catalog/stable/fileflows/2.0.6/security.md

141 lines
108 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
hide:
- toc
---
# Security Overview
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
## Helm-Chart
##### Scan Results
#### Chart Object: fileflows/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;RELEASE-NAME-fileflows&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;RELEASE-NAME-fileflows&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;RELEASE-NAME-fileflows&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;securityContext.privileged&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv017">https://avd.aquasec.com/appshield/ksv017</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-fileflows&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-fileflows&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> Deployment &#39;RELEASE-NAME-fileflows&#39; should set &#39;spec.securityContext.runAsGroup&#39;, &#39;spec.securityContext.supplementalGroups[*]&#39; and &#39;spec.securityContext.fsGroup&#39; to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/fileflows:v0.8.0@sha256:d19766fc9221f31882ef911aa729ed4aa437447bd6044aaa9d557cf80245d505
##### Scan Results
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| curl | CVE-2022-22576 | HIGH | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://hackerone.com/reports/1526328">https://hackerone.com/reports/1526328</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22576">https://nvd.nist.gov/vuln/detail/CVE-2022-22576</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27775 | HIGH | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://hackerone.com/reports/1546268">https://hackerone.com/reports/1546268</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27775">https://nvd.nist.gov/vuln/detail/CVE-2022-27775</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://hackerone.com/reports/1543773">https://hackerone.com/reports/1543773</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| curl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://hackerone.com/reports/1547048">https://hackerone.com/reports/1547048</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-22576 | HIGH | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-22576">https://access.redhat.com/security/cve/CVE-2022-22576</a><br><a href="https://curl.se/docs/CVE-2022-22576.html">https://curl.se/docs/CVE-2022-22576.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576</a><br><a href="https://hackerone.com/reports/1526328">https://hackerone.com/reports/1526328</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22576">https://nvd.nist.gov/vuln/detail/CVE-2022-22576</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27775 | HIGH | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27775">https://access.redhat.com/security/cve/CVE-2022-27775</a><br><a href="https://curl.se/docs/CVE-2022-27775.html">https://curl.se/docs/CVE-2022-27775.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775</a><br><a href="https://hackerone.com/reports/1546268">https://hackerone.com/reports/1546268</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27775">https://nvd.nist.gov/vuln/detail/CVE-2022-27775</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27774 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27774">https://access.redhat.com/security/cve/CVE-2022-27774</a><br><a href="https://curl.se/docs/CVE-2022-27774.html">https://curl.se/docs/CVE-2022-27774.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774</a><br><a href="https://hackerone.com/reports/1543773">https://hackerone.com/reports/1543773</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| libcurl | CVE-2022-27776 | MEDIUM | 7.80.0-r0 | 7.80.0-r1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27776">https://access.redhat.com/security/cve/CVE-2022-27776</a><br><a href="https://curl.se/docs/CVE-2022-27776.html">https://curl.se/docs/CVE-2022-27776.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776</a><br><a href="https://hackerone.com/reports/1547048">https://hackerone.com/reports/1547048</a><br><a href="https://security.netapp.com/advisory/ntap-20220609-0008/">https://security.netapp.com/advisory/ntap-20220609-0008/</a><br><a href="https://ubuntu.com/security/notices/USN-5397-1">https://ubuntu.com/security/notices/USN-5397-1</a><br></details> |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-28391">https://access.redhat.com/security/cve/CVE-2022-28391</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/May/33">http://seclists.org/fulldisclosure/2022/May/33</a><br><a href="http://seclists.org/fulldisclosure/2022/May/35">http://seclists.org/fulldisclosure/2022/May/35</a><br><a href="http://seclists.org/fulldisclosure/2022/May/38">http://seclists.org/fulldisclosure/2022/May/38</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-2201.html">https://errata.almalinux.org/8/ALSA-2022-2201.html</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://linux.oracle.com/cve/CVE-2018-25032.html">https://linux.oracle.com/cve/CVE-2018-25032.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-2213.html">https://linux.oracle.com/errata/ELSA-2022-2213.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html">https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://security.netapp.com/advisory/ntap-20220526-0009/">https://security.netapp.com/advisory/ntap-20220526-0009/</a><br><a href="https://support.apple.com/kb/HT213255">https://support.apple.com/kb/HT213255</a><br><a href="https://support.apple.com/kb/HT213256">https://support.apple.com/kb/HT213256</a><br><a href="https://support.apple.com/kb/HT213257">https://support.apple.com/kb/HT213257</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://ubuntu.com/security/notices/USN-5359-2">https://ubuntu.com/security/notices/USN-5359-2</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
#### Container: tccr.io/truecharts/fileflows:v0.8.0@sha256:d19766fc9221f31882ef911aa729ed4aa437447bd6044aaa9d557cf80245d505 (ubuntu 22.04)
**ubuntu**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| coreutils | CVE-2016-2781 | LOW | 8.32-4.1ubuntu1 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2016/q1/452">http://seclists.org/oss-sec/2016/q1/452</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/28/2">http://www.openwall.com/lists/oss-security/2016/02/28/2</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/28/3">http://www.openwall.com/lists/oss-security/2016/02/28/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-2781">https://access.redhat.com/security/cve/CVE-2016-2781</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://lore.kernel.org/patchwork/patch/793178/">https://lore.kernel.org/patchwork/patch/793178/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-2781">https://nvd.nist.gov/vuln/detail/CVE-2016-2781</a><br></details> |
| git | CVE-2018-1000021 | LOW | 1:2.34.1-1ubuntu1.2 | | <details><summary>Expand...</summary><a href="http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html">http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1000021">https://access.redhat.com/security/cve/CVE-2018-1000021</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021</a><br></details> |
