nginx:latest (debian 12.10) - Trivy Report

debian
Package Vulnerability ID Severity Installed Version Fixed Version Links
apt CVE-2011-3374 LOW 2.6.1 https://access.redhat.com/security/cve/cve-2011-3374 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480 https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html https://seclists.org/fulldisclosure/2011/Sep/221 https://security-tracker.debian.org/tracker/CVE-2011-3374 https://snyk.io/vuln/SNYK-LINUX-APT-116518 https://ubuntu.com/security/CVE-2011-3374
bash TEMP-0841856-B18BAF LOW 5.2.15-2+b7
bsdutils CVE-2022-0563 LOW 1:2.38.1-5+deb12u3 https://access.redhat.com/security/cve/CVE-2022-0563 https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/ https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.gentoo.org/glsa/202401-08 https://security.netapp.com/advisory/ntap-20220331-0002/ https://www.cve.org/CVERecord?id=CVE-2022-0563
coreutils CVE-2016-2781 LOW 9.1-1 http://seclists.org/oss-sec/2016/q1/452 http://www.openwall.com/lists/oss-security/2016/02/28/2 http://www.openwall.com/lists/oss-security/2016/02/28/3 https://access.redhat.com/security/cve/CVE-2016-2781 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://lore.kernel.org/patchwork/patch/793178/ https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.28/v2.28-ReleaseNotes https://nvd.nist.gov/vuln/detail/CVE-2016-2781 https://www.cve.org/CVERecord?id=CVE-2016-2781
coreutils CVE-2017-18018 LOW 9.1-1 http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html https://access.redhat.com/security/cve/CVE-2017-18018 https://nvd.nist.gov/vuln/detail/CVE-2017-18018 https://www.cve.org/CVERecord?id=CVE-2017-18018
curl CVE-2024-2379 LOW 7.88.1-10+deb12u12 http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19 http://seclists.org/fulldisclosure/2024/Jul/20 http://www.openwall.com/lists/oss-security/2024/03/27/2 https://access.redhat.com/security/cve/CVE-2024-2379 https://curl.se/docs/CVE-2024-2379.html https://curl.se/docs/CVE-2024-2379.json https://hackerone.com/reports/2410774 https://nvd.nist.gov/vuln/detail/CVE-2024-2379 https://security.netapp.com/advisory/ntap-20240531-0001/ https://support.apple.com/kb/HT214118 https://support.apple.com/kb/HT214119 https://support.apple.com/kb/HT214120 https://www.cve.org/CVERecord?id=CVE-2024-2379
curl CVE-2025-0725 LOW 7.88.1-10+deb12u12 http://www.openwall.com/lists/oss-security/2025/02/05/3 http://www.openwall.com/lists/oss-security/2025/02/06/2 http://www.openwall.com/lists/oss-security/2025/02/06/4 https://access.redhat.com/security/cve/CVE-2025-0725 https://curl.se/docs/CVE-2025-0725.html https://curl.se/docs/CVE-2025-0725.json https://hackerone.com/reports/2956023 https://nvd.nist.gov/vuln/detail/CVE-2025-0725 https://security.netapp.com/advisory/ntap-20250306-0009/ https://www.cve.org/CVERecord?id=CVE-2025-0725
gcc-12-base CVE-2022-27943 LOW 12.2.0-14 https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
gcc-12-base CVE-2023-4039 LOW 12.2.0-14 https://access.redhat.com/security/cve/CVE-2023-4039 https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org https://linux.oracle.com/cve/CVE-2023-4039.html https://linux.oracle.com/errata/ELSA-2023-28766.html https://nvd.nist.gov/vuln/detail/CVE-2023-4039 https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html https://www.cve.org/CVERecord?id=CVE-2023-4039
gpgv CVE-2022-3219 LOW 2.2.40-1.1 https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gpgv CVE-2025-30258 LOW 2.2.40-1.1 https://access.redhat.com/security/cve/CVE-2025-30258 https://dev.gnupg.org/T7527 https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158 https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html https://nvd.nist.gov/vuln/detail/CVE-2025-30258 https://ubuntu.com/security/notices/USN-7412-1 https://www.cve.org/CVERecord?id=CVE-2025-30258
libabsl20220623 CVE-2025-0838 MEDIUM 20220623.1-1 https://access.redhat.com/security/cve/CVE-2025-0838 https://github.com/abseil/abseil-cpp/commit/5a0e2cb5e3958dd90bb8569a2766622cb74d90c1 https://lists.debian.org/debian-lts-announce/2025/04/msg00012.html https://nvd.nist.gov/vuln/detail/CVE-2025-0838 https://www.cve.org/CVERecord?id=CVE-2025-0838
