chore: Auto-update chart README [skip ci]
This commit is contained in:
@@ -1,6 +1,15 @@
|
||||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="inventree-0.0.5"></a>
|
||||
### [inventree-0.0.5](https://github.com/truecharts/apps/compare/inventree-0.0.4...inventree-0.0.5) (2022-05-06)
|
||||
|
||||
#### Fix
|
||||
|
||||
* re-add nginx ([#2618](https://github.com/truecharts/apps/issues/2618))
|
||||
|
||||
|
||||
|
||||
<a name="inventree-0.0.4"></a>
|
||||
### [inventree-0.0.4](https://github.com/truecharts/apps/compare/inventree-0.0.3...inventree-0.0.4) (2022-05-05)
|
||||
|
||||
|
||||
@@ -44,46 +44,56 @@ hide:
|
||||
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'init-migrate' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'nginx' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'postgresql-init' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container 'worker' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.allowPrivilegeEscalation' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'RELEASE-NAME-inventree' of Deployment 'RELEASE-NAME-inventree' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'init-migrate' of Deployment 'RELEASE-NAME-inventree' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'nginx' of Deployment 'RELEASE-NAME-inventree' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container 'worker' of Deployment 'RELEASE-NAME-inventree' should add 'ALL' to 'securityContext.capabilities.drop' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
|
||||
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should set 'resources.limits.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details> |
|
||||
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'init-migrate' of Deployment 'RELEASE-NAME-inventree' should set 'resources.limits.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details> |
|
||||
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'nginx' of Deployment 'RELEASE-NAME-inventree' should set 'resources.limits.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details> |
|
||||
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'worker' of Deployment 'RELEASE-NAME-inventree' should set 'resources.limits.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details> |
|
||||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'init-migrate' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'nginx' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'postgresql-init' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||||
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container 'worker' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsNonRoot' to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
|
||||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'RELEASE-NAME-inventree' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'init-migrate' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'nginx' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'postgresql-init' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||||
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container 'worker' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.readOnlyRootFilesystem' to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
|
||||
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should set 'resources.requests.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details> |
|
||||
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'init-migrate' of Deployment 'RELEASE-NAME-inventree' should set 'resources.requests.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details> |
|
||||
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'nginx' of Deployment 'RELEASE-NAME-inventree' should set 'resources.requests.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details> |
|
||||
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'worker' of Deployment 'RELEASE-NAME-inventree' should set 'resources.requests.cpu' </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details> |
|
||||
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should set 'resources.requests.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details> |
|
||||
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'init-migrate' of Deployment 'RELEASE-NAME-inventree' should set 'resources.requests.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details> |
|
||||
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'nginx' of Deployment 'RELEASE-NAME-inventree' should set 'resources.requests.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details> |
|
||||
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container 'worker' of Deployment 'RELEASE-NAME-inventree' should set 'resources.requests.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details> |
|
||||
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.privileged' to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv017">https://avd.aquasec.com/appshield/ksv017</a><br></details> |
|
||||
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should set 'resources.limits.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details> |
|
||||
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'init-migrate' of Deployment 'RELEASE-NAME-inventree' should set 'resources.limits.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details> |
|
||||
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'nginx' of Deployment 'RELEASE-NAME-inventree' should set 'resources.limits.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details> |
|
||||
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container 'worker' of Deployment 'RELEASE-NAME-inventree' should set 'resources.limits.memory' </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details> |
|
||||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'RELEASE-NAME-inventree' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'init-migrate' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'nginx' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'postgresql-init' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||||
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'worker' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsUser' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'RELEASE-NAME-inventree' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'autopermissions' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'hostpatch' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'init-migrate' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'nginx' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'postgresql-init' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table. <br> <hr> <br> Container 'worker' of Deployment 'RELEASE-NAME-inventree' should set 'securityContext.runAsGroup' > 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
|
||||