| git-man | CVE-2018-1000021 | LOW | 1:2.34.1-1ubuntu1.2 | | <details><summary>Expand...</summary><a href="http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html">http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1000021">https://access.redhat.com/security/cve/CVE-2018-1000021</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021</a><br></details> |
| libapparmor1 | CVE-2016-1585 | MEDIUM | 3.0.4-2ubuntu2 | | <details><summary>Expand...</summary><a href="https://bugs.launchpad.net/apparmor/+bug/1597017">https://bugs.launchpad.net/apparmor/+bug/1597017</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1585">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1585</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-1585">https://nvd.nist.gov/vuln/detail/CVE-2016-1585</a><br></details> |
| libc-bin | CVE-2016-20013 | LOW | 2.35-0ubuntu3 | | <details><summary>Expand...</summary><a href="https://akkadia.org/drepper/SHA-crypt.txt">https://akkadia.org/drepper/SHA-crypt.txt</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-20013">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-20013</a><br><a href="https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/">https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/</a><br><a href="https://twitter.com/solardiz/status/795601240151457793">https://twitter.com/solardiz/status/795601240151457793</a><br></details> |
| libc6 | CVE-2016-20013 | LOW | 2.35-0ubuntu3 | | <details><summary>Expand...</summary><a href="https://akkadia.org/drepper/SHA-crypt.txt">https://akkadia.org/drepper/SHA-crypt.txt</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-20013">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-20013</a><br><a href="https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/">https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/</a><br><a href="https://twitter.com/solardiz/status/795601240151457793">https://twitter.com/solardiz/status/795601240151457793</a><br></details> |
| libcairo-gobject2 | CVE-2017-7475 | LOW | 1.16.0-5ubuntu2 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2017/q2/151">http://seclists.org/oss-sec/2017/q2/151</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-7475">https://access.redhat.com/security/cve/CVE-2017-7475</a><br><a href="https://bugs.freedesktop.org/show_bug.cgi?id=100763">https://bugs.freedesktop.org/show_bug.cgi?id=100763</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475</a><br><a href="https://github.com/advisories/GHSA-5v3f-73gv-x7x5">https://github.com/advisories/GHSA-5v3f-73gv-x7x5</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-7475">https://nvd.nist.gov/vuln/detail/CVE-2017-7475</a><br></details> |
| libcairo-gobject2 | CVE-2018-18064 | LOW | 1.16.0-5ubuntu2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-18064">https://access.redhat.com/security/cve/CVE-2018-18064</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064</a><br><a href="https://gitlab.freedesktop.org/cairo/cairo/issues/341">https://gitlab.freedesktop.org/cairo/cairo/issues/341</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libcairo-gobject2 | CVE-2019-6461 | LOW | 1.16.0-5ubuntu2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-6461">https://access.redhat.com/security/cve/CVE-2019-6461</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461</a><br><a href="https://github.com/TeamSeri0us/pocs/tree/master/gerbv">https://github.com/TeamSeri0us/pocs/tree/master/gerbv</a><br><a href="https://gitlab.freedesktop.org/cairo/cairo/issues/352">https://gitlab.freedesktop.org/cairo/cairo/issues/352</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-6461">https://nvd.nist.gov/vuln/detail/CVE-2019-6461</a><br></details> |
| libcairo2 | CVE-2017-7475 | LOW | 1.16.0-5ubuntu2 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2017/q2/151">http://seclists.org/oss-sec/2017/q2/151</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-7475">https://access.redhat.com/security/cve/CVE-2017-7475</a><br><a href="https://bugs.freedesktop.org/show_bug.cgi?id=100763">https://bugs.freedesktop.org/show_bug.cgi?id=100763</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475</a><br><a href="https://github.com/advisories/GHSA-5v3f-73gv-x7x5">https://github.com/advisories/GHSA-5v3f-73gv-x7x5</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-7475">https://nvd.nist.gov/vuln/detail/CVE-2017-7475</a><br></details> |
| libcairo2 | CVE-2018-18064 | LOW | 1.16.0-5ubuntu2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-18064">https://access.redhat.com/security/cve/CVE-2018-18064</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064</a><br><a href="https://gitlab.freedesktop.org/cairo/cairo/issues/341">https://gitlab.freedesktop.org/cairo/cairo/issues/341</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libcairo2 | CVE-2019-6461 | LOW | 1.16.0-5ubuntu2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-6461">https://access.redhat.com/security/cve/CVE-2019-6461</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6461</a><br><a href="https://github.com/TeamSeri0us/pocs/tree/master/gerbv">https://github.com/TeamSeri0us/pocs/tree/master/gerbv</a><br><a href="https://gitlab.freedesktop.org/cairo/cairo/issues/352">https://gitlab.freedesktop.org/cairo/cairo/issues/352</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-6461">https://nvd.nist.gov/vuln/detail/CVE-2019-6461</a><br></details> |
