br><a href="https://snyk.io/vuln/SNYK-JS-ANGULAR-570058">https://snyk.io/vuln/SNYK-JS-ANGULAR-570058</a><br></details> |
|
||
| angular | CVE-2022-25844 | MEDIUM | 1.7.9 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-25844">https://access.redhat.com/security/cve/CVE-2022-25844</a><br><a href="https://github.com/advisories/GHSA-m2h2-264f-f486">https://github.com/advisories/GHSA-m2h2-264f-f486</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25844">https://nvd.nist.gov/vuln/detail/CVE-2022-25844</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2772736">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2772736</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2772738">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2772738</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2772737">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2772737</a><br><a href="https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735">https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735</a><br><a href="https://stackblitz.com/edit/angularjs-material-blank-zvtdvb">https://stackblitz.com/edit/angularjs-material-blank-zvtdvb</a><br></details> |
|
||
| angular | GHSA-5cp4-xmrw-59wf | MEDIUM | 1.7.9 | 1.8.0 | <details><summary>Expand...</summary><a href="https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/">https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/</a><br><a href="https://github.com/advisories/GHSA-5cp4-xmrw-59wf">https://github.com/advisories/GHSA-5cp4-xmrw-59wf</a><br><a href="https://github.com/advisories/GHSA-mhp6-pxh8-r675">https://github.com/advisories/GHSA-mhp6-pxh8-r675</a><br><a href="https://github.com/google/security-research/security/advisories/GHSA-5cp4-xmrw-59wf">https://github.com/google/security-research/security/advisories/GHSA-5cp4-xmrw-59wf</a><br><a href="https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2">https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2</a><br><a href="https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6">https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6</a><br><a href="https://snyk.io/vuln/SNYK-JS-ANGULAR-570058">https://snyk.io/vuln/SNYK-JS-ANGULAR-570058</a><br></details> |
|
||
| ansi-regex | CVE-2021-3807 | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3807">https://access.redhat.com/security/cve/CVE-2021-3807</a><br><a href="https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908">https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908</a><br><a href="https://github.com/advisories/GHSA-93q8-gq69-wqmw">https://github.com/advisories/GHSA-93q8-gq69-wqmw</a><br><a href="https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9">https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9</a><br><a href="https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311">https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311</a><br><a href="https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774">https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774</a><br><a href="https://github.com/chalk/ansi-regex/releases/tag/v6.0.1">https://github.com/chalk/ansi-regex/releases/tag/v6.0.1</a><br><a href="https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994">https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994</a><br><a href="https://linux.oracle.com/cve/CVE-2021-3807.html">https://linux.oracle.com/cve/CVE-2021-3807.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0350.html">https://linux.oracle.com/errata/ELSA-2022-0350.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3807">https://nvd.nist.gov/vuln/detail/CVE-2021-3807</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||
| ansi-regex | CVE-2021-3807 | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3807">https://access.redhat.com/security/cve/CVE-2021-3807</a><br><a href="https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908">https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908</a><br><a href="https://github.com/advisories/GHSA-93q8-gq69-wqmw">https://github.com/advisories/GHSA-93q8-gq69-wqmw</a><br><a href="https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9">https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9</a><br><a href="https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311">https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311</a><br><a href="https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774">https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774</a><br><a href="https://github.com/chalk/ansi-regex/releases/tag/v6.0.1">https://github.com/chalk/ansi-regex/releases/tag/v6.0.1</a><br><a href="https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994">https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994</a><br><a href="https://linux.oracle.com/cve/CVE-2021-3807.html">https://linux.oracle.com/cve/CVE-2021-3807.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0350.html">https://linux.oracle.com/errata/ELSA-2022-0350.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3807">https://nvd.nist.gov/vuln/detail/CVE-2021-3807</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||
| async | CVE-2021-43138 | HIGH | 0.2.10 | 2.6.4, 3.2.2 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-fwr7-v2mv-hh25">https://github.com/advisories/GHSA-fwr7-v2mv-hh25</a><br><a href="https://github.com/caolan/async/blob/master/lib/internal/iterator.js">https://github.com/caolan/async/blob/master/lib/internal/iterator.js</a><br><a href="https://github.com/caolan/async/blob/master/lib/mapValuesLimit.js">https://github.com/caolan/async/blob/master/lib/mapValuesLimit.js</a><br><a href="https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md#v264">https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md#v264</a><br><a href="https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2">https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2</a><br><a href="https://github.com/caolan/async/commit/e1ecdbf79264f9ab488c7799f4c76996d5dca66d">https://github.com/caolan/async/commit/e1ecdbf79264f9ab488c7799f4c76996d5dca66d</a><br><a href="https://github.com/caolan/async/compare/v2.6.3...v2.6.4">https://github.com/caolan/async/compare/v2.6.3...v2.6.4</a><br><a href="https://github.com/caolan/async/pull/1828">https://github.com/caolan/async/pull/1828</a><br><a href="https://jsfiddle.net/oz5twjd9/">https://jsfiddle.net/oz5twjd9/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-43138">https://nvd.nist.gov/vuln/detail/CVE-2021-43138</a><br></details> |
|
||
| async | CVE-2021-43138 | HIGH | 1.4.2 | 2.6.4, 3.2.2 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-fwr7-v2mv-hh25">https://github.com/advisories/GHSA-fwr7-v2mv-hh25</a><br><a href="https://github.com/caolan/async/blob/master/lib/internal/iterator.js">https://github.com/caolan/async/blob/master/lib/internal/iterator.js</a><br><a href="https://github.com/caolan/async/blob/master/lib/mapValuesLimit.js">https://github.com/caolan/async/blob/master/lib/mapValuesLimit.js</a><br><a href="https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md#v264">https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md#v264</a><br><a href="https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2">https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2</a><br><a href="https://github.com/caolan/async/commit/e1ecdbf79264f9ab488c7799f4c76996d5dca66d">https://github.com/caolan/async/commit/e1ecdbf79264f9ab488c7799f4c76996d5dca66d</a><br><a href="https://github.com/caolan/async/compare/v2.6.3...v2.6.4">https://github.com/caolan/async/compare/v2.6.3...v2.6.4</a><br><a href="https://github.com/caolan/async/pull/1828">https://github.com/caolan/async/pull/1828</a><br><a href="https://jsfiddle.net/oz5twjd9/">https://jsfiddle.net/oz5twjd9/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-43138">https://nvd.nist.gov/vuln/detail/CVE-2021-43138</a><br></details> |
|
||
| async | CVE-2021-43138 | HIGH | 1.5.2 | 2.6.4, 3.2.2 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-fwr7-v2mv-hh25">https://github.com/advisories/GHSA-fwr7-v2mv-hh25</a><br><a href="https://github.com/caolan/async/blob/master/lib/internal/iterator.js">https://github.com/caolan/async/blob/master/lib/internal/iterator.js</a><br><a href="https://github.com/caolan/async/blob/master/lib/mapValuesLimit.js">https://github.com/caolan/async/blob/master/lib/mapValuesLimit.js</a><br><a href="https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md#v264">https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md#v264</a><br><a href="https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2">https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2</a><br><a href="https://github.com/caolan/async/commit/e1ecdbf79264f9ab488c7799f4c76996d5dca66d">https://github.com/caolan/async/commit/e1ecdbf79264f9ab488c7799f4c76996d5dca66d</a><br><a href="https://github.com/caolan/async/compare/v2.6.3...v2.6.4">https://github.com/caolan/async/compare/v2.6.3...v2.6.4</a><br><a href="https://github.com/caolan/async/pull/1828">https://github.com/caolan/async/pull/1828</a><br><a href="https://jsfiddle.net/oz5twjd9/">https://jsfiddle.net/oz5twjd9/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-43138">https://nvd.nist.gov/vuln/detail/CVE-2021-43138</a><br></details> |
|
||
| async | CVE-2021-43138 | HIGH | 2.6.3 | 2.6.4, 3.2.2 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-fwr7-v2mv-hh25">https://github.com/advisories/GHSA-fwr7-v2mv-hh25</a><br><a href="https://github.com/caolan/async/blob/master/lib/internal/iterator.js">https://github.com/caolan/async/blob/master/lib/internal/iterator.js</a><br><a href="https://github.com/caolan/async/blob/master/lib/mapValuesLimit.js">https://github.com/caolan/async/blob/master/lib/mapValuesLimit.js</a><br><a href="https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md#v264">https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md#v264</a><br><a href="https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2">https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2</a><br><a href="https://github.com/caolan/async/commit/e1ecdbf79264f9ab488c7799f4c76996d5dca66d">https://github.com/caolan/async/commit/e1ecdbf79264f9ab488c7799f4c76996d5dca66d</a><br><a href="https://github.com/caolan/async/compare/v2.6.3...v2.6.4">https://github.com/caolan/async/compare/v2.6.3...v2.6.4</a><br><a href="https://github.com/caolan/async/pull/1828">https://github.com/caolan/async/pull/1828</a><br><a href="https://jsfiddle.net/oz5twjd9/">https://jsfiddle.net/oz5twjd9/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-43138">https://nvd.nist.gov/vuln/detail/CVE-2021-43138</a><br></details> |