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | <details><summary>Expand...</summary> HostPath volumes must be forbidden. <br> <hr> <br> Deployment 'RELEASE-NAME-inventree' should not set 'spec.template.volumes.hostPath' </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv023">https://avd.aquasec.com/appshield/ksv023</a><br></details> |
|
||||
@@ -98,6 +108,7 @@ hide:
|
||||
tccr.io/truecharts/postgresql:v14.2.0@sha256:264e0580622308de162c0152d7d683c4c78c0d52182d6625e37e4029570fd70d
|
||||
'inventree/inventree:0.6.3@sha256:51f1e38f894a34dea12c0b9dfac7d59dc1c78319125ae24c8cb90a92fa75ae16'
|
||||
inventree/inventree:0.6.3@sha256:51f1e38f894a34dea12c0b9dfac7d59dc1c78319125ae24c8cb90a92fa75ae16
|
||||
- 'tccr.io/truecharts/nginx:v1.21.6@sha256:79875e354f6669f0fe8a31026a092734fd914ab041de0f3d8462e0117be37fd3'
|
||||
'inventree/inventree:0.6.3@sha256:51f1e38f894a34dea12c0b9dfac7d59dc1c78319125ae24c8cb90a92fa75ae16'
|
||||
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
|
||||
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
|
||||
@@ -273,16 +284,16 @@ hide:
|
||||
| libkrb5-3 | CVE-2018-5709 | LOW | 1.17-3+deb10u3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
|
||||
| libkrb5support0 | CVE-2004-0971 | LOW | 1.17-3+deb10u3 | | <details><summary>Expand...</summary><a href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304">http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304</a><br><a href="http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml">http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml</a><br><a href="http://www.redhat.com/support/errata/RHSA-2005-012.html">http://www.redhat.com/support/errata/RHSA-2005-012.html</a><br><a href="http://www.securityfocus.com/bid/11289">http://www.securityfocus.com/bid/11289</a><br><a href="http://www.trustix.org/errata/2004/0050">http://www.trustix.org/errata/2004/0050</a><br><a href="https://access.redhat.com/security/cve/CVE-2004-0971">https://access.redhat.com/security/cve/CVE-2004-0971</a><br><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/17583">https://exchange.xforce.ibmcloud.com/vulnerabilities/17583</a><br><a href="https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E">https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E</a><br><a href="https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497">https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497</a><br></details> |
|
||||
| libkrb5support0 | CVE-2018-5709 | LOW | 1.17-3+deb10u3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2022-29155 | MEDIUM | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29155">https://access.redhat.com/security/cve/CVE-2022-29155</a><br><a href="https://bugs.openldap.org/show_bug.cgi?id=9815">https://bugs.openldap.org/show_bug.cgi?id=9815</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2015-3276 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://rhn.redhat.com/errata/RHSA-2015-2131.html">http://rhn.redhat.com/errata/RHSA-2015-2131.html</a><br><a href="http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html">http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html</a><br><a href="http://www.securitytracker.com/id/1034221">http://www.securitytracker.com/id/1034221</a><br><a href="https://access.redhat.com/security/cve/CVE-2015-3276">https://access.redhat.com/security/cve/CVE-2015-3276</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1238322">https://bugzilla.redhat.com/show_bug.cgi?id=1238322</a><br><a href="https://linux.oracle.com/cve/CVE-2015-3276.html">https://linux.oracle.com/cve/CVE-2015-3276.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2015-2131.html">https://linux.oracle.com/errata/ELSA-2015-2131.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-3276">https://nvd.nist.gov/vuln/detail/CVE-2015-3276</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2017-14159 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://www.openldap.org/its/index.cgi?findid=8703">http://www.openldap.org/its/index.cgi?findid=8703</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-14159">https://access.redhat.com/security/cve/CVE-2017-14159</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2017-17740 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html">http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html">http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html</a><br><a href="http://www.openldap.org/its/index.cgi/Incoming?id=8759">http://www.openldap.org/its/index.cgi/Incoming?id=8759</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-17740">https://access.redhat.com/security/cve/CVE-2017-17740</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&id=SB10365">https://kc.mcafee.com/corporate/index?page=content&id=SB10365</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2020-15719 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html">http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html">http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html</a><br><a href="https://access.redhat.com/errata/RHBA-2019:3674">https://access.redhat.com/errata/RHBA-2019:3674</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-15719">https://access.redhat.com/security/cve/CVE-2020-15719</a><br><a href="https://bugs.openldap.org/show_bug.cgi?id=9266">https://bugs.openldap.org/show_bug.cgi?id=9266</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1740070">https://bugzilla.redhat.com/show_bug.cgi?id=1740070</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&id=SB10365">https://kc.mcafee.com/corporate/index?page=content&id=SB10365</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2022-29155 | UNKNOWN | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="https://bugs.openldap.org/show_bug.cgi?id=9815">https://bugs.openldap.org/show_bug.cgi?id=9815</a><br></details> |
|
||||
| libldap-common | CVE-2022-29155 | MEDIUM | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29155">https://access.redhat.com/security/cve/CVE-2022-29155</a><br><a href="https://bugs.openldap.org/show_bug.cgi?id=9815">https://bugs.openldap.org/show_bug.cgi?id=9815</a><br></details> |
|
||||
| libldap-common | CVE-2015-3276 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://rhn.redhat.com/errata/RHSA-2015-2131.html">http://rhn.redhat.com/errata/RHSA-2015-2131.html</a><br><a href="http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html">http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html</a><br><a href="http://www.securitytracker.com/id/1034221">http://www.securitytracker.com/id/1034221</a><br><a href="https://access.redhat.com/security/cve/CVE-2015-3276">https://access.redhat.com/security/cve/CVE-2015-3276</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1238322">https://bugzilla.redhat.com/show_bug.cgi?id=1238322</a><br><a href="https://linux.oracle.com/cve/CVE-2015-3276.html">https://linux.oracle.com/cve/CVE-2015-3276.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2015-2131.html">https://linux.oracle.com/errata/ELSA-2015-2131.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-3276">https://nvd.nist.gov/vuln/detail/CVE-2015-3276</a><br></details> |
