--- hide: - toc --- # Security Overview ## Helm-Chart ##### Scan Results #### Chart Object: appsmith/templates/common.yaml | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM |
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.allowPrivilegeEscalation' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-appsmith' of Deployment 'RELEASE-NAME-appsmith' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV011 | CPU not limited | LOW |
Expand... Enforcing CPU limits prevents DoS via resource exhaustion.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should set 'resources.limits.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'RELEASE-NAME-appsmith' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV013 | Image tag ':latest' used | LOW |
Expand... It is best to avoid using the ':latest' image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version.


Container 'RELEASE-NAME-appsmith' of Deployment 'RELEASE-NAME-appsmith' should specify an image tag
|
Expand...https://kubernetes.io/docs/concepts/configuration/overview/#container-images
https://avd.aquasec.com/appshield/ksv013
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'RELEASE-NAME-appsmith' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'autopermissions' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV015 | CPU requests not specified | LOW |
Expand... When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should set 'resources.requests.cpu'
|
Expand...https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
| | Kubernetes Security Check | KSV016 | Memory requests not specified | LOW |
Expand... When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should set 'resources.requests.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
| | Kubernetes Security Check | KSV017 | Privileged container | HIGH |
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.privileged' to false
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017
| | Kubernetes Security Check | KSV018 | Memory not limited | LOW |
Expand... Enforcing memory limits prevents DoS via resource exhaustion.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should set 'resources.limits.memory'
|
Expand...https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'RELEASE-NAME-appsmith' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.


Container 'RELEASE-NAME-appsmith' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM |
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.


Container 'hostpatch' of Deployment 'RELEASE-NAME-appsmith' should set 'securityContext.runAsGroup' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
| | Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM |
Expand... HostPath volumes must be forbidden.


Deployment 'RELEASE-NAME-appsmith' should not set 'spec.template.volumes.hostPath'
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv023
| | Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW |
Expand... Containers should be forbidden from running with a root primary or supplementary GID.


Deployment 'RELEASE-NAME-appsmith' should set 'spec.securityContext.runAsGroup', 'spec.securityContext.supplementalGroups[*]' and 'spec.securityContext.fsGroup' to integer greater than 0
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv029
| ## Containers ##### Detected Containers tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 tccr.io/truecharts/appsmith:latest ##### Scan Results #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | UNKNOWN | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
| | ssl_client | CVE-2022-28391 | UNKNOWN | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| #### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2) **alpine** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2022-28391 | UNKNOWN | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
| | ssl_client | CVE-2022-28391 | UNKNOWN | 1.34.1-r4 | 1.34.1-r5 |
Expand...https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
| | zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 |
Expand...http://www.openwall.com/lists/oss-security/2022/03/25/2
http://www.openwall.com/lists/oss-security/2022/03/26/1
https://access.redhat.com/security/cve/CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
https://github.com/madler/zlib/issues/605
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5
https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ
https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
https://nvd.nist.gov/vuln/detail/CVE-2018-25032
https://ubuntu.com/security/notices/USN-5355-1
https://ubuntu.com/security/notices/USN-5355-2
https://ubuntu.com/security/notices/USN-5359-1
https://www.debian.org/security/2022/dsa-5111
https://www.openwall.com/lists/oss-security/2022/03/24/1
https://www.openwall.com/lists/oss-security/2022/03/28/1
https://www.openwall.com/lists/oss-security/2022/03/28/3
| #### Container: tccr.io/truecharts/appsmith:latest (ubuntu 20.04) **ubuntu** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 5.0-6ubuntu1.1 | |
Expand...http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://access.redhat.com/security/cve/CVE-2019-18276
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-18276
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
| | binutils | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2017-13716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009
| | binutils | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |
Expand...http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://access.redhat.com/security/cve/CVE-2018-20657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089
| | binutils | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-1010204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204
https://linux.oracle.com/cve/CVE-2019-1010204.html
https://linux.oracle.com/errata/ELSA-2020-1797.html
https://security.netapp.com/advisory/ntap-20190822-0001/
https://sourceware.org/bugzilla/show_bug.cgi?id=23765
https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-5349-1
| | binutils | CVE-2021-45078 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-45078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45078
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQBH244M5PV6S6UMHUTCVCWFZDX7Y4M6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UUHLDDT3HH7YEY6TX7IJRGPJUTNNVEL3/
https://nvd.nist.gov/vuln/detail/CVE-2021-45078
https://security.netapp.com/advisory/ntap-20220107-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=28694
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=161e87d12167b1e36193385485c1f6ce92f74f02
https://ubuntu.com/security/notices/USN-5341-1
| | binutils-common | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2017-13716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009
| | binutils-common | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |
Expand...http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://access.redhat.com/security/cve/CVE-2018-20657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089
| | binutils-common | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-1010204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204
https://linux.oracle.com/cve/CVE-2019-1010204.html
https://linux.oracle.com/errata/ELSA-2020-1797.html
https://security.netapp.com/advisory/ntap-20190822-0001/
https://sourceware.org/bugzilla/show_bug.cgi?id=23765
https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-5349-1
| | binutils-common | CVE-2021-45078 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-45078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45078
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQBH244M5PV6S6UMHUTCVCWFZDX7Y4M6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UUHLDDT3HH7YEY6TX7IJRGPJUTNNVEL3/
https://nvd.nist.gov/vuln/detail/CVE-2021-45078
https://security.netapp.com/advisory/ntap-20220107-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=28694
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=161e87d12167b1e36193385485c1f6ce92f74f02
https://ubuntu.com/security/notices/USN-5341-1
| | binutils-x86-64-linux-gnu | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2017-13716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009
| | binutils-x86-64-linux-gnu | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |
Expand...http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://access.redhat.com/security/cve/CVE-2018-20657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089
| | binutils-x86-64-linux-gnu | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-1010204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204
https://linux.oracle.com/cve/CVE-2019-1010204.html
https://linux.oracle.com/errata/ELSA-2020-1797.html
https://security.netapp.com/advisory/ntap-20190822-0001/
https://sourceware.org/bugzilla/show_bug.cgi?id=23765
https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-5349-1
| | binutils-x86-64-linux-gnu | CVE-2021-45078 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-45078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45078
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQBH244M5PV6S6UMHUTCVCWFZDX7Y4M6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UUHLDDT3HH7YEY6TX7IJRGPJUTNNVEL3/
https://nvd.nist.gov/vuln/detail/CVE-2021-45078
https://security.netapp.com/advisory/ntap-20220107-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=28694
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=161e87d12167b1e36193385485c1f6ce92f74f02
https://ubuntu.com/security/notices/USN-5341-1
| | coreutils | CVE-2016-2781 | LOW | 8.30-3ubuntu2 | |
Expand...http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://access.redhat.com/security/cve/CVE-2016-2781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2781
| | cpp | CVE-2020-13844 | MEDIUM | 1.185.1ubuntu2 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | cpp-9 | CVE-2020-13844 | MEDIUM | 9.4.0-1ubuntu1~20.04.1 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | dbus | CVE-2020-35512 | LOW | 1.12.16-2ubuntu2.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-35512
https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512
https://ubuntu.com/security/notices/USN-5244-1
| | dbus-user-session | CVE-2020-35512 | LOW | 1.12.16-2ubuntu2.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-35512
https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512
https://ubuntu.com/security/notices/USN-5244-1
| | g++ | CVE-2020-13844 | MEDIUM | 1.185.1ubuntu2 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | g++-9 | CVE-2020-13844 | MEDIUM | 9.4.0-1ubuntu1~20.04.1 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | gcc | CVE-2020-13844 | MEDIUM | 1.185.1ubuntu2 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | gcc-9 | CVE-2020-13844 | MEDIUM | 9.4.0-1ubuntu1~20.04.1 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | gcc-9-base | CVE-2020-13844 | MEDIUM | 9.4.0-1ubuntu1~20.04.1 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | git-man | CVE-2018-1000021 | LOW | 1:2.25.1-1ubuntu3.2 | |
Expand...http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
https://access.redhat.com/security/cve/CVE-2018-1000021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000021
| | gzip | CVE-2022-1271 | MEDIUM | 1.10-0ubuntu4 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
https://www.openwall.com/lists/oss-security/2022/04/07/8
| | libapparmor1 | CVE-2016-1585 | MEDIUM | 2.13.3-7ubuntu5.1 | |
Expand...https://bugs.launchpad.net/apparmor/+bug/1597017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1585
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2016-1585
| | libasan5 | CVE-2020-13844 | MEDIUM | 9.4.0-1ubuntu1~20.04.1 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libbinutils | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2017-13716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009
| | libbinutils | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |
Expand...http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://access.redhat.com/security/cve/CVE-2018-20657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089
| | libbinutils | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-1010204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204
https://linux.oracle.com/cve/CVE-2019-1010204.html
https://linux.oracle.com/errata/ELSA-2020-1797.html
https://security.netapp.com/advisory/ntap-20190822-0001/
https://sourceware.org/bugzilla/show_bug.cgi?id=23765
https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-5349-1
| | libbinutils | CVE-2021-45078 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-45078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45078
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQBH244M5PV6S6UMHUTCVCWFZDX7Y4M6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UUHLDDT3HH7YEY6TX7IJRGPJUTNNVEL3/
https://nvd.nist.gov/vuln/detail/CVE-2021-45078
https://security.netapp.com/advisory/ntap-20220107-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=28694
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=161e87d12167b1e36193385485c1f6ce92f74f02
https://ubuntu.com/security/notices/USN-5341-1
| | libcroco3 | CVE-2017-8834 | LOW | 0.6.13-1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html
http://seclists.org/fulldisclosure/2017/Jun/10
http://www.openwall.com/lists/oss-security/2020/08/13/3
https://access.redhat.com/security/cve/CVE-2017-8834
https://bugzilla.gnome.org/show_bug.cgi?id=782647
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8834
https://www.exploit-db.com/exploits/42147/
| | libcroco3 | CVE-2017-8871 | LOW | 0.6.13-1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html
http://seclists.org/fulldisclosure/2017/Jun/10
http://www.openwall.com/lists/oss-security/2020/08/13/3
https://access.redhat.com/security/cve/CVE-2017-8871
https://bugzilla.gnome.org/show_bug.cgi?id=782649
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8871
https://www.exploit-db.com/exploits/42147/
| | libctf-nobfd0 | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2017-13716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009
| | libctf-nobfd0 | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |
Expand...http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://access.redhat.com/security/cve/CVE-2018-20657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089
| | libctf-nobfd0 | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-1010204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204
https://linux.oracle.com/cve/CVE-2019-1010204.html
https://linux.oracle.com/errata/ELSA-2020-1797.html
https://security.netapp.com/advisory/ntap-20190822-0001/
https://sourceware.org/bugzilla/show_bug.cgi?id=23765
https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-5349-1
| | libctf-nobfd0 | CVE-2021-45078 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-45078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45078
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQBH244M5PV6S6UMHUTCVCWFZDX7Y4M6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UUHLDDT3HH7YEY6TX7IJRGPJUTNNVEL3/
https://nvd.nist.gov/vuln/detail/CVE-2021-45078
https://security.netapp.com/advisory/ntap-20220107-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=28694