libaom3 CVE-2023-6879 CRITICAL 3.6.0-1+deb12u1 https://access.redhat.com/security/cve/CVE-2023-6879 https://aomedia.googlesource.com/aom/+/refs/tags/v3.7.1 https://crbug.com/aomedia/3491 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/ https://nvd.nist.gov/vuln/detail/CVE-2023-6879 https://www.cve.org/CVERecord?id=CVE-2023-6879
libaom3 CVE-2023-39616 HIGH 3.6.0-1+deb12u1 https://bugs.chromium.org/p/aomedia/issues/detail?id=3372#c3
libapt-pkg6.0 CVE-2011-3374 LOW 2.6.1 https://access.redhat.com/security/cve/cve-2011-3374 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480 https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html https://seclists.org/fulldisclosure/2011/Sep/221 https://security-tracker.debian.org/tracker/CVE-2011-3374 https://snyk.io/vuln/SNYK-LINUX-APT-116518 https://ubuntu.com/security/CVE-2011-3374
libblkid1 CVE-2022-0563 LOW 2.38.1-5+deb12u3 https://access.redhat.com/security/cve/CVE-2022-0563 https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/ https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.gentoo.org/glsa/202401-08 https://security.netapp.com/advisory/ntap-20220331-0002/ https://www.cve.org/CVERecord?id=CVE-2022-0563
libc-bin CVE-2010-4756 LOW 2.36-9+deb12u10 http://cxib.net/stuff/glob-0day.c http://securityreason.com/achievement_securityalert/89 http://securityreason.com/exploitalert/9223 https://access.redhat.com/security/cve/CVE-2010-4756 https://bugzilla.redhat.com/show_bug.cgi?id=681681 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756 https://nvd.nist.gov/vuln/detail/CVE-2010-4756 https://www.cve.org/CVERecord?id=CVE-2010-4756
libc-bin CVE-2018-20796 LOW 2.36-9+deb12u10 http://www.securityfocus.com/bid/107160 https://access.redhat.com/security/cve/CVE-2018-20796 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html https://nvd.nist.gov/vuln/detail/CVE-2018-20796 https://security.netapp.com/advisory/ntap-20190315-0002/ https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS https://www.cve.org/CVERecord?id=CVE-2018-20796
libc-bin CVE-2019-1010022 LOW 2.36-9+deb12u10 https://access.redhat.com/security/cve/CVE-2019-1010022 https://nvd.nist.gov/vuln/detail/CVE-2019-1010022 https://security-tracker.debian.org/tracker/CVE-2019-1010022 https://sourceware.org/bugzilla/show_bug.cgi?id=22850 https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3 https://ubuntu.com/security/CVE-2019-1010022 https://www.cve.org/CVERecord?id=CVE-2019-1010022
libc-bin CVE-2019-1010023 LOW 2.36-9+deb12u10 http://www.securityfocus.com/bid/109167 https://access.redhat.com/security/cve/CVE-2019-1010023 https://nvd.nist.gov/vuln/detail/CVE-2019-1010023 https://security-tracker.debian.org/tracker/CVE-2019-1010023 https://sourceware.org/bugzilla/show_bug.cgi?id=22851 https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010023 https://www.cve.org/CVERecord?id=CVE-2019-1010023
libc-bin CVE-2019-1010024 LOW 2.36-9+deb12u10 http://www.securityfocus.com/bid/109162 https://access.redhat.com/security/cve/CVE-2019-1010024 https://nvd.nist.gov/vuln/detail/CVE-2019-1010024 https://security-tracker.debian.org/tracker/CVE-2019-1010024 https://sourceware.org/bugzilla/show_bug.cgi?id=22852 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010024 https://www.cve.org/CVERecord?id=CVE-2019-1010024
libc-bin CVE-2019-1010025 LOW 2.36-9+deb12u10 https://access.redhat.com/security/cve/CVE-2019-1010025 https://nvd.nist.gov/vuln/detail/CVE-2019-1010025 https://security-tracker.debian.org/tracker/CVE-2019-1010025 https://sourceware.org/bugzilla/show_bug.cgi?id=22853 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010025 https://www.cve.org/CVERecord?id=CVE-2019-1010025
libc-bin CVE-2019-9192 LOW 2.36-9+deb12u10 https://access.redhat.com/security/cve/CVE-2019-9192 https://nvd.nist.gov/vuln/detail/CVE-2019-9192 https://sourceware.org/bugzilla/show_bug.cgi?id=24269 https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS https://www.cve.org/CVERecord?id=CVE-2019-9192