| libflac8 | CVE-2020-0499 | LOW | 1.3.3-2build2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-0499">https://access.redhat.com/security/cve/CVE-2020-0499</a><br><a href="https://android.googlesource.com/platform/external/flac/+/029048f823ced50f63a92e25073427ec3a9bd909%5E%21/#F0">https://android.googlesource.com/platform/external/flac/+/029048f823ced50f63a92e25073427ec3a9bd909%5E%21/#F0</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0499">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0499</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/01/msg00001.html">https://lists.debian.org/debian-lts-announce/2021/01/msg00001.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33W6XZAAEJYRGU3XYHRO7XSYEA7YACUB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33W6XZAAEJYRGU3XYHRO7XSYEA7YACUB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNZYTAU5UWBVXVJ4VHDWPR66ZVDLQZRE/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNZYTAU5UWBVXVJ4VHDWPR66ZVDLQZRE/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPA5GAEKPXKAHGHHBI4X7AFNI4BMOVG3/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPA5GAEKPXKAHGHHBI4X7AFNI4BMOVG3/</a><br><a href="https://source.android.com/security/bulletin/pixel/2020-12-01">https://source.android.com/security/bulletin/pixel/2020-12-01</a><br></details> |
| libfreetype6 | CVE-2022-27404 | MEDIUM | 2.11.1+dfsg-1build1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-27404">https://access.redhat.com/security/cve/CVE-2022-27404</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27404</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db">https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138">https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27404">https://nvd.nist.gov/vuln/detail/CVE-2022-27404</a><br></details> |
| libfreetype6 | CVE-2022-27405 | LOW | 2.11.1+dfsg-1build1 | | <details><summary>Expand...</summary><a href="http://freetype.com">http://freetype.com</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-27405">https://access.redhat.com/security/cve/CVE-2022-27405</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27405</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5">https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139">https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27405">https://nvd.nist.gov/vuln/detail/CVE-2022-27405</a><br></details> |
| libfreetype6 | CVE-2022-27406 | LOW | 2.11.1+dfsg-1build1 | | <details><summary>Expand...</summary><a href="http://freetype.com">http://freetype.com</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-27406">https://access.redhat.com/security/cve/CVE-2022-27406</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27406</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2">https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2</a><br><a href="https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140">https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-27406">https://nvd.nist.gov/vuln/detail/CVE-2022-27406</a><br><a href="https://ubuntu.com/security/notices/USN-5453-1">https://ubuntu.com/security/notices/USN-5453-1</a><br></details> |
| libgdk-pixbuf-2.0-0 | CVE-2021-44648 | MEDIUM | 2.42.8+dfsg-1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44648">https://access.redhat.com/security/cve/CVE-2021-44648</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648</a><br><a href="https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136">https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/</a><br><a href="https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/">https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/</a><br></details> |
| libgdk-pixbuf2.0-bin | CVE-2021-44648 | MEDIUM | 2.42.8+dfsg-1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44648">https://access.redhat.com/security/cve/CVE-2021-44648</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648</a><br><a href="https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136">https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/</a><br><a href="https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/">https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/</a><br></details> |
| libgdk-pixbuf2.0-common | CVE-2021-44648 | MEDIUM | 2.42.8+dfsg-1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-44648">https://access.redhat.com/security/cve/CVE-2021-44648</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648</a><br><a href="https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136">https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/</a><br><a href="https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/">https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/</a><br></details> |
| libgmp10 | CVE-2021-43618 | LOW | 2:6.2.1+dfsg-3ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-43618">https://access.redhat.com/security/cve/CVE-2021-43618</a><br><a href="https://bugs.debian.org/994405">https://bugs.debian.org/994405</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618</a><br><a href="https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html">https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html</a><br><a href="https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e">https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-43618">https://nvd.nist.gov/vuln/detail/CVE-2021-43618</a><br></details> |
| libgpac11 | CVE-2018-1000100 | MEDIUM | 2.0.0+dfsg1-2 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000100">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000100</a><br><a href="https://github.com/gpac/gpac/issues/994">https://github.com/gpac/gpac/issues/994</a><br><a href="https://ubuntu.com/security/notices/USN-3926-1">https://ubuntu.com/security/notices/USN-3926-1</a><br><a href="https://usn.ubuntu.com/3926-1/">https://usn.ubuntu.com/3926-1/</a><br></details> |
| libgpac11 | CVE-2021-28300 | MEDIUM | 2.0.0+dfsg1-2 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28300">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28300</a><br><a href="https://github.com/gpac/gpac/issues/1702">https://github.com/gpac/gpac/issues/1702</a><br></details> |
| libjbig0 | CVE-2017-9937 | LOW | 2.1-3.1build3 | | <details><summary>Expand...</summary><a href="http://bugzilla.maptools.org/show_bug.cgi?id=2707">http://bugzilla.maptools.org/show_bug.cgi?id=2707</a><br><a href="http://www.securityfocus.com/bid/99304">http://www.securityfocus.com/bid/99304</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-9937">https://access.redhat.com/security/cve/CVE-2017-9937</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9937">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9937</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libncurses6 | CVE-2022-29458 | LOW | 6.3-2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29458">https://access.redhat.com/security/cve/CVE-2022-29458</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458</a><br><a href="https://invisible-island.net/ncurses/NEWS.html#t20220416">https://invisible-island.net/ncurses/NEWS.html#t20220416</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29458">https://nvd.nist.gov/vuln/detail/CVE-2022-29458</a><br><a href="https://ubuntu.com/security/notices/USN-5477-1">https://ubuntu.com/security/notices/USN-5477-1</a><br></details> |
