catalog/stable/jdownloader2/7.0.6/security.md

158 KiB
Raw Blame History

hide
toc

Security Overview

Helm-Chart

Scan Results

Chart Object: jdownloader2/templates/common.yaml

Type Misconfiguration ID Check Severity Explaination Links
Kubernetes Security Check KSV001 Process can elevate its own privileges MEDIUM
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.allowPrivilegeEscalation' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-jdownloader2' of Deployment 'RELEASE-NAME-jdownloader2' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
Kubernetes Security Check KSV011 CPU not limited LOW
Expand... Enforcing CPU limits prevents DoS via resource exhaustion.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should set 'resources.limits.cpu'
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'RELEASE-NAME-jdownloader2' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'RELEASE-NAME-jdownloader2' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'autopermissions' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check KSV015 CPU requests not specified LOW
Expand... When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should set 'resources.requests.cpu'
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
Kubernetes Security Check KSV016 Memory requests not specified LOW
Expand... When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should set 'resources.requests.memory'
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
Kubernetes Security Check KSV017 Privileged container HIGH
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.privileged' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017
Kubernetes Security Check KSV018 Memory not limited LOW
Expand... Enforcing memory limits prevents DoS via resource exhaustion.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should set 'resources.limits.memory'
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
Kubernetes Security Check KSV020 Runs with low user ID MEDIUM
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.


Container 'RELEASE-NAME-jdownloader2' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check KSV020 Runs with low user ID MEDIUM
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check KSV020 Runs with low user ID MEDIUM
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check KSV021 Runs with low group ID MEDIUM
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.


Container 'RELEASE-NAME-jdownloader2' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check KSV021 Runs with low group ID MEDIUM
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check KSV021 Runs with low group ID MEDIUM
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.


Container 'hostpatch' of Deployment 'RELEASE-NAME-jdownloader2' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check KSV023 hostPath volumes mounted MEDIUM
Expand... HostPath volumes must be forbidden.


Deployment 'RELEASE-NAME-jdownloader2' should not set 'spec.template.volumes.hostPath'
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023
Kubernetes Security Check KSV029 A root primary or supplementary GID set LOW
Expand... Containers should be forbidden from running with a root primary or supplementary GID.


Deployment 'RELEASE-NAME-jdownloader2' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029

Containers

Detected Containers
      tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
      tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
      tccr.io/truecharts/jdownloader-2:v1.7.1@sha256:ba37e3a795f6e64466de3e81152af78c5fe8f6c3beeeee5a2bc948c41a631b16
Scan Results

Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)

alpine

Package Vulnerability Severity Installed Version Fixed Version Links
zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3

Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)

alpine

Package Vulnerability Severity Installed Version Fixed Version Links
zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3

Container: tccr.io/truecharts/jdownloader-2:v1.7.1@sha256:ba37e3a795f6e64466de3e81152af78c5fe8f6c3beeeee5a2bc948c41a631b16 (alpine 3.12.6)