|
||
| base64url | NSWG-ECO-428 | HIGH | 0.0.6 | >=3.0.0 | <details><summary>Expand...</summary><a href="https://github.com/brianloveswords/base64url/pull/25">https://github.com/brianloveswords/base64url/pull/25</a><br><a href="https://hackerone.com/reports/321687">https://hackerone.com/reports/321687</a><br></details> |
|
||
| base64url | GHSA-rvg8-pwq2-xj7q | MEDIUM | 0.0.6 | 3.0.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-rvg8-pwq2-xj7q">https://github.com/advisories/GHSA-rvg8-pwq2-xj7q</a><br><a href="https://github.com/brianloveswords/base64url/pull/25">https://github.com/brianloveswords/base64url/pull/25</a><br><a href="https://hackerone.com/reports/321687">https://hackerone.com/reports/321687</a><br><a href="https://www.npmjs.com/advisories/658">https://www.npmjs.com/advisories/658</a><br></details> |
|
||
| base64url | NSWG-ECO-428 | HIGH | 1.0.6 | >=3.0.0 | <details><summary>Expand...</summary><a href="https://github.com/brianloveswords/base64url/pull/25">https://github.com/brianloveswords/base64url/pull/25</a><br><a href="https://hackerone.com/reports/321687">https://hackerone.com/reports/321687</a><br></details> |
|
||
| base64url | GHSA-rvg8-pwq2-xj7q | MEDIUM | 1.0.6 | 3.0.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-rvg8-pwq2-xj7q">https://github.com/advisories/GHSA-rvg8-pwq2-xj7q</a><br><a href="https://github.com/brianloveswords/base64url/pull/25">https://github.com/brianloveswords/base64url/pull/25</a><br><a href="https://hackerone.com/reports/321687">https://hackerone.com/reports/321687</a><br><a href="https://www.npmjs.com/advisories/658">https://www.npmjs.com/advisories/658</a><br></details> |
|
||
| bl | CVE-2020-8244 | HIGH | 1.0.3 | 2.2.1, 1.2.3, 4.0.3, 3.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-8244">https://access.redhat.com/security/cve/CVE-2020-8244</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8244">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8244</a><br><a href="https://github.com/advisories/GHSA-pp7h-53gx-mx7r">https://github.com/advisories/GHSA-pp7h-53gx-mx7r</a><br><a href="https://github.com/rvagg/bl/commit/8a8c13c880e2bef519133ea43e0e9b78b5d0c91e">https://github.com/rvagg/bl/commit/8a8c13c880e2bef519133ea43e0e9b78b5d0c91e</a><br><a href="https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190">https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190</a><br><a href="https://github.com/rvagg/bl/commit/dacc4ac7d5fcd6201bcf26fbd886951be9537466">https://github.com/rvagg/bl/commit/dacc4ac7d5fcd6201bcf26fbd886951be9537466</a><br><a href="https://hackerone.com/reports/966347">https://hackerone.com/reports/966347</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-8244">https://nvd.nist.gov/vuln/detail/CVE-2020-8244</a><br><a href="https://ubuntu.com/security/notices/USN-5098-1">https://ubuntu.com/security/notices/USN-5098-1</a><br></details> |
|
||
| bl | CVE-2020-8244 | HIGH | 1.1.2 | 2.2.1, 1.2.3, 4.0.3, 3.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-8244">https://access.redhat.com/security/cve/CVE-2020-8244</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8244">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8244</a><br><a href="https://github.com/advisories/GHSA-pp7h-53gx-mx7r">https://github.com/advisories/GHSA-pp7h-53gx-mx7r</a><br><a href="https://github.com/rvagg/bl/commit/8a8c13c880e2bef519133ea43e0e9b78b5d0c91e">https://github.com/rvagg/bl/commit/8a8c13c880e2bef519133ea43e0e9b78b5d0c91e</a><br><a href="https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190">https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190</a><br><a href="https://github.com/rvagg/bl/commit/dacc4ac7d5fcd6201bcf26fbd886951be9537466">https://github.com/rvagg/bl/commit/dacc4ac7d5fcd6201bcf26fbd886951be9537466</a><br><a href="https://hackerone.com/reports/966347">https://hackerone.com/reports/966347</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-8244">https://nvd.nist.gov/vuln/detail/CVE-2020-8244</a><br><a href="https://ubuntu.com/security/notices/USN-5098-1">https://ubuntu.com/security/notices/USN-5098-1</a><br></details> |
|
||
| braces | CVE-2018-1109 | LOW | 1.8.5 | 2.3.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-1109">https://access.redhat.com/security/cve/CVE-2018-1109</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1547272">https://bugzilla.redhat.com/show_bug.cgi?id=1547272</a><br><a href="https://github.com/advisories/GHSA-cwfw-4gq5-mrqx">https://github.com/advisories/GHSA-cwfw-4gq5-mrqx</a><br><a href="https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451">https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1109">https://nvd.nist.gov/vuln/detail/CVE-2018-1109</a><br><a href="https://snyk.io/vuln/npm:braces:20180219">https://snyk.io/vuln/npm:braces:20180219</a><br></details> |
|
||
| braces | GHSA-g95f-p29q-9xw4 | LOW | 1.8.5 | 2.3.1 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-g95f-p29q-9xw4">https://github.com/advisories/GHSA-g95f-p29q-9xw4</a><br><a href="https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451">https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451</a><br><a href="https://snyk.io/vuln/npm:braces:20180219">https://snyk.io/vuln/npm:braces:20180219</a><br><a href="https://www.npmjs.com/advisories/786">https://www.npmjs.com/advisories/786</a><br></details> |
|
||
| deep-extend | CVE-2018-3750 | CRITICAL | 0.2.11 | 0.5.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-3750">https://access.redhat.com/security/cve/CVE-2018-3750</a><br><a href="https://errata.almalinux.org/8/ALSA-2021-0549.html">https://errata.almalinux.org/8/ALSA-2021-0549.html</a><br><a href="https://github.com/advisories/GHSA-hr2v-3952-633q">https://github.com/advisories/GHSA-hr2v-3952-633q</a><br><a href="https://hackerone.com/reports/311333">https://hackerone.com/reports/311333</a><br><a href="https://nodesecurity.io/advisories/612">https://nodesecurity.io/advisories/612</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-3750">https://nvd.nist.gov/vuln/detail/CVE-2018-3750</a><br><a href="https://www.npmjs.com/advisories/612">https://www.npmjs.com/advisories/612</a><br></details> |
|
||
| deep-extend | NSWG-ECO-408 | LOW | 0.2.11 | >=0.5.1 | <details><summary>Expand...</summary><a href="https://hackerone.com/reports/311333">https://hackerone.com/reports/311333</a><br></details> |
|
||
| ejs | CVE-2022-29078 | HIGH | 2.7.2 | 3.1.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29078">https://access.redhat.com/security/cve/CVE-2022-29078</a><br><a href="https://eslam.io/posts/ejs-server-side-template-injection-rce/">https://eslam.io/posts/ejs-server-side-template-injection-rce/</a><br><a href="https://github.com/advisories/GHSA-phwq-j96m-2c2q">https://github.com/advisories/GHSA-phwq-j96m-2c2q</a><br><a href="https://github.com/mde/ejs/commit/15ee698583c98dadc456639d6245580d17a24baf">https://github.com/mde/ejs/commit/15ee698583c98dadc456639d6245580d17a24baf</a><br><a href="https://github.com/mde/ejs/releases">https://github.com/mde/ejs/releases</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29078">https://nvd.nist.gov/vuln/detail/CVE-2022-29078</a><br></details> |
|
||
| glob-parent | CVE-2020-28469 | HIGH | 2.0.0 | 5.1.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-28469">https://access.redhat.com/security/cve/CVE-2020-28469</a><br><a href="https://github.com/advisories/GHSA-ww39-953v-wcq6">https://github.com/advisories/GHSA-ww39-953v-wcq6</a><br><a href="https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9">https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9</a><br><a href="https://github.com/gulpjs/glob-parent/pull/36">https://github.com/gulpjs/glob-parent/pull/36</a><br><a href="https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2">https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2</a><br><a href="https://linux.oracle.com/cve/CVE-2020-28469.html">https://linux.oracle.com/cve/CVE-2020-28469.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0350.html">https://linux.oracle.com/errata/ELSA-2022-0350.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-28469">https://nvd.nist.gov/vuln/detail/CVE-2020-28469</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092</a><br><a href="https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905">https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br></details> |
|
||
| glob-parent | CVE-2020-28469 | HIGH | 5.1.0 | 5.1.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-28469">https://access.redhat.com/security/cve/CVE-2020-28469</a><br><a href="https://github.com/advisories/GHSA-ww39-953v-wcq6">https://github.com/advisories/GHSA-ww39-953v-wcq6</a><br><a href="https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9">https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9</a><br><a href="https://github.com/gulpjs/glob-parent/pull/36">https://github.com/gulpjs/glob-parent/pull/36</a><br><a href="https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2">https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2</a><br><a href="https://linux.oracle.com/cve/CVE-2020-28469.html">https://linux.oracle.com/cve/CVE-2020-28469.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0350.html">https://linux.oracle.com/errata/ELSA-2022-0350.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-28469">https://nvd.nist.gov/vuln/detail/CVE-2020-28469</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092</a><br><a href="https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905">https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br></details> |
|
||
| googleapis | GHSA-7543-mr7h-6v86 | HIGH | 2.1.7 | 39.1.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-7543-mr7h-6v86">https://github.com/advisories/GHSA-7543-mr7h-6v86</a><br><a href="https://github.com/googleapis/google-api-nodejs-client/issues/1594">https://github.com/googleapis/google-api-nodejs-client/issues/1594</a><br><a href="https://www.npmjs.com/advisories/791">https://www.npmjs.com/advisories/791</a><br></details> |
|
||