|
||||
| libldap-common | CVE-2017-14159 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://www.openldap.org/its/index.cgi?findid=8703">http://www.openldap.org/its/index.cgi?findid=8703</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-14159">https://access.redhat.com/security/cve/CVE-2017-14159</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-common | CVE-2017-17740 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html">http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html">http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html</a><br><a href="http://www.openldap.org/its/index.cgi/Incoming?id=8759">http://www.openldap.org/its/index.cgi/Incoming?id=8759</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-17740">https://access.redhat.com/security/cve/CVE-2017-17740</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&id=SB10365">https://kc.mcafee.com/corporate/index?page=content&id=SB10365</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-common | CVE-2020-15719 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html">http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html">http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html</a><br><a href="https://access.redhat.com/errata/RHBA-2019:3674">https://access.redhat.com/errata/RHBA-2019:3674</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-15719">https://access.redhat.com/security/cve/CVE-2020-15719</a><br><a href="https://bugs.openldap.org/show_bug.cgi?id=9266">https://bugs.openldap.org/show_bug.cgi?id=9266</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1740070">https://bugzilla.redhat.com/show_bug.cgi?id=1740070</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&id=SB10365">https://kc.mcafee.com/corporate/index?page=content&id=SB10365</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-common | CVE-2022-29155 | UNKNOWN | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="https://bugs.openldap.org/show_bug.cgi?id=9815">https://bugs.openldap.org/show_bug.cgi?id=9815</a><br></details> |
|
||||
| liblz4-1 | CVE-2019-17543 | LOW | 1.8.3-1+deb10u1 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17543">https://access.redhat.com/security/cve/CVE-2019-17543</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941</a><br><a href="https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2">https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2</a><br><a href="https://github.com/lz4/lz4/issues/801">https://github.com/lz4/lz4/issues/801</a><br><a href="https://github.com/lz4/lz4/pull/756">https://github.com/lz4/lz4/pull/756</a><br><a href="https://github.com/lz4/lz4/pull/760">https://github.com/lz4/lz4/pull/760</a><br><a href="https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E">https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
|
||||
| libmount1 | CVE-2021-37600 | LOW | 2.33.1-0.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-37600">https://access.redhat.com/security/cve/CVE-2021-37600</a><br><a href="https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c">https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c</a><br><a href="https://github.com/karelzak/util-linux/issues/1395">https://github.com/karelzak/util-linux/issues/1395</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-37600">https://nvd.nist.gov/vuln/detail/CVE-2021-37600</a><br><a href="https://security.netapp.com/advisory/ntap-20210902-0002/">https://security.netapp.com/advisory/ntap-20210902-0002/</a><br></details> |
|
||||
| libmount1 | CVE-2022-0563 | LOW | 2.33.1-0.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0563">https://access.redhat.com/security/cve/CVE-2022-0563</a><br><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0563">https://nvd.nist.gov/vuln/detail/CVE-2022-0563</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0002/">https://security.netapp.com/advisory/ntap-20220331-0002/</a><br></details> |
|
||||
@@ -311,7 +322,7 @@ hide:
|
||||
| libsqlite3-0 | CVE-2021-45346 | MEDIUM | 3.27.2-3+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-45346">https://access.redhat.com/security/cve/CVE-2021-45346</a><br><a href="https://github.com/guyinatuxedo/sqlite3_record_leaking">https://github.com/guyinatuxedo/sqlite3_record_leaking</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0001/">https://security.netapp.com/advisory/ntap-20220303-0001/</a><br><a href="https://sqlite.org/forum/forumpost/53de8864ba114bf6">https://sqlite.org/forum/forumpost/53de8864ba114bf6</a><br></details> |
|
||||
| libsqlite3-0 | CVE-2019-19244 | LOW | 3.27.2-3+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-19244">https://access.redhat.com/security/cve/CVE-2019-19244</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244</a><br><a href="https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348">https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348</a><br><a href="https://ubuntu.com/security/notices/USN-4205-1">https://ubuntu.com/security/notices/USN-4205-1</a><br><a href="https://usn.ubuntu.com/4205-1/">https://usn.ubuntu.com/4205-1/</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br></details> |
|
||||
| libsqlite3-0 | CVE-2020-11656 | LOW | 3.27.2-3+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-11656">https://access.redhat.com/security/cve/CVE-2020-11656</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf</a><br><a href="https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc">https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc</a><br><a href="https://security.gentoo.org/glsa/202007-26">https://security.gentoo.org/glsa/202007-26</a><br><a href="https://security.netapp.com/advisory/ntap-20200416-0001/">https://security.netapp.com/advisory/ntap-20200416-0001/</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.sqlite.org/src/info/d09f8c3621d5f7f8">https://www.sqlite.org/src/info/d09f8c3621d5f7f8</a><br><a href="https://www.tenable.com/security/tns-2021-14">https://www.tenable.com/security/tns-2021-14</a><br><a href="https://www3.sqlite.org/cgi/src/info/b64674919f673602">https://www3.sqlite.org/cgi/src/info/b64674919f673602</a><br></details> |
|
||||
| libsqlite3-0 | CVE-2021-36690 | LOW | 3.27.2-3+deb10u1 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36690">https://nvd.nist.gov/vuln/detail/CVE-2021-36690</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.sqlite.org/forum/forumpost/718c0a8d17">https://www.sqlite.org/forum/forumpost/718c0a8d17</a><br></details> |
|
||||
| libsqlite3-0 | CVE-2021-36690 | LOW | 3.27.2-3+deb10u1 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36690">https://nvd.nist.gov/vuln/detail/CVE-2021-36690</a><br><a href="https://ubuntu.com/security/notices/USN-5403-1">https://ubuntu.com/security/notices/USN-5403-1</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.sqlite.org/forum/forumpost/718c0a8d17">https://www.sqlite.org/forum/forumpost/718c0a8d17</a><br></details> |
|
||||