alpine

Package Vulnerability Severity Installed Version Fixed Version Links
apk-tools CVE-2021-36159 CRITICAL 2.10.5-r1 2.10.7-r0
Expand...https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
apk-tools CVE-2021-30139 HIGH 2.10.5-r1 2.10.6-r0
Expand...https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741
https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606
busybox CVE-2021-42378 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42378
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42379 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42379
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42380 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42380
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42381 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42381
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42382 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42382
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42383 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42383
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
busybox CVE-2021-42384 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42384
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42385 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42385
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42386 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42386
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42374 MEDIUM 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42374
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
cairo CVE-2020-35492 HIGH 1.16.0-r2 1.16.0-r3
Expand...https://access.redhat.com/security/cve/CVE-2020-35492
https://bugzilla.redhat.com/show_bug.cgi?id=1898396
https://gitlab.freedesktop.org/cairo/cairo/-/commit/03a820b173ed1fdef6ff14b4468f5dbc02ff59be
https://nvd.nist.gov/vuln/detail/CVE-2020-35492
cairo-gobject CVE-2020-35492 HIGH 1.16.0-r2 1.16.0-r3
Expand...https://access.redhat.com/security/cve/CVE-2020-35492
https://bugzilla.redhat.com/show_bug.cgi?id=1898396
https://gitlab.freedesktop.org/cairo/cairo/-/commit/03a820b173ed1fdef6ff14b4468f5dbc02ff59be
https://nvd.nist.gov/vuln/detail/CVE-2020-35492
expat CVE-2022-22822 CRITICAL 2.2.9-r1 2.2.10-r0
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22822
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22822.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22822
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
expat CVE-2022-22823 CRITICAL 2.2.9-r1 2.2.10-r0
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22823.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22823
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
expat CVE-2022-22824 CRITICAL 2.2.9-r1 2.2.10-r0
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22824.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22824
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
expat CVE-2022-23852 CRITICAL 2.2.9-r1 2.2.10-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-23852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
https://github.com/libexpat/libexpat/pull/550
https://linux.oracle.com/cve/CVE-2022-23852.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23852
https://security.netapp.com/advisory/ntap-20220217-0001/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
expat CVE-2022-23990 CRITICAL 2.2.9-r1 2.2.10-r1
Expand...https://access.redhat.com/security/cve/CVE-2022-23990
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
https://github.com/libexpat/libexpat/pull/551
https://linux.oracle.com/cve/CVE-2022-23990.html
https://linux.oracle.com/errata/ELSA-2022-9232.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
https://nvd.nist.gov/vuln/detail/CVE-2022-23990
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
expat CVE-2022-25235 CRITICAL 2.2.9-r1 2.2.10-r2
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25235
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
https://github.com/libexpat/libexpat/pull/562
https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)
https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)
https://linux.oracle.com/cve/CVE-2022-25235.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25235
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
expat CVE-2022-25236 CRITICAL 2.2.9-r1 2.2.10-r2
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25236
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
https://github.com/libexpat/libexpat/pull/561
https://github.com/libexpat/libexpat/pull/561/commits/2de077423fb22750ebea599677d523b53cb93b1d (test)
https://github.com/libexpat/libexpat/pull/561/commits/a2fe525e660badd64b6c557c2b1ec26ddc07f6e4 (fix)
https://github.com/libexpat/libexpat/pull/577