| highlight.js | CVE-2020-26237 | LOW | 8.9.1 | 10.1.2, 9.18.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-26237">https://access.redhat.com/security/cve/CVE-2020-26237</a><br><a href="https://github.com/advisories/GHSA-vfrc-7r7c-w9mx">https://github.com/advisories/GHSA-vfrc-7r7c-w9mx</a><br><a href="https://github.com/highlightjs/highlight.js/commit/7241013ae011a585983e176ddc0489a7a52f6bb0">https://github.com/highlightjs/highlight.js/commit/7241013ae011a585983e176ddc0489a7a52f6bb0</a><br><a href="https://github.com/highlightjs/highlight.js/pull/2636">https://github.com/highlightjs/highlight.js/pull/2636</a><br><a href="https://github.com/highlightjs/highlight.js/security/advisories/GHSA-vfrc-7r7c-w9mx">https://github.com/highlightjs/highlight.js/security/advisories/GHSA-vfrc-7r7c-w9mx</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/12/msg00041.html">https://lists.debian.org/debian-lts-announce/2020/12/msg00041.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-26237">https://nvd.nist.gov/vuln/detail/CVE-2020-26237</a><br><a href="https://www.npmjs.com/package/highlight.js">https://www.npmjs.com/package/highlight.js</a><br></details> |
|
||
| highlight.js | GHSA-7wwv-vh3v-89cq | MEDIUM | 9.18.0 | 10.4.1 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-7wwv-vh3v-89cq">https://github.com/advisories/GHSA-7wwv-vh3v-89cq</a><br><a href="https://github.com/highlightjs/highlight.js/commit/373b9d862401162e832ce77305e49b859e110f9c">https://github.com/highlightjs/highlight.js/commit/373b9d862401162e832ce77305e49b859e110f9c</a><br><a href="https://github.com/highlightjs/highlight.js/security/advisories/GHSA-7wwv-vh3v-89cq">https://github.com/highlightjs/highlight.js/security/advisories/GHSA-7wwv-vh3v-89cq</a><br><a href="https://www.npmjs.com/package/@highlightjs/cdn-assets">https://www.npmjs.com/package/@highlightjs/cdn-assets</a><br><a href="https://www.npmjs.com/package/highlight.js">https://www.npmjs.com/package/highlight.js</a><br></details> |
|
||
| highlight.js | CVE-2020-26237 | LOW | 9.18.0 | 10.1.2, 9.18.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-26237">https://access.redhat.com/security/cve/CVE-2020-26237</a><br><a href="https://github.com/advisories/GHSA-vfrc-7r7c-w9mx">https://github.com/advisories/GHSA-vfrc-7r7c-w9mx</a><br><a href="https://github.com/highlightjs/highlight.js/commit/7241013ae011a585983e176ddc0489a7a52f6bb0">https://github.com/highlightjs/highlight.js/commit/7241013ae011a585983e176ddc0489a7a52f6bb0</a><br><a href="https://github.com/highlightjs/highlight.js/pull/2636">https://github.com/highlightjs/highlight.js/pull/2636</a><br><a href="https://github.com/highlightjs/highlight.js/security/advisories/GHSA-vfrc-7r7c-w9mx">https://github.com/highlightjs/highlight.js/security/advisories/GHSA-vfrc-7r7c-w9mx</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/12/msg00041.html">https://lists.debian.org/debian-lts-announce/2020/12/msg00041.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-26237">https://nvd.nist.gov/vuln/detail/CVE-2020-26237</a><br><a href="https://www.npmjs.com/package/highlight.js">https://www.npmjs.com/package/highlight.js</a><br></details> |
|
||
| hoek | CVE-2018-3728 | LOW | 2.16.3 | >=5.0.3 >=4.2.1 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/103108">http://www.securityfocus.com/bid/103108</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1263">https://access.redhat.com/errata/RHSA-2018:1263</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1264">https://access.redhat.com/errata/RHSA-2018:1264</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-3728">https://access.redhat.com/security/cve/CVE-2018-3728</a><br><a href="https://github.com/advisories/GHSA-jp4x-w63m-7wgm">https://github.com/advisories/GHSA-jp4x-w63m-7wgm</a><br><a href="https://github.com/hapijs/hoek/commit/32ed5c9413321fbc37da5ca81a7cbab693786dee">https://github.com/hapijs/hoek/commit/32ed5c9413321fbc37da5ca81a7cbab693786dee</a><br><a href="https://hackerone.com/reports/310439">https://hackerone.com/reports/310439</a><br><a href="https://nodesecurity.io/advisories/566">https://nodesecurity.io/advisories/566</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-3728">https://nvd.nist.gov/vuln/detail/CVE-2018-3728</a><br><a href="https://snyk.io/vuln/npm:hoek:20180212">https://snyk.io/vuln/npm:hoek:20180212</a><br><a href="https://www.npmjs.com/advisories/566">https://www.npmjs.com/advisories/566</a><br></details> |
|
||
| hosted-git-info | CVE-2021-23362 | MEDIUM | 2.8.5 | 2.8.9, 3.0.8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-23362">https://access.redhat.com/security/cve/CVE-2021-23362</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf</a><br><a href="https://errata.almalinux.org/8/ALSA-2021-3074.html">https://errata.almalinux.org/8/ALSA-2021-3074.html</a><br><a href="https://github.com/advisories/GHSA-43f8-2h32-f4cj">https://github.com/advisories/GHSA-43f8-2h32-f4cj</a><br><a href="https://github.com/npm/hosted-git-info/commit/29adfe5ef789784c861b2cdeb15051ec2ba651a7">https://github.com/npm/hosted-git-info/commit/29adfe5ef789784c861b2cdeb15051ec2ba651a7</a><br><a href="https://github.com/npm/hosted-git-info/commit/8d4b3697d79bcd89cdb36d1db165e3696c783a01">https://github.com/npm/hosted-git-info/commit/8d4b3697d79bcd89cdb36d1db165e3696c783a01</a><br><a href="https://github.com/npm/hosted-git-info/commit/bede0dc38e1785e732bf0a48ba6f81a4a908eba3">https://github.com/npm/hosted-git-info/commit/bede0dc38e1785e732bf0a48ba6f81a4a908eba3</a><br><a href="https://github.com/npm/hosted-git-info/commits/v2">https://github.com/npm/hosted-git-info/commits/v2</a><br><a href="https://github.com/npm/hosted-git-info/pull/76">https://github.com/npm/hosted-git-info/pull/76</a><br><a href="https://linux.oracle.com/cve/CVE-2021-23362.html">https://linux.oracle.com/cve/CVE-2021-23362.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3074.html">https://linux.oracle.com/errata/ELSA-2021-3074.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23362">https://nvd.nist.gov/vuln/detail/CVE-2021-23362</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1088356">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1088356</a><br><a href="https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355">https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355</a><br></details> |
|
||
| ini | CVE-2020-7788 | HIGH | 1.1.0 | 1.3.6 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-7788">https://access.redhat.com/security/cve/CVE-2020-7788</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7788">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7788</a><br><a href="https://github.com/advisories/GHSA-qqgx-2p2h-9c37">https://github.com/advisories/GHSA-qqgx-2p2h-9c37</a><br><a href="https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1">https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1</a><br><a href="https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1 (v1.3.6)">https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1 (v1.3.6)</a><br><a href="https://linux.oracle.com/cve/CVE-2020-7788.html">https://linux.oracle.com/cve/CVE-2020-7788.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0350.html">https://linux.oracle.com/errata/ELSA-2022-0350.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/12/msg00032.html">https://lists.debian.org/debian-lts-announce/2020/12/msg00032.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-7788">https://nvd.nist.gov/vuln/detail/CVE-2020-7788</a><br><a href="https://snyk.io/vuln/SNYK-JS-INI-1048974">https://snyk.io/vuln/SNYK-JS-INI-1048974</a><br><a href="https://www.npmjs.com/advisories/1589">https://www.npmjs.com/advisories/1589</a><br></details> |
|
||
| jquery | CVE-2020-11022 | MEDIUM | 3.4.1 | 3.5.0 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html">http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html">http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html">http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html</a><br><a href="http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html">http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-11022">https://access.redhat.com/security/cve/CVE-2020-11022</a><br><a href="https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/">https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/</a><br><a href="https://github.com/advisories/GHSA-gxr4-xjj5-5px2">https://github.com/advisories/GHSA-gxr4-xjj5-5px2</a><br><a href="https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77">https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77</a><br><a href="https://github.com/jquery/jquery/releases/tag/3.5.0">https://github.com/jquery/jquery/releases/tag/3.5.0</a><br><a href="https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2">https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2</a><br><a href="https://jquery.com/upgrade-guide/3.5/">https://jquery.com/upgrade-guide/3.5/</a><br><a href="https://linux.oracle.com/cve/CVE-2020-11022.html">https://linux.oracle.com/cve/CVE-2020-11022.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9177.html">https://linux.oracle.com/errata/ELSA-2022-9177.html</a><br><a href="https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E">https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E">https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html">https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-11022">https://nvd.nist.gov/vuln/detail/CVE-2020-11022</a><br><a href="https://security.gentoo.org/glsa/202007-03">https://security.gentoo.org/glsa/202007-03</a><br><a href="https://security.netapp.com/advisory/ntap-20200511-0006/">https://security.netapp.com/advisory/ntap-20200511-0006/</a><br><a href="https://www.debian.org/security/2020/dsa-4693">https://www.debian.org/security/2020/dsa-4693</a><br><a href="https://www.drupal.org/sa-core-2020-002">https://www.drupal.org/sa-core-2020-002</a><br><a href="https://www.npmjs.com/advisories/1518">https://www.npmjs.com/advisories/1518</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.tenable.com/security/tns-2020-10">https://www.tenable.com/security/tns-2020-10</a><br><a href="https://www.tenable.com/security/tns-2020-11">https://www.tenable.com/security/tns-2020-11</a><br><a href="https://www.tenable.com/security/tns-2021-02">https://www.tenable.com/security/tns-2021-02</a><br><a href="https://www.tenable.com/security/tns-2021-10">https://www.tenable.com/security/tns-2021-10</a><br></details> |
|
||