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=161e87d12167b1e36193385485c1f6ce92f74f02
https://ubuntu.com/security/notices/USN-5341-1
| | libctf0 | CVE-2017-13716 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2017-13716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13716
https://sourceware.org/bugzilla/show_bug.cgi?id=22009
| | libctf0 | CVE-2018-20657 | LOW | 2.34-6ubuntu1.3 | |
Expand...http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://access.redhat.com/security/cve/CVE-2018-20657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089
| | libctf0 | CVE-2019-1010204 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-1010204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204
https://linux.oracle.com/cve/CVE-2019-1010204.html
https://linux.oracle.com/errata/ELSA-2020-1797.html
https://security.netapp.com/advisory/ntap-20190822-0001/
https://sourceware.org/bugzilla/show_bug.cgi?id=23765
https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-5349-1
| | libctf0 | CVE-2021-45078 | LOW | 2.34-6ubuntu1.3 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-45078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45078
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQBH244M5PV6S6UMHUTCVCWFZDX7Y4M6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UUHLDDT3HH7YEY6TX7IJRGPJUTNNVEL3/
https://nvd.nist.gov/vuln/detail/CVE-2021-45078
https://security.netapp.com/advisory/ntap-20220107-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=28694
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=161e87d12167b1e36193385485c1f6ce92f74f02
https://ubuntu.com/security/notices/USN-5341-1
| | libcups2 | CVE-2019-8842 | LOW | 2.3.1-9ubuntu1.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT210788
| | libcups2 | CVE-2020-10001 | LOW | 2.3.1-9ubuntu1.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-10001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10001
https://linux.oracle.com/cve/CVE-2020-10001.html
https://linux.oracle.com/errata/ELSA-2021-4393.html
https://lists.debian.org/debian-lts-announce/2021/10/msg00027.html
https://support.apple.com/en-us/HT212011
| | libdbus-1-3 | CVE-2020-35512 | LOW | 1.12.16-2ubuntu2.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-35512
https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512
https://ubuntu.com/security/notices/USN-5244-1
| | libgcc-9-dev | CVE-2020-13844 | MEDIUM | 9.4.0-1ubuntu1~20.04.1 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | libgd3 | CVE-2021-40812 | LOW | 2.2.5-5.2ubuntu2.1 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40812
https://github.com/libgd/libgd/commit/6f5136821be86e7068fcdf651ae9420b5d42e9a9
https://github.com/libgd/libgd/issues/750#issuecomment-914872385
https://github.com/libgd/libgd/issues/757
https://nvd.nist.gov/vuln/detail/CVE-2021-40812
| | libgif7 | CVE-2020-23922 | LOW | 5.1.9-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-23922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23922
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://sourceforge.net/p/giflib/bugs/151/
| | libgmp10 | CVE-2021-43618 | LOW | 2:6.2.0+dfsg-4 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-43618
https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2021-43618
| | libgssapi-krb5-2 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libgssapi-krb5-2 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libgssapi3-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libhcrypto4-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libheimbase1-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libheimntlm0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libhx509-5-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libjbig0 | CVE-2017-9937 | LOW | 2.1-3.1build1 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2707
http://www.securityfocus.com/bid/99304
https://access.redhat.com/security/cve/CVE-2017-9937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9937
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libjpeg-turbo8 | CVE-2020-17541 | LOW | 2.0.3-0ubuntu1.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-17541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392
https://linux.oracle.com/cve/CVE-2020-17541.html
https://linux.oracle.com/errata/ELSA-2021-4288.html
https://nvd.nist.gov/vuln/detail/CVE-2020-17541
| | libk5crypto3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libk5crypto3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5-26-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libkrb5-3 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5-3 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5support0 | CVE-2021-36222 | MEDIUM | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5support0 | CVE-2018-5709 | LOW | 1.17-6ubuntu4.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2018-5709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libnginx-mod-http-image-filter | CVE-2020-11724 | MEDIUM | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
https://security.netapp.com/advisory/ntap-20210129-0002/
https://www.debian.org/security/2020/dsa-4750
| | libnginx-mod-http-image-filter | CVE-2020-36309 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
| | libnginx-mod-http-image-filter | CVE-2021-3618 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
| | libnginx-mod-http-xslt-filter | CVE-2020-11724 | MEDIUM | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
https://security.netapp.com/advisory/ntap-20210129-0002/
https://www.debian.org/security/2020/dsa-4750
| | libnginx-mod-http-xslt-filter | CVE-2020-36309 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
| | libnginx-mod-http-xslt-filter | CVE-2021-3618 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
| | libnginx-mod-mail | CVE-2020-11724 | MEDIUM | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
https://security.netapp.com/advisory/ntap-20210129-0002/
https://www.debian.org/security/2020/dsa-4750
| | libnginx-mod-mail | CVE-2020-36309 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
| | libnginx-mod-mail | CVE-2021-3618 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
| | libnginx-mod-stream | CVE-2020-11724 | MEDIUM | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
https://security.netapp.com/advisory/ntap-20210129-0002/
https://www.debian.org/security/2020/dsa-4750
| | libnginx-mod-stream | CVE-2020-36309 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
| | libnginx-mod-stream | CVE-2021-3618 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
| | libnss3 | CVE-2020-25648 | LOW | 2:3.49.1-1ubuntu1.6 | |
Expand...https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25648.json
https://access.redhat.com/security/cve/CVE-2020-25648
https://bugzilla.redhat.com/show_bug.cgi?id=1887319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25648
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
https://linux.oracle.com/cve/CVE-2020-25648.html
https://linux.oracle.com/errata/ELSA-2021-3572.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERA5SVJQXQMDGES7RIT4F4NQVLD35RXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRM53IQCPZT2US3M7JXTP6I6IBA5RGOD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPOLN6DJUYQ3QBQEGLZGV73SNIPK7GHV/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libpcre3 | CVE-2017-11164 | LOW | 2:8.39-12build1 | |
Expand...http://openwall.com/lists/oss-security/2017/07/11/3
http://www.securityfocus.com/bid/99575
https://access.redhat.com/security/cve/CVE-2017-11164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libpcre3 | CVE-2019-20838 | LOW | 2:8.39-12build1 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://access.redhat.com/security/cve/CVE-2019-20838
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-20838
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| | libpcre3 | CVE-2020-14155 | LOW | 2:8.39-12build1 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://access.redhat.com/security/cve/CVE-2020-14155
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-14155
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
| | libperl5.30 | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | libpolkit-agent-1-0 | CVE-2016-2568 | LOW | 0.105-26ubuntu1.3 | |
Expand...http://seclists.org/oss-sec/2016/q1/443
http://www.openwall.com/lists/oss-security/2016/02/26/3
https://access.redhat.com/security/cve/CVE-2016-2568
https://access.redhat.com/security/cve/cve-2016-2568
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062
https://bugzilla.redhat.com/show_bug.cgi?id=1300746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2568
https://ubuntu.com/security/CVE-2016-2568
| | libpolkit-gobject-1-0 | CVE-2016-2568 | LOW | 0.105-26ubuntu1.3 | |
Expand...http://seclists.org/oss-sec/2016/q1/443
http://www.openwall.com/lists/oss-security/2016/02/26/3
https://access.redhat.com/security/cve/CVE-2016-2568
https://access.redhat.com/security/cve/cve-2016-2568
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062
https://bugzilla.redhat.com/show_bug.cgi?id=1300746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2568
https://ubuntu.com/security/CVE-2016-2568
| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libsepol1 | CVE-2021-36084 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36084
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36085 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36085
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36086 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36086
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| | libsepol1 | CVE-2021-36087 | LOW | 3.0-1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-36087
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
| | libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768
| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/
| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/
| | libsqlite3-0 | CVE-2021-36690 | LOW | 3.31.1-4ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690
https://nvd.nist.gov/vuln/detail/CVE-2021-36690
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.sqlite.org/forum/forumpost/718c0a8d17
| | libstdc++-9-dev | CVE-2020-13844 | MEDIUM | 9.4.0-1ubuntu1~20.04.1 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://access.redhat.com/security/cve/CVE-2020-13844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | libtiff5 | CVE-2022-0865 | MEDIUM | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0865
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json
https://gitlab.com/libtiff/libtiff/-/commit/a1c933dabd0e1c54a412f3f84ae0aa58115c6067
https://gitlab.com/libtiff/libtiff/-/issues/385
https://gitlab.com/libtiff/libtiff/-/merge_requests/306
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
https://nvd.nist.gov/vuln/detail/CVE-2022-0865
https://www.debian.org/security/2022/dsa-5108
| | libtiff5 | CVE-2022-0891 | MEDIUM | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0891
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json
https://gitlab.com/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c
https://gitlab.com/libtiff/libtiff/-/issues/380
https://gitlab.com/libtiff/libtiff/-/issues/382
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
https://nvd.nist.gov/vuln/detail/CVE-2022-0891
https://www.debian.org/security/2022/dsa-5108
| | libtiff5 | CVE-2018-10126 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://access.redhat.com/security/cve/CVE-2018-10126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libtiff5 | CVE-2020-35522 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-35522
https://bugzilla.redhat.com/show_bug.cgi?id=1932037
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35522
https://gitlab.com/libtiff/libtiff/-/merge_requests/165
https://linux.oracle.com/cve/CVE-2020-35522.html
https://linux.oracle.com/errata/ELSA-2021-4241.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/
https://nvd.nist.gov/vuln/detail/CVE-2020-35522
https://security.gentoo.org/glsa/202104-06
https://security.netapp.com/advisory/ntap-20210521-0009/
| | libtiff5 | CVE-2022-0561 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0561
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561
https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://nvd.nist.gov/vuln/detail/CVE-2022-0561
https://security.netapp.com/advisory/ntap-20220318-0001/
https://www.debian.org/security/2022/dsa-5108
| | libtiff5 | CVE-2022-0562 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562
https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json
https://gitlab.com/libtiff/libtiff/-/issues/362
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
https://nvd.nist.gov/vuln/detail/CVE-2022-0562
https://security.netapp.com/advisory/ntap-20220318-0001/
https://www.debian.org/security/2022/dsa-5108
| | libtiff5 | CVE-2022-22844 | LOW | 4.1.0+git191117-2ubuntu0.20.04.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-22844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844
https://gitlab.com/libtiff/libtiff/-/issues/355
https://gitlab.com/libtiff/libtiff/-/merge_requests/287
https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22844
https://security.netapp.com/advisory/ntap-20220311-0002/
https://www.debian.org/security/2022/dsa-5108
| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.7.0+dfsg-1ubuntu1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3671
https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://nvd.nist.gov/vuln/detail/CVE-2021-3671
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | libxslt1.1 | CVE-2015-9019 | LOW | 1.1.34-4 | |
Expand...https://access.redhat.com/security/cve/CVE-2015-9019
https://bugzilla.gnome.org/show_bug.cgi?id=758400
https://bugzilla.suse.com/show_bug.cgi?id=934119
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9019
| | linux-libc-dev | CVE-2022-1015 | HIGH | 5.4.0-107.121 | |
Expand...http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/
https://access.redhat.com/security/cve/CVE-2022-1015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1015
https://seclists.org/oss-sec/2022/q1/205
https://www.openwall.com/lists/oss-security/2022/03/28/5
| | linux-libc-dev | CVE-2013-7445 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-7445
https://bugzilla.kernel.org/show_bug.cgi?id=60533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7445
https://lists.freedesktop.org/archives/dri-devel/2015-September/089778.html (potential start towards fixing)
| | linux-libc-dev | CVE-2015-8553 | MEDIUM | 5.4.0-107.121 | |
Expand...http://thread.gmane.org/gmane.linux.kernel/1924087/focus=1930758 (regression mention)
http://xenbits.xen.org/xsa/advisory-120.html
https://access.redhat.com/security/cve/CVE-2015-8553
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8553
https://seclists.org/bugtraq/2019/Aug/18
https://www.debian.org/security/2019/dsa-4497
| | linux-libc-dev | CVE-2016-8660 | MEDIUM | 5.4.0-107.121 | |
Expand...http://www.openwall.com/lists/oss-security/2016/10/13/8
http://www.securityfocus.com/bid/93558
https://access.redhat.com/security/cve/CVE-2016-8660
https://bugzilla.redhat.com/show_bug.cgi?id=1384851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8660