| libncursesw6 | CVE-2022-29458 | LOW | 6.3-2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29458">https://access.redhat.com/security/cve/CVE-2022-29458</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458</a><br><a href="https://invisible-island.net/ncurses/NEWS.html#t20220416">https://invisible-island.net/ncurses/NEWS.html#t20220416</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29458">https://nvd.nist.gov/vuln/detail/CVE-2022-29458</a><br><a href="https://ubuntu.com/security/notices/USN-5477-1">https://ubuntu.com/security/notices/USN-5477-1</a><br></details> |
| libopenjp2-7 | CVE-2019-6988 | LOW | 2.4.0-6 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/106785">http://www.securityfocus.com/bid/106785</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-6988">https://access.redhat.com/security/cve/CVE-2019-6988</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6988">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6988</a><br><a href="https://github.com/uclouvain/openjpeg/issues/1178">https://github.com/uclouvain/openjpeg/issues/1178</a><br></details> |
| libopenjp2-7 | CVE-2021-29338 | LOW | 2.4.0-6 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-29338">https://access.redhat.com/security/cve/CVE-2021-29338</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29338">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29338</a><br><a href="https://github.com/uclouvain/openjpeg/issues/1338">https://github.com/uclouvain/openjpeg/issues/1338</a><br><a href="https://github.com/uclouvain/openjpeg/pull/1346">https://github.com/uclouvain/openjpeg/pull/1346</a><br><a href="https://github.com/uclouvain/openjpeg/pull/1395">https://github.com/uclouvain/openjpeg/pull/1395</a><br><a href="https://github.com/uclouvain/openjpeg/pull/1396">https://github.com/uclouvain/openjpeg/pull/1396</a><br><a href="https://github.com/uclouvain/openjpeg/pull/1397">https://github.com/uclouvain/openjpeg/pull/1397</a><br><a href="https://github.com/uclouvain/openjpeg/pull/1398">https://github.com/uclouvain/openjpeg/pull/1398</a><br><a href="https://linux.oracle.com/cve/CVE-2021-29338.html">https://linux.oracle.com/cve/CVE-2021-29338.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4251.html">https://linux.oracle.com/errata/ELSA-2021-4251.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/</a><br></details> |
| libopenjp2-7 | CVE-2021-3575 | LOW | 2.4.0-6 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-3575">https://access.redhat.com/security/cve/CVE-2021-3575</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1957616">https://bugzilla.redhat.com/show_bug.cgi?id=1957616</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3575">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3575</a><br><a href="https://github.com/uclouvain/openjpeg/issues/1347">https://github.com/uclouvain/openjpeg/issues/1347</a><br><a href="https://linux.oracle.com/cve/CVE-2021-3575.html">https://linux.oracle.com/cve/CVE-2021-3575.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4251.html">https://linux.oracle.com/errata/ELSA-2021-4251.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/</a><br><a href="https://ubuntu.com/security/CVE-2021-3575">https://ubuntu.com/security/CVE-2021-3575</a><br></details> |
| libopenmpt0 | CVE-2019-17113 | MEDIUM | 0.6.1-1 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00035.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00035.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00044.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00044.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17113">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17113</a><br><a href="https://github.com/OpenMPT/openmpt/commit/927688ddab43c2b203569de79407a899e734fabe">https://github.com/OpenMPT/openmpt/commit/927688ddab43c2b203569de79407a899e734fabe</a><br><a href="https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.3.18...libopenmpt-0.3.19">https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.3.18...libopenmpt-0.3.19</a><br><a href="https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.4.8...libopenmpt-0.4.9">https://github.com/OpenMPT/openmpt/compare/libopenmpt-0.4.8...libopenmpt-0.4.9</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/08/msg00003.html">https://lists.debian.org/debian-lts-announce/2020/08/msg00003.html</a><br><a href="https://source.openmpt.org/browse/openmpt/trunk/OpenMPT/?op=revision&amp;rev=12127&amp;peg=12127">https://source.openmpt.org/browse/openmpt/trunk/OpenMPT/?op=revision&amp;rev=12127&amp;peg=12127</a><br><a href="https://www.debian.org/security/2020/dsa-4729">https://www.debian.org/security/2020/dsa-4729</a><br></details> |
| libpcre2-16-0 | CVE-2022-1586 | LOW | 10.39-3build1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1586">https://access.redhat.com/security/cve/CVE-2022-1586</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2077976,">https://bugzilla.redhat.com/show_bug.cgi?id=2077976,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,">https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c">https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1586">https://nvd.nist.gov/vuln/detail/CVE-2022-1586</a><br></details> |
| libpcre2-16-0 | CVE-2022-1587 | LOW | 10.39-3build1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1587">https://access.redhat.com/security/cve/CVE-2022-1587</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2077983,">https://bugzilla.redhat.com/show_bug.cgi?id=2077983,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0">https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1587">https://nvd.nist.gov/vuln/detail/CVE-2022-1587</a><br></details> |
| libpcre2-8-0 | CVE-2022-1586 | LOW | 10.39-3build1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1586">https://access.redhat.com/security/cve/CVE-2022-1586</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2077976,">https://bugzilla.redhat.com/show_bug.cgi?id=2077976,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,">https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c">https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1586">https://nvd.nist.gov/vuln/detail/CVE-2022-1586</a><br></details> |
| libpcre2-8-0 | CVE-2022-1587 | LOW | 10.39-3build1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1587">https://access.redhat.com/security/cve/CVE-2022-1587</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2077983,">https://bugzilla.redhat.com/show_bug.cgi?id=2077983,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0">https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1587">https://nvd.nist.gov/vuln/detail/CVE-2022-1587</a><br></details> |