| jquery | CVE-2020-11023 | MEDIUM | 3.4.1 | 3.5.0 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html">http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html">http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html">http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html</a><br><a href="http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html">http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-11023">https://access.redhat.com/security/cve/CVE-2020-11023</a><br><a href="https://blog.jquery.com/2020/04/10/jquery-3-5-0-released">https://blog.jquery.com/2020/04/10/jquery-3-5-0-released</a><br><a href="https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/">https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023</a><br><a href="https://github.com/advisories/GHSA-jpcq-cgw6-v4j6">https://github.com/advisories/GHSA-jpcq-cgw6-v4j6</a><br><a href="https://github.com/jquery/jquery/releases/tag/3.5.0">https://github.com/jquery/jquery/releases/tag/3.5.0</a><br><a href="https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6">https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6</a><br><a href="https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440">https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440</a><br><a href="https://jquery.com/upgrade-guide/3.5/">https://jquery.com/upgrade-guide/3.5/</a><br><a href="https://linux.oracle.com/cve/CVE-2020-11023.html">https://linux.oracle.com/cve/CVE-2020-11023.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-9177.html">https://linux.oracle.com/errata/ELSA-2022-9177.html</a><br><a href="https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E">https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E">https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E">https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E">https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E">https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E">https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E">https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E">https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E">https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E">https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html">https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-11023">https://nvd.nist.gov/vuln/detail/CVE-2020-11023</a><br><a href="https://security.gentoo.org/glsa/202007-03">https://security.gentoo.org/glsa/202007-03</a><br><a href="https://security.netapp.com/advisory/ntap-20200511-0006/">https://security.netapp.com/advisory/ntap-20200511-0006/</a><br><a href="https://www.debian.org/security/2020/dsa-4693">https://www.debian.org/security/2020/dsa-4693</a><br><a href="https://www.drupal.org/sa-core-2020-002">https://www.drupal.org/sa-core-2020-002</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.tenable.com/security/tns-2021-02">https://www.tenable.com/security/tns-2021-02</a><br><a href="https://www.tenable.com/security/tns-2021-10">https://www.tenable.com/security/tns-2021-10</a><br></details> |
|
||
| json-schema | CVE-2021-3918 | MEDIUM | 0.2.3 | 0.4.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3918">https://access.redhat.com/security/cve/CVE-2021-3918</a><br><a href="https://github.com/advisories/GHSA-896r-f27r-55mw">https://github.com/advisories/GHSA-896r-f27r-55mw</a><br><a href="https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741">https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741</a><br><a href="https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a">https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a</a><br><a href="https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa">https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa</a><br><a href="https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9">https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9</a><br><a href="https://linux.oracle.com/cve/CVE-2021-3918.html">https://linux.oracle.com/cve/CVE-2021-3918.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-0350.html">https://linux.oracle.com/errata/ELSA-2022-0350.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3918">https://nvd.nist.gov/vuln/detail/CVE-2021-3918</a><br></details> |
|
||
| jsonpointer | CVE-2021-23807 | MEDIUM | 4.0.1 | 5.0.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-23807">https://access.redhat.com/security/cve/CVE-2021-23807</a><br><a href="https://github.com/advisories/GHSA-282f-qqgm-c34q">https://github.com/advisories/GHSA-282f-qqgm-c34q</a><br><a href="https://github.com/janl/node-jsonpointer/commit/a0345f3550cd9c4d89f33b126390202b89510ad4">https://github.com/janl/node-jsonpointer/commit/a0345f3550cd9c4d89f33b126390202b89510ad4</a><br><a href="https://github.com/janl/node-jsonpointer/pull/51">https://github.com/janl/node-jsonpointer/pull/51</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23807">https://nvd.nist.gov/vuln/detail/CVE-2021-23807</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910273">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910273</a><br><a href="https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577288">https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577288</a><br></details> |
|
||
| kind-of | CVE-2019-20149 | HIGH | 6.0.2 | 6.0.3 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-20149">https://access.redhat.com/security/cve/CVE-2019-20149</a><br><a href="https://github.com/advisories/GHSA-6c8f-qphg-qjgp">https://github.com/advisories/GHSA-6c8f-qphg-qjgp</a><br><a href="https://github.com/jonschlinkert/kind-of/commit/1df992ce6d5a1292048e5fe9c52c5382f941ee0b">https://github.com/jonschlinkert/kind-of/commit/1df992ce6d5a1292048e5fe9c52c5382f941ee0b</a><br><a href="https://github.com/jonschlinkert/kind-of/issues/30">https://github.com/jonschlinkert/kind-of/issues/30</a><br><a href="https://github.com/jonschlinkert/kind-of/pull/31">https://github.com/jonschlinkert/kind-of/pull/31</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-20149">https://nvd.nist.gov/vuln/detail/CVE-2019-20149</a><br><a href="https://snyk.io/vuln/SNYK-JS-KINDOF-537849">https://snyk.io/vuln/SNYK-JS-KINDOF-537849</a><br><a href="https://www.npmjs.com/advisories/1490">https://www.npmjs.com/advisories/1490</a><br></details> |
|
||
| lodash | CVE-2019-10744 | CRITICAL | 3.10.1 | 4.17.12 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3024">https://access.redhat.com/errata/RHSA-2019:3024</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-10744">https://access.redhat.com/security/cve/CVE-2019-10744</a><br><a href="https://github.com/advisories/GHSA-jf85-cpcp-j695">https://github.com/advisories/GHSA-jf85-cpcp-j695</a><br><a href="https://github.com/lodash/lodash/pull/4336">https://github.com/lodash/lodash/pull/4336</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-10744">https://nvd.nist.gov/vuln/detail/CVE-2019-10744</a><br><a href="https://security.netapp.com/advisory/ntap-20191004-0005/">https://security.netapp.com/advisory/ntap-20191004-0005/</a><br><a href="https://snyk.io/vuln/SNYK-JS-LODASH-450202">https://snyk.io/vuln/SNYK-JS-LODASH-450202</a><br><a href="https://support.f5.com/csp/article/K47105354?utm_source=f5support&amp;utm_medium=RSS">https://support.f5.com/csp/article/K47105354?utm_source=f5support&amp;utm_medium=RSS</a><br><a href="https://www.npmjs.com/advisories/1065">https://www.npmjs.com/advisories/1065</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
|
||
| lodash | CVE-2018-16487 | HIGH | 3.10.1 | >=4.17.11 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-16487">https://access.redhat.com/security/cve/CVE-2018-16487</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487</a><br><a href="https://github.com/advisories/GHSA-4xc9-xhrj-v574">https://github.com/advisories/GHSA-4xc9-xhrj-v574</a><br><a href="https://hackerone.com/reports/380873">https://hackerone.com/reports/380873</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-16487">https://nvd.nist.gov/vuln/detail/CVE-2018-16487</a><br><a href="https://security.netapp.com/advisory/ntap-20190919-0004/">https://security.netapp.com/advisory/ntap-20190919-0004/</a><br><a href="https://www.npmjs.com/advisories/782">https://www.npmjs.com/advisories/782</a><br></details> |
|
||
| lodash | CVE-2020-8203 | HIGH | 3.10.1 | 4.17.20 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-8203">https://access.redhat.com/security/cve/CVE-2020-8203</a><br><a href="https://github.com/advisories/GHSA-p6mc-m468-83gw">https://github.com/advisories/GHSA-p6mc-m468-83gw</a><br><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12">https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12</a><br><a href="https://github.com/lodash/lodash/issues/4744">https://github.com/lodash/lodash/issues/4744</a><br><a href="https://github.com/lodash/lodash/issues/4874">https://github.com/lodash/lodash/issues/4874</a><br><a href="https://hackerone.com/reports/712065">https://hackerone.com/reports/712065</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-8203">https://nvd.nist.gov/vuln/detail/CVE-2020-8203</a><br><a href="https://security.netapp.com/advisory/ntap-20200724-0006/">https://security.netapp.com/advisory/ntap-20200724-0006/</a><br><a href="https://www.npmjs.com/advisories/1523">https://www.npmjs.com/advisories/1523</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
|
||
| lodash | CVE-2021-23337 | HIGH | 3.10.1 | 4.17.21 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-23337">https://access.redhat.com/security/cve/CVE-2021-23337</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337</a><br><a href="https://github.com/advisories/GHSA-35jh-r3h4-6jhm">https://github.com/advisories/GHSA-35jh-r3h4-6jhm</a><br><a href="https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851">https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851</a><br><a href="https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851">https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851</a><br><a href="https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c">https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23337">https://nvd.nist.gov/vuln/detail/CVE-2021-23337</a><br><a href="https://security.netapp.com/advisory/ntap-20210312-0006/">https://security.netapp.com/advisory/ntap-20210312-0006/</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932">https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929</a><br><a href="https://snyk.io/vuln/SNYK-JS-LODASH-1040724">https://snyk.io/vuln/SNYK-JS-LODASH-1040724</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
|
||