https://lore.kernel.org/linux-xfs/895314622.769515.1476375930648.JavaMail.zimbra@redhat.com/
https://marc.info/?l=linux-fsdevel&m=147639177409294&w=2
https://marc.info/?l=linux-xfs&m=149498118228320&w=2
| | linux-libc-dev | CVE-2018-17977 | MEDIUM | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/105539
https://access.redhat.com/security/cve/CVE-2018-17977
https://bugzilla.suse.com/show_bug.cgi?id=1111609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17977
https://www.openwall.com/lists/oss-security/2018/10/05/5
| | linux-libc-dev | CVE-2020-12362 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-12362
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12362
https://linux.oracle.com/cve/CVE-2020-12362.html
https://linux.oracle.com/errata/ELSA-2021-9434.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
| | linux-libc-dev | CVE-2020-24504 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-24504
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24504
https://linux.oracle.com/cve/CVE-2020-24504.html
https://linux.oracle.com/errata/ELSA-2021-4356.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html
| | linux-libc-dev | CVE-2020-27835 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-27835
https://bugzilla.redhat.com/show_bug.cgi?id=1901709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27835
https://git.kernel.org/linus/3d2a9d642512c21a12d19b9250e7a835dcb41a79
https://linux.oracle.com/cve/CVE-2020-27835.html
https://linux.oracle.com/errata/ELSA-2021-1578.html
https://ubuntu.com/security/notices/USN-4751-1
| | linux-libc-dev | CVE-2020-36310 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-36310
https://bugzilla.redhat.com/show_bug.cgi?id=1769283#c148
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36310
https://git.kernel.org/linus/e72436bc3a5206f95bb384e741154166ddb3202e
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e72436bc3a5206f95bb384e741154166ddb3202e
https://linux.oracle.com/cve/CVE-2020-36310.html
https://linux.oracle.com/errata/ELSA-2021-9307.html
https://www.debian.org/security/2022/dsa-5095
| | linux-libc-dev | CVE-2021-20320 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-20320
https://bugzilla.redhat.com/show_bug.cgi?id=2010090
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20320
https://lore.kernel.org/bpf/20210902185229.1840281-1-johan.almbladh@anyfinetworks.com/
https://nvd.nist.gov/vuln/detail/CVE-2021-20320
| | linux-libc-dev | CVE-2021-33061 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-33061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33061
https://security.netapp.com/advisory/ntap-20220210-0010/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html
| | linux-libc-dev | CVE-2021-3864 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3864
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3864
https://lore.kernel.org/all/20211221021744.864115-1-longman@redhat.com
https://lore.kernel.org/all/20211226150310.GA992@1wt.eu/
https://lore.kernel.org/lkml/20211228170910.623156-1-wander@redhat.com
https://www.openwall.com/lists/oss-security/2021/10/20/2
| | linux-libc-dev | CVE-2021-39800 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39800
https://source.android.com/security/bulletin/2022-04-01
| | linux-libc-dev | CVE-2021-39801 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39801
https://source.android.com/security/bulletin/2022-04-01
| | linux-libc-dev | CVE-2021-39802 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39802
https://source.android.com/security/bulletin/2022-04-01
| | linux-libc-dev | CVE-2021-4001 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4001
https://bugzilla.redhat.com/show_bug.cgi?id=2025645
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4001
https://git.kernel.org/linus/353050be4c19e102178ccc05988101887c25ae53
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=353050be4c19e102178ccc05988101887c25ae53
https://nvd.nist.gov/vuln/detail/CVE-2021-4001
https://ubuntu.com/security/notices/USN-5207-1
https://ubuntu.com/security/notices/USN-5265-1
https://ubuntu.com/security/notices/USN-5278-1
| | linux-libc-dev | CVE-2021-4148 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4148
https://bugzilla.redhat.com/show_bug.cgi?id=2026487
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4148
https://lkml.org/lkml/2021/9/12/323
https://lkml.org/lkml/2021/9/17/1037
https://lore.kernel.org/linux-mm/a07564a3-b2fc-9ffe-3ace-3f276075ea5c@google.com/
https://lore.kernel.org/lkml/CACkBjsYwLYLRmX8GpsDpMthagWOjWWrNxqY6ZLNQVr6yx+f5vA@mail.gmail.com/
https://lore.kernel.org/lkml/CAHbLzkrdGva2dzO36r62LKv_ip5trbMK0BO3vCeSBk2_7OE-zA@mail.gmail.com/
https://nvd.nist.gov/vuln/detail/CVE-2021-4148
| | linux-libc-dev | CVE-2021-4150 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4150
https://bugzilla.redhat.com/show_bug.cgi?id=2025938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4150
https://git.kernel.org/linus/9fbfabfda25d8774c5a08634fdd2da000a924890 (5.15-rc7)
https://lkml.org/lkml/2021/10/18/485
https://lkml.org/lkml/2021/9/6/781
https://nvd.nist.gov/vuln/detail/CVE-2021-4150
| | linux-libc-dev | CVE-2021-4159 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4159
| | linux-libc-dev | CVE-2021-4197 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4197
https://bugzilla.redhat.com/show_bug.cgi?id=2035652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4197
https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/
https://nvd.nist.gov/vuln/detail/CVE-2021-4197
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5368-1
| | linux-libc-dev | CVE-2021-4218 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-4218
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4218
| | linux-libc-dev | CVE-2021-44879 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-44879
https://bugzilla.kernel.org/show_bug.cgi?id=215231
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44879
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f
https://lkml.org/lkml/2022/1/24/4067
https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao@kernel.org/T/
https://nvd.nist.gov/vuln/detail/CVE-2021-44879
https://ubuntu.com/security/notices/USN-5302-1
https://www.openwall.com/lists/oss-security/2022/02/12/1
| | linux-libc-dev | CVE-2022-0382 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0382
https://github.com/torvalds/linux/commit/d6d86830705f173fca6087a3e67ceaf68db80523
https://nvd.nist.gov/vuln/detail/CVE-2022-0382
https://ubuntu.com/security/notices/USN-5278-1
https://ubuntu.com/security/notices/USN-5337-1
https://ubuntu.com/security/notices/USN-5368-1
| | linux-libc-dev | CVE-2022-0400 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0400
https://bugzilla.redhat.com/show_bug.cgi?id=2040604
https://bugzilla.redhat.com/show_bug.cgi?id=2040604 (not public)
https://bugzilla.redhat.com/show_bug.cgi?id=2044575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0400
| | linux-libc-dev | CVE-2022-0480 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0480
https://bugzilla.redhat.com/show_bug.cgi?id=2049700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0480
https://git.kernel.org/linus/0f12156dff2862ac54235fc72703f18770769042 (5.15-rc1)
https://github.com/kata-containers/kata-containers/issues/3373
https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm@linux-foundation.org/
| | linux-libc-dev | CVE-2022-0487 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0487
https://bugzilla.redhat.com/show_bug.cgi?id=2044561
https://bugzilla.suse.com/show_bug.cgi?id=1194516
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0487
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bd2db32e7c3e35bd4d9b8bbff689434a50893546
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lore.kernel.org/all/20220114075934.302464-1-gregkh@linuxfoundation.org/
https://lore.kernel.org/all/20220127071638.4057899-1-gregkh@linuxfoundation.org/
https://nvd.nist.gov/vuln/detail/CVE-2022-0487
https://www.debian.org/security/2022/dsa-5095
https://www.debian.org/security/2022/dsa-5096
| | linux-libc-dev | CVE-2022-0494 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0494
https://bugzilla.redhat.com/show_bug.cgi?id=2039448
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0494
https://git.kernel.org/linus/cc8f7fe1f5eab010191aa4570f27641876fa1267 (5.17-rc5)
https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel@gmail.com/
https://nvd.nist.gov/vuln/detail/CVE-2022-0494
| | linux-libc-dev | CVE-2022-0998 | MEDIUM | 5.4.0-107.121 | |
Expand...http://www.openwall.com/lists/oss-security/2022/04/02/1
https://access.redhat.com/security/cve/CVE-2022-0998
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-0998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0998
https://git.kernel.org/linus/870aaff92e959e29d40f9cfdb5ed06ba2fc2dae0 (5.17-rc1)
https://lore.kernel.org/netdev/20220123001216.2460383-13-sashal@kernel.org/
https://nvd.nist.gov/vuln/detail/CVE-2022-0998
| | linux-libc-dev | CVE-2022-1011 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1011
https://git.kernel.org/linus/0c4bcfdecb1ac0967619ee7ff44871d93c08c909 (5.17-rc8)
https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BG4J46EMFPDD5QHYXDUI3PJCZQ7HQAZR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/
https://nvd.nist.gov/vuln/detail/CVE-2022-1011
| | linux-libc-dev | CVE-2022-1016 | MEDIUM | 5.4.0-107.121 | |
Expand...http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/
https://access.redhat.com/security/cve/CVE-2022-1016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1016
https://linux.oracle.com/cve/CVE-2022-1016.html
https://linux.oracle.com/errata/ELSA-2022-9274.html
https://seclists.org/oss-sec/2022/q1/205
https://www.openwall.com/lists/oss-security/2022/03/28/5
| | linux-libc-dev | CVE-2022-1048 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1048
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1048
https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai@suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3
https://www.openwall.com/lists/oss-security/2022/03/28/4
| | linux-libc-dev | CVE-2022-1195 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1195
https://bugzilla.redhat.com/show_bug.cgi?id=2056381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1195
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b9111922b1f399aba6ed1e1b8f2079c3da1aed8
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e0588c291d6ce225f2b891753ca41d45ba42469
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=81b1d548d00bcd028303c4f3150fa753b9b8aa71
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b2f37aead1b82a770c48b5d583f35ec22aabb61e
| | linux-libc-dev | CVE-2022-1198 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1198
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1198
https://github.com/torvalds/linux/commit/efe4186e6a1b54bf38b9e05450d43b0da1fd7739
https://marc.info/?i=c012878.3292f.17fe9417790.Coremail.duoming@zju.edu.cn
| | linux-libc-dev | CVE-2022-1199 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1199
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1199
https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809
https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac
https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10
https://marc.info/?l=oss-security&m=164888973827435
| | linux-libc-dev | CVE-2022-1204 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1204
https://github.com/torvalds/linux/commit/5352a761308397a0e6250fdc629bb3f615b94747
https://github.com/torvalds/linux/commit/87563a043cef044fed5db7967a75741cc16ad2b1
https://github.com/torvalds/linux/commit/9fd75b66b8f68498454d685dc4ba13192ae069b0
https://github.com/torvalds/linux/commit/d01ffb9eee4af165d83b08dd73ebdf9fe94a519b
https://github.com/torvalds/linux/commit/feef318c855a361a1eccd880f33e88c460eb63b4
https://marc.info/?i=20c5f3a.325bc.17fe90c96f4.Coremail.duoming@zju.edu.cn
| | linux-libc-dev | CVE-2022-1205 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-1205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1205
https://github.com/torvalds/linux/commit/82e31755e55fbcea6a9dfaae5fe4860ade17cbc0
https://github.com/torvalds/linux/commit/fc6d01ff9ef03b66d4a3a23b46fc3c3d8cf92009
https://marc.info/?i=56c38247.32aa9.17fe95728b3.Coremail.duoming@zju.edu.cn
| | linux-libc-dev | CVE-2022-23036 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23036
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23037 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23037
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23038 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23038
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23039 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23039
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23040 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23040
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23041 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23041
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-23042 | MEDIUM | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23042
https://xenbits.xen.org/xsa/advisory-396.html
https://xenbits.xenproject.org/xsa/advisory-396.txt
| | linux-libc-dev | CVE-2022-24958 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-24958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24958
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=501e38a5531efbd77d5c73c0ba838a889bfc1d74
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=89f3594d0de58e8a57d92d497dea9fee3d4b9cda
https://github.com/torvalds/linux/commit/501e38a5531efbd77d5c73c0ba838a889bfc1d74
https://github.com/torvalds/linux/commit/89f3594d0de58e8a57d92d497dea9fee3d4b9cda
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUVZA2YVOQJBJTDIDQ5HF5TAU2C6WP6H/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCW2KZYJ2H6BKZE3CVLHRIXYDGNYYC5P/
https://nvd.nist.gov/vuln/detail/CVE-2022-24958
https://security.netapp.com/advisory/ntap-20220225-0008/
| | linux-libc-dev | CVE-2022-25258 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-25258
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25258
https://github.com/szymonh/d-os-descriptor
https://github.com/torvalds/linux/commit/75e5b4849b81e19e9efe1654b30d7f3151c33c2c
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCW2KZYJ2H6BKZE3CVLHRIXYDGNYYC5P/
https://nvd.nist.gov/vuln/detail/CVE-2022-25258
https://www.debian.org/security/2022/dsa-5092
https://www.debian.org/security/2022/dsa-5096
| | linux-libc-dev | CVE-2022-25375 | MEDIUM | 5.4.0-107.121 | |
Expand...http://www.openwall.com/lists/oss-security/2022/02/21/1
https://access.redhat.com/security/cve/CVE-2022-25375
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25375
https://git.kernel.org/linus/38ea1eac7d88072bbffb630e2b3db83ca649b826 (5.17-rc4)
https://github.com/szymonh/rndis-co
https://github.com/torvalds/linux/commit/38ea1eac7d88072bbffb630e2b3db83ca649b826
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://nvd.nist.gov/vuln/detail/CVE-2022-25375
https://www.debian.org/security/2022/dsa-5092
https://www.debian.org/security/2022/dsa-5096
| | linux-libc-dev | CVE-2022-26490 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-26490
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26490