https://linux.oracle.com/cve/CVE-2022-25236.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25236
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5085
expat CVE-2022-25315 CRITICAL 2.2.9-r1 2.2.10-r2
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25315
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
https://github.com/libexpat/libexpat/pull/559
https://linux.oracle.com/cve/CVE-2022-25315.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25315
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
expat CVE-2021-45960 HIGH 2.2.9-r1 2.2.10-r0
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2021-45960
https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
https://github.com/libexpat/libexpat/issues/531
https://github.com/libexpat/libexpat/pull/534
https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea
https://linux.oracle.com/cve/CVE-2021-45960.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2021-45960
https://security.netapp.com/advisory/ntap-20220121-0004/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
expat CVE-2021-46143 HIGH 2.2.9-r1 2.2.10-r0
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2021-46143
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
https://github.com/libexpat/libexpat/issues/532
https://github.com/libexpat/libexpat/pull/538
https://linux.oracle.com/cve/CVE-2021-46143.html
https://linux.oracle.com/errata/ELSA-2022-9227.html
https://nvd.nist.gov/vuln/detail/CVE-2021-46143
https://security.netapp.com/advisory/ntap-20220121-0006/
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
expat CVE-2022-22825 HIGH 2.2.9-r1 2.2.10-r0
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22825.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22825
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
expat CVE-2022-22826 HIGH 2.2.9-r1 2.2.10-r0
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22826.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22826
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
expat CVE-2022-22827 HIGH 2.2.9-r1 2.2.10-r0
Expand...http://www.openwall.com/lists/oss-security/2022/01/17/3
https://access.redhat.com/security/cve/CVE-2022-22827
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
https://github.com/libexpat/libexpat/pull/539
https://linux.oracle.com/cve/CVE-2022-22827.html
https://linux.oracle.com/errata/ELSA-2022-1069.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22827
https://ubuntu.com/security/notices/USN-5288-1
https://www.debian.org/security/2022/dsa-5073
https://www.tenable.com/security/tns-2022-05
expat CVE-2022-25314 HIGH 2.2.9-r1 2.2.10-r2
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25314
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
https://github.com/libexpat/libexpat/pull/560
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25314
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
expat CVE-2022-25313 MEDIUM 2.2.9-r1 2.2.10-r2
Expand...http://www.openwall.com/lists/oss-security/2022/02/19/1
https://access.redhat.com/security/cve/CVE-2022-25313
https://blog.hartwork.org/posts/expat-2-4-5-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
https://github.com/libexpat/libexpat/pull/558
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
https://nvd.nist.gov/vuln/detail/CVE-2022-25313
https://security.netapp.com/advisory/ntap-20220303-0008/
https://ubuntu.com/security/notices/USN-5320-1
https://www.debian.org/security/2022/dsa-5085
gdk-pixbuf CVE-2020-29385 MEDIUM 2.40.0-r3 2.40.0-r4
Expand...https://access.redhat.com/security/cve/CVE-2020-29385
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29385
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/blob/master/NEWS
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/164
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5H3GNVWMZTYZR3JBYCK57PF7PFMQBNP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BGZVCTH5O7WBJLYXZ2UOKLYNIFPVR55D/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EANWYODLOJDFLMBH6WEKJJMQ5PKLEWML/
https://mail.gnome.org/archives/distributor-list/2020-December/msg00000.html
https://security.gentoo.org/glsa/202012-15
https://ubuntu.com/security/CVE-2020-29385
https://ubuntu.com/security/notices/USN-4663-1
gmp CVE-2021-43618 HIGH 6.2.0-r0 6.2.1-r1
Expand...https://access.redhat.com/security/cve/CVE-2021-43618
https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43618
krb5-libs CVE-2021-36222 HIGH 1.18.3-r0 1.18.4-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
krb5-libs CVE-2021-37750 MEDIUM 1.18.3-r0 1.18.5-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-37750
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-37750.html
https://linux.oracle.com/errata/ELSA-2021-4788.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/
https://nvd.nist.gov/vuln/detail/CVE-2021-37750