libc6 CVE-2010-4756 LOW 2.36-9+deb12u10 http://cxib.net/stuff/glob-0day.c http://securityreason.com/achievement_securityalert/89 http://securityreason.com/exploitalert/9223 https://access.redhat.com/security/cve/CVE-2010-4756 https://bugzilla.redhat.com/show_bug.cgi?id=681681 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756 https://nvd.nist.gov/vuln/detail/CVE-2010-4756 https://www.cve.org/CVERecord?id=CVE-2010-4756
libc6 CVE-2018-20796 LOW 2.36-9+deb12u10 http://www.securityfocus.com/bid/107160 https://access.redhat.com/security/cve/CVE-2018-20796 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html https://nvd.nist.gov/vuln/detail/CVE-2018-20796 https://security.netapp.com/advisory/ntap-20190315-0002/ https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS https://www.cve.org/CVERecord?id=CVE-2018-20796
libc6 CVE-2019-1010022 LOW 2.36-9+deb12u10 https://access.redhat.com/security/cve/CVE-2019-1010022 https://nvd.nist.gov/vuln/detail/CVE-2019-1010022 https://security-tracker.debian.org/tracker/CVE-2019-1010022 https://sourceware.org/bugzilla/show_bug.cgi?id=22850 https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3 https://ubuntu.com/security/CVE-2019-1010022 https://www.cve.org/CVERecord?id=CVE-2019-1010022
libc6 CVE-2019-1010023 LOW 2.36-9+deb12u10 http://www.securityfocus.com/bid/109167 https://access.redhat.com/security/cve/CVE-2019-1010023 https://nvd.nist.gov/vuln/detail/CVE-2019-1010023 https://security-tracker.debian.org/tracker/CVE-2019-1010023 https://sourceware.org/bugzilla/show_bug.cgi?id=22851 https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010023 https://www.cve.org/CVERecord?id=CVE-2019-1010023
libc6 CVE-2019-1010024 LOW 2.36-9+deb12u10 http://www.securityfocus.com/bid/109162 https://access.redhat.com/security/cve/CVE-2019-1010024 https://nvd.nist.gov/vuln/detail/CVE-2019-1010024 https://security-tracker.debian.org/tracker/CVE-2019-1010024 https://sourceware.org/bugzilla/show_bug.cgi?id=22852 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010024 https://www.cve.org/CVERecord?id=CVE-2019-1010024
libc6 CVE-2019-1010025 LOW 2.36-9+deb12u10 https://access.redhat.com/security/cve/CVE-2019-1010025 https://nvd.nist.gov/vuln/detail/CVE-2019-1010025 https://security-tracker.debian.org/tracker/CVE-2019-1010025 https://sourceware.org/bugzilla/show_bug.cgi?id=22853 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010025 https://www.cve.org/CVERecord?id=CVE-2019-1010025
libc6 CVE-2019-9192 LOW 2.36-9+deb12u10 https://access.redhat.com/security/cve/CVE-2019-9192 https://nvd.nist.gov/vuln/detail/CVE-2019-9192 https://sourceware.org/bugzilla/show_bug.cgi?id=24269 https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS https://www.cve.org/CVERecord?id=CVE-2019-9192
libcap2 CVE-2025-1390 MEDIUM 1:2.66-4 https://access.redhat.com/security/cve/CVE-2025-1390 https://bugzilla.openanolis.cn/show_bug.cgi?id=18804 https://nvd.nist.gov/vuln/detail/CVE-2025-1390 https://ubuntu.com/security/notices/USN-7287-1 https://www.cve.org/CVERecord?id=CVE-2025-1390
libcurl4 CVE-2024-2379 LOW 7.88.1-10+deb12u12 http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19 http://seclists.org/fulldisclosure/2024/Jul/20 http://www.openwall.com/lists/oss-security/2024/03/27/2 https://access.redhat.com/security/cve/CVE-2024-2379 https://curl.se/docs/CVE-2024-2379.html https://curl.se/docs/CVE-2024-2379.json https://hackerone.com/reports/2410774 https://nvd.nist.gov/vuln/detail/CVE-2024-2379 https://security.netapp.com/advisory/ntap-20240531-0001/ https://support.apple.com/kb/HT214118 https://support.apple.com/kb/HT214119 https://support.apple.com/kb/HT214120 https://www.cve.org/CVERecord?id=CVE-2024-2379
libcurl4 CVE-2025-0725 LOW 7.88.1-10+deb12u12 http://www.openwall.com/lists/oss-security/2025/02/05/3 http://www.openwall.com/lists/oss-security/2025/02/06/2 http://www.openwall.com/lists/oss-security/2025/02/06/4 https://access.redhat.com/security/cve/CVE-2025-0725 https://curl.se/docs/CVE-2025-0725.html https://curl.se/docs/CVE-2025-0725.json https://hackerone.com/reports/2956023 https://nvd.nist.gov/vuln/detail/CVE-2025-0725 https://security.netapp.com/advisory/ntap-20250306-0009/ https://www.cve.org/CVERecord?id=CVE-2025-0725