| libssh2-1 | CVE-2019-13115 | HIGH | 1.8.0-2.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-13115">https://access.redhat.com/security/cve/CVE-2019-13115</a><br><a href="https://blog.semmle.com/libssh2-integer-overflow/">https://blog.semmle.com/libssh2-integer-overflow/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115</a><br><a href="https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa">https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa</a><br><a href="https://github.com/libssh2/libssh2/pull/350">https://github.com/libssh2/libssh2/pull/350</a><br><a href="https://libssh2.org/changes.html">https://libssh2.org/changes.html</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/</a><br><a href="https://security.netapp.com/advisory/ntap-20190806-0002/">https://security.netapp.com/advisory/ntap-20190806-0002/</a><br><a href="https://support.f5.com/csp/article/K13322484">https://support.f5.com/csp/article/K13322484</a><br><a href="https://support.f5.com/csp/article/K13322484?utm_source=f5support&amp;utm_medium=RSS">https://support.f5.com/csp/article/K13322484?utm_source=f5support&amp;utm_medium=RSS</a><br></details> |
|
||||
| libssh2-1 | CVE-2019-17498 | LOW | 1.8.0-2.1 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html">http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17498">https://access.redhat.com/security/cve/CVE-2019-17498</a><br><a href="https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/">https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498</a><br><a href="https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498">https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498</a><br><a href="https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480">https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480</a><br><a href="https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c">https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c</a><br><a href="https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94">https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94</a><br><a href="https://linux.oracle.com/cve/CVE-2019-17498.html">https://linux.oracle.com/cve/CVE-2019-17498.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-3915.html">https://linux.oracle.com/errata/ELSA-2020-3915.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html">https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-17498">https://nvd.nist.gov/vuln/detail/CVE-2019-17498</a><br></details> |
|
||||
| libssl1.1 | CVE-2022-1292 | MEDIUM | 1.1.1n-0+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://ubuntu.com/security/notices/USN-5402-1">https://ubuntu.com/security/notices/USN-5402-1</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details> |
|
||||
@@ -339,8 +350,8 @@ hide:
|
||||
| libuuid1 | CVE-2021-37600 | LOW | 2.33.1-0.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-37600">https://access.redhat.com/security/cve/CVE-2021-37600</a><br><a href="https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c">https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c</a><br><a href="https://github.com/karelzak/util-linux/issues/1395">https://github.com/karelzak/util-linux/issues/1395</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-37600">https://nvd.nist.gov/vuln/detail/CVE-2021-37600</a><br><a href="https://security.netapp.com/advisory/ntap-20210902-0002/">https://security.netapp.com/advisory/ntap-20210902-0002/</a><br></details> |
|
||||
| libuuid1 | CVE-2022-0563 | LOW | 2.33.1-0.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0563">https://access.redhat.com/security/cve/CVE-2022-0563</a><br><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0563">https://nvd.nist.gov/vuln/detail/CVE-2022-0563</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0002/">https://security.netapp.com/advisory/ntap-20220331-0002/</a><br></details> |
|
||||
| libxml2 | CVE-2017-16932 | HIGH | 2.9.4+dfsg1-7+deb10u3 | | <details><summary>Expand...</summary><a href="http://xmlsoft.org/news.html">http://xmlsoft.org/news.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-16932">https://access.redhat.com/security/cve/CVE-2017-16932</a><br><a href="https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html">https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html</a><br><a href="https://bugzilla.gnome.org/show_bug.cgi?id=759579">https://bugzilla.gnome.org/show_bug.cgi?id=759579</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932</a><br><a href="https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961">https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961</a><br><a href="https://github.com/sparklemotion/nokogiri/issues/1714">https://github.com/sparklemotion/nokogiri/issues/1714</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html">https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html">https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html</a><br><a href="https://ubuntu.com/security/notices/USN-3504-1">https://ubuntu.com/security/notices/USN-3504-1</a><br><a href="https://ubuntu.com/security/notices/USN-3504-2">https://ubuntu.com/security/notices/USN-3504-2</a><br><a href="https://ubuntu.com/security/notices/USN-3739-1">https://ubuntu.com/security/notices/USN-3739-1</a><br><a href="https://usn.ubuntu.com/3739-1/">https://usn.ubuntu.com/3739-1/</a><br><a href="https://usn.ubuntu.com/usn/usn-3504-1/">https://usn.ubuntu.com/usn/usn-3504-1/</a><br></details> |
|
||||
| libxml2 | CVE-2022-29824 | HIGH | 2.9.4+dfsg1-7+deb10u3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29824">https://access.redhat.com/security/cve/CVE-2022-29824</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab">https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd">https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14">https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14</a><br><a href="https://gitlab.gnome.org/GNOME/libxslt/-/tags">https://gitlab.gnome.org/GNOME/libxslt/-/tags</a><br></details> |
|
||||
| libxml2 | CVE-2016-9318 | MEDIUM | 2.9.4+dfsg1-7+deb10u3 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/94347">http://www.securityfocus.com/bid/94347</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-9318">https://access.redhat.com/security/cve/CVE-2016-9318</a><br><a href="https://bugzilla.gnome.org/show_bug.cgi?id=772726">https://bugzilla.gnome.org/show_bug.cgi?id=772726</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318</a><br><a href="https://github.com/lsh123/xmlsec/issues/43">https://github.com/lsh123/xmlsec/issues/43</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html</a><br><a href="https://security.gentoo.org/glsa/201711-01">https://security.gentoo.org/glsa/201711-01</a><br><a href="https://ubuntu.com/security/notices/USN-3739-1">https://ubuntu.com/security/notices/USN-3739-1</a><br><a href="https://ubuntu.com/security/notices/USN-3739-2">https://ubuntu.com/security/notices/USN-3739-2</a><br><a href="https://usn.ubuntu.com/3739-1/">https://usn.ubuntu.com/3739-1/</a><br><a href="https://usn.ubuntu.com/3739-2/">https://usn.ubuntu.com/3739-2/</a><br></details> |