https://git.kernel.org/linux/4fbcc1a4cb20fe26ad0225679c536c80f1648221 (5.17-rc1)
https://github.com/torvalds/linux/commit/4fbcc1a4cb20fe26ad0225679c536c80f1648221
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BG4J46EMFPDD5QHYXDUI3PJCZQ7HQAZR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/
https://nvd.nist.gov/vuln/detail/CVE-2022-26490
| | linux-libc-dev | CVE-2022-26966 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-26966
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26966
https://git.kernel.org/linus/e9da0b56fe27206b49f39805f7dcda8a89379062 (5.17-rc6)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e9da0b56fe27206b49f39805f7dcda8a89379062
https://linux.oracle.com/cve/CVE-2022-26966.html
https://linux.oracle.com/errata/ELSA-2022-9274.html
https://nvd.nist.gov/vuln/detail/CVE-2022-26966
| | linux-libc-dev | CVE-2022-27223 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-27223
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.12
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27223
https://git.kernel.org/linus/7f14c7227f342d9932f9b918893c8814f86d2a0d (5.17-rc6)
https://github.com/torvalds/linux/commit/7f14c7227f342d9932f9b918893c8814f86d2a0d
https://nvd.nist.gov/vuln/detail/CVE-2022-27223
| | linux-libc-dev | CVE-2022-28356 | MEDIUM | 5.4.0-107.121 | |
Expand...http://www.openwall.com/lists/oss-security/2022/04/06/1
https://access.redhat.com/security/cve/CVE-2022-28356
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28356
https://git.kernel.org/linus/764f4eb6846f5475f1244767d24d25dd86528a4a
https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a
https://nvd.nist.gov/vuln/detail/CVE-2022-28356
| | linux-libc-dev | CVE-2022-28388 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-28388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28388
https://git.kernel.org/linus/3d3925ff6433f98992685a9679613a2cc97f3ce2 (5.18-rc1)
https://github.com/torvalds/linux/commit/3d3925ff6433f98992685a9679613a2cc97f3ce2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/
https://nvd.nist.gov/vuln/detail/CVE-2022-28388
| | linux-libc-dev | CVE-2022-28389 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-28389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28389
https://git.kernel.org/linus/04c9b00ba83594a29813d6b1fb8fdc93a3915174 (5.18-rc1)
https://github.com/torvalds/linux/commit/04c9b00ba83594a29813d6b1fb8fdc93a3915174
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/
https://nvd.nist.gov/vuln/detail/CVE-2022-28389
| | linux-libc-dev | CVE-2022-28390 | MEDIUM | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-28390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28390
https://git.kernel.org/linus/c70222752228a62135cee3409dccefd494a24646 (5.18-rc1)
https://github.com/torvalds/linux/commit/c70222752228a62135cee3409dccefd494a24646
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/
https://nvd.nist.gov/vuln/detail/CVE-2022-28390
| | linux-libc-dev | CVE-2017-0537 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/96831
http://www.securitytracker.com/id/1037968
https://android.googlesource.com/kernel/tegra.git/+/389b185cb2f17fff994dbdf8d4bac003d4b2b6b3%5E%21/#F0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0537
https://lore.kernel.org/lkml/1484647168-30135-1-git-send-email-jilin@nvidia.com/#t
https://source.android.com/security/bulletin/2017-01-01.html
https://source.android.com/security/bulletin/2017-03-01
https://source.android.com/security/bulletin/2017-03-01.html
| | linux-libc-dev | CVE-2017-13165 | LOW | 5.4.0-107.121 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13165
https://github.com/aosp-mirror/platform_system_core/commit/15ffc53f6d57a46e3041453865311035a18e047a
https://source.android.com/security/bulletin/pixel/2017-12-01
| | linux-libc-dev | CVE-2017-13693 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/100502
https://access.redhat.com/security/cve/CVE-2017-13693
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13693
https://github.com/acpica/acpica/pull/295/commits/987a3b5cf7175916e2a4b6ea5b8e70f830dfe732
https://patchwork.kernel.org/patch/9919053/
| | linux-libc-dev | CVE-2018-1121 | LOW | 5.4.0-107.121 | |
Expand...http://seclists.org/oss-sec/2018/q2/122
http://www.securityfocus.com/bid/104214
https://access.redhat.com/security/cve/CVE-2018-1121
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1121
https://www.exploit-db.com/exploits/44806/
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
| | linux-libc-dev | CVE-2018-12928 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/104593
https://access.redhat.com/security/cve/CVE-2018-12928
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12928
https://groups.google.com/forum/#!msg/syzkaller-bugs/9SgQk_6tSZ4/zLhTm4r1AwAJ
https://lore.kernel.org/linux-fsdevel/20180418173028.GA30953@bombadil.infradead.org/
https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2
| | linux-libc-dev | CVE-2018-12929 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://access.redhat.com/security/cve/CVE-2018-12929
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12929
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2
| | linux-libc-dev | CVE-2018-12930 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://access.redhat.com/security/cve/CVE-2018-12930
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12930
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2
| | linux-libc-dev | CVE-2018-12931 | LOW | 5.4.0-107.121 | |
Expand...http://www.securityfocus.com/bid/104588
https://access.redhat.com/errata/RHSA-2019:0641
https://access.redhat.com/security/cve/CVE-2018-12931
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12931
https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2
| | linux-libc-dev | CVE-2019-14899 | LOW | 5.4.0-107.121 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2020/Jul/23
http://seclists.org/fulldisclosure/2020/Jul/24
http://seclists.org/fulldisclosure/2020/Jul/25
http://seclists.org/fulldisclosure/2020/Nov/20
http://www.openwall.com/lists/oss-security/2020/08/13/2
http://www.openwall.com/lists/oss-security/2020/10/07/3
https://access.redhat.com/security/cve/CVE-2019-14899
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14899
https://openvpn.net/security-advisory/no-flaws-found-in-openvpn-software/
https://support.apple.com/kb/HT211288
https://support.apple.com/kb/HT211289
https://support.apple.com/kb/HT211290
https://support.apple.com/kb/HT211850
https://support.apple.com/kb/HT211931
https://www.openwall.com/lists/oss-security/2019/12/05/1
| | linux-libc-dev | CVE-2019-15213 | LOW | 5.4.0-107.121 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html
http://www.openwall.com/lists/oss-security/2019/08/20/2
https://access.redhat.com/security/cve/CVE-2019-15213
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15213
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7
https://linux.oracle.com/cve/CVE-2019-15213.html
https://linux.oracle.com/errata/ELSA-2019-4872.html
https://lore.kernel.org/linux-media/fe983331d14442a96db3f71066ca0488a8921840.camel@decadent.org.uk/
https://security.netapp.com/advisory/ntap-20190905-0002/
https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced
| | linux-libc-dev | CVE-2019-16230 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-16230
https://bugzilla.suse.com/show_bug.cgi?id=1150468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16230
https://lkml.org/lkml/2019/9/9/487
https://security.netapp.com/advisory/ntap-20191004-0001/
| | linux-libc-dev | CVE-2019-19378 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-19378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19378
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19378
https://security.netapp.com/advisory/ntap-20200103-0001/
| | linux-libc-dev | CVE-2019-19814 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2019-19814
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19814
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19814
https://security.netapp.com/advisory/ntap-20200103-0001/
| | linux-libc-dev | CVE-2020-11725 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-11725
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11725
https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474
https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/
https://nvd.nist.gov/vuln/detail/CVE-2020-11725
https://twitter.com/yabbadabbadrew/status/1248632267028582400
| | linux-libc-dev | CVE-2020-12363 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-12363
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12363
https://linux.oracle.com/cve/CVE-2020-12363.html
https://linux.oracle.com/errata/ELSA-2021-2314.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
| | linux-libc-dev | CVE-2020-12364 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-12364
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12364
https://linux.oracle.com/cve/CVE-2020-12364.html
https://linux.oracle.com/errata/ELSA-2021-2314.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
| | linux-libc-dev | CVE-2020-14304 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-14304
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960702
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14304
https://linux.oracle.com/cve/CVE-2020-14304.html
https://linux.oracle.com/errata/ELSA-2021-9410.html
https://lore.kernel.org/netdev/20200517172053.GA734488@decadent.org.uk/T/
| | linux-libc-dev | CVE-2020-27820 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-27820
https://bugzilla.redhat.com/show_bug.cgi?id=1901726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27820
https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/
https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/
https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/
https://lore.kernel.org/dri-devel/20201125202648.5220-1-jcline@redhat.com/
https://ubuntu.com/security/notices/USN-5265-1
https://ubuntu.com/security/notices/USN-5278-1
| | linux-libc-dev | CVE-2020-35501 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2020-35501
https://bugzilla.redhat.com/show_bug.cgi?id=1908577
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35501
https://listman.redhat.com/archives/linux-audit/2018-July/msg00041.html
https://nvd.nist.gov/vuln/detail/CVE-2020-35501
https://www.openwall.com/lists/oss-security/2021/02/18/1
| | linux-libc-dev | CVE-2021-26934 | LOW | 5.4.0-107.121 | |
Expand...http://xenbits.xen.org/xsa/advisory-363.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26934
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GELN5E6MDR5KQBJF5M5COUUED3YFZTD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOAJBVAVR6RSCUCHNXPVSNRPSFM7INMP/
https://nvd.nist.gov/vuln/detail/CVE-2021-26934
https://security.netapp.com/advisory/ntap-20210326-0001/
https://www.openwall.com/lists/oss-security/2021/02/16/2
https://xenbits.xen.org/xsa/advisory-363.html
| | linux-libc-dev | CVE-2021-32078 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32078
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=298a58e165e447ccfaae35fe9f651f9d7e15166f
https://git.kernel.org/linus/298a58e165e447ccfaae35fe9f651f9d7e15166f (5.13-rc1)
https://github.com/torvalds/linux/commit/298a58e165e447ccfaae35fe9f651f9d7e15166f
https://kirtikumarar.com/CVE-2021-32078.txt
https://nvd.nist.gov/vuln/detail/CVE-2021-32078
https://security.netapp.com/advisory/ntap-20210813-0002/
| | linux-libc-dev | CVE-2021-34981 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-34981
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34981
https://git.kernel.org/linus/3cfdf8fcaafa62a4123f92eb0f4a72650da3a479 (5.14-rc1)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3cfdf8fcaafa62a4123f92eb0f4a72650da3a479
https://www.zerodayinitiative.com/advisories/ZDI-21-1223/
| | linux-libc-dev | CVE-2021-3669 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3669
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3669
https://lore.kernel.org/all/20210809203554.1562989-1-aquini@redhat.com/
| | linux-libc-dev | CVE-2021-3772 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3772
https://bugzilla.redhat.com/show_bug.cgi?id=2000694
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3772
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df
https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df
https://linux.oracle.com/cve/CVE-2021-3772.html
https://linux.oracle.com/errata/ELSA-2022-9260.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3772
https://ubuntu.com/security/CVE-2021-3772
https://ubuntu.com/security/notices/USN-5165-1
https://ubuntu.com/security/notices/USN-5265-1
https://www.debian.org/security/2022/dsa-5096
| | linux-libc-dev | CVE-2022-0854 | LOW | 5.4.0-107.121 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-0854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0854
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/dma/swiotlb.c?h=v5.17-rc8&id=aa6f8dcbab473f3a3c7454b74caa46d36cdc5d13
https://nvd.nist.gov/vuln/detail/CVE-2022-0854
| | login | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | nginx | CVE-2020-11724 | MEDIUM | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
https://security.netapp.com/advisory/ntap-20210129-0002/
https://www.debian.org/security/2020/dsa-4750
| | nginx | CVE-2020-36309 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
| | nginx | CVE-2021-3618 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
| | nginx-common | CVE-2020-11724 | MEDIUM | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
https://security.netapp.com/advisory/ntap-20210129-0002/
https://www.debian.org/security/2020/dsa-4750
| | nginx-common | CVE-2020-36309 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
| | nginx-common | CVE-2021-3618 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
| | nginx-core | CVE-2020-11724 | MEDIUM | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
https://security.netapp.com/advisory/ntap-20210129-0002/
https://www.debian.org/security/2020/dsa-4750
| | nginx-core | CVE-2020-36309 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
https://github.com/openresty/lua-nginx-module/compare/v0.10.15...v0.10.16
https://github.com/openresty/lua-nginx-module/pull/1654
https://news.ycombinator.com/item?id=26712562
https://security.netapp.com/advisory/ntap-20210507-0005/
| | nginx-core | CVE-2021-3618 | LOW | 1.18.0-0ubuntu1.2 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-3618
https://alpaca-attack.com/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
https://bugzilla.redhat.com/show_bug.cgi?id=1975623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
https://nvd.nist.gov/vuln/detail/CVE-2021-3618
https://security.appspot.com/vsftpd/Changelog.txt
https://ubuntu.com/security/CVE-2021-3618
| | openssh-client | CVE-2021-36368 | MEDIUM | 1:8.2p1-4ubuntu0.4 | |
Expand...https://bugzilla.mindrot.org/show_bug.cgi?id=3316
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36368
https://docs.ssh-mitm.at/trivialauth.html
https://github.com/openssh/openssh-portable/pull/258
https://nvd.nist.gov/vuln/detail/CVE-2021-36368
https://www.openssh.com/security.html
| | openssh-client | CVE-2020-14145 | LOW | 1:8.2p1-4ubuntu0.4 | |
Expand...http://www.openwall.com/lists/oss-security/2020/12/02/1