| libpcre3 | CVE-2017-11164 | LOW | 2:8.39-13ubuntu0.22.04.1 | | <details><summary>Expand...</summary><a href="http://openwall.com/lists/oss-security/2017/07/11/3">http://openwall.com/lists/oss-security/2017/07/11/3</a><br><a href="http://www.securityfocus.com/bid/99575">http://www.securityfocus.com/bid/99575</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-11164">https://access.redhat.com/security/cve/CVE-2017-11164</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libperl5.34 | CVE-2020-16156 | MEDIUM | 5.34.0-3ubuntu1 | | <details><summary>Expand...</summary><a href="http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html">http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-16156">https://access.redhat.com/security/cve/CVE-2020-16156</a><br><a href="https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/">https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/</a><br><a href="https://metacpan.org/pod/distribution/CPAN/scripts/cpan">https://metacpan.org/pod/distribution/CPAN/scripts/cpan</a><br></details> |
| libpolkit-agent-1-0 | CVE-2016-2568 | LOW | 0.105-33 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2016/q1/443">http://seclists.org/oss-sec/2016/q1/443</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/26/3">http://www.openwall.com/lists/oss-security/2016/02/26/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-2568">https://access.redhat.com/security/cve/CVE-2016-2568</a><br><a href="https://access.redhat.com/security/cve/cve-2016-2568">https://access.redhat.com/security/cve/cve-2016-2568</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1300746">https://bugzilla.redhat.com/show_bug.cgi?id=1300746</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568</a><br><a href="https://lore.kernel.org/patchwork/patch/793178/">https://lore.kernel.org/patchwork/patch/793178/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-2568">https://nvd.nist.gov/vuln/detail/CVE-2016-2568</a><br><a href="https://ubuntu.com/security/CVE-2016-2568">https://ubuntu.com/security/CVE-2016-2568</a><br></details> |
| libpolkit-gobject-1-0 | CVE-2016-2568 | LOW | 0.105-33 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2016/q1/443">http://seclists.org/oss-sec/2016/q1/443</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/26/3">http://www.openwall.com/lists/oss-security/2016/02/26/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-2568">https://access.redhat.com/security/cve/CVE-2016-2568</a><br><a href="https://access.redhat.com/security/cve/cve-2016-2568">https://access.redhat.com/security/cve/cve-2016-2568</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1300746">https://bugzilla.redhat.com/show_bug.cgi?id=1300746</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568</a><br><a href="https://lore.kernel.org/patchwork/patch/793178/">https://lore.kernel.org/patchwork/patch/793178/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-2568">https://nvd.nist.gov/vuln/detail/CVE-2016-2568</a><br><a href="https://ubuntu.com/security/CVE-2016-2568">https://ubuntu.com/security/CVE-2016-2568</a><br></details> |
| libpython3.10-minimal | CVE-2015-20107 | LOW | 3.10.4-3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://github.com/python/cpython/pull/91993">https://github.com/python/cpython/pull/91993</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-20107">https://nvd.nist.gov/vuln/detail/CVE-2015-20107</a><br></details> |
| libpython3.10-stdlib | CVE-2015-20107 | LOW | 3.10.4-3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://github.com/python/cpython/pull/91993">https://github.com/python/cpython/pull/91993</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-20107">https://nvd.nist.gov/vuln/detail/CVE-2015-20107</a><br></details> |
| libqt5core5a | CVE-2022-25255 | MEDIUM | 5.15.3+dfsg-2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-25255">https://access.redhat.com/security/cve/CVE-2022-25255</a><br><a href="https://codereview.qt-project.org/c/qt/qtbase/+/393113">https://codereview.qt-project.org/c/qt/qtbase/+/393113</a><br><a href="https://codereview.qt-project.org/c/qt/qtbase/+/394914">https://codereview.qt-project.org/c/qt/qtbase/+/394914</a><br><a href="https://codereview.qt-project.org/c/qt/qtbase/+/396020">https://codereview.qt-project.org/c/qt/qtbase/+/396020</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25255">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25255</a><br><a href="https://download.qt.io/official_releases/qt/5.15/qprocess5-15.diff">https://download.qt.io/official_releases/qt/5.15/qprocess5-15.diff</a><br><a href="https://download.qt.io/official_releases/qt/6.2/qprocess6-2.diff">https://download.qt.io/official_releases/qt/6.2/qprocess6-2.diff</a><br></details> |
| libsndfile1 | CVE-2021-4156 | LOW | 1.0.31-2build1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-4156">https://access.redhat.com/security/cve/CVE-2021-4156</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2027690">https://bugzilla.redhat.com/show_bug.cgi?id=2027690</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4156">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4156</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-1968.html">https://errata.almalinux.org/8/ALSA-2022-1968.html</a><br><a href="https://github.com/libsndfile/libsndfile/issues/731">https://github.com/libsndfile/libsndfile/issues/731</a><br><a href="https://github.com/libsndfile/libsndfile/pull/732/commits/4c30646abf7834e406f7e2429c70bc254e18beab">https://github.com/libsndfile/libsndfile/pull/732/commits/4c30646abf7834e406f7e2429c70bc254e18beab</a><br><a href="https://linux.oracle.com/cve/CVE-2021-4156.html">https://linux.oracle.com/cve/CVE-2021-4156.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-1968.html">https://linux.oracle.com/errata/ELSA-2022-1968.html</a><br><a href="https://ubuntu.com/security/notices/USN-5409-1">https://ubuntu.com/security/notices/USN-5409-1</a><br></details> |
| libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.37.2-2 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/HT211168">https://support.apple.com/HT211168</a><br><a href="https://support.apple.com/HT211170">https://support.apple.com/HT211170</a><br><a href="https://support.apple.com/HT211171">https://support.apple.com/HT211171</a><br><a href="https://support.apple.com/HT211175">https://support.apple.com/HT211175</a><br><a href="https://support.apple.com/HT211178">https://support.apple.com/HT211178</a><br><a href="https://support.apple.com/HT211179">https://support.apple.com/HT211179</a><br><a href="https://support.apple.com/HT211181">https://support.apple.com/HT211181</a><br><a href="https://vuldb.com/?id.155768">https://vuldb.com/?id.155768</a><br></details> |