|
||||
| libxml2 | CVE-2022-29824 | UNKNOWN | 2.9.4+dfsg1-7+deb10u3 | | <details><summary>Expand...</summary><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab">https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd">https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14">https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14</a><br><a href="https://gitlab.gnome.org/GNOME/libxslt/-/tags">https://gitlab.gnome.org/GNOME/libxslt/-/tags</a><br></details> |
|
||||
| libxslt1.1 | CVE-2015-9019 | LOW | 1.1.32-2.2~deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-9019">https://access.redhat.com/security/cve/CVE-2015-9019</a><br><a href="https://bugzilla.gnome.org/show_bug.cgi?id=758400">https://bugzilla.gnome.org/show_bug.cgi?id=758400</a><br><a href="https://bugzilla.suse.com/show_bug.cgi?id=934119">https://bugzilla.suse.com/show_bug.cgi?id=934119</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9019">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9019</a><br></details> |
|
||||
| locales | CVE-2021-33574 | CRITICAL | 2.28-10+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-33574">https://access.redhat.com/security/cve/CVE-2021-33574</a><br><a href="https://linux.oracle.com/cve/CVE-2021-33574.html">https://linux.oracle.com/cve/CVE-2021-33574.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-9560.html">https://linux.oracle.com/errata/ELSA-2021-9560.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-33574">https://nvd.nist.gov/vuln/detail/CVE-2021-33574</a><br><a href="https://security.gentoo.org/glsa/202107-07">https://security.gentoo.org/glsa/202107-07</a><br><a href="https://security.netapp.com/advisory/ntap-20210629-0005/">https://security.netapp.com/advisory/ntap-20210629-0005/</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=27896">https://sourceware.org/bugzilla/show_bug.cgi?id=27896</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1">https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1</a><br></details> |
|
||||
| locales | CVE-2021-35942 | CRITICAL | 2.28-10+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-35942">https://access.redhat.com/security/cve/CVE-2021-35942</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942</a><br><a href="https://linux.oracle.com/cve/CVE-2021-35942.html">https://linux.oracle.com/cve/CVE-2021-35942.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-9560.html">https://linux.oracle.com/errata/ELSA-2021-9560.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-35942">https://nvd.nist.gov/vuln/detail/CVE-2021-35942</a><br><a href="https://security.netapp.com/advisory/ntap-20210827-0005/">https://security.netapp.com/advisory/ntap-20210827-0005/</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=28011">https://sourceware.org/bugzilla/show_bug.cgi?id=28011</a><br><a href="https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c">https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c</a><br><a href="https://sourceware.org/glibc/wiki/Security%20Exceptions">https://sourceware.org/glibc/wiki/Security%20Exceptions</a><br><a href="https://ubuntu.com/security/notices/USN-5310-1">https://ubuntu.com/security/notices/USN-5310-1</a><br></details> |
|
||||
@@ -444,6 +455,10 @@ hide:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
|
||||
|
||||
|
||||
@@ -611,16 +626,16 @@ hide:
|
||||
| libkrb5-3 | CVE-2018-5709 | LOW | 1.17-3+deb10u3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
|
||||
| libkrb5support0 | CVE-2004-0971 | LOW | 1.17-3+deb10u3 | | <details><summary>Expand...</summary><a href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304">http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304</a><br><a href="http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml">http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml</a><br><a href="http://www.redhat.com/support/errata/RHSA-2005-012.html">http://www.redhat.com/support/errata/RHSA-2005-012.html</a><br><a href="http://www.securityfocus.com/bid/11289">http://www.securityfocus.com/bid/11289</a><br><a href="http://www.trustix.org/errata/2004/0050">http://www.trustix.org/errata/2004/0050</a><br><a href="https://access.redhat.com/security/cve/CVE-2004-0971">https://access.redhat.com/security/cve/CVE-2004-0971</a><br><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/17583">https://exchange.xforce.ibmcloud.com/vulnerabilities/17583</a><br><a href="https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E">https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E</a><br><a href="https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497">https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497</a><br></details> |
|
||||
| libkrb5support0 | CVE-2018-5709 | LOW | 1.17-3+deb10u3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-5709">https://access.redhat.com/security/cve/CVE-2018-5709</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709</a><br><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow</a><br><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2022-29155 | MEDIUM | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29155">https://access.redhat.com/security/cve/CVE-2022-29155</a><br><a href="https://bugs.openldap.org/show_bug.cgi?id=9815">https://bugs.openldap.org/show_bug.cgi?id=9815</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2015-3276 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://rhn.redhat.com/errata/RHSA-2015-2131.html">http://rhn.redhat.com/errata/RHSA-2015-2131.html</a><br><a href="http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html">http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html</a><br><a href="http://www.securitytracker.com/id/1034221">http://www.securitytracker.com/id/1034221</a><br><a href="https://access.redhat.com/security/cve/CVE-2015-3276">https://access.redhat.com/security/cve/CVE-2015-3276</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1238322">https://bugzilla.redhat.com/show_bug.cgi?id=1238322</a><br><a href="https://linux.oracle.com/cve/CVE-2015-3276.html">https://linux.oracle.com/cve/CVE-2015-3276.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2015-2131.html">https://linux.oracle.com/errata/ELSA-2015-2131.