| lodash | CVE-2019-1010266 | MEDIUM | 3.10.1 | 4.17.11 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-1010266">https://access.redhat.com/security/cve/CVE-2019-1010266</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010266">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010266</a><br><a href="https://github.com/advisories/GHSA-x5rq-j2xg-h7qm">https://github.com/advisories/GHSA-x5rq-j2xg-h7qm</a><br><a href="https://github.com/lodash/lodash/commit/5c08f18d365b64063bfbfa686cbb97cdd6267347">https://github.com/lodash/lodash/commit/5c08f18d365b64063bfbfa686cbb97cdd6267347</a><br><a href="https://github.com/lodash/lodash/issues/3359">https://github.com/lodash/lodash/issues/3359</a><br><a href="https://github.com/lodash/lodash/wiki/Changelog">https://github.com/lodash/lodash/wiki/Changelog</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-1010266">https://nvd.nist.gov/vuln/detail/CVE-2019-1010266</a><br><a href="https://security.netapp.com/advisory/ntap-20190919-0004/">https://security.netapp.com/advisory/ntap-20190919-0004/</a><br><a href="https://snyk.io/vuln/SNYK-JS-LODASH-73639">https://snyk.io/vuln/SNYK-JS-LODASH-73639</a><br></details> |
|
||
| lodash | CVE-2020-28500 | MEDIUM | 3.10.1 | 4.17.21 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-28500">https://access.redhat.com/security/cve/CVE-2020-28500</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500</a><br><a href="https://github.com/advisories/GHSA-29mw-wpgm-hmr9">https://github.com/advisories/GHSA-29mw-wpgm-hmr9</a><br><a href="https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8">https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8</a><br><a href="https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8">https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8</a><br><a href="https://github.com/lodash/lodash/pull/5065">https://github.com/lodash/lodash/pull/5065</a><br><a href="https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7">https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-28500">https://nvd.nist.gov/vuln/detail/CVE-2020-28500</a><br><a href="https://security.netapp.com/advisory/ntap-20210312-0006/">https://security.netapp.com/advisory/ntap-20210312-0006/</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896">https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893</a><br><a href="https://snyk.io/vuln/SNYK-JS-LODASH-1018905">https://snyk.io/vuln/SNYK-JS-LODASH-1018905</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
|
||
| lodash | CVE-2018-3721 | LOW | 3.10.1 | >=4.17.5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-3721">https://access.redhat.com/security/cve/CVE-2018-3721</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721</a><br><a href="https://github.com/advisories/GHSA-fvqr-27wr-82fm">https://github.com/advisories/GHSA-fvqr-27wr-82fm</a><br><a href="https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a">https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a</a><br><a href="https://hackerone.com/reports/310443">https://hackerone.com/reports/310443</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-3721">https://nvd.nist.gov/vuln/detail/CVE-2018-3721</a><br><a href="https://security.netapp.com/advisory/ntap-20190919-0004/">https://security.netapp.com/advisory/ntap-20190919-0004/</a><br><a href="https://snyk.io/vuln/npm:lodash:20180130">https://snyk.io/vuln/npm:lodash:20180130</a><br><a href="https://www.npmjs.com/advisories/577">https://www.npmjs.com/advisories/577</a><br></details> |
|
||
| lodash | CVE-2020-8203 | HIGH | 4.17.15 | 4.17.20 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-8203">https://access.redhat.com/security/cve/CVE-2020-8203</a><br><a href="https://github.com/advisories/GHSA-p6mc-m468-83gw">https://github.com/advisories/GHSA-p6mc-m468-83gw</a><br><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12">https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12</a><br><a href="https://github.com/lodash/lodash/issues/4744">https://github.com/lodash/lodash/issues/4744</a><br><a href="https://github.com/lodash/lodash/issues/4874">https://github.com/lodash/lodash/issues/4874</a><br><a href="https://hackerone.com/reports/712065">https://hackerone.com/reports/712065</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-8203">https://nvd.nist.gov/vuln/detail/CVE-2020-8203</a><br><a href="https://security.netapp.com/advisory/ntap-20200724-0006/">https://security.netapp.com/advisory/ntap-20200724-0006/</a><br><a href="https://www.npmjs.com/advisories/1523">https://www.npmjs.com/advisories/1523</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
|
||
| lodash | CVE-2021-23337 | HIGH | 4.17.15 | 4.17.21 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-23337">https://access.redhat.com/security/cve/CVE-2021-23337</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337</a><br><a href="https://github.com/advisories/GHSA-35jh-r3h4-6jhm">https://github.com/advisories/GHSA-35jh-r3h4-6jhm</a><br><a href="https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851">https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851</a><br><a href="https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851">https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851</a><br><a href="https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c">https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23337">https://nvd.nist.gov/vuln/detail/CVE-2021-23337</a><br><a href="https://security.netapp.com/advisory/ntap-20210312-0006/">https://security.netapp.com/advisory/ntap-20210312-0006/</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932">https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929</a><br><a href="https://snyk.io/vuln/SNYK-JS-LODASH-1040724">https://snyk.io/vuln/SNYK-JS-LODASH-1040724</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
|
||
| lodash | NSWG-ECO-516 | HIGH | 4.17.15 | >=4.17.19 | <details><summary>Expand...</summary><a href="https://github.com/lodash/lodash/pull/4759">https://github.com/lodash/lodash/pull/4759</a><br><a href="https://hackerone.com/reports/712065">https://hackerone.com/reports/712065</a><br><a href="https://www.npmjs.com/advisories/1523">https://www.npmjs.com/advisories/1523</a><br></details> |
|
||
| lodash | CVE-2020-28500 | MEDIUM | 4.17.15 | 4.17.21 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-28500">https://access.redhat.com/security/cve/CVE-2020-28500</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500</a><br><a href="https://github.com/advisories/GHSA-29mw-wpgm-hmr9">https://github.com/advisories/GHSA-29mw-wpgm-hmr9</a><br><a href="https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8">https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8</a><br><a href="https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8">https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8</a><br><a href="https://github.com/lodash/lodash/pull/5065">https://github.com/lodash/lodash/pull/5065</a><br><a href="https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7">https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-28500">https://nvd.nist.gov/vuln/detail/CVE-2020-28500</a><br><a href="https://security.netapp.com/advisory/ntap-20210312-0006/">https://security.netapp.com/advisory/ntap-20210312-0006/</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896">https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893</a><br><a href="https://snyk.io/vuln/SNYK-JS-LODASH-1018905">https://snyk.io/vuln/SNYK-JS-LODASH-1018905</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
|
||
| lodash.template | CVE-2019-10744 | CRITICAL | 3.6.2 | 4.5.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3024">https://access.redhat.com/errata/RHSA-2019:3024</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-10744">https://access.redhat.com/security/cve/CVE-2019-10744</a><br><a href="https://github.com/advisories/GHSA-jf85-cpcp-j695">https://github.com/advisories/GHSA-jf85-cpcp-j695</a><br><a href="https://github.com/lodash/lodash/pull/4336">https://github.com/lodash/lodash/pull/4336</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-10744">https://nvd.nist.gov/vuln/detail/CVE-2019-10744</a><br><a href="https://security.netapp.com/advisory/ntap-20191004-0005/">https://security.netapp.com/advisory/ntap-20191004-0005/</a><br><a href="https://snyk.io/vuln/SNYK-JS-LODASH-450202">https://snyk.io/vuln/SNYK-JS-LODASH-450202</a><br><a href="https://support.f5.com/csp/article/K47105354?utm_source=f5support&amp;utm_medium=RSS">https://support.f5.com/csp/article/K47105354?utm_source=f5support&amp;utm_medium=RSS</a><br><a href="https://www.npmjs.com/advisories/1065">https://www.npmjs.com/advisories/1065</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
|
||
| markdown-it | CVE-2022-21670 | MEDIUM | 4.4.0 | 12.3.2 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-6vfc-qv3f-vr6c">https://github.com/advisories/GHSA-6vfc-qv3f-vr6c</a><br><a href="https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101">https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101</a><br><a href="https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c">https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-21670">https://nvd.nist.gov/vuln/detail/CVE-2022-21670</a><br></details> |
|
||
| marked | CVE-2022-21680 | HIGH | 0.8.0 | 4.0.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-21680">https://access.redhat.com/security/cve/CVE-2022-21680</a><br><a href="https://github.com/advisories/GHSA-rrrm-qjm4-v8hf">https://github.com/advisories/GHSA-rrrm-qjm4-v8hf</a><br><a href="https://github.com/markedjs/marked/commit/c4a3ccd344b6929afa8a1d50ac54a721e57012c0">https://github.com/markedjs/marked/commit/c4a3ccd344b6929afa8a1d50ac54a721e57012c0</a><br><a href="https://github.com/markedjs/marked/releases/tag/v4.0.10">https://github.com/markedjs/marked/releases/tag/v4.0.10</a><br><a href="https://github.com/markedjs/marked/security/advisories/GHSA-rrrm-qjm4-v8hf">https://github.com/markedjs/marked/security/advisories/GHSA-rrrm-qjm4-v8hf</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-21680">https://nvd.nist.gov/vuln/detail/CVE-2022-21680</a><br></details> |
|
||
| marked | CVE-2022-21681 | HIGH | 0.8.0 | 4.0.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-21681">https://access.redhat.com/security/cve/CVE-2022-21681</a><br><a href="https://github.com/advisories/GHSA-5v2h-r2cx-5xgj">https://github.com/advisories/GHSA-5v2h-r2cx-5xgj</a><br><a href="https://github.com/markedjs/marked/commit/8f806573a3f6c6b7a39b8cdb66ab5ebb8d55a5f5">https://github.com/markedjs/marked/commit/8f806573a3f6c6b7a39b8cdb66ab5ebb8d55a5f5</a><br><a href="https://github.com/markedjs/marked/security/advisories/GHSA-5v2h-r2cx-5xgj">https://github.com/markedjs/marked/security/advisories/GHSA-5v2h-r2cx-5xgj</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-21681">https://nvd.nist.gov/vuln/detail/CVE-2022-21681</a><br></details> |
|
||