https://access.redhat.com/security/cve/CVE-2020-14145
https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14145
https://docs.ssh-mitm.at/CVE-2020-14145.html
https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1
https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py
https://linux.oracle.com/cve/CVE-2020-14145.html
https://linux.oracle.com/errata/ELSA-2021-4368.html
https://nvd.nist.gov/vuln/detail/CVE-2020-14145
https://security.gentoo.org/glsa/202105-35
https://security.netapp.com/advisory/ntap-20200709-0004/
https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
https://www.fzi.de/fileadmin/user_upload/2020-06-26-FSA-2020-2.pdf
| | openssh-client | CVE-2021-41617 | LOW | 1:8.2p1-4ubuntu0.4 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-41617
https://bugzilla.suse.com/show_bug.cgi?id=1190975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617
https://linux.oracle.com/cve/CVE-2021-41617.html
https://linux.oracle.com/errata/ELSA-2021-9575.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/
https://nvd.nist.gov/vuln/detail/CVE-2021-41617
https://security.netapp.com/advisory/ntap-20211014-0004/
https://www.openssh.com/security.html
https://www.openssh.com/txt/release-8.8
https://www.openwall.com/lists/oss-security/2021/09/26/1
| | passwd | CVE-2013-4235 | LOW | 1:4.8.1-1ubuntu5.20.04.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2013-4235
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| | patch | CVE-2018-6952 | LOW | 2.7.6-6 | |
Expand...http://www.securityfocus.com/bid/103047
https://access.redhat.com/errata/RHSA-2019:2033
https://access.redhat.com/security/cve/CVE-2018-6952
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952
https://linux.oracle.com/cve/CVE-2018-6952.html
https://linux.oracle.com/errata/ELSA-2019-2033.html
https://nvd.nist.gov/vuln/detail/CVE-2018-6952
https://savannah.gnu.org/bugs/index.php?53133
https://security.gentoo.org/glsa/201904-17
| | patch | CVE-2021-45261 | LOW | 2.7.6-6 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-45261
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45261
https://savannah.gnu.org/bugs/?61685
| | perl | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | perl-base | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | perl-modules-5.30 | CVE-2020-16156 | MEDIUM | 5.30.0-9ubuntu0.2 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://access.redhat.com/security/cve/CVE-2020-16156
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | policykit-1 | CVE-2016-2568 | LOW | 0.105-26ubuntu1.3 | |
Expand...http://seclists.org/oss-sec/2016/q1/443
http://www.openwall.com/lists/oss-security/2016/02/26/3
https://access.redhat.com/security/cve/CVE-2016-2568
https://access.redhat.com/security/cve/cve-2016-2568
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062
https://bugzilla.redhat.com/show_bug.cgi?id=1300746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568
https://lore.kernel.org/patchwork/patch/793178/
https://nvd.nist.gov/vuln/detail/CVE-2016-2568
https://ubuntu.com/security/CVE-2016-2568
| | python-pip-whl | CVE-2021-33503 | LOW | 20.0.2-5ubuntu1.6 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-33503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://linux.oracle.com/cve/CVE-2021-33503.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python-pip-whl | CVE-2021-3572 | LOW | 20.0.2-5ubuntu1.6 | |
Expand...https://access.redhat.com/errata/RHSA-2021:3254
https://access.redhat.com/security/cve/CVE-2021-3572
https://bugzilla.redhat.com/show_bug.cgi?id=1962856
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572
https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
https://github.com/pypa/pip/issues/10042
https://github.com/pypa/pip/issues/10042#issuecomment-857452480
https://github.com/pypa/pip/pull/9827
https://github.com/skazi0/CVE-2021-3572/blob/master/CVE-2021-3572-v9.0.1.patch
https://linux.oracle.com/cve/CVE-2021-3572.html
https://linux.oracle.com/errata/ELSA-2021-4455.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3572
https://packetstormsecurity.com/files/162712/USN-4961-1.txt
| | python3-urllib3 | CVE-2021-33503 | LOW | 1.25.8-2ubuntu0.1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-33503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
https://linux.oracle.com/cve/CVE-2021-33503.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
https://nvd.nist.gov/vuln/detail/CVE-2021-33503
https://security.gentoo.org/glsa/202107-36
https://www.oracle.com/security-alerts/cpuoct2021.html
| | redis | CVE-2020-14147 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00058.html
https://access.redhat.com/security/cve/CVE-2020-14147
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14147
https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571
https://github.com/antirez/redis/pull/6875
https://nvd.nist.gov/vuln/detail/CVE-2020-14147
https://security.gentoo.org/glsa/202008-17
https://www.debian.org/security/2020/dsa-4731
https://www.oracle.com/security-alerts/cpujan2021.html
| | redis | CVE-2021-32626 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32626
https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591
https://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782c
https://linux.oracle.com/cve/CVE-2021-32626.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32626
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis | CVE-2021-32627 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32627
https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3
https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v
https://linux.oracle.com/cve/CVE-2021-32627.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32627
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis | CVE-2021-32628 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32628
https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3
https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr
https://linux.oracle.com/cve/CVE-2021-32628.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32628
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis | CVE-2021-32672 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32672
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32672
https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd
https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32672
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis | CVE-2021-32675 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32675
https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8
https://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64p
https://linux.oracle.com/cve/CVE-2021-32675.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.apache.org/thread.html/ra603ff6e04549d7f290f61f9b11e2d2e4dba693b05ff053f4ec6bc47@%3Cnotifications.geode.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32675
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis | CVE-2021-32687 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32687
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32687
https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f
https://github.com/redis/redis/security/advisories/GHSA-m3mf-8x9w-r27q
https://linux.oracle.com/cve/CVE-2021-32687.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32687
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis | CVE-2021-41099 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-41099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41099
https://github.com/redis/redis/commit/c6ad876774f3cc11e32681ea02a2eead00f2c521
https://github.com/redis/redis/security/advisories/GHSA-j3cr-9h5g-6cph
https://linux.oracle.com/cve/CVE-2021-41099.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41099
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-server | CVE-2020-14147 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00058.html
https://access.redhat.com/security/cve/CVE-2020-14147
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14147
https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571
https://github.com/antirez/redis/pull/6875
https://nvd.nist.gov/vuln/detail/CVE-2020-14147
https://security.gentoo.org/glsa/202008-17
https://www.debian.org/security/2020/dsa-4731
https://www.oracle.com/security-alerts/cpujan2021.html
| | redis-server | CVE-2021-32626 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32626
https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591
https://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782c
https://linux.oracle.com/cve/CVE-2021-32626.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32626
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-server | CVE-2021-32627 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32627
https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3
https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v
https://linux.oracle.com/cve/CVE-2021-32627.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32627
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-server | CVE-2021-32628 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32628
https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3
https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr
https://linux.oracle.com/cve/CVE-2021-32628.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32628
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-server | CVE-2021-32672 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32672
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32672
https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd
https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32672
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-server | CVE-2021-32675 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32675
https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8
https://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64p
https://linux.oracle.com/cve/CVE-2021-32675.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.apache.org/thread.html/ra603ff6e04549d7f290f61f9b11e2d2e4dba693b05ff053f4ec6bc47@%3Cnotifications.geode.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32675
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-server | CVE-2021-32687 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32687
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32687
https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f
https://github.com/redis/redis/security/advisories/GHSA-m3mf-8x9w-r27q
https://linux.oracle.com/cve/CVE-2021-32687.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32687
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-server | CVE-2021-41099 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-41099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41099
https://github.com/redis/redis/commit/c6ad876774f3cc11e32681ea02a2eead00f2c521
https://github.com/redis/redis/security/advisories/GHSA-j3cr-9h5g-6cph
https://linux.oracle.com/cve/CVE-2021-41099.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41099
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-tools | CVE-2020-14147 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00058.html
https://access.redhat.com/security/cve/CVE-2020-14147
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14147
https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571
https://github.com/antirez/redis/pull/6875
https://nvd.nist.gov/vuln/detail/CVE-2020-14147
https://security.gentoo.org/glsa/202008-17
https://www.debian.org/security/2020/dsa-4731
https://www.oracle.com/security-alerts/cpujan2021.html
| | redis-tools | CVE-2021-32626 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32626
https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591
https://github.com/redis/redis/security/advisories/GHSA-p486-xggp-782c
https://linux.oracle.com/cve/CVE-2021-32626.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32626
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-tools | CVE-2021-32627 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32627
https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3
https://github.com/redis/redis/security/advisories/GHSA-f434-69fm-g45v
https://linux.oracle.com/cve/CVE-2021-32627.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32627
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-tools | CVE-2021-32628 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32628
https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3
https://github.com/redis/redis/security/advisories/GHSA-vw22-qm3h-49pr
https://linux.oracle.com/cve/CVE-2021-32628.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32628
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-tools | CVE-2021-32672 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32672
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32672
https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd
https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32672
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-tools | CVE-2021-32675 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32675
https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8
https://github.com/redis/redis/security/advisories/GHSA-f6pw-v9gw-v64p
https://linux.oracle.com/cve/CVE-2021-32675.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.apache.org/thread.html/ra603ff6e04549d7f290f61f9b11e2d2e4dba693b05ff053f4ec6bc47@%3Cnotifications.geode.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32675
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-tools | CVE-2021-32687 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-32687
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32687
https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f
https://github.com/redis/redis/security/advisories/GHSA-m3mf-8x9w-r27q
https://linux.oracle.com/cve/CVE-2021-32687.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-32687
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | redis-tools | CVE-2021-41099 | MEDIUM | 6:6.2.6-2rl1~focal1 | |
Expand...https://access.redhat.com/security/cve/CVE-2021-41099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41099
https://github.com/redis/redis/commit/c6ad876774f3cc11e32681ea02a2eead00f2c521
https://github.com/redis/redis/security/advisories/GHSA-j3cr-9h5g-6cph
https://linux.oracle.com/cve/CVE-2021-41099.html
https://linux.oracle.com/errata/ELSA-2021-3945.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/
https://nvd.nist.gov/vuln/detail/CVE-2021-41099
https://security.netapp.com/advisory/ntap-20211104-0003/
https://www.debian.org/security/2021/dsa-5001
| | x11-common | CVE-2012-1093 | LOW | 1:7.7+19ubuntu14 | |
Expand...http://vladz.devzero.fr/012_x11-common-vuln.html
http://www.openwall.com/lists/oss-security/2012/02/29/1
http://www.openwall.com/lists/oss-security/2012/03/01/1
https://access.redhat.com/security/cve/cve-2012-1093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1093
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2012-1093
| **jar** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | com.fasterxml.jackson.core:jackson-databind | CVE-2020-36518 | HIGH | 2.12.6 | 2.12.6.1, 2.13.2.1 |
Expand...https://access.redhat.com/security/cve/CVE-2020-36518