libdav1d6 CVE-2023-32570 MEDIUM 1.0.0-2+deb12u1 https://code.videolan.org/videolan/dav1d/-/commit/cf617fdae0b9bfabd27282854c8e81450d955efa https://code.videolan.org/videolan/dav1d/-/tags/1.2.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WGSO7UMOF4MVLQ5H6KIV7OG6ONS377B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LXZ6CUNJFDJLCFOZHY2TIGMCAEITLCRP/ https://security.gentoo.org/glsa/202310-05
libde265-0 CVE-2023-51792 MEDIUM 1.0.11-1+deb12u2 https://github.com/strukturag/libde265 https://github.com/strukturag/libde265/issues/427 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/ https://ubuntu.com/security/notices/USN-6764-1 https://www.cve.org/CVERecord?id=CVE-2023-51792
libde265-0 CVE-2024-38949 MEDIUM 1.0.11-1+deb12u2 https://github.com/strukturag/libde265/issues/460 https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-38949 https://www.cve.org/CVERecord?id=CVE-2024-38949
libde265-0 CVE-2024-38950 MEDIUM 1.0.11-1+deb12u2 https://github.com/strukturag/libde265/issues/460 https://github.com/zhangteng0526/CVE-information/blob/main/CVE-2024-38950 https://www.cve.org/CVERecord?id=CVE-2024-38950
libexpat1 CVE-2023-52425 HIGH 2.5.0-1+deb12u1 http://www.openwall.com/lists/oss-security/2024/03/20/5 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2023-52425 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://bugzilla.redhat.com/show_bug.cgi?id=2262877 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52425 https://errata.almalinux.org/9/ALSA-2024-1530.html https://errata.rockylinux.org/RLSA-2024:1615 https://github.com/libexpat/libexpat/pull/789 https://linux.oracle.com/cve/CVE-2023-52425.html https://linux.oracle.com/errata/ELSA-2024-4259.html https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ https://nvd.nist.gov/vuln/detail/CVE-2023-52425 https://security.netapp.com/advisory/ntap-20240614-0003/ https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2023-52425
libexpat1 CVE-2024-8176 HIGH 2.5.0-1+deb12u1 http://www.openwall.com/lists/oss-security/2025/03/15/1 https://access.redhat.com/errata/RHSA-2025:3531 https://access.redhat.com/errata/RHSA-2025:3734 https://access.redhat.com/errata/RHSA-2025:3913 https://access.redhat.com/errata/RHSA-2025:4048 https://access.redhat.com/security/cve/CVE-2024-8176 https://blog.hartwork.org/posts/expat-2-7-0-released/ https://bugzilla.redhat.com/2310137 https://bugzilla.redhat.com/show_bug.cgi?id=2310137 https://bugzilla.suse.com/show_bug.cgi?id=1239618 https://errata.almalinux.org/9/ALSA-2025-3531.html https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52 https://github.com/libexpat/libexpat/issues/893 https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53 https://linux.oracle.com/cve/CVE-2024-8176.html https://linux.oracle.com/errata/ELSA-2025-4048.html https://nvd.nist.gov/vuln/detail/CVE-2024-8176 https://security-tracker.debian.org/tracker/CVE-2024-8176 https://security.netapp.com/advisory/ntap-20250328-0009/ https://ubuntu.com/security/CVE-2024-8176 https://ubuntu.com/security/notices/USN-7424-1 https://www.cve.org/CVERecord?id=CVE-2024-8176
libexpat1 CVE-2024-50602 MEDIUM 2.5.0-1+deb12u1 https://access.redhat.com/errata/RHSA-2024:9541 https://access.redhat.com/security/cve/CVE-2024-50602 https://bugzilla.redhat.com/2321987 https://bugzilla.redhat.com/show_bug.cgi?id=2321987 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50602 https://errata.almalinux.org/9/ALSA-2024-9541.html https://errata.rockylinux.org/RLSA-2024:9502 https://github.com/libexpat/libexpat/pull/915 https://linux.oracle.com/cve/CVE-2024-50602.html https://linux.oracle.com/errata/ELSA-2024-9541.html https://nvd.nist.gov/vuln/detail/CVE-2024-50602 https://security.netapp.com/advisory/ntap-20250404-0008/ https://www.cve.org/CVERecord?id=CVE-2024-50602