| md-to-pdf | CVE-2021-23639 | CRITICAL | 3.0.0 | 5.0.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-x949-7cm6-fm6p">https://github.com/advisories/GHSA-x949-7cm6-fm6p</a><br><a href="https://github.com/simonhaenisch/md-to-pdf/commit/a716259c548c82fa1d3b14a3422e9100619d2d8a">https://github.com/simonhaenisch/md-to-pdf/commit/a716259c548c82fa1d3b14a3422e9100619d2d8a</a><br><a href="https://github.com/simonhaenisch/md-to-pdf/issues/99">https://github.com/simonhaenisch/md-to-pdf/issues/99</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23639">https://nvd.nist.gov/vuln/detail/CVE-2021-23639</a><br><a href="https://snyk.io/vuln/SNYK-JS-MDTOPDF-1657880">https://snyk.io/vuln/SNYK-JS-MDTOPDF-1657880</a><br></details> |
|
||
| mime | CVE-2017-16138 | MEDIUM | 1.3.4 | 2.0.3, 1.4.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2017-16138">https://access.redhat.com/security/cve/CVE-2017-16138</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16138">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16138</a><br><a href="https://github.com/advisories/GHSA-wrvr-8mpx-r7pp">https://github.com/advisories/GHSA-wrvr-8mpx-r7pp</a><br><a href="https://github.com/broofa/node-mime/commit/1df903fdeb9ae7eaa048795b8d580ce2c98f40b0 (2.x)">https://github.com/broofa/node-mime/commit/1df903fdeb9ae7eaa048795b8d580ce2c98f40b0 (2.x)</a><br><a href="https://github.com/broofa/node-mime/commit/855d0c4b8b22e4a80b9401a81f2872058eae274d (1.x)">https://github.com/broofa/node-mime/commit/855d0c4b8b22e4a80b9401a81f2872058eae274d (1.x)</a><br><a href="https://github.com/broofa/node-mime/issues/167">https://github.com/broofa/node-mime/issues/167</a><br><a href="https://nodesecurity.io/advisories/535">https://nodesecurity.io/advisories/535</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-16138">https://nvd.nist.gov/vuln/detail/CVE-2017-16138</a><br><a href="https://www.npmjs.com/advisories/535">https://www.npmjs.com/advisories/535</a><br></details> |
|
||
| minimatch | CVE-2016-10540 | HIGH | 2.0.10 | 3.0.2 | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10540">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10540</a><br><a href="https://github.com/advisories/GHSA-hxm2-r34f-qmc5">https://github.com/advisories/GHSA-hxm2-r34f-qmc5</a><br><a href="https://nodesecurity.io/advisories/118">https://nodesecurity.io/advisories/118</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-10540">https://nvd.nist.gov/vuln/detail/CVE-2016-10540</a><br><a href="https://www.npmjs.com/advisories/118">https://www.npmjs.com/advisories/118</a><br></details> |
|
||
| minimatch | NSWG-ECO-118 | HIGH | 2.0.10 | >=3.0.2 | <details><summary>Expand...</summary><a href="https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS">https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS</a><br></details> |
|
||
| minimist | CVE-2021-44906 | CRITICAL | 0.0.8 | 1.2.6 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44906">https://access.redhat.com/security/cve/CVE-2021-44906</a><br><a href="https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip">https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip</a><br><a href="https://github.com/advisories/GHSA-xvch-5gv4-984h">https://github.com/advisories/GHSA-xvch-5gv4-984h</a><br><a href="https://github.com/substack/minimist/blob/master/index.js#L69">https://github.com/substack/minimist/blob/master/index.js#L69</a><br><a href="https://github.com/substack/minimist/issues/164">https://github.com/substack/minimist/issues/164</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-44906">https://nvd.nist.gov/vuln/detail/CVE-2021-44906</a><br><a href="https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764">https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764</a><br><a href="https://snyk.io/vuln/SNYK-JS-MINIMIST-559764">https://snyk.io/vuln/SNYK-JS-MINIMIST-559764</a><br><a href="https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068">https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068</a><br></details> |
|
||
| minimist | CVE-2020-7598 | MEDIUM | 0.0.8 | 1.2.3, 0.2.1 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html">http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-7598">https://access.redhat.com/security/cve/CVE-2020-7598</a><br><a href="https://errata.almalinux.org/8/ALSA-2020-2852.html">https://errata.almalinux.org/8/ALSA-2020-2852.html</a><br><a href="https://github.com/advisories/GHSA-vh95-rmgr-6w4m">https://github.com/advisories/GHSA-vh95-rmgr-6w4m</a><br><a href="https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab">https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab</a><br><a href="https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95">https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95</a><br><a href="https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94">https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94</a><br><a href="https://linux.oracle.com/cve/CVE-2020-7598.html">https://linux.oracle.com/cve/CVE-2020-7598.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-2852.html">https://linux.oracle.com/errata/ELSA-2020-2852.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-7598">https://nvd.nist.gov/vuln/detail/CVE-2020-7598</a><br><a href="https://snyk.io/vuln/SNYK-JS-MINIMIST-559764">https://snyk.io/vuln/SNYK-JS-MINIMIST-559764</a><br><a href="https://www.npmjs.com/advisories/1179">https://www.npmjs.com/advisories/1179</a><br></details> |
|
||
| minimist | CVE-2021-44906 | CRITICAL | 1.2.0 | 1.2.6 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44906">https://access.redhat.com/security/cve/CVE-2021-44906</a><br><a href="https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip">https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip</a><br><a href="https://github.com/advisories/GHSA-xvch-5gv4-984h">https://github.com/advisories/GHSA-xvch-5gv4-984h</a><br><a href="https://github.com/substack/minimist/blob/master/index.js#L69">https://github.com/substack/minimist/blob/master/index.js#L69</a><br><a href="https://github.com/substack/minimist/issues/164">https://github.com/substack/minimist/issues/164</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-44906">https://nvd.nist.gov/vuln/detail/CVE-2021-44906</a><br><a href="https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764">https://security.snyk.io/vuln/SNYK-JS-MINIMIST-559764</a><br><a href="https://snyk.io/vuln/SNYK-JS-MINIMIST-559764">https://snyk.io/vuln/SNYK-JS-MINIMIST-559764</a><br><a href="https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068">https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068</a><br></details> |
|
||
| minimist | CVE-2020-7598 | MEDIUM | 1.2.0 | 1.2.3, 0.2.1 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html">http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-7598">https://access.redhat.com/security/cve/CVE-2020-7598</a><br><a href="https://errata.almalinux.org/8/ALSA-2020-2852.html">https://errata.almalinux.org/8/ALSA-2020-2852.html</a><br><a href="https://github.com/advisories/GHSA-vh95-rmgr-6w4m">https://github.com/advisories/GHSA-vh95-rmgr-6w4m</a><br><a href="https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab">https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab</a><br><a href="https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95">https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95</a><br><a href="https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94">https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94</a><br><a href="https://linux.oracle.com/cve/CVE-2020-7598.html">https://linux.oracle.com/cve/CVE-2020-7598.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-2852.html">https://linux.oracle.com/errata/ELSA-2020-2852.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-7598">https://nvd.nist.gov/vuln/detail/CVE-2020-7598</a><br><a href="https://snyk.io/vuln/SNYK-JS-MINIMIST-559764">https://snyk.io/vuln/SNYK-JS-MINIMIST-559764</a><br><a href="https://www.npmjs.com/advisories/1179">https://www.npmjs.com/advisories/1179</a><br></details> |
|
||
| node-fetch | CVE-2022-0235 | HIGH | 1.7.3 | 2.6.7, 3.1.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0235">https://access.redhat.com/security/cve/CVE-2022-0235</a><br><a href="https://github.com/advisories/GHSA-r683-j2x4-v87g">https://github.com/advisories/GHSA-r683-j2x4-v87g</a><br><a href="https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10">https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10</a><br><a href="https://github.com/node-fetch/node-fetch/commit/5c32f002fdd65b1c6a8f1e3620210813d45c7e60">https://github.com/node-fetch/node-fetch/commit/5c32f002fdd65b1c6a8f1e3620210813d45c7e60</a><br><a href="https://github.com/node-fetch/node-fetch/pull/1453">https://github.com/node-fetch/node-fetch/pull/1453</a><br><a href="https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7">https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7</a><br><a href="https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/">https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0235">https://nvd.nist.gov/vuln/detail/CVE-2022-0235</a><br></details> |
|
||
| node-fetch | CVE-2020-15168 | LOW | 1.7.3 | 3.0.0-beta.9, 2.6.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-15168">https://access.redhat.com/security/cve/CVE-2020-15168</a><br><a href="https://github.com/advisories/GHSA-w7rc-rwvf-8q5r">https://github.com/advisories/GHSA-w7rc-rwvf-8q5r</a><br><a href="https://github.com/node-fetch/node-fetch/security/advisories/GHSA-w7rc-rwvf-8q5r">https://github.com/node-fetch/node-fetch/security/advisories/GHSA-w7rc-rwvf-8q5r</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-15168">https://nvd.nist.gov/vuln/detail/CVE-2020-15168</a><br><a href="https://www.npmjs.com/package/node-fetch">https://www.npmjs.com/package/node-fetch</a><br></details> |
|
||
| node-forge | CVE-2020-7720 | HIGH | 0.7.6 | 0.10.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-7720">https://access.redhat.com/security/cve/CVE-2020-7720</a><br><a href="https://github.com/advisories/GHSA-92xj-mqp7-vmcj">https://github.com/advisories/GHSA-92xj-mqp7-vmcj</a><br><a href="https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md">https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md</a><br><a href="https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md#removed">https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md#removed</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-7720">https://nvd.nist.gov/vuln/detail/CVE-2020-7720</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-609293">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-609293</a><br><a href="https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677">https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677</a><br></details> |