https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b
https://github.com/FasterXML/jackson-databind/issues/2816
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13
https://github.com/advisories/GHSA-57j2-w4cx-62h2
https://nvd.nist.gov/vuln/detail/CVE-2020-36518
| | com.google.guava:guava | CVE-2020-8908 | LOW | 29.0-android | 30.0 |
Expand...https://access.redhat.com/security/cve/CVE-2020-8908
https://github.com/advisories/GHSA-5mg8-w23w-74h3
https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40
https://github.com/google/guava/issues/4011
https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r037fed1d0ebde50c9caf8d99815db3093c344c3f651c5a49a09824ce@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E
https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E
https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E
https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E
https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E
https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-8908
https://security.netapp.com/advisory/ntap-20220210-0003/
https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | com.google.protobuf:protobuf-java | CVE-2021-22569 | MEDIUM | 3.12.2 | 3.16.1, 3.18.2, 3.19.2 |
Expand...http://www.openwall.com/lists/oss-security/2022/01/12/4
http://www.openwall.com/lists/oss-security/2022/01/12/7
https://access.redhat.com/security/cve/CVE-2021-22569
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330
https://cloud.google.com/support/bulletins#gcp-2022-001
https://github.com/advisories/GHSA-wrvw-hg22-4m67
https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b
https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67
https://nvd.nist.gov/vuln/detail/CVE-2021-22569
| | com.google.protobuf:protobuf-java | GMS-2022-5 | UNKNOWN | 3.12.2 | 3.16.1, 3.18.2, 3.19.2 |
Expand...https://github.com/advisories/GHSA-wrvw-hg22-4m67
https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67
| | com.h2database:h2 | CVE-2021-23463 | CRITICAL | 1.4.200 | 2.0.202 |
Expand...https://access.redhat.com/security/cve/CVE-2021-23463
https://github.com/advisories/GHSA-7rpj-hg47-cx62
https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3
https://github.com/h2database/h2database/issues/3195
https://github.com/h2database/h2database/pull/3199
https://nvd.nist.gov/vuln/detail/CVE-2021-23463
https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238
| | com.h2database:h2 | CVE-2021-42392 | CRITICAL | 1.4.200 | 2.0.206 |
Expand...https://access.redhat.com/security/cve/CVE-2021-42392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392
https://github.com/advisories/GHSA-h376-j262-vhq6
https://github.com/h2database/h2database/releases/tag/version-2.0.206
https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/
https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html
https://nvd.nist.gov/vuln/detail/CVE-2021-42392
https://security.netapp.com/advisory/ntap-20220119-0001/
https://ubuntu.com/security/notices/USN-5365-1
https://www.debian.org/security/2022/dsa-5076
| | com.h2database:h2 | CVE-2022-23221 | CRITICAL | 1.4.200 | 2.1.210 |
Expand...http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html
http://seclists.org/fulldisclosure/2022/Jan/39
https://access.redhat.com/security/cve/CVE-2022-23221
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221
https://github.com/advisories/GHSA-45hx-wfhj-473x
https://github.com/h2database/h2database/releases/tag/version-2.1.210
https://github.com/h2database/h2database/security/advisories
https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23221
https://twitter.com/d0nkey_man/status/1483824727936450564
https://ubuntu.com/security/notices/USN-5365-1
https://www.debian.org/security/2022/dsa-5076
| | com.h2database:h2 | GMS-2022-7 | UNKNOWN | 1.4.200 | 2.0.206 |
Expand...https://github.com/advisories/GHSA-h376-j262-vhq6
https://github.com/h2database/h2database/releases/tag/version-2.0.206
https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
| | io.netty:netty-codec | CVE-2021-37136 | HIGH | 4.1.48.Final | 4.1.68.Final |
Expand...https://access.redhat.com/security/cve/CVE-2021-37136
https://github.com/advisories/GHSA-grg4-wf29-r9vv
https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java#L294
https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java#L305
https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java#L80
https://github.com/netty/netty/commit/41d3d61a61608f2223bb364955ab2045dd5e4020
https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv
https://lists.apache.org/thread.html/r06a145c9bd41a7344da242cef07977b24abe3349161ede948e30913d@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r5406eaf3b07577d233b9f07cfc8f26e28369e6bab5edfcab41f28abb@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r5e05eba32476c580412f9fbdfc9b8782d5b40558018ac4ac07192a04@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/rd262f59b1586a108e320e5c966feeafbb1b8cdc96965debc7cc10b16@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/rfb2bf8597e53364ccab212fbcbb2a4e9f0a9e1429b1dc08023c6868e@%3Cdev.tinkerpop.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-37136
https://security.netapp.com/advisory/ntap-20220210-0012/
https://www.oracle.com/security-alerts/cpujan2022.html
| | io.netty:netty-codec | CVE-2021-37137 | HIGH | 4.1.48.Final | 4.1.68.Final |
Expand...https://access.redhat.com/security/cve/CVE-2021-37137
https://github.com/advisories/GHSA-9vjp-v76f-g363
https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java#L171
https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java#L185
https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java#L79
https://github.com/netty/netty/commit/6da4956b31023ae967451e1d94ff51a746a9194f
https://github.com/netty/netty/security/advisories/GHSA-9vjp-v76f-g363
https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv
https://lists.apache.org/thread.html/r06a145c9bd41a7344da242cef07977b24abe3349161ede948e30913d@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r5406eaf3b07577d233b9f07cfc8f26e28369e6bab5edfcab41f28abb@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r5e05eba32476c580412f9fbdfc9b8782d5b40558018ac4ac07192a04@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/rd262f59b1586a108e320e5c966feeafbb1b8cdc96965debc7cc10b16@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/rfb2bf8597e53364ccab212fbcbb2a4e9f0a9e1429b1dc08023c6868e@%3Cdev.tinkerpop.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-37137
https://security.netapp.com/advisory/ntap-20220210-0012/
https://www.oracle.com/security-alerts/cpujan2022.html
| | io.netty:netty-codec-http | CVE-2021-21290 | MEDIUM | 4.1.48.Final | 4.1.59.Final |
Expand...https://access.redhat.com/security/cve/CVE-2021-21290
https://github.com/advisories/GHSA-5mcr-gq6c-3hq2
https://github.com/netty/netty/commit/c735357bf29d07856ad171c6611a2e1a0e0000ec
https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2
https://lists.apache.org/thread.html/r0053443ce19ff125981559f8c51cf66e3ab4350f47812b8cf0733a05@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r02e467123d45006a1dda20a38349e9c74c3a4b53e2e07be0939ecb3f@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r0857b613604c696bf9743f0af047360baaded48b1c75cf6945a083c5@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r10308b625e49d4e9491d7e079606ca0df2f0a4d828f1ad1da64ba47b@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r1908a34b9cc7120e5c19968a116ddbcffea5e9deb76c2be4fa461904@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2748097ea4b774292539cf3de6e3b267fc7a88d6c8ec40f4e2e87bd4@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2936730ef0a06e724b96539bc7eacfcd3628987c16b1b99c790e7b87@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2fda4dab73097051977f2ab818f75e04fbcb15bb1003c8530eac1059@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r326ec431f06eab7cb7113a7a338e59731b8d556d05258457f12bac1b@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4efed2c501681cb2e8d629da16e48d9eac429624fd4c9a8c6b8e7020@%3Cdev.tinkerpop.apache.org%3E
https://lists.apache.org/thread.html/r584cf871f188c406d8bd447ff4e2fd9817fca862436c064d0951a071@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r59bac5c09f7a4179b9e2460e8f41c278aaf3b9a21cc23678eb893e41@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5bf303d7c04da78f276765da08559fdc62420f1df539b277ca31f63b@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r5c701840aa2845191721e39821445e1e8c59711e71942b7796a6ec29@%3Cusers.activemq.apache.org%3E
https://lists.apache.org/thread.html/r5e4a540089760c8ecc2c411309d74264f1dad634ad93ad583ca16214@%3Ccommits.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5e66e286afb5506cdfe9bbf68a323e8d09614f6d1ddc806ed0224700@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r71dbb66747ff537640bb91eb0b2b24edef21ac07728097016f58b01f@%3Ccommits.kafka.apache.org%3E
https://lists.apache.org/thread.html/r743149dcc8db1de473e6bff0b3ddf10140a7357bc2add75f7d1fbb12@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r790c2926efcd062067eb18fde2486527596d7275381cfaff2f7b3890@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r7bb3cdc192e9a6f863d3ea05422f09fa1ae2b88d4663e63696ee7ef5@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r9924ef9357537722b28d04c98a189750b80694a19754e5057c34ca48@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/ra0fc2b4553dd7aaf75febb61052b7f1243ac3a180a71c01f29093013@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/ra503756ced78fdc2136bd33e87cb7553028645b261b1f5c6186a121e@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rb06c1e766aa45ee422e8261a8249b561784186483e8f742ea627bda4@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rb51d6202ff1a773f96eaa694b7da4ad3f44922c40b3d4e1a19c2f325@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rb592033a2462548d061a83ac9449c5ff66098751748fcd1e2d008233@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc0087125cb15b4b78e44000f841cd37fefedfda942fd7ddf3ad1b528@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc488f80094872ad925f0c73d283d4c00d32def81977438e27a3dc2bb@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rcd163e421273e8dca1c71ea298dce3dd11b41d51c3a812e0394e6a5d@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rdba4f78ac55f803893a1a2265181595e79e3aa027e2e651dfba98c18@%3Cjira.kafka.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00016.html
https://nvd.nist.gov/vuln/detail/CVE-2021-21290
https://security.netapp.com/advisory/ntap-20220210-0011/
https://www.debian.org/security/2021/dsa-4885
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | io.netty:netty-codec-http | CVE-2021-43797 | MEDIUM | 4.1.48.Final | 4.1.71.Final |
Expand...https://access.redhat.com/security/cve/CVE-2021-43797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797
https://github.com/advisories/GHSA-wx5j-54mm-rqqq
https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897323
https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897323 (netty-4.1.71.Final)
https://github.com/netty/netty/pull/11891
https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq
https://nvd.nist.gov/vuln/detail/CVE-2021-43797
https://security.netapp.com/advisory/ntap-20220107-0003/
| | io.netty:netty-codec-http2 | CVE-2021-21295 | MEDIUM | 4.1.48.Final | 4.1.60.Final |
Expand...https://access.redhat.com/security/cve/CVE-2021-21295
https://github.com/Netflix/zuul/pull/980
https://github.com/advisories/GHSA-wm47-8v5p-wjpj
https://github.com/netty/netty/commit/89c241e3b1795ff257af4ad6eadc616cb2fb3dc4
https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj
https://lists.apache.org/thread.html/r02e467123d45006a1dda20a38349e9c74c3a4b53e2e07be0939ecb3f@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r040a5e4d9cca2f98354b58a70b27099672276f66995c4e2e39545d0b@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r0b09f3e31e004fe583f677f7afa46bd30110904576c13c5ac818ac2c@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r15f66ada9a5faf4bac69d9e7c4521cedfefa62df9509881603791969@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r1908a34b9cc7120e5c19968a116ddbcffea5e9deb76c2be4fa461904@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r1bca0b81193b74a451fc6d687ab58ef3a1f5ec40f6c61561d8dd9509@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r22adb45fe902aeafcd0a1c4db13984224a667676c323c66db3af38a1@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r22b2f34447d71c9a0ad9079b7860323d5584fb9b40eb42668c21eaf1@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r268850f26639ebe249356ed6d8edb54ee8943be6f200f770784fb190@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r27b7e5a588ec826b15f38c40be500c50073400019ce7b8adfd07fece@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r2936730ef0a06e724b96539bc7eacfcd3628987c16b1b99c790e7b87@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r312ce5bd3c6bf08c138349b507b6f1c25fe9cf40b6f2b0014c9d12b1@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r32b0b640ad2be3b858f0af51c68a7d5c5a66a462c8bbb93699825cd3@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r33eb06b05afbc7df28d31055cae0cb3fd36cab808c884bf6d680bea5@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r393a339ab0b63ef9e6502253eeab26e7643b3e69738d5948b2b1d064@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r3c293431c781696681abbfe1c573c2d9dcdae6fd3ff330ea22f0433f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r3c4596b9b37f5ae91628ccf169d33cd5a0da4b16b6c39d5bad8e03f3@%3Cdev.jackrabbit.apache.org%3E
https://lists.apache.org/thread.html/r3ff9e735ca33612d900607dc139ebd38a64cadc6bce292e53eb86d7f@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r4ea2f1a9d79d4fc1896e085f31fb60a21b1770d0a26a5250f849372d@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/r5232e33a1f3b310a3e083423f736f3925ebdb150844d60ac582809f8@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r5470456cf1409a99893ae9dd57439799f6dc1a60fda90e11570f66fe@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r584cf871f188c406d8bd447ff4e2fd9817fca862436c064d0951a071@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r59bac5c09f7a4179b9e2460e8f41c278aaf3b9a21cc23678eb893e41@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5baac01f9e06c40ff7aab209d5751b3b58802c63734e33324b70a06a@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r5e66e286afb5506cdfe9bbf68a323e8d09614f6d1ddc806ed0224700@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5fc5786cdd640b1b0a3c643237ce0011f0a08a296b11c0e2c669022c@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r602e98daacc98934f097f07f2eed6eb07c18bfc1949c8489dc7bfcf5@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r67c4f90658fde875521c949448c54c98517beecdc7f618f902c620ec@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r67e6a636cbc1958383a1cd72b7fd0cd7493360b1dd0e6c12f5761798@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6a122c25e352eb134d01e7f4fc4d345a491c5ee9453fef6fc754d15b@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6a29316d758db628a1df49ca219d64caf493999b52cc77847bfba675@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6aee7e3566cb3e51eeed2fd8786704d91f80a7581e00a787ba9f37f6@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r70cebada51bc6d49138272437d8a28fe971d0197334ef906b575044c@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r790c2926efcd062067eb18fde2486527596d7275381cfaff2f7b3890@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r7bb3cdc192e9a6f863d3ea05422f09fa1ae2b88d4663e63696ee7ef5@%3Cdev.ranger.apache.org%3E