https://security.netapp.com/advisory/ntap-20210923-0002/
https://web.mit.edu/kerberos/advisories/
libblkid CVE-2021-3995 MEDIUM 2.35.2-r0 2.37.3-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
libblkid CVE-2021-3996 MEDIUM 2.35.2-r0 2.37.3-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-3996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
libblkid CVE-2022-0563 MEDIUM 2.35.2-r0 2.37.4-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
libcrypto1.1 CVE-2021-3711 CRITICAL 1.1.1k-r0 1.1.1l-r0
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/security/cve/CVE-2021-3711
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-3711
https://rustsec.org/advisories/RUSTSEC-2021-0097.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://ubuntu.com/security/notices/USN-5051-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
libcrypto1.1 CVE-2021-3712 HIGH 1.1.1k-r0 1.1.1l-r0
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json
https://access.redhat.com/security/cve/CVE-2021-3712
https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://linux.oracle.com/cve/CVE-2021-3712.html
https://linux.oracle.com/errata/ELSA-2022-9023.html
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3712
https://rustsec.org/advisories/RUSTSEC-2021-0098.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://ubuntu.com/security/notices/USN-5051-1
https://ubuntu.com/security/notices/USN-5051-2
https://ubuntu.com/security/notices/USN-5051-3
https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)
https://ubuntu.com/security/notices/USN-5088-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
libcrypto1.1 CVE-2022-0778 HIGH 1.1.1k-r0 1.1.1n-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-0778
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9249.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.tenable.com/security/tns-2022-06
libjpeg-turbo CVE-2021-20205 MEDIUM 2.0.5-r0 2.1.0-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-20205
https://bugzilla.redhat.com/show_bug.cgi?id=1937385
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMLEY6HLVZAGXIOGGPPUAMRJUA6LB3FD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TM3AHZEYGYFEDL6AW5RLEAJNVRWEJDFL/
libmount CVE-2021-3995 MEDIUM 2.35.2-r0 2.37.3-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
libmount CVE-2021-3996 MEDIUM 2.35.2-r0 2.37.3-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-3996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
libmount CVE-2022-0563 MEDIUM 2.35.2-r0 2.37.4-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
libssl1.1 CVE-2021-3711 CRITICAL 1.1.1k-r0 1.1.1l-r0
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/security/cve/CVE-2021-3711
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-3711
https://rustsec.org/advisories/RUSTSEC-2021-0097.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://ubuntu.com/security/notices/USN-5051-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
libssl1.1 CVE-2021-3712 HIGH 1.1.1k-r0 1.1.1l-r0
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json
https://access.redhat.com/security/cve/CVE-2021-3712
https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://linux.oracle.com/cve/CVE-2021-3712.html
https://linux.oracle.com/errata/ELSA-2022-9023.html
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3712
https://rustsec.org/advisories/RUSTSEC-2021-0098.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://ubuntu.com/security/notices/USN-5051-1
https://ubuntu.com/security/notices/USN-5051-2
https://ubuntu.com/security/notices/USN-5051-3
https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)
https://ubuntu.com/security/notices/USN-5088-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
libssl1.1 CVE-2022-0778 HIGH 1.1.1k-r0 1.1.1n-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-0778
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9249.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.tenable.com/security/tns-2022-06
libuuid CVE-2021-3995 MEDIUM 2.35.2-r0 2.37.3-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
libuuid CVE-2021-3996 MEDIUM 2.35.2-r0 2.37.3-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-3996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
libuuid CVE-2022-0563 MEDIUM 2.35.2-r0 2.37.4-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
libx11 CVE-2021-31535 CRITICAL 1.6.12-r0 1.6.12-r1
Expand...http://packetstormsecurity.com/files/162737/libX11-Insufficient-Length-Check-Injection.html
http://seclists.org/fulldisclosure/2021/May/52
http://www.openwall.com/lists/oss-security/2021/05/18/2
https://access.redhat.com/security/cve/CVE-2021-31535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31535
https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605