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-3276">https://nvd.nist.gov/vuln/detail/CVE-2015-3276</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2017-14159 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://www.openldap.org/its/index.cgi?findid=8703">http://www.openldap.org/its/index.cgi?findid=8703</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-14159">https://access.redhat.com/security/cve/CVE-2017-14159</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2017-17740 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html">http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html">http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html</a><br><a href="http://www.openldap.org/its/index.cgi/Incoming?id=8759">http://www.openldap.org/its/index.cgi/Incoming?id=8759</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-17740">https://access.redhat.com/security/cve/CVE-2017-17740</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&id=SB10365">https://kc.mcafee.com/corporate/index?page=content&id=SB10365</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2020-15719 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html">http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html">http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html</a><br><a href="https://access.redhat.com/errata/RHBA-2019:3674">https://access.redhat.com/errata/RHBA-2019:3674</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-15719">https://access.redhat.com/security/cve/CVE-2020-15719</a><br><a href="https://bugs.openldap.org/show_bug.cgi?id=9266">https://bugs.openldap.org/show_bug.cgi?id=9266</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1740070">https://bugzilla.redhat.com/show_bug.cgi?id=1740070</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&id=SB10365">https://kc.mcafee.com/corporate/index?page=content&id=SB10365</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-2.4-2 | CVE-2022-29155 | UNKNOWN | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="https://bugs.openldap.org/show_bug.cgi?id=9815">https://bugs.openldap.org/show_bug.cgi?id=9815</a><br></details> |
|
||||
| libldap-common | CVE-2022-29155 | MEDIUM | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29155">https://access.redhat.com/security/cve/CVE-2022-29155</a><br><a href="https://bugs.openldap.org/show_bug.cgi?id=9815">https://bugs.openldap.org/show_bug.cgi?id=9815</a><br></details> |
|
||||
| libldap-common | CVE-2015-3276 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://rhn.redhat.com/errata/RHSA-2015-2131.html">http://rhn.redhat.com/errata/RHSA-2015-2131.html</a><br><a href="http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html">http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html</a><br><a href="http://www.securitytracker.com/id/1034221">http://www.securitytracker.com/id/1034221</a><br><a href="https://access.redhat.com/security/cve/CVE-2015-3276">https://access.redhat.com/security/cve/CVE-2015-3276</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1238322">https://bugzilla.redhat.com/show_bug.cgi?id=1238322</a><br><a href="https://linux.oracle.com/cve/CVE-2015-3276.html">https://linux.oracle.com/cve/CVE-2015-3276.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2015-2131.html">https://linux.oracle.com/errata/ELSA-2015-2131.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2015-3276">https://nvd.nist.gov/vuln/detail/CVE-2015-3276</a><br></details> |
|
||||
| libldap-common | CVE-2017-14159 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://www.openldap.org/its/index.cgi?findid=8703">http://www.openldap.org/its/index.cgi?findid=8703</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-14159">https://access.redhat.com/security/cve/CVE-2017-14159</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-common | CVE-2017-17740 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html">http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html">http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html</a><br><a href="http://www.openldap.org/its/index.cgi/Incoming?id=8759">http://www.openldap.org/its/index.cgi/Incoming?id=8759</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-17740">https://access.redhat.com/security/cve/CVE-2017-17740</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&id=SB10365">https://kc.mcafee.com/corporate/index?page=content&id=SB10365</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-common | CVE-2020-15719 | LOW | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html">http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html">http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html</a><br><a href="https://access.redhat.com/errata/RHBA-2019:3674">https://access.redhat.com/errata/RHBA-2019:3674</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-15719">https://access.redhat.com/security/cve/CVE-2020-15719</a><br><a href="https://bugs.openldap.org/show_bug.cgi?id=9266">https://bugs.openldap.org/show_bug.cgi?id=9266</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1740070">https://bugzilla.redhat.com/show_bug.cgi?id=1740070</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&id=SB10365">https://kc.mcafee.com/corporate/index?page=content&id=SB10365</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a><br></details> |
|
||||
| libldap-common | CVE-2022-29155 | UNKNOWN | 2.4.47+dfsg-3+deb10u6 | | <details><summary>Expand...</summary><a href="https://bugs.openldap.org/show_bug.cgi?id=9815">https://bugs.openldap.org/show_bug.cgi?id=9815</a><br></details> |
|
||||
| liblz4-1 | CVE-2019-17543 | LOW | 1.8.3-1+deb10u1 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html">http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17543">https://access.redhat.com/security/cve/CVE-2019-17543</a><br><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941">https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941</a><br><a href="https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2">https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2</a><br><a href="https://github.com/lz4/lz4/issues/801">https://github.com/lz4/lz4/issues/801</a><br><a href="https://github.com/lz4/lz4/pull/756">https://github.com/lz4/lz4/pull/756</a><br><a href="https://github.com/lz4/lz4/pull/760">https://github.com/lz4/lz4/pull/760</a><br><a href="https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E">https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E">https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E">https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
|
||||
| libmount1 | CVE-2021-37600 | LOW | 2.33.1-0.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-37600">https://access.redhat.com/security/cve/CVE-2021-37600</a><br><a href="https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c">https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c</a><br><a href="https://github.com/karelzak/util-linux/issues/1395">https://github.com/karelzak/util-linux/issues/1395</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-37600">https://nvd.nist.gov/vuln/detail/CVE-2021-37600</a><br><a href="https://security.netapp.com/advisory/ntap-20210902-0002/">https://security.netapp.com/advisory/ntap-20210902-0002/</a><br></details> |
|
||||
| libmount1 | CVE-2022-0563 | LOW | 2.33.1-0.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0563">https://access.redhat.com/security/cve/CVE-2022-0563</a><br><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0563">https://nvd.nist.gov/vuln/detail/CVE-2022-0563</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0002/">https://security.netapp.com/advisory/ntap-20220331-0002/</a><br></details> |
|
||||
@@ -649,7 +664,7 @@ hide:
|
||||