https://lists.apache.org/thread.html/r837bbcbf12e335e83ab448b1bd2c1ad7e86efdc14034b23811422e6a@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r855b4b6814ac829ce2d48dd9d8138d07f33387e710de798ee92c011e@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r86cd38a825ab2344f3e6cad570528852f29a4ffdf56ab67d75c36edf@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r9051e4f484a970b5566dc1870ecd9c1eb435214e2652cf3ea4d0c0cc@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r905b92099998291956eebf4f1c5d95f5a0cbcece2946cc46d32274fd@%3Cdev.hbase.apache.org%3E
https://lists.apache.org/thread.html/r96ce18044880c33634c4b3fcecc57b8b90673c9364d63eba00385523@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r9924ef9357537722b28d04c98a189750b80694a19754e5057c34ca48@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/ra64d56a8a331ffd7bdcd24a9aaaeeedeacd5d639f5a683389123f898@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/ra655e5cec74d1ddf62adacb71d398abd96f3ea2c588f6bbf048348eb@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/ra83096bcbfe6e1f4d54449f8a013117a0536404e9d307ab4a0d34f81@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rb06c1e766aa45ee422e8261a8249b561784186483e8f742ea627bda4@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rb51d6202ff1a773f96eaa694b7da4ad3f44922c40b3d4e1a19c2f325@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rb592033a2462548d061a83ac9449c5ff66098751748fcd1e2d008233@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rb95d42ce220ed4a4683aa17833b5006d657bc4254bc5cb03cd5e6bfb@%3Cissues.hbase.apache.org%3E
https://lists.apache.org/thread.html/rbadcbcb50195f00bbd196403865ced521ca70787999583c07be38d0e@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rbed09768f496244a2e138dbbe6d2847ddf796c9c8ef9e50f2e3e30d9@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc0087125cb15b4b78e44000f841cd37fefedfda942fd7ddf3ad1b528@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc165e36ca7cb5417aec3f21bbc4ec00fb38ecebdd96a82cfab9bd56f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rca0978b634a0c3ebee4126ec29c7f570b165fae3f8f3658754c1cbd3@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/rcd163e421273e8dca1c71ea298dce3dd11b41d51c3a812e0394e6a5d@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rcf3752209a8b04996373bf57fdc808b3bfaa2be8702698a0323641f8@%3Ccommits.hbase.apache.org%3E
https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rcfc535afd413d9934d6ee509dce234dac41fa3747a7555befb17447e@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rd4a6b7dec38ea6cd28b6f94bd4b312629a52b80be3786d5fb0e474bc@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/rd8f72411fb75b98d366400ae789966373b5c3eb3f511e717caf3e49e@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rdc096e13ac4501ea2e2b03a197682a313b85d3d3ec89d5ae5551b384@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rddbb4f8d5db23265bb63d14ef4b3723b438abc1589f877db11d35450@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/re6207ebe2ca4d44f2a6deee695ad6f27fd29d78980f1d46ed1574f91@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re7c69756a102bebce8b8681882844a53e2f23975a189363e68ad0324@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rf36f1114e84a3379b20587063686148e2d5a39abc0b8a66ff2a9087a@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60@%3Ccommits.servicecomb.apache.org%3E
https://lists.apache.org/thread.html/rf934292a4a1c189827f625d567838d2c1001e4739b158638d844105b@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/rfff6ff8ffb31e8a32619c79774def44b6ffbb037c128c5ad3eab7171@%3Cissues.zookeeper.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-21295
https://security.netapp.com/advisory/ntap-20210604-0003/
https://www.debian.org/security/2021/dsa-4885
| | io.netty:netty-codec-http2 | CVE-2021-21409 | MEDIUM | 4.1.48.Final | 4.1.61.Final |
Expand...https://access.redhat.com/security/cve/CVE-2021-21409
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21295
https://github.com/advisories/GHSA-f256-j965-7f32
https://github.com/netty/netty/commit/b0fa4d5aab4215f3c22ce6123dd8dd5f38dc0432
https://github.com/netty/netty/security/advisories/GHSA-f256-j965-7f32
https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj
https://lists.apache.org/thread.html/r0b09f3e31e004fe583f677f7afa46bd30110904576c13c5ac818ac2c@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r0ca82fec33334e571fe5b388272260778883e307e15415d7b1443de2@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r101f82d8f3b5af0bf79aecbd5b2dd3b404f6bb51d1a54c2c3d29bed9@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r1b3cb056364794f919aaf26ceaf7423de64e7fdd05a914066e7d5219@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2732aa3884cacfecac4c54cfaa77c279ba815cad44b464a567216f83@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r31044fb995e894749cb821c6fe56f487c16a97028e6e360e59f09d58@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4a98827bb4a7edbd69ef862f2351391845697c40711820d10df52ca5@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4b8be87acf5b9c098a2ee350b5ca5716fe7afeaf0a21a4ee45a90687@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4ea2f1a9d79d4fc1896e085f31fb60a21b1770d0a26a5250f849372d@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/r584cf871f188c406d8bd447ff4e2fd9817fca862436c064d0951a071@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r5baac01f9e06c40ff7aab209d5751b3b58802c63734e33324b70a06a@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r5cbea8614812289a9b98d0cfc54b47f54cef424ac98d5e315b791795@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r5f2f120b2b8d099226473db1832ffb4d7c1d6dc2d228a164bf293a8e@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r602e98daacc98934f097f07f2eed6eb07c18bfc1949c8489dc7bfcf5@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r61564d86a75403b854cdafee67fc69c8b88c5f6802c2c838f4282cc8@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r69efd8ef003f612c43e4154e788ca3b1f837feaacd16d97854402355@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6dac9bd799ceac499c7a7e152a9b0dc7f2fe7f89ec5605d129bb047b@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r70c3a7bfa904f06a1902f4df20ee26e4f09a46b8fd3eb304dc57a2de@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7879ddcb990c835c6b246654770d836f9d031dee982be836744e50ed@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r7b54563abebe3dbbe421e1ba075c2030d8d460372f8c79b7789684b6@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r823d4b27fcba8dad5fe945bdefce3ca5a0031187966eb6ef3cc22ba9@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r855b4b6814ac829ce2d48dd9d8138d07f33387e710de798ee92c011e@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r967002f0939e69bdec58f070735a19dd57c1f2b8f817949ca17cddae@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r9ec78dc409f3f1edff88f21cab53737f36aad46f582a9825389092e0@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r9fe840c36b74f92b8d4a089ada1f9fd1d6293742efa18b10e06b66d2@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra64d56a8a331ffd7bdcd24a9aaaeeedeacd5d639f5a683389123f898@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/ra655e5cec74d1ddf62adacb71d398abd96f3ea2c588f6bbf048348eb@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/ra66e93703e3f4bd31bdfd0b6fb0c32ae96b528259bb1aa2b6d38e401@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/raa413040db6d2197593cc03edecfd168732e697119e6447b0a25d525@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rac8cf45a1bab9ead5c9a860cbadd6faaeb7792203617b6ec3874736d@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rafc77f9f03031297394f3d372ccea751b23576f8a2ae9b6b053894c5@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rba2a9ef1d0af882ab58fadb336a58818495245dda43d32a7d7837187@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rbde2f13daf4911504f0eaea43eee4f42555241b5f6d9d71564b6c5fa@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rca0978b634a0c3ebee4126ec29c7f570b165fae3f8f3658754c1cbd3@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/rcae42fba06979934208bbd515584b241d3ad01d1bb8b063512644362@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd4a6b7dec38ea6cd28b6f94bd4b312629a52b80be3786d5fb0e474bc@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/rd8f72411fb75b98d366400ae789966373b5c3eb3f511e717caf3e49e@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rdd206d9dd7eb894cc089b37fe6edde2932de88d63a6d8368b44f5101@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rdd5715f3ee5e3216d5e0083a07994f67da6dbb9731ce9e7a6389b18e@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re1911e05c08f3ec2bab85744d788773519a0afb27272a31ac2a0b4e8@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re39391adcb863f0e9f3f15e7986255948f263f02e4700b82453e7102@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re4b0141939370304d676fe23774d0c6fbc584b648919825402d0cb39@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re7c69756a102bebce8b8681882844a53e2f23975a189363e68ad0324@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/re9e6ed60941da831675de2f8f733c026757fb4fa28a7b6c9f3dfb575@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/redef0fb5474fd686781007de9ddb852b24f1b04131a248d9a4789183@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf148b2bf6c2754153a8629bc7495e216bd0bd4c915695486542a10b4@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf38e4dcdefc7c59f7ba0799a399d6d6e37b555d406a1dfc2fcbf0b35@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rf521ff2be2e2dd38984174d3451e6ee935c845948845c8fccd86371d@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf934292a4a1c189827f625d567838d2c1001e4739b158638d844105b@%3Cissues.kudu.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-21409
https://security.netapp.com/advisory/ntap-20210604-0003/
https://www.debian.org/security/2021/dsa-4885
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | log4j:log4j | CVE-2019-17571 | CRITICAL | 1.2.17 | 2.0-alpha1 |
Expand...http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00022.html
https://access.redhat.com/security/cve/CVE-2019-17571
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17571
https://github.com/advisories/GHSA-2qrg-x229-3v8q
https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/564f03b4e9511fcba29c68fc0299372dadbdb002718fa8edcc4325e4@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/752ec92cd1e334a639e79bfbd689a4ec2c6579ec5bb41b53ffdf358d@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E
https://lists.apache.org/thread.html/r05755112a8c164abc1004bb44f198b1e3d8ca3d546a8f13ebd3aa05f@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r13d4b5c60ff63f3c4fab51d6ff266655be503b8a1884e2f2fab67c3a@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r189aaeaad897f7d6b96f7c43a8ef2dfb9f6e9f8c1cc9ad182ce9b9ae@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r1b7734dfdfd938640f2f5fb6f4231a267145c71ed60cc7faa1cbac07@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r26244f9f7d9a8a27a092eb0b2a0ca9395e88fcde8b5edaeca7ce569c@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2756fd570b6709d55a61831ca028405bcb3e312175a60bc5d911c81f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r3543ead2317dcd3306f69ee37b07dd383dbba6e2f47ff11eb55879ad@%3Cusers.activemq.apache.org%3E
https://lists.apache.org/thread.html/r356d57d6225f91fdc30f8b0a2bed229d1ece55e16e552878c5fa809a@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/r3bf7b982dfa0779f8a71f843d2aa6b4184a53e6be7f149ee079387fd@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r3c575cabc7386e646fb12cb82b0b38ae5a6ade8a800f827107824495@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r3cf50d05ce8cec8c09392624b7bae750e7643dae60ef2438641ee015@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r48d5019bd42e0770f7e5351e420a63a41ff1f16924942442c6aff6a8@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r48efc7cb5aeb4e1f67aaa06fb4b5479a5635d12f07d0b93fc2d08809@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4ac89cbecd9e298ae9fafb5afda6fa77ac75c78d1ac957837e066c4e@%3Cuser.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328@%3Cusers.activemq.apache.org%3E
https://lists.apache.org/thread.html/r594411f4bddebaf48a4c70266d0b7849e0d82bb72826f61b3a35bba7@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r5c084578b3e3b40bd903c9d9e525097421bcd88178e672f612102eb2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r6236b5f8646d48af8b66d5050f288304016840788e508c883356fe0e@%3Clog4j-user.logging.apache.org%3E
https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/r696507338dd5f44efc23d98cafe30f217cf3ba78e77ed1324c7a5179@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r6aec6b8f70167fa325fb98b3b5c9ce0ffaed026e697b69b85ac24628@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6b45a2fcc8e98ac93a179183dbb7f340027bdb8e3ab393418076b153@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r6d34da5a0ca17ab08179a30c971446c7421af0e96f6d60867eabfc52@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r71e26f9c2d5826c6f95ad60f7d052d75e1e70b0d2dd853db6fc26d5f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/r7a1acc95373105169bd44df710c2f462cad31fb805364d2958a5ee03@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/r7f462c69d5ded4c0223e014d95a3496690423c5f6f05c09e2f2a407a@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r8244fd0831db894d5e89911ded9c72196d395a90ae655414d23ed0dd@%3Cusers.activemq.apache.org%3E
https://lists.apache.org/thread.html/r8418a0dff1729f19cf1024937e23a2db4c0f94f2794a423f5c10e8e7@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r8890b8f18f1de821595792b58b968a89692a255bc20d86d395270740@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r8a1cfd4705258c106e488091fcec85f194c82f2bbde6bd151e201870@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r8c392ca48bb7e50754e4bc05865e9731b23d568d18a520fe3d8c1f75@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r8c6300245c0bcef095e9f07b48157e2c6471df0816db3408fcf1d748@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r8d78a0fbb56d505461e29868d1026e98c402e6a568c13a6da67896a2@%3Cdev.jena.apache.org%3E
https://lists.apache.org/thread.html/r8e3f7da12bf5750b0a02e69a78a61073a2ac950eed7451ce70a65177@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r909b8e3a36913944d3b7bafe9635d4ca84f8f0e2cd146a1784f667c2@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r90c23eb8c82835fa82df85ae5e88c81fd9241e20a22971b0fb8f2c34@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r944183c871594fe9a555b8519a7c945bbcf6714d72461aa6c929028f@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r9a9e3b42cd5d1c4536a14ef04f75048dec8e2740ac6a138ea912177f@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/r9d0d03f2e7d9e13c68b530f81d02b0fec33133edcf27330d8089fcfb@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r9d2e28e71f91ba0b6f4114c8ecd96e2b1f7e0d06bdf8eb768c183aa9@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882@%3Cusers.activemq.apache.org%3E