https://linux.oracle.com/cve/CVE-2021-31535.html
https://linux.oracle.com/errata/ELSA-2021-4326.html
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/05/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEOT4RLB76RVPJQKGGTIKTBIOLHX2NR6/
https://lists.freedesktop.org/archives/xorg/
https://lists.x.org/archives/xorg-announce/2021-May/003088.html
https://security.gentoo.org/glsa/202105-16
https://security.netapp.com/advisory/ntap-20210813-0001/
https://ubuntu.com/security/notices/USN-4966-1
https://ubuntu.com/security/notices/USN-4966-2
https://unparalleled.eu/blog/2021/20210518-using-xterm-to-navigate-the-huge-color-space/
https://unparalleled.eu/publications/2021/advisory-unpar-2021-1.txt
https://www.debian.org/security/2021/dsa-4920
https://www.openwall.com/lists/oss-security/2021/05/18/2
https://www.openwall.com/lists/oss-security/2021/05/18/3
libxml2 CVE-2021-3517 HIGH 2.9.10-r5 2.9.10-r6
Expand...https://access.redhat.com/security/cve/CVE-2021-3517
https://bugzilla.redhat.com/show_bug.cgi?id=1954232
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517
https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2
https://gitlab.gnome.org/GNOME/libxml2/-/issues/235
https://linux.oracle.com/cve/CVE-2021-3517.html
https://linux.oracle.com/errata/ELSA-2021-2569.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
https://nvd.nist.gov/vuln/detail/CVE-2021-3517
https://security.gentoo.org/glsa/202107-05
https://security.netapp.com/advisory/ntap-20210625-0002/
https://security.netapp.com/advisory/ntap-20211022-0004/
https://ubuntu.com/security/notices/USN-4991-1
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
libxml2 CVE-2021-3518 HIGH 2.9.10-r5 2.9.10-r6
Expand...http://seclists.org/fulldisclosure/2021/Jul/54
http://seclists.org/fulldisclosure/2021/Jul/55
http://seclists.org/fulldisclosure/2021/Jul/58
http://seclists.org/fulldisclosure/2021/Jul/59
https://access.redhat.com/security/cve/CVE-2021-3518
https://bugzilla.redhat.com/show_bug.cgi?id=1954242
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518
https://gitlab.gnome.org/GNOME/libxml2/-/commit/1098c30a040e72a4654968547f415be4e4c40fe7
https://gitlab.gnome.org/GNOME/libxml2/-/issues/237
https://linux.oracle.com/cve/CVE-2021-3518.html
https://linux.oracle.com/errata/ELSA-2021-2569.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
https://nvd.nist.gov/vuln/detail/CVE-2021-3518
https://security.gentoo.org/glsa/202107-05
https://security.netapp.com/advisory/ntap-20210625-0002/
https://support.apple.com/kb/HT212601
https://support.apple.com/kb/HT212602
https://support.apple.com/kb/HT212604
https://support.apple.com/kb/HT212605
https://ubuntu.com/security/notices/USN-4991-1
https://www.oracle.com/security-alerts/cpuoct2021.html
libxml2 CVE-2022-23308 HIGH 2.9.10-r5 2.9.13-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-23308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
https://linux.oracle.com/cve/CVE-2022-23308.html
https://linux.oracle.com/errata/ELSA-2022-0899.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
https://nvd.nist.gov/vuln/detail/CVE-2022-23308
https://ubuntu.com/security/notices/USN-5324-1
libxml2 CVE-2021-3537 MEDIUM 2.9.10-r5 2.9.10-r6
Expand...https://access.redhat.com/security/cve/CVE-2021-3537
https://bugzilla.redhat.com/show_bug.cgi?id=1956522
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537
https://gitlab.gnome.org/GNOME/libxml2/-/commit/babe75030c7f64a37826bb3342317134568bef61
https://gitlab.gnome.org/GNOME/libxml2/-/issues/243
https://gitlab.gnome.org/GNOME/libxml2/-/issues/244
https://gitlab.gnome.org/GNOME/libxml2/-/issues/245
https://linux.oracle.com/cve/CVE-2021-3537.html
https://linux.oracle.com/errata/ELSA-2021-2569.html
https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
https://nvd.nist.gov/vuln/detail/CVE-2021-3537
https://security.gentoo.org/glsa/202107-05
https://security.netapp.com/advisory/ntap-20210625-0002/
https://ubuntu.com/security/notices/USN-4991-1
https://www.oracle.com/security-alerts/cpuoct2021.html
libxml2 CVE-2021-3541 MEDIUM 2.9.10-r5 2.9.12-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-3541
https://blog.hartwork.org/posts/cve-2021-3541-parameter-laughs-fixed-in-libxml2-2-9-11/
https://bugzilla.redhat.com/show_bug.cgi?id=1950515
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541
https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e
https://gitlab.gnome.org/GNOME/libxml2/-/issues/228 (currently private)
https://linux.oracle.com/cve/CVE-2021-3541.html
https://linux.oracle.com/errata/ELSA-2021-2569.html
https://security.netapp.com/advisory/ntap-20210805-0007/
https://ubuntu.com/security/notices/USN-4991-1
https://www.oracle.com/security-alerts/cpujan2022.html
mcookie CVE-2021-3995 MEDIUM 2.35.2-r0 2.37.3-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