| libsqlite3-0 | CVE-2021-45346 | MEDIUM | 3.27.2-3+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-45346">https://access.redhat.com/security/cve/CVE-2021-45346</a><br><a href="https://github.com/guyinatuxedo/sqlite3_record_leaking">https://github.com/guyinatuxedo/sqlite3_record_leaking</a><br><a href="https://security.netapp.com/advisory/ntap-20220303-0001/">https://security.netapp.com/advisory/ntap-20220303-0001/</a><br><a href="https://sqlite.org/forum/forumpost/53de8864ba114bf6">https://sqlite.org/forum/forumpost/53de8864ba114bf6</a><br></details> |
|
||||
| libsqlite3-0 | CVE-2019-19244 | LOW | 3.27.2-3+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-19244">https://access.redhat.com/security/cve/CVE-2019-19244</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244</a><br><a href="https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348">https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348</a><br><a href="https://ubuntu.com/security/notices/USN-4205-1">https://ubuntu.com/security/notices/USN-4205-1</a><br><a href="https://usn.ubuntu.com/4205-1/">https://usn.ubuntu.com/4205-1/</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br></details> |
|
||||
| libsqlite3-0 | CVE-2020-11656 | LOW | 3.27.2-3+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-11656">https://access.redhat.com/security/cve/CVE-2020-11656</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf</a><br><a href="https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc">https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc</a><br><a href="https://security.gentoo.org/glsa/202007-26">https://security.gentoo.org/glsa/202007-26</a><br><a href="https://security.netapp.com/advisory/ntap-20200416-0001/">https://security.netapp.com/advisory/ntap-20200416-0001/</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.sqlite.org/src/info/d09f8c3621d5f7f8">https://www.sqlite.org/src/info/d09f8c3621d5f7f8</a><br><a href="https://www.tenable.com/security/tns-2021-14">https://www.tenable.com/security/tns-2021-14</a><br><a href="https://www3.sqlite.org/cgi/src/info/b64674919f673602">https://www3.sqlite.org/cgi/src/info/b64674919f673602</a><br></details> |
|
||||
| libsqlite3-0 | CVE-2021-36690 | LOW | 3.27.2-3+deb10u1 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36690">https://nvd.nist.gov/vuln/detail/CVE-2021-36690</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.sqlite.org/forum/forumpost/718c0a8d17">https://www.sqlite.org/forum/forumpost/718c0a8d17</a><br></details> |
|
||||
| libsqlite3-0 | CVE-2021-36690 | LOW | 3.27.2-3+deb10u1 | | <details><summary>Expand...</summary><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36690">https://nvd.nist.gov/vuln/detail/CVE-2021-36690</a><br><a href="https://ubuntu.com/security/notices/USN-5403-1">https://ubuntu.com/security/notices/USN-5403-1</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.sqlite.org/forum/forumpost/718c0a8d17">https://www.sqlite.org/forum/forumpost/718c0a8d17</a><br></details> |
|
||||
| libssh2-1 | CVE-2019-13115 | HIGH | 1.8.0-2.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-13115">https://access.redhat.com/security/cve/CVE-2019-13115</a><br><a href="https://blog.semmle.com/libssh2-integer-overflow/">https://blog.semmle.com/libssh2-integer-overflow/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115</a><br><a href="https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa">https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa</a><br><a href="https://github.com/libssh2/libssh2/pull/350">https://github.com/libssh2/libssh2/pull/350</a><br><a href="https://libssh2.org/changes.html">https://libssh2.org/changes.html</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/</a><br><a href="https://security.netapp.com/advisory/ntap-20190806-0002/">https://security.netapp.com/advisory/ntap-20190806-0002/</a><br><a href="https://support.f5.com/csp/article/K13322484">https://support.f5.com/csp/article/K13322484</a><br><a href="https://support.f5.com/csp/article/K13322484?utm_source=f5support&amp;utm_medium=RSS">https://support.f5.com/csp/article/K13322484?utm_source=f5support&amp;utm_medium=RSS</a><br></details> |
|
||||
| libssh2-1 | CVE-2019-17498 | LOW | 1.8.0-2.1 | | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html">http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17498">https://access.redhat.com/security/cve/CVE-2019-17498</a><br><a href="https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/">https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498</a><br><a href="https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498">https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498</a><br><a href="https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480">https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480</a><br><a href="https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c">https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c</a><br><a href="https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94">https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94</a><br><a href="https://linux.oracle.com/cve/CVE-2019-17498.html">https://linux.oracle.com/cve/CVE-2019-17498.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-3915.html">https://linux.oracle.com/errata/ELSA-2020-3915.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html">https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-17498">https://nvd.nist.gov/vuln/detail/CVE-2019-17498</a><br></details> |
|
||||
| libssl1.1 | CVE-2022-1292 | MEDIUM | 1.1.1n-0+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a><br><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a><br><a href="https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html">https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html</a><br><a href="https://ubuntu.com/security/notices/USN-5402-1">https://ubuntu.com/security/notices/USN-5402-1</a><br><a href="https://www.openssl.org/news/secadv/20220503.txt">https://www.openssl.org/news/secadv/20220503.txt</a><br></details> |
|
||||
@@ -677,8 +692,8 @@ hide:
|
||||
| libuuid1 | CVE-2021-37600 | LOW | 2.33.1-0.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-37600">https://access.redhat.com/security/cve/CVE-2021-37600</a><br><a href="https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c">https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c</a><br><a href="https://github.com/karelzak/util-linux/issues/1395">https://github.com/karelzak/util-linux/issues/1395</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-37600">https://nvd.nist.gov/vuln/detail/CVE-2021-37600</a><br><a href="https://security.netapp.com/advisory/ntap-20210902-0002/">https://security.netapp.com/advisory/ntap-20210902-0002/</a><br></details> |
|
||||