| libsqlite3-0 | CVE-2020-9849 | LOW | 3.37.2-2 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/en-us/HT211843">https://support.apple.com/en-us/HT211843</a><br><a href="https://support.apple.com/en-us/HT211844">https://support.apple.com/en-us/HT211844</a><br><a href="https://support.apple.com/en-us/HT211850">https://support.apple.com/en-us/HT211850</a><br><a href="https://support.apple.com/en-us/HT211931">https://support.apple.com/en-us/HT211931</a><br><a href="https://support.apple.com/en-us/HT211935">https://support.apple.com/en-us/HT211935</a><br><a href="https://support.apple.com/en-us/HT211952">https://support.apple.com/en-us/HT211952</a><br><a href="https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/">https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/</a><br></details> |
| libsqlite3-0 | CVE-2020-9991 | LOW | 3.37.2-2 | | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2020/Dec/32">http://seclists.org/fulldisclosure/2020/Dec/32</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://support.apple.com/en-us/HT211843">https://support.apple.com/en-us/HT211843</a><br><a href="https://support.apple.com/en-us/HT211844">https://support.apple.com/en-us/HT211844</a><br><a href="https://support.apple.com/en-us/HT211847">https://support.apple.com/en-us/HT211847</a><br><a href="https://support.apple.com/en-us/HT211850">https://support.apple.com/en-us/HT211850</a><br><a href="https://support.apple.com/en-us/HT211931">https://support.apple.com/en-us/HT211931</a><br><a href="https://support.apple.com/kb/HT211846">https://support.apple.com/kb/HT211846</a><br><a href="https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/">https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/</a><br></details> |
| libtiff5 | CVE-2022-1354 | MEDIUM | 4.3.0-6 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1354">https://access.redhat.com/security/cve/CVE-2022-1354</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354</a><br><a href="https://gitlab.com/libtiff/libtiff/-/issues/319">https://gitlab.com/libtiff/libtiff/-/issues/319</a><br></details> |
| libtiff5 | CVE-2018-10126 | LOW | 4.3.0-6 | | <details><summary>Expand...</summary><a href="http://bugzilla.maptools.org/show_bug.cgi?id=2786">http://bugzilla.maptools.org/show_bug.cgi?id=2786</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-10126">https://access.redhat.com/security/cve/CVE-2018-10126</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
| libtinfo6 | CVE-2022-29458 | LOW | 6.3-2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29458">https://access.redhat.com/security/cve/CVE-2022-29458</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458</a><br><a href="https://invisible-island.net/ncurses/NEWS.html#t20220416">https://invisible-island.net/ncurses/NEWS.html#t20220416</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29458">https://nvd.nist.gov/vuln/detail/CVE-2022-29458</a><br><a href="https://ubuntu.com/security/notices/USN-5477-1">https://ubuntu.com/security/notices/USN-5477-1</a><br></details> |
| locales | CVE-2016-20013 | LOW | 2.35-0ubuntu3 | | <details><summary>Expand...</summary><a href="https://akkadia.org/drepper/SHA-crypt.txt">https://akkadia.org/drepper/SHA-crypt.txt</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-20013">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-20013</a><br><a href="https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/">https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/</a><br><a href="https://twitter.com/solardiz/status/795601240151457793">https://twitter.com/solardiz/status/795601240151457793</a><br></details> |
| login | CVE-2013-4235 | LOW | 1:4.8.1-2ubuntu2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2013-4235">https://access.redhat.com/security/cve/CVE-2013-4235</a><br><a href="https://access.redhat.com/security/cve/cve-2013-4235">https://access.redhat.com/security/cve/cve-2013-4235</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2013-4235">https://security-tracker.debian.org/tracker/CVE-2013-4235</a><br></details> |
| ncurses-base | CVE-2022-29458 | LOW | 6.3-2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29458">https://access.redhat.com/security/cve/CVE-2022-29458</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458</a><br><a href="https://invisible-island.net/ncurses/NEWS.html#t20220416">https://invisible-island.net/ncurses/NEWS.html#t20220416</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29458">https://nvd.nist.gov/vuln/detail/CVE-2022-29458</a><br><a href="https://ubuntu.com/security/notices/USN-5477-1">https://ubuntu.com/security/notices/USN-5477-1</a><br></details> |
| ncurses-bin | CVE-2022-29458 | LOW | 6.3-2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29458">https://access.redhat.com/security/cve/CVE-2022-29458</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458</a><br><a href="https://invisible-island.net/ncurses/NEWS.html#t20220416">https://invisible-island.net/ncurses/NEWS.html#t20220416</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html</a><br><a href="https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html">https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-29458">https://nvd.nist.gov/vuln/detail/CVE-2022-29458</a><br><a href="https://ubuntu.com/security/notices/USN-5477-1">https://ubuntu.com/security/notices/USN-5477-1</a><br></details> |
| openssh-client | CVE-2020-14145 | LOW | 1:8.9p1-3 | | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2020/12/02/1">http://www.openwall.com/lists/oss-security/2020/12/02/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-14145">https://access.redhat.com/security/cve/CVE-2020-14145</a><br><a href="https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d">https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14145">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14145</a><br><a href="https://docs.ssh-mitm.at/CVE-2020-14145.html">https://docs.ssh-mitm.at/CVE-2020-14145.html</a><br><a href="https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1">https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1</a><br><a href="https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py">https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py</a><br><a href="https://linux.oracle.com/cve/CVE-2020-14145.html">https://linux.oracle.com/cve/CVE-2020-14145.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-4368.html">https://linux.oracle.com/errata/ELSA-2021-4368.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-14145">https://nvd.nist.gov/vuln/detail/CVE-2020-14145</a><br><a href="https://security.gentoo.org/glsa/202105-35">https://security.gentoo.org/glsa/202105-35</a><br><a href="https://security.netapp.com/advisory/ntap-20200709-0004/">https://security.netapp.com/advisory/ntap-20200709-0004/</a><br><a href="https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/">https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/</a><br><a href="https://www.fzi.de/fileadmin/user_upload/2020-06-26-FSA-2020-2.pdf">https://www.fzi.de/fileadmin/user_upload/2020-06-26-FSA-2020-2.pdf</a><br></details> |