https://lists.apache.org/thread.html/r9fb3238cfc3222f2392ca6517353aadae18f76866157318ac562e706@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/ra18a903f785aed9403aea38bc6f36844a056283c00dcfc6936b6318c@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/ra54fa49be3e773d99ccc9c2a422311cf77e3ecd3b8594ee93043a6b1@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra9611a8431cb62369bce8909d7645597e1dd45c24b448836b1e54940@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/rb3c94619728c8f8c176d8e175e0a1086ca737ecdfcd5a2214bb768bc@%3Ccommits.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rbc45eb0f53fd6242af3e666c2189464f848a851d408289840cecc6e3@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rbd19de368abf0764e4383ec44d527bc9870176f488a494f09a40500d@%3Ccommon-dev.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rbdf18e39428b5c80fc35113470198b1fe53b287a76a46b0f8780b5fd@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rc17d8491beee51607693019857e41e769795366b85be00aa2f4b3159@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/rc628307962ae1b8cc2d21b8e4b7dd6d7755b2dd52fa56a151a27e4fd@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/rcd71280585425dad7e232f239c5709e425efdd0d3de4a92f808a4767@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rd3a9511eebab60e23f224841390a3f8cd5358cff605c5f7042171e47@%3Cdev.tinkerpop.apache.org%3E
https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/rd6254837403e8cbfc7018baa9be29705f3f06bd007c83708f9a97679@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd7805c1bf9388968508c6c8f84588773216e560055ddcc813d19f347@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rd882ab6b642fe59cbbe94dc02bd197342058208f482e57b537940a4b@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rda4849c6823dd3e83c7a356eb883180811d5c28359fe46865fd151c3@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rdb7ddf28807e27c7801f6e56a0dfb31092d34c61bdd4fa2de9182119@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/rdf2a0d94c3b5b523aeff7741ae71347415276062811b687f30ea6573@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re36da78e4f3955ba6c1c373a2ab85a4deb215ca74b85fcd66142fea1@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374@%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/reaf6b996f74f12b4557bc221abe88f58270ac583942fa41293c61f94@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/rec34b1cccf907898e7cb36051ffac3ccf1ea89d0b261a2a3b3fb267f@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf1b434e11834a4449cd7addb69ed0aef0923112b5938182b363a968c@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f@%3Cdev.tika.apache.org%3E
https://lists.apache.org/thread.html/rf53eeefb7e7e524deaacb9f8671cbf01b8a253e865fb94e7656722c0@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf77f79699c8d7e430c14cf480f12ed1297e6e8cf2ed379a425941e80@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rf9c19bcc2f7a98a880fa3e3456c003d331812b55836b34ef648063c9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.apache.org/thread.html/rfdf65fa675c64a64459817344e0e6c44d51ee264beea6e5851fb60dc@%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/01/msg00008.html
https://nvd.nist.gov/vuln/detail/CVE-2019-17571
https://security.netapp.com/advisory/ntap-20200110-0001/
https://ubuntu.com/security/notices/USN-4495-1
https://usn.ubuntu.com/4495-1/
https://www.debian.org/security/2020/dsa-4686
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
| | log4j:log4j | CVE-2022-23305 | CRITICAL | 1.2.17 | |
Expand...http://www.openwall.com/lists/oss-security/2022/01/18/4
https://access.redhat.com/security/cve/CVE-2022-23305
https://github.com/advisories/GHSA-65fg-84f6-3jq3
https://linux.oracle.com/cve/CVE-2022-23305.html
https://linux.oracle.com/errata/ELSA-2022-0442.html
https://lists.apache.org/thread/pt6lh3pbsvxqlwlp4c5l798dv2hkc85y
https://logging.apache.org/log4j/1.2/index.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23305
https://security.netapp.com/advisory/ntap-20220217-0007/
https://www.openwall.com/lists/oss-security/2022/01/18/4
| | log4j:log4j | CVE-2022-23307 | CRITICAL | 1.2.17 | |
Expand...https://access.redhat.com/security/cve/CVE-2022-23307
https://linux.oracle.com/cve/CVE-2022-23307.html
https://linux.oracle.com/errata/ELSA-2022-0442.html
https://lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhh
https://logging.apache.org/log4j/1.2/index.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23307
https://www.openwall.com/lists/oss-security/2022/01/18/5
| | log4j:log4j | CVE-2022-23302 | HIGH | 1.2.17 | |
Expand...http://www.openwall.com/lists/oss-security/2022/01/18/3
https://access.redhat.com/security/cve/CVE-2022-23302
https://github.com/advisories/GHSA-w9p3-5cr8-m3jj
https://linux.oracle.com/cve/CVE-2022-23302.html
https://linux.oracle.com/errata/ELSA-2022-0442.html
https://lists.apache.org/thread/bsr3l5qz4g0myrjhy9h67bcxodpkwj4w
https://logging.apache.org/log4j/1.2/index.html
https://nvd.nist.gov/vuln/detail/CVE-2022-23302
https://security.netapp.com/advisory/ntap-20220217-0006/
https://www.openwall.com/lists/oss-security/2022/01/18/3
| | log4j:log4j | CVE-2020-9488 | LOW | 1.2.17 | 2.13.2 |
Expand...https://access.redhat.com/security/cve/CVE-2020-9488
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9488
https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=6851b5083ef9610bae320bf07e1f24d2aa08851b (release-2.x)
https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=fb91a3d71e2f3dadad6fd1beb2ab857f44fe8bbb (master)
https://github.com/advisories/GHSA-vwqq-5vrc-xw9h
https://issues.apache.org/jira/browse/LOG4J2-2819
https://lists.apache.org/thread.html/r0a2699f724156a558afd1abb6c044fb9132caa66dce861b82699722a@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r0df3d7a5acb98c57e64ab9266aa21eeee1d9b399addb96f9cf1cbe05@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r1fc73f0e16ec2fa249d3ad39a5194afb9cc5afb4c023dc0bab5a5881@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r22a56beb76dd8cf18e24fda9072f1e05990f49d6439662d3782a392f@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2f209d271349bafd91537a558a279c08ebcff8fa3e547357d58833e6@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r33864a0fc171c1c4bf680645ebb6d4f8057899ab294a43e1e4fe9d04@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r393943de452406f0f6f4b3def9f8d3c071f96323c1f6ed1a098f7fe4@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/r3d1d00441c55144a4013adda74b051ae7864128ebcfb6ee9721a2eb3@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r4285398e5585a0456d3d9db021a4fce6e6fcf3ec027dfa13a450ec98@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r45916179811a32cbaa500f972de9098e6ee80ee81c7f134fce83e03a@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r48bcd06049c1779ef709564544c3d8a32ae6ee5c3b7281a606ac4463@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r48efc7cb5aeb4e1f67aaa06fb4b5479a5635d12f07d0b93fc2d08809@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4d5dc9f3520071338d9ebc26f9f158a43ae28a91923d176b550a807b@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/r4db540cafc5d7232c62e076051ef661d37d345015b2e59b3f81a932f@%3Cdev.hive.apache.org%3E
https://lists.apache.org/thread.html/r4ed1f49616a8603832d378cb9d13e7a8b9b27972bb46d946ccd8491f@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r5a68258e5ab12532dc179edae3d6e87037fa3b50ab9d63a90c432507@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r65578f3761a89bc164e8964acd5d913b9f8fd997967b195a89a97ca3@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r7641ee788e1eb1be4bb206a7d15f8a64ec6ef23e5ec6132d5a567695@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7e5c10534ed06bf805473ac85e8412fe3908a8fa4cabf5027bf11220@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r7e739f2961753af95e2a3a637828fb88bfca68e5d6b0221d483a9ee5@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8c001b9a95c0bbec06f4457721edd94935a55932e64b82cc5582b846@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r9776e71e3c67c5d13a91c1eba0dc025b48b802eb7561cc6956d6961c@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r9a79175c393d14d760a0ae3731b4a873230a16ef321aa9ca48a810cd@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra051e07a0eea4943fa104247e69596f094951f51512d42c924e86c75@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/ra632b329b2ae2324fabbad5da204c4ec2e171ff60348ec4ba698fd40@%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rbc45eb0f53fd6242af3e666c2189464f848a851d408289840cecc6e3@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rc6b81c013618d1de1b5d6b8c1088aaf87b4bacc10c2371f15a566701@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rd55f65c6822ff235eda435d31488cfbb9aa7055cdf47481ebee777cc@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E
https://lists.apache.org/thread.html/rd8e87c4d69df335d0ba7d815b63be8bd8a6352f429765c52eb07ddac@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re024d86dffa72ad800f2848d0c77ed93f0b78ee808350b477a6ed987@%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rec34b1cccf907898e7cb36051ffac3ccf1ea89d0b261a2a3b3fb267f@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf1c2a81a08034c688b8f15cf58a4cfab322d00002ca46d20133bee20@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html
https://nvd.nist.gov/vuln/detail/CVE-2020-9488
https://security.netapp.com/advisory/ntap-20200504-0003/
https://www.debian.org/security/2021/dsa-5020
https://www.openwall.com/lists/oss-security/2020/04/25/1
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | log4j:log4j | GMS-2021-5 | UNKNOWN | 1.2.17 | 2.15.0-rc1 |
Expand...https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126
https://www.lunasec.io/docs/blog/log4j-zero-day/
| | org.springframework.boot:spring-boot | CVE-2022-22965 | CRITICAL | 2.5.9 | 2.5.12, 2.6.6 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22965
https://github.com/advisories/GHSA-36p3-wjmg-h94x
https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12
https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6
https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15
https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE
https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds
https://tanzu.vmware.com/security/cve-2022-22965
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html
https://www.praetorian.com/blog/spring-core-jdk9-rce/
| | org.springframework.boot:spring-boot | GMS-2022-560 | UNKNOWN | 2.5.9 | 2.5.12, 2.6.6 |
Expand...https://github.com/advisories/GHSA-36p3-wjmg-h94x
https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12
https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6
https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15
https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE
https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
https://tanzu.vmware.com/security/cve-2022-22965
| | org.springframework.boot:spring-boot | GMS-2022-561 | UNKNOWN | 2.5.9 | 2.5.12, 2.6.6 |
Expand...https://github.com/advisories/GHSA-36p3-wjmg-h94x
https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12
https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6
https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15
https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE
https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
https://tanzu.vmware.com/security/cve-2022-22965
| | org.springframework:spring-beans | CVE-2022-22965 | CRITICAL | 5.3.15 | 5.3.18, 5.2.20 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22965
https://github.com/advisories/GHSA-36p3-wjmg-h94x
https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12
https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6
https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15
https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE
https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds
https://tanzu.vmware.com/security/cve-2022-22965
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html
https://www.praetorian.com/blog/spring-core-jdk9-rce/
| | org.springframework:spring-core | CVE-2022-22950 | MEDIUM | 5.3.15 | 5.2.20, 5.3.16 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22950
https://github.com/advisories/GHSA-558x-2xjg-6232
https://nvd.nist.gov/vuln/detail/CVE-2022-22950
https://tanzu.vmware.com/security/cve-2022-22950
| | org.springframework:spring-webflux | CVE-2022-22965 | CRITICAL | 5.3.15 | 5.3.18, 5.2.20 |
Expand...https://access.redhat.com/security/cve/CVE-2022-22965
https://github.com/advisories/GHSA-36p3-wjmg-h94x
https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12
https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6
https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15
https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE
https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds
https://tanzu.vmware.com/security/cve-2022-22965
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html
https://www.praetorian.com/blog/spring-core-jdk9-rce/
| **node-pkg** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | engine.io | CVE-2022-21676 | HIGH | 5.1.1 | 6.1.1, 5.2.1, 4.1.2 |
Expand...https://github.com/advisories/GHSA-273r-mgr4-v34f
https://github.com/socketio/engine.io/commit/66f889fc1d966bf5bfa0de1939069153643874ab
https://github.com/socketio/engine.io/commit/a70800d7e96da32f6e6622804ef659ebc58659db
https://github.com/socketio/engine.io/commit/c0e194d44933bd83bf9a4b126fca68ba7bf5098c
https://github.com/socketio/engine.io/releases/tag/4.1.2
https://github.com/socketio/engine.io/releases/tag/5.2.1
https://github.com/socketio/engine.io/releases/tag/6.1.1
https://github.com/socketio/engine.io/security/advisories/GHSA-273r-mgr4-v34f
https://nvd.nist.gov/vuln/detail/CVE-2022-21676
| | ws | CVE-2021-32640 | MEDIUM | 7.4.3 | 5.2.3, 6.2.2, 7.4.6 |
Expand...https://access.redhat.com/security/cve/CVE-2021-32640
https://github.com/advisories/GHSA-6fc8-4gx4-v693
https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff
https://github.com/websockets/ws/issues/1895
https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693
https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-32640
| **python-pkg** | No Vulnerabilities found | |:---------------------------------| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.5 | 0.3.7 |
Expand...https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113
| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.5 | 0.3.7 |
Expand...https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113
| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.5 | 0.3.7 |
Expand...https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113
| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.5 | 0.3.7 |
Expand...https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113
| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.5 | 0.3.7 |
Expand...https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113
| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.5 | 0.3.7 |
Expand...https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113
| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.5 | 0.3.7 |
Expand...https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113
| **gobinary** | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | golang.org/x/text | CVE-2021-38561 | UNKNOWN | v0.3.5 | 0.3.7 |
Expand...https://go-review.googlesource.com/c/text/+/340830
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://pkg.go.dev/vuln/GO-2021-0113
|