| libuuid1 | CVE-2022-0563 | LOW | 2.33.1-0.1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-0563">https://access.redhat.com/security/cve/CVE-2022-0563</a><br><a href="https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u">https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0563">https://nvd.nist.gov/vuln/detail/CVE-2022-0563</a><br><a href="https://security.netapp.com/advisory/ntap-20220331-0002/">https://security.netapp.com/advisory/ntap-20220331-0002/</a><br></details> |
|
||||
| libxml2 | CVE-2017-16932 | HIGH | 2.9.4+dfsg1-7+deb10u3 | | <details><summary>Expand...</summary><a href="http://xmlsoft.org/news.html">http://xmlsoft.org/news.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-16932">https://access.redhat.com/security/cve/CVE-2017-16932</a><br><a href="https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html">https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html</a><br><a href="https://bugzilla.gnome.org/show_bug.cgi?id=759579">https://bugzilla.gnome.org/show_bug.cgi?id=759579</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932</a><br><a href="https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961">https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961</a><br><a href="https://github.com/sparklemotion/nokogiri/issues/1714">https://github.com/sparklemotion/nokogiri/issues/1714</a><br><a href="https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html">https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html</a><br><a href="https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html">https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html</a><br><a href="https://ubuntu.com/security/notices/USN-3504-1">https://ubuntu.com/security/notices/USN-3504-1</a><br><a href="https://ubuntu.com/security/notices/USN-3504-2">https://ubuntu.com/security/notices/USN-3504-2</a><br><a href="https://ubuntu.com/security/notices/USN-3739-1">https://ubuntu.com/security/notices/USN-3739-1</a><br><a href="https://usn.ubuntu.com/3739-1/">https://usn.ubuntu.com/3739-1/</a><br><a href="https://usn.ubuntu.com/usn/usn-3504-1/">https://usn.ubuntu.com/usn/usn-3504-1/</a><br></details> |
|
||||
| libxml2 | CVE-2022-29824 | HIGH | 2.9.4+dfsg1-7+deb10u3 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-29824">https://access.redhat.com/security/cve/CVE-2022-29824</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab">https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd">https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14">https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14</a><br><a href="https://gitlab.gnome.org/GNOME/libxslt/-/tags">https://gitlab.gnome.org/GNOME/libxslt/-/tags</a><br></details> |
|
||||
| libxml2 | CVE-2016-9318 | MEDIUM | 2.9.4+dfsg1-7+deb10u3 | | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/94347">http://www.securityfocus.com/bid/94347</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-9318">https://access.redhat.com/security/cve/CVE-2016-9318</a><br><a href="https://bugzilla.gnome.org/show_bug.cgi?id=772726">https://bugzilla.gnome.org/show_bug.cgi?id=772726</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318</a><br><a href="https://github.com/lsh123/xmlsec/issues/43">https://github.com/lsh123/xmlsec/issues/43</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html</a><br><a href="https://security.gentoo.org/glsa/201711-01">https://security.gentoo.org/glsa/201711-01</a><br><a href="https://ubuntu.com/security/notices/USN-3739-1">https://ubuntu.com/security/notices/USN-3739-1</a><br><a href="https://ubuntu.com/security/notices/USN-3739-2">https://ubuntu.com/security/notices/USN-3739-2</a><br><a href="https://usn.ubuntu.com/3739-1/">https://usn.ubuntu.com/3739-1/</a><br><a href="https://usn.ubuntu.com/3739-2/">https://usn.ubuntu.com/3739-2/</a><br></details> |
|
||||
| libxml2 | CVE-2022-29824 | UNKNOWN | 2.9.4+dfsg1-7+deb10u3 | | <details><summary>Expand...</summary><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab">https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd">https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd</a><br><a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14">https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14</a><br><a href="https://gitlab.gnome.org/GNOME/libxslt/-/tags">https://gitlab.gnome.org/GNOME/libxslt/-/tags</a><br></details> |
|
||||
| libxslt1.1 | CVE-2015-9019 | LOW | 1.1.32-2.2~deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2015-9019">https://access.redhat.com/security/cve/CVE-2015-9019</a><br><a href="https://bugzilla.gnome.org/show_bug.cgi?id=758400">https://bugzilla.gnome.org/show_bug.cgi?id=758400</a><br><a href="https://bugzilla.suse.com/show_bug.cgi?id=934119">https://bugzilla.suse.com/show_bug.cgi?id=934119</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9019">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9019</a><br></details> |
|
||||
| locales | CVE-2021-33574 | CRITICAL | 2.28-10+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-33574">https://access.redhat.com/security/cve/CVE-2021-33574</a><br><a href="https://linux.oracle.com/cve/CVE-2021-33574.html">https://linux.oracle.com/cve/CVE-2021-33574.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-9560.html">https://linux.oracle.com/errata/ELSA-2021-9560.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-33574">https://nvd.nist.gov/vuln/detail/CVE-2021-33574</a><br><a href="https://security.gentoo.org/glsa/202107-07">https://security.gentoo.org/glsa/202107-07</a><br><a href="https://security.netapp.com/advisory/ntap-20210629-0005/">https://security.netapp.com/advisory/ntap-20210629-0005/</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=27896">https://sourceware.org/bugzilla/show_bug.cgi?id=27896</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1">https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1</a><br></details> |
|
||||
| locales | CVE-2021-35942 | CRITICAL | 2.28-10+deb10u1 | | <details><summary>Expand...</summary><a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-35942">https://access.redhat.com/security/cve/CVE-2021-35942</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942</a><br><a href="https://linux.oracle.com/cve/CVE-2021-35942.html">https://linux.oracle.com/cve/CVE-2021-35942.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2021-9560.html">https://linux.oracle.com/errata/ELSA-2021-9560.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-35942">https://nvd.nist.gov/vuln/detail/CVE-2021-35942</a><br><a href="https://security.netapp.com/advisory/ntap-20210827-0005/">https://security.netapp.com/advisory/ntap-20210827-0005/</a><br><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=28011">https://sourceware.org/bugzilla/show_bug.cgi?id=28011</a><br><a href="https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c">https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c</a><br><a href="https://sourceware.org/glibc/wiki/Security%20Exceptions">https://sourceware.org/glibc/wiki/Security%20Exceptions</a><br><a href="https://ubuntu.com/security/notices/USN-5310-1">https://ubuntu.com/security/notices/USN-5310-1</a><br></details> |
|
||||
|
||||
Reference in New Issue
Block a user