| openssh-client | CVE-2021-41617 | LOW | 1:8.9p1-3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-41617">https://access.redhat.com/security/cve/CVE-2021-41617</a><br><a href="https://bugzilla.suse.com/show_bug.cgi?id=1190975">https://bugzilla.suse.com/show_bug.cgi?id=1190975</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617</a><br><a href="https://errata.almalinux.org/8/ALSA-2022-2013.html">https://errata.almalinux.org/8/ALSA-2022-2013.html</a><br><a href="https://linux.oracle.com/cve/CVE-2021-41617.html">https://linux.oracle.com/cve/CVE-2021-41617.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2022-2013.html">https://linux.oracle.com/errata/ELSA-2022-2013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-41617">https://nvd.nist.gov/vuln/detail/CVE-2021-41617</a><br><a href="https://security.netapp.com/advisory/ntap-20211014-0004/">https://security.netapp.com/advisory/ntap-20211014-0004/</a><br><a href="https://www.openssh.com/security.html">https://www.openssh.com/security.html</a><br><a href="https://www.openssh.com/txt/release-8.8">https://www.openssh.com/txt/release-8.8</a><br><a href="https://www.openwall.com/lists/oss-security/2021/09/26/1">https://www.openwall.com/lists/oss-security/2021/09/26/1</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
| passwd | CVE-2013-4235 | LOW | 1:4.8.1-2ubuntu2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2013-4235">https://access.redhat.com/security/cve/CVE-2013-4235</a><br><a href="https://access.redhat.com/security/cve/cve-2013-4235">https://access.redhat.com/security/cve/cve-2013-4235</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2013-4235">https://security-tracker.debian.org/tracker/CVE-2013-4235</a><br></details> |
| patch | CVE-2018-6952 | LOW | 2.7.6-7build2 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/103047">http://www.securityfocus.com/bid/103047</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2033">https://access.redhat.com/errata/RHSA-2019:2033</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-6952">https://access.redhat.com/security/cve/CVE-2018-6952</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952</a><br><a href="https://linux.oracle.com/cve/CVE-2018-6952.html">https://linux.oracle.com/cve/CVE-2018-6952.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-2033.html">https://linux.oracle.com/errata/ELSA-2019-2033.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-6952">https://nvd.nist.gov/vuln/detail/CVE-2018-6952</a><br><a href="https://savannah.gnu.org/bugs/index.php?53133">https://savannah.gnu.org/bugs/index.php?53133</a><br><a href="https://security.gentoo.org/glsa/201904-17">https://security.gentoo.org/glsa/201904-17</a><br></details> |
| patch | CVE-2021-45261 | LOW | 2.7.6-7build2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-45261">https://access.redhat.com/security/cve/CVE-2021-45261</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45261">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45261</a><br><a href="https://savannah.gnu.org/bugs/?61685">https://savannah.gnu.org/bugs/?61685</a><br></details> |
| perl | CVE-2020-16156 | MEDIUM | 5.34.0-3ubuntu1 | | <details><summary>Expand...</summary><a href="http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html">http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-16156">https://access.redhat.com/security/cve/CVE-2020-16156</a><br><a href="https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/">https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/</a><br><a href="https://metacpan.org/pod/distribution/CPAN/scripts/cpan">https://metacpan.org/pod/distribution/CPAN/scripts/cpan</a><br></details> |
| perl-base | CVE-2020-16156 | MEDIUM | 5.34.0-3ubuntu1 | | <details><summary>Expand...</summary><a href="http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html">http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-16156">https://access.redhat.com/security/cve/CVE-2020-16156</a><br><a href="https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/">https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/</a><br><a href="https://metacpan.org/pod/distribution/CPAN/scripts/cpan">https://metacpan.org/pod/distribution/CPAN/scripts/cpan</a><br></details> |
| perl-modules-5.34 | CVE-2020-16156 | MEDIUM | 5.34.0-3ubuntu1 | | <details><summary>Expand...</summary><a href="http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html">http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-16156">https://access.redhat.com/security/cve/CVE-2020-16156</a><br><a href="https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/">https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/</a><br><a href="https://metacpan.org/pod/distribution/CPAN/scripts/cpan">https://metacpan.org/pod/distribution/CPAN/scripts/cpan</a><br></details> |
| pkexec | CVE-2016-2568 | LOW | 0.105-33 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2016/q1/443">http://seclists.org/oss-sec/2016/q1/443</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/26/3">http://www.openwall.com/lists/oss-security/2016/02/26/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-2568">https://access.redhat.com/security/cve/CVE-2016-2568</a><br><a href="https://access.redhat.com/security/cve/cve-2016-2568">https://access.redhat.com/security/cve/cve-2016-2568</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1300746">https://bugzilla.redhat.com/show_bug.cgi?id=1300746</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568</a><br><a href="https://lore.kernel.org/patchwork/patch/793178/">https://lore.kernel.org/patchwork/patch/793178/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-2568">https://nvd.nist.gov/vuln/detail/CVE-2016-2568</a><br><a href="https://ubuntu.com/security/CVE-2016-2568">https://ubuntu.com/security/CVE-2016-2568</a><br></details> |