|
||
| node-forge | CVE-2022-24771 | HIGH | 0.7.6 | 1.3.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-24771">https://access.redhat.com/security/cve/CVE-2022-24771</a><br><a href="https://github.com/advisories/GHSA-cfm4-qjh2-4765">https://github.com/advisories/GHSA-cfm4-qjh2-4765</a><br><a href="https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1">https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1</a><br><a href="https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2">https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2</a><br><a href="https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765">https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-24771">https://nvd.nist.gov/vuln/detail/CVE-2022-24771</a><br></details> |
|
||
| node-forge | CVE-2022-24772 | HIGH | 0.7.6 | 1.3.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-24772">https://access.redhat.com/security/cve/CVE-2022-24772</a><br><a href="https://github.com/advisories/GHSA-x4jg-mjrx-434g">https://github.com/advisories/GHSA-x4jg-mjrx-434g</a><br><a href="https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1">https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1</a><br><a href="https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2">https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2</a><br><a href="https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g">https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-24772">https://nvd.nist.gov/vuln/detail/CVE-2022-24772</a><br></details> |
|
||
| node-forge | CVE-2022-0122 | MEDIUM | 0.7.6 | 1.0.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-8fr3-hfg3-gpgp">https://github.com/advisories/GHSA-8fr3-hfg3-gpgp</a><br><a href="https://github.com/digitalbazaar/forge/commit/db8016c805371e72b06d8e2edfe0ace0df934a5e">https://github.com/digitalbazaar/forge/commit/db8016c805371e72b06d8e2edfe0ace0df934a5e</a><br><a href="https://huntr.dev/bounties/41852c50-3c6d-4703-8c55-4db27164a4ae">https://huntr.dev/bounties/41852c50-3c6d-4703-8c55-4db27164a4ae</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0122">https://nvd.nist.gov/vuln/detail/CVE-2022-0122</a><br></details> |
|
||
| node-forge | CVE-2022-24773 | MEDIUM | 0.7.6 | 1.3.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-24773">https://access.redhat.com/security/cve/CVE-2022-24773</a><br><a href="https://github.com/advisories/GHSA-2r2c-g63r-vccr">https://github.com/advisories/GHSA-2r2c-g63r-vccr</a><br><a href="https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1">https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1</a><br><a href="https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2">https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2</a><br><a href="https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr">https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-24773">https://nvd.nist.gov/vuln/detail/CVE-2022-24773</a><br></details> |
|
||
| node-forge | GHSA-5rrq-pxf6-6jx5 | LOW | 0.7.6 | 1.0.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-5rrq-pxf6-6jx5">https://github.com/advisories/GHSA-5rrq-pxf6-6jx5</a><br><a href="https://github.com/digitalbazaar/forge/security/advisories/GHSA-5rrq-pxf6-6jx5">https://github.com/digitalbazaar/forge/security/advisories/GHSA-5rrq-pxf6-6jx5</a><br></details> |
|
||
| node-forge | GHSA-gf8q-jrpm-jvxq | LOW | 0.7.6 | 1.0.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-gf8q-jrpm-jvxq">https://github.com/advisories/GHSA-gf8q-jrpm-jvxq</a><br><a href="https://github.com/digitalbazaar/forge/security/advisories/GHSA-gf8q-jrpm-jvxq">https://github.com/digitalbazaar/forge/security/advisories/GHSA-gf8q-jrpm-jvxq</a><br></details> |
|
||
| node-forge | GHSA-wxgw-qj99-44c2 | LOW | 0.7.6 | 0.10.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-wxgw-qj99-44c2">https://github.com/advisories/GHSA-wxgw-qj99-44c2</a><br><a href="https://github.com/digitalbazaar/forge/security/advisories/GHSA-wxgw-qj99-44c2">https://github.com/digitalbazaar/forge/security/advisories/GHSA-wxgw-qj99-44c2</a><br></details> |
|
||
| nth-check | CVE-2021-3803 | MEDIUM | 1.0.2 | 2.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3803">https://access.redhat.com/security/cve/CVE-2021-3803</a><br><a href="https://github.com/advisories/GHSA-rp65-9cf3-cjxr">https://github.com/advisories/GHSA-rp65-9cf3-cjxr</a><br><a href="https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726">https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726</a><br><a href="https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0">https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-3803">https://nvd.nist.gov/vuln/detail/CVE-2021-3803</a><br></details> |
|
||
| parse-link-header | CVE-2021-23490 | HIGH | 0.4.1 | 2.0.0 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-q674-xm3x-2926">https://github.com/advisories/GHSA-q674-xm3x-2926</a><br><a href="https://github.com/thlorenz/parse-link-header/commit/72f05c717b3f129c5331a07bf300ed8886eb8ae1">https://github.com/thlorenz/parse-link-header/commit/72f05c717b3f129c5331a07bf300ed8886eb8ae1</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23490">https://nvd.nist.gov/vuln/detail/CVE-2021-23490</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2321973">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2321973</a><br><a href="https://snyk.io/vuln/SNYK-JS-PARSELINKHEADER-1582783">https://snyk.io/vuln/SNYK-JS-PARSELINKHEADER-1582783</a><br></details> |
|
||
| path-parse | CVE-2021-23343 | MEDIUM | 1.0.6 | 1.0.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-23343">https://access.redhat.com/security/cve/CVE-2021-23343</a><br><a href="https://errata.almalinux.org/8/ALSA-2021-3666.html">https://errata.almalinux.org/8/ALSA-2021-3666.html</a><br><a href="https://github.com/advisories/GHSA-hj48-42vr-x3v9">https://github.com/advisories/GHSA-hj48-42vr-x3v9</a><br><a href="https://github.com/jbgutierrez/path-parse/commit/eca63a7b9a473bf6978a2f5b7b3343662d1506f7">https://github.com/jbgutierrez/path-parse/commit/eca63a7b9a473bf6978a2f5b7b3343662d1506f7</a><br><a href="https://github.com/jbgutierrez/path-parse/issues/8">https://github.com/jbgutierrez/path-parse/issues/8</a><br><a href="https://github.com/jbgutierrez/path-parse/pull/10">https://github.com/jbgutierrez/path-parse/pull/10</a><br><a href="https://linux.oracle.com/cve/CVE-2021-23343.html">https://linux.oracle.com/cve/CVE-2021-23343.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-3666.html">https://linux.oracle.com/errata/ELSA-2021-3666.html</a><br><a href="https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85@%3Cdev.myfaces.apache.org%3E">https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85@%3Cdev.myfaces.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23343">https://nvd.nist.gov/vuln/detail/CVE-2021-23343</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028</a><br><a href="https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067">https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067</a><br></details> |
|
||
| postcss | CVE-2021-23382 | MEDIUM | 5.0.21 | 7.0.36, 8.2.13 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-23382">https://access.redhat.com/security/cve/CVE-2021-23382</a><br><a href="https://github.com/advisories/GHSA-566m-qj78-rww5">https://github.com/advisories/GHSA-566m-qj78-rww5</a><br><a href="https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956">https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956</a><br><a href="https://github.com/postcss/postcss/releases/tag/7.0.36">https://github.com/postcss/postcss/releases/tag/7.0.36</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23382">https://nvd.nist.gov/vuln/detail/CVE-2021-23382</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641</a><br><a href="https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640">https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640</a><br></details> |
|
||
| qs | CVE-2017-1000048 | HIGH | 5.2.1 | 6.3.2, 6.2.3, 6.1.2, 6.0.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2017:2672">https://access.redhat.com/errata/RHSA-2017:2672</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-1000048">https://access.redhat.com/security/cve/CVE-2017-1000048</a><br><a href="https://github.com/advisories/GHSA-gqgv-6jq5-jjj9">https://github.com/advisories/GHSA-gqgv-6jq5-jjj9</a><br><a href="https://github.com/ljharb/qs/commit/beade029171b8cef9cee0d03ebe577e2dd84976d">https://github.com/ljharb/qs/commit/beade029171b8cef9cee0d03ebe577e2dd84976d</a><br><a href="https://github.com/ljharb/qs/issues/200">https://github.com/ljharb/qs/issues/200</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-1000048">https://nvd.nist.gov/vuln/detail/CVE-2017-1000048</a><br><a href="https://snyk.io/vuln/npm:qs:20170213">https://snyk.io/vuln/npm:qs:20170213</a><br><a href="https://www.npmjs.com/advisories/1469">https://www.npmjs.com/advisories/1469</a><br></details> |
|
||
| request | CVE-2017-16026 | MEDIUM | 2.65.0 | 2.68.0, 2.68.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2017-16026">https://access.redhat.com/security/cve/CVE-2017-16026</a><br><a href="https://github.com/advisories/GHSA-7xfp-9c55-5vqj">https://github.com/advisories/GHSA-7xfp-9c55-5vqj</a><br><a href="https://github.com/request/request/issues/1904">https://github.com/request/request/issues/1904</a><br><a href="https://github.com/request/request/pull/2018">https://github.com/request/request/pull/2018</a><br><a href="https://nodesecurity.io/advisories/309">https://nodesecurity.io/advisories/309</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-16026">https://nvd.nist.gov/vuln/detail/CVE-2017-16026</a><br><a href="https://www.npmjs.com/advisories/309">https://www.npmjs.com/advisories/309</a><br></details> |
|
||
| request | NSWG-ECO-309 | MEDIUM | 2.65.0 | >=2.68.0 | <details><summary>Expand...</summary><a href="https://github.com/request/request/issues/1904">https://github.com/request/request/issues/1904</a><br><a href="https://github.com/request/request/pull/2018">https://github.com/request/request/pull/2018</a><br></details> |
|
||