mcookie CVE-2021-3996 MEDIUM 2.35.2-r0 2.37.3-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-3996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://ubuntu.com/security/notices/USN-5279-1
https://www.openwall.com/lists/oss-security/2022/01/24/2
mcookie CVE-2022-0563 MEDIUM 2.35.2-r0 2.37.4-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-0563
https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2022-0563
ncurses-libs CVE-2021-39537 HIGH 6.2_p20200523-r0 6.2_p20200523-r1
Expand...http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup
https://access.redhat.com/security/cve/CVE-2021-39537
https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html
https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
https://nvd.nist.gov/vuln/detail/CVE-2021-39537
ncurses-terminfo-base CVE-2021-39537 HIGH 6.2_p20200523-r0 6.2_p20200523-r1
Expand...http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup
https://access.redhat.com/security/cve/CVE-2021-39537
https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html
https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
https://nvd.nist.gov/vuln/detail/CVE-2021-39537
nginx CVE-2021-23017 CRITICAL 1.18.0-r1 1.18.0-r2
Expand...http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
https://access.redhat.com/security/cve/CVE-2021-23017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
https://linux.oracle.com/cve/CVE-2021-23017.html
https://linux.oracle.com/errata/ELSA-2022-0323.html
https://lists.apache.org/thread.html/r37e6b2165f7c910d8e15fd54f4697857619ad2625f56583802004009@%3Cnotifications.apisix.apache.org%3E
https://lists.apache.org/thread.html/r4d4966221ca399ce948ef34884652265729d7d9ef8179c78d7f17e7f@%3Cnotifications.apisix.apache.org%3E
https://lists.apache.org/thread.html/r6fc5c57b38e93e36213e9a18c8a4e5dbd5ced1c7e57f08a1735975ba@%3Cnotifications.apisix.apache.org%3E
https://lists.apache.org/thread.html/rf232eecd47fdc44520192810560303073cefd684b321f85e311bad31@%3Cnotifications.apisix.apache.org%3E
https://lists.apache.org/thread.html/rf318aeeb4d7a3a312734780b47de83cefb7e6995da0b2cae5c28675c@%3Cnotifications.apisix.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SFVYHC7OXTEO4SMBWXDVK6E5IMEYMEE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNKOP2JR5L7KCIZTJRZDCUPJTUONMC5I/
https://nvd.nist.gov/vuln/detail/CVE-2021-23017
https://security.netapp.com/advisory/ntap-20210708-0006/
https://support.f5.com/csp/article/K12331123,
https://ubuntu.com/security/notices/USN-4967-1
https://ubuntu.com/security/notices/USN-4967-2
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.x41-dsec.de/lab/advisories/x41-2021-002-nginx-resolver-copy/
nss CVE-2021-43527 CRITICAL 3.60-r1 3.60-r2
Expand...https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43527.json
https://access.redhat.com/security/cve/CVE-2021-43527
https://bugzilla.mozilla.org/show_bug.cgi?id=1737470
https://cert-portal.siemens.com/productcert/pdf/ssa-594438.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43527
https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_68_1_RTM/
https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_73_RTM/
https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html
https://linux.oracle.com/cve/CVE-2021-43527.html
https://linux.oracle.com/errata/ELSA-2021-9591.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43527
https://security.netapp.com/advisory/ntap-20211229-0002/
https://ubuntu.com/security/notices/USN-5168-1
https://ubuntu.com/security/notices/USN-5168-2
https://ubuntu.com/security/notices/USN-5168-3
https://ubuntu.com/security/notices/USN-5168-4
https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
https://www.mozilla.org/security/advisories/mfsa2021-51/
openssl CVE-2021-3711 CRITICAL 1.1.1k-r0 1.1.1l-r0
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/security/cve/CVE-2021-3711
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-3711
https://rustsec.org/advisories/RUSTSEC-2021-0097.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://ubuntu.com/security/notices/USN-5051-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
openssl CVE-2021-3712 HIGH 1.1.1k-r0 1.1.1l-r0
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json
https://access.redhat.com/security/cve/CVE-2021-3712
https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://linux.oracle.com/cve/CVE-2021-3712.html
https://linux.oracle.com/errata/ELSA-2022-9023.html
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3712
https://rustsec.org/advisories/RUSTSEC-2021-0098.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://ubuntu.com/security/notices/USN-5051-1
https://ubuntu.com/security/notices/USN-5051-2
https://ubuntu.com/security/notices/USN-5051-3