libexpat1 CVE-2023-52426 LOW 2.5.0-1+deb12u1 https://access.redhat.com/security/cve/CVE-2023-52426 https://cwe.mitre.org/data/definitions/776.html https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404 https://github.com/libexpat/libexpat/pull/777 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ https://nvd.nist.gov/vuln/detail/CVE-2023-52426 https://security.netapp.com/advisory/ntap-20240307-0005/ https://www.cve.org/CVERecord?id=CVE-2023-52426
libexpat1 CVE-2024-28757 LOW 2.5.0-1+deb12u1 http://www.openwall.com/lists/oss-security/2024/03/15/1 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2024-28757 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://errata.almalinux.org/9/ALSA-2024-1530.html https://github.com/libexpat/libexpat/issues/839 https://github.com/libexpat/libexpat/pull/842 https://linux.oracle.com/cve/CVE-2024-28757.html https://linux.oracle.com/errata/ELSA-2024-1530.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/ https://nvd.nist.gov/vuln/detail/CVE-2024-28757 https://security.netapp.com/advisory/ntap-20240322-0001/ https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2024-28757
libgcc-s1 CVE-2022-27943 LOW 12.2.0-14 https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
libgcc-s1 CVE-2023-4039 LOW 12.2.0-14 https://access.redhat.com/security/cve/CVE-2023-4039 https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org https://linux.oracle.com/cve/CVE-2023-4039.html https://linux.oracle.com/errata/ELSA-2023-28766.html https://nvd.nist.gov/vuln/detail/CVE-2023-4039 https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html https://www.cve.org/CVERecord?id=CVE-2023-4039
libgcrypt20 CVE-2018-6829 LOW 1.10.1-3 https://access.redhat.com/security/cve/CVE-2018-6829 https://github.com/weikengchen/attack-on-libgcrypt-elgamal https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html https://nvd.nist.gov/vuln/detail/CVE-2018-6829 https://www.cve.org/CVERecord?id=CVE-2018-6829 https://www.oracle.com/security-alerts/cpujan2020.html
libgcrypt20 CVE-2024-2236 LOW 1.10.1-3 https://access.redhat.com/errata/RHSA-2024:9404 https://access.redhat.com/errata/RHSA-2025:3530 https://access.redhat.com/errata/RHSA-2025:3534 https://access.redhat.com/security/cve/CVE-2024-2236 https://bugzilla.redhat.com/2245218 https://bugzilla.redhat.com/show_bug.cgi?id=2245218 https://bugzilla.redhat.com/show_bug.cgi?id=2268268 https://dev.gnupg.org/T7136 https://errata.almalinux.org/9/ALSA-2024-9404.html https://github.com/tomato42/marvin-toolkit/tree/master/example/libgcrypt https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/17 https://linux.oracle.com/cve/CVE-2024-2236.html https://linux.oracle.com/errata/ELSA-2024-9404.html https://lists.gnupg.org/pipermail/gcrypt-devel/2024-March/005607.html https://nvd.nist.gov/vuln/detail/CVE-2024-2236 https://www.cve.org/CVERecord?id=CVE-2024-2236
libgnutls30 CVE-2011-3389 LOW 3.7.9-2+deb12u4 http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/ http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/ http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx http://curl.haxx.se/docs/adv_20120124B.html http://downloads.asterisk.org/pub/security/AST-2016-001.html http://ekoparty.org/2011/juliano-rizzo.php http://eprint.iacr.org/2004/111 http://eprint.iacr.org/2006/136 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html http://isc.sans.edu/diary/SSL+TLS+part+3+/11635 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://marc.info/?l=bugtraq&m=132750579901589&w=2 http://marc.info/?l=bugtraq&m=132872385320240&w=2 http://marc.info/?l=bugtraq&m=133365109612558&w=2 http://marc.info/?l=bugtraq&m=133728004526190&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue http://osvdb.org/74829 http://rhn.redhat.com/errata/RHSA-2012-0508.html http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/45791 http://secunia.com/advisories/47998 http://secunia.com/advisories/48256 http://secunia.com/advisories/48692 http://secunia.com/advisories/48915 http://secunia.com/advisories/48948 http://secunia.com/advisories/49198 http://secunia.com/advisories/55322 http://secunia.com/advisories/55350 http://secunia.com/advisories/55351 http://security.gentoo.org/glsa/glsa-201203-02.xml http://security.gentoo.org/glsa/glsa-201406-32.xml