| set-getter | CVE-2021-25949 | CRITICAL | 0.1.0 | 0.1.1 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-jv35-xqg7-f92r">https://github.com/advisories/GHSA-jv35-xqg7-f92r</a><br><a href="https://github.com/doowb/set-getter/blob/5bc2750fe1c3db9651d936131be187744111378d/index.js#L56">https://github.com/doowb/set-getter/blob/5bc2750fe1c3db9651d936131be187744111378d/index.js#L56</a><br><a href="https://github.com/doowb/set-getter/commit/66eb3f0d4686a4a8c7c3d6f7ecd8e570b580edc4">https://github.com/doowb/set-getter/commit/66eb3f0d4686a4a8c7c3d6f7ecd8e570b580edc4</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-25949">https://nvd.nist.gov/vuln/detail/CVE-2021-25949</a><br><a href="https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25949">https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25949</a><br></details> |
|
||
| tough-cookie | CVE-2016-1000232 | HIGH | 2.2.2 | >=2.3.0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2016:2101">https://access.redhat.com/errata/RHSA-2016:2101</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2912">https://access.redhat.com/errata/RHSA-2017:2912</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-1000232">https://access.redhat.com/security/cve/CVE-2016-1000232</a><br><a href="https://access.redhat.com/security/cve/cve-2016-1000232">https://access.redhat.com/security/cve/cve-2016-1000232</a><br><a href="https://github.com/advisories/GHSA-qhv9-728r-6jqg">https://github.com/advisories/GHSA-qhv9-728r-6jqg</a><br><a href="https://github.com/salesforce/tough-cookie/commit/615627206357d997d5e6ff9da158997de05235ae">https://github.com/salesforce/tough-cookie/commit/615627206357d997d5e6ff9da158997de05235ae</a><br><a href="https://github.com/salesforce/tough-cookie/commit/e4fc2e0f9ee1b7a818d68f0ac7ea696f377b1534">https://github.com/salesforce/tough-cookie/commit/e4fc2e0f9ee1b7a818d68f0ac7ea696f377b1534</a><br><a href="https://nodesecurity.io/advisories/130">https://nodesecurity.io/advisories/130</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-1000232">https://nvd.nist.gov/vuln/detail/CVE-2016-1000232</a><br><a href="https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-api-connect-is-affected-by-node-js-tough-cookie-module-vulnerability-to-a-denial-of-service-cve-2016-1000232/">https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-api-connect-is-affected-by-node-js-tough-cookie-module-vulnerability-to-a-denial-of-service-cve-2016-1000232/</a><br><a href="https://www.npmjs.com/advisories/130">https://www.npmjs.com/advisories/130</a><br></details> |
|
||
| tough-cookie | CVE-2017-15010 | HIGH | 2.2.2 | 2.3.3 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/101185">http://www.securityfocus.com/bid/101185</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2912">https://access.redhat.com/errata/RHSA-2017:2912</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2913">https://access.redhat.com/errata/RHSA-2017:2913</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1263">https://access.redhat.com/errata/RHSA-2018:1263</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1264">https://access.redhat.com/errata/RHSA-2018:1264</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-15010">https://access.redhat.com/security/cve/CVE-2017-15010</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15010</a><br><a href="https://github.com/advisories/GHSA-g7q5-pjjr-gqvp">https://github.com/advisories/GHSA-g7q5-pjjr-gqvp</a><br><a href="https://github.com/salesforce/tough-cookie/issues/92">https://github.com/salesforce/tough-cookie/issues/92</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6VEBDTGNHVM677SLZDEHMWOP3ISMZSFT/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6VEBDTGNHVM677SLZDEHMWOP3ISMZSFT/</a><br><a href="https://nodesecurity.io/advisories/525">https://nodesecurity.io/advisories/525</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-15010">https://nvd.nist.gov/vuln/detail/CVE-2017-15010</a><br><a href="https://snyk.io/vuln/npm:tough-cookie:20170905">https://snyk.io/vuln/npm:tough-cookie:20170905</a><br><a href="https://www.npmjs.com/advisories/525">https://www.npmjs.com/advisories/525</a><br></details> |
|
||
| tunnel-agent | GHSA-xc7v-wxcw-j472 | MEDIUM | 0.4.3 | 0.6.0 | <details><summary>Expand...</summary><a href="https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4">https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4</a><br><a href="https://github.com/advisories/GHSA-xc7v-wxcw-j472">https://github.com/advisories/GHSA-xc7v-wxcw-j472</a><br><a href="https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0">https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0</a><br><a href="https://www.npmjs.com/advisories/598">https://www.npmjs.com/advisories/598</a><br></details> |
|
||
| tunnel-agent | NSWG-ECO-393 | MEDIUM | 0.4.3 | >=0.6.0 | <details><summary>Expand...</summary><a href="https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4">https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4</a><br><a href="https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0">https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0</a><br></details> |
|
||
| underscore | CVE-2021-23358 | HIGH | 1.9.1 | 1.12.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-23358">https://access.redhat.com/security/cve/CVE-2021-23358</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358</a><br><a href="https://github.com/advisories/GHSA-cf4h-3jhx-xvhq">https://github.com/advisories/GHSA-cf4h-3jhx-xvhq</a><br><a href="https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71">https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71</a><br><a href="https://github.com/jashkenas/underscore/commit/4c73526d43838ad6ab43a6134728776632adeb66">https://github.com/jashkenas/underscore/commit/4c73526d43838ad6ab43a6134728776632adeb66</a><br><a href="https://github.com/jashkenas/underscore/pull/2917">https://github.com/jashkenas/underscore/pull/2917</a><br><a href="https://github.com/jashkenas/underscore/releases/tag/1.12.1">https://github.com/jashkenas/underscore/releases/tag/1.12.1</a><br><a href="https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E">https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E">https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E">https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E">https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E">https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html">https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23358">https://nvd.nist.gov/vuln/detail/CVE-2021-23358</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503</a><br><a href="https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984">https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984</a><br><a href="https://ubuntu.com/security/notices/USN-4913-1">https://ubuntu.com/security/notices/USN-4913-1</a><br><a href="https://ubuntu.com/security/notices/USN-4913-2">https://ubuntu.com/security/notices/USN-4913-2</a><br><a href="https://www.debian.org/security/2021/dsa-4883">https://www.debian.org/security/2021/dsa-4883</a><br><a href="https://www.npmjs.com/package/underscore">https://www.npmjs.com/package/underscore</a><br><a href="https://www.tenable.com/security/tns-2021-14">https://www.tenable.com/security/tns-2021-14</a><br></details> |
|
||
| ws | CVE-2021-32640 | MEDIUM | 6.1.4 | 5.2.3, 6.2.2, 7.4.6 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-32640">https://access.redhat.com/security/cve/CVE-2021-32640</a><br><a href="https://github.com/advisories/GHSA-6fc8-4gx4-v693">https://github.com/advisories/GHSA-6fc8-4gx4-v693</a><br><a href="https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff">https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff</a><br><a href="https://github.com/websockets/ws/issues/1895">https://github.com/websockets/ws/issues/1895</a><br><a href="https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693">https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693</a><br><a href="https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-32640">https://nvd.nist.gov/vuln/detail/CVE-2021-32640</a><br></details> |
|
||
| y18n | CVE-2020-7774 | HIGH | 3.2.1 | 5.0.5, 4.0.1, 3.2.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-7774">https://access.redhat.com/security/cve/CVE-2020-7774</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf</a><br><a href="https://errata.almalinux.org/8/ALSA-2021-0551.html">https://errata.almalinux.org/8/ALSA-2021-0551.html</a><br><a href="https://github.com/advisories/GHSA-c4w7-xm78-47vh">https://github.com/advisories/GHSA-c4w7-xm78-47vh</a><br><a href="https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25">https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25</a><br><a href="https://github.com/yargs/y18n/issues/96">https://github.com/yargs/y18n/issues/96</a><br><a href="https://github.com/yargs/y18n/pull/108">https://github.com/yargs/y18n/pull/108</a><br><a href="https://linux.oracle.com/cve/CVE-2020-7774.html">https://linux.oracle.com/cve/CVE-2020-7774.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-0551.html">https://linux.oracle.com/errata/ELSA-2021-0551.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-7774">https://nvd.nist.gov/vuln/detail/CVE-2020-7774</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306">https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306</a><br><a href="https://snyk.io/vuln/SNYK-JS-Y18N-1021887">https://snyk.io/vuln/SNYK-JS-Y18N-1021887</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br></details> |
|
||
| yargs-parser | CVE-2020-7608 | MEDIUM | 4.2.1 | 5.0.1, 13.1.2, 18.1.2, 15.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-7608">https://access.redhat.com/security/cve/CVE-2020-7608</a><br><a href="https://errata.almalinux.org/8/ALSA-2021-0548.html">https://errata.almalinux.org/8/ALSA-2021-0548.html</a><br><a href="https://github.com/advisories/GHSA-p9pc-299p-vxgp">https://github.com/advisories/GHSA-p9pc-299p-vxgp</a><br><a href="https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2">https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2</a><br><a href="https://linux.oracle.com/cve/CVE-2020-7608.html">https://linux.oracle.com/cve/CVE-2020-7608.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-0548.html">https://linux.oracle.com/errata/ELSA-2021-0548.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-7608">https://nvd.nist.gov/vuln/detail/CVE-2020-7608</a><br><a href="https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381">https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381</a><br><a href="https://www.npmjs.com/advisories/1500">https://www.npmjs.com/advisories/1500</a><br></details> |
|