| policykit-1 | CVE-2016-2568 | LOW | 0.105-33 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2016/q1/443">http://seclists.org/oss-sec/2016/q1/443</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/26/3">http://www.openwall.com/lists/oss-security/2016/02/26/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-2568">https://access.redhat.com/security/cve/CVE-2016-2568</a><br><a href="https://access.redhat.com/security/cve/cve-2016-2568">https://access.redhat.com/security/cve/cve-2016-2568</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1300746">https://bugzilla.redhat.com/show_bug.cgi?id=1300746</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568</a><br><a href="https://lore.kernel.org/patchwork/patch/793178/">https://lore.kernel.org/patchwork/patch/793178/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-2568">https://nvd.nist.gov/vuln/detail/CVE-2016-2568</a><br><a href="https://ubuntu.com/security/CVE-2016-2568">https://ubuntu.com/security/CVE-2016-2568</a><br></details> |
| polkitd | CVE-2016-2568 | LOW | 0.105-33 | | <details><summary>Expand...</summary><a href="http://seclists.org/oss-sec/2016/q1/443">http://seclists.org/oss-sec/2016/q1/443</a><br><a href="http://www.openwall.com/lists/oss-security/2016/02/26/3">http://www.openwall.com/lists/oss-security/2016/02/26/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-2568">https://access.redhat.com/security/cve/CVE-2016-2568</a><br><a href="https://access.redhat.com/security/cve/cve-2016-2568">https://access.redhat.com/security/cve/cve-2016-2568</a><br><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1300746">https://bugzilla.redhat.com/show_bug.cgi?id=1300746</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568</a><br><a href="https://lore.kernel.org/patchwork/patch/793178/">https://lore.kernel.org/patchwork/patch/793178/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-2568">https://nvd.nist.gov/vuln/detail/CVE-2016-2568</a><br><a href="https://ubuntu.com/security/CVE-2016-2568">https://ubuntu.com/security/CVE-2016-2568</a><br></details> |
| python3-httplib2 | CVE-2021-21240 | LOW | 0.20.2-2 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-21240">https://access.redhat.com/security/cve/CVE-2021-21240</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21240">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21240</a><br><a href="https://github.com/advisories/GHSA-93xj-8mrv-444m">https://github.com/advisories/GHSA-93xj-8mrv-444m</a><br><a href="https://github.com/httplib2/httplib2/commit/bd9ee252c8f099608019709e22c0d705e98d26bc">https://github.com/httplib2/httplib2/commit/bd9ee252c8f099608019709e22c0d705e98d26bc</a><br><a href="https://github.com/httplib2/httplib2/pull/182">https://github.com/httplib2/httplib2/pull/182</a><br><a href="https://github.com/httplib2/httplib2/security/advisories/GHSA-93xj-8mrv-444m">https://github.com/httplib2/httplib2/security/advisories/GHSA-93xj-8mrv-444m</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-21240">https://nvd.nist.gov/vuln/detail/CVE-2021-21240</a><br><a href="https://pypi.org/project/httplib2">https://pypi.org/project/httplib2</a><br></details> |
| python3.10 | CVE-2015-20107 | LOW | 3.10.4-3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://github.com/python/cpython/pull/91993">https://github.com/python/cpython/pull/91993</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-20107">https://nvd.nist.gov/vuln/detail/CVE-2015-20107</a><br></details> |
| python3.10-minimal | CVE-2015-20107 | LOW | 3.10.4-3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-20107">https://access.redhat.com/security/cve/CVE-2015-20107</a><br><a href="https://bugs.python.org/issue24778">https://bugs.python.org/issue24778</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a><br><a href="https://github.com/python/cpython/issues/68966">https://github.com/python/cpython/issues/68966</a><br><a href="https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80">https://github.com/python/cpython/pull/91542/commits/340251550897cb98ae83ad1040750d6300112e80</a><br><a href="https://github.com/python/cpython/pull/91993">https://github.com/python/cpython/pull/91993</a><br><a href="https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/">https://mail.python.org/archives/list/security-announce@python.org/thread/QDSXNCW77UGULFG2JMDFZQ7H4DIR32LA/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-20107">https://nvd.nist.gov/vuln/detail/CVE-2015-20107</a><br></details> |
| tar | CVE-2019-9923 | LOW | 1.34+dfsg-1build3 | | <details><summary>Expand...</summary><a href="http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120">http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html">http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html</a><br><a href="http://savannah.gnu.org/bugs/?55369">http://savannah.gnu.org/bugs/?55369</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-9923">https://access.redhat.com/security/cve/CVE-2019-9923</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241">https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://ubuntu.com/security/notices/USN-4692-1">https://ubuntu.com/security/notices/USN-4692-1</a><br></details> |
| wget | CVE-2021-31879 | MEDIUM | 1.21.2-2ubuntu1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-31879">https://access.redhat.com/security/cve/CVE-2021-31879</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31879</a><br><a href="https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html">https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-31879">https://nvd.nist.gov/vuln/detail/CVE-2021-31879</a><br><a href="https://savannah.gnu.org/bugs/?56909">https://savannah.gnu.org/bugs/?56909</a><br><a href="https://security.netapp.com/advisory/ntap-20210618-0002/">https://security.netapp.com/advisory/ntap-20210618-0002/</a><br></details> |
| x11-common | CVE-2012-1093 | LOW | 1:7.7+23ubuntu2 | | <details><summary>Expand...</summary><a href="http://vladz.devzero.fr/012_x11-common-vuln.html">http://vladz.devzero.fr/012_x11-common-vuln.html</a><br><a href="http://www.openwall.com/lists/oss-security/2012/02/29/1">http://www.openwall.com/lists/oss-security/2012/02/29/1</a><br><a href="http://www.openwall.com/lists/oss-security/2012/03/01/1">http://www.openwall.com/lists/oss-security/2012/03/01/1</a><br><a href="https://access.redhat.com/security/cve/cve-2012-1093">https://access.redhat.com/security/cve/cve-2012-1093</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br><a href="https://security-tracker.debian.org/tracker/CVE-2012-1093">https://security-tracker.debian.org/tracker/CVE-2012-1093</a><br></details> |