https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)
https://ubuntu.com/security/notices/USN-5088-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
openssl CVE-2022-0778 HIGH 1.1.1k-r0 1.1.1n-r0
Expand...https://access.redhat.com/security/cve/CVE-2022-0778
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246
https://linux.oracle.com/cve/CVE-2022-0778.html
https://linux.oracle.com/errata/ELSA-2022-9249.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
https://rustsec.org/advisories/RUSTSEC-2022-0014.html
https://security.netapp.com/advisory/ntap-20220321-0002/
https://ubuntu.com/security/notices/USN-5328-1
https://ubuntu.com/security/notices/USN-5328-2
https://www.debian.org/security/2022/dsa-5103
https://www.openssl.org/news/secadv/20220315.txt
https://www.tenable.com/security/tns-2022-06
sqlite-libs CVE-2020-15358 MEDIUM 3.32.1-r0 3.32.1-r1
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2020/Nov/19
http://seclists.org/fulldisclosure/2020/Nov/20
http://seclists.org/fulldisclosure/2020/Nov/22
http://seclists.org/fulldisclosure/2021/Feb/14
https://access.redhat.com/security/cve/CVE-2020-15358
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358
https://linux.oracle.com/cve/CVE-2020-15358.html
https://linux.oracle.com/errata/ELSA-2021-1581.html
https://nvd.nist.gov/vuln/detail/CVE-2020-15358
https://security.gentoo.org/glsa/202007-26
https://security.netapp.com/advisory/ntap-20200709-0001/
https://support.apple.com/kb/HT211843
https://support.apple.com/kb/HT211844
https://support.apple.com/kb/HT211847
https://support.apple.com/kb/HT211850
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://ubuntu.com/security/notices/USN-4438-1
https://usn.ubuntu.com/4438-1/
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.sqlite.org/src/info/10fa79d00f8091e5
https://www.sqlite.org/src/timeline?p=version-3.32.3&bt=version-3.32.2
https://www.sqlite.org/src/tktview?name=8f157e8010
sqlite-libs CVE-2021-20227 MEDIUM 3.32.1-r0 3.32.1-r1
Expand...https://access.redhat.com/security/cve/CVE-2021-20227
https://bugzilla.redhat.com/show_bug.cgi?id=1924886
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20227
https://nvd.nist.gov/vuln/detail/CVE-2021-20227
https://security.gentoo.org/glsa/202103-04
https://security.netapp.com/advisory/ntap-20210423-0010/
https://ubuntu.com/security/notices/USN-4732-1
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.sqlite.org/releaselog/3_34_1.html
ssl_client CVE-2021-42378 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42378
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42379 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42379
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42380 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42380
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42381 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42381
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42382 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42382
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42383 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42383
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
ssl_client CVE-2021-42384 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42384
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42385 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42385
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42386 HIGH 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42386
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42374 MEDIUM 1.31.1-r20 1.31.1-r21
Expand...https://access.redhat.com/security/cve/CVE-2021-42374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42374
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
xvfb CVE-2021-3472 HIGH 1.20.10-r0 1.20.10-r1
Expand...http://www.openwall.com/lists/oss-security/2021/04/13/1
https://access.redhat.com/security/cve/CVE-2021-3472
https://bugzilla.redhat.com/show_bug.cgi?id=1944167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472
https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd
https://linux.oracle.com/cve/CVE-2021-3472.html
https://linux.oracle.com/errata/ELSA-2021-2033.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N63KL3T22HNFT4FJ7VMVF6U5Q4RFJIQF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEXPCLMVU25AUZTUXC4MYBGPKOAIM5TW/
https://lists.x.org/archives/xorg-announce/2021-April/003080.html
https://seclists.org/oss-sec/2021/q2/20
https://security.gentoo.org/glsa/202104-02
https://ubuntu.com/security/notices/USN-4905-1
https://ubuntu.com/security/notices/USN-4905-2
https://www.debian.org/security/2021/dsa-4893
https://www.tenable.com/plugins/nessus/148701
https://www.zerodayinitiative.com/advisories/ZDI-21-463/
zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3