http://support.apple.com/kb/HT4999 http://support.apple.com/kb/HT5001 http://support.apple.com/kb/HT5130 http://support.apple.com/kb/HT5281 http://support.apple.com/kb/HT5501 http://support.apple.com/kb/HT6150 http://technet.microsoft.com/security/advisory/2588513 http://vnhacker.blogspot.com/2011/09/beast.html http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf http://www.debian.org/security/2012/dsa-2398 http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html http://www.ibm.com/developerworks/java/jdk/alerts/ http://www.imperialviolet.org/2011/09/23/chromeandbeast.html http://www.insecure.cl/Beast-SSL.rar http://www.kb.cert.org/vuls/id/864643 http://www.mandriva.com/security/advisories?name=MDVSA-2012:058 http://www.opera.com/docs/changelogs/mac/1151/ http://www.opera.com/docs/changelogs/mac/1160/ http://www.opera.com/docs/changelogs/unix/1151/ http://www.opera.com/docs/changelogs/unix/1160/ http://www.opera.com/docs/changelogs/windows/1151/ http://www.opera.com/docs/changelogs/windows/1160/ http://www.opera.com/support/kb/view/1004/ http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://www.redhat.com/support/errata/RHSA-2011-1384.html http://www.redhat.com/support/errata/RHSA-2012-0006.html http://www.securityfocus.com/bid/49388 http://www.securityfocus.com/bid/49778 http://www.securitytracker.com/id/1029190 http://www.securitytracker.com/id?1025997 http://www.securitytracker.com/id?1026103 http://www.securitytracker.com/id?1026704 http://www.ubuntu.com/usn/USN-1263-1 http://www.us-cert.gov/cas/techalerts/TA12-010A.html https://access.redhat.com/security/cve/CVE-2011-3389 https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail https://bugzilla.novell.com/show_bug.cgi?id=719047 https://bugzilla.redhat.com/show_bug.cgi?id=737506 https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 https://hermes.opensuse.org/messages/13154861 https://hermes.opensuse.org/messages/13155432 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 https://linux.oracle.com/cve/CVE-2011-3389.html https://linux.oracle.com/errata/ELSA-2011-1380.html https://nvd.nist.gov/vuln/detail/CVE-2011-3389 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752 https://ubuntu.com/security/notices/USN-1263-1 https://www.cve.org/CVERecord?id=CVE-2011-3389
libgssapi-krb5-2 CVE-2024-26462 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26462 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://errata.almalinux.org/9/ALSA-2024-9331.html https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_3.md https://linux.oracle.com/cve/CVE-2024-26462.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26462 https://security.netapp.com/advisory/ntap-20240415-0012/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26462
libgssapi-krb5-2 CVE-2025-24528 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2025:2722 https://access.redhat.com/security/cve/CVE-2025-24528 https://bugzilla.redhat.com/2342796 https://errata.almalinux.org/8/ALSA-2025-2722.html https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0 https://linux.oracle.com/cve/CVE-2025-24528.html https://linux.oracle.com/errata/ELSA-2025-2722.html https://nvd.nist.gov/vuln/detail/CVE-2025-24528 https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2025-24528
libgssapi-krb5-2 CVE-2025-3576 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/security/cve/CVE-2025-3576 https://bugzilla.redhat.com/show_bug.cgi?id=2359465 https://nvd.nist.gov/vuln/detail/CVE-2025-3576 https://www.cve.org/CVERecord?id=CVE-2025-3576
libgssapi-krb5-2 CVE-2018-5709 LOW 1.20.1-2+deb12u2 https://access.redhat.com/security/cve/CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2018-5709 https://www.cve.org/CVERecord?id=CVE-2018-5709
libgssapi-krb5-2 CVE-2024-26458 LOW 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26458 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md https://linux.oracle.com/cve/CVE-2024-26458.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26458 https://security.netapp.com/advisory/ntap-20240415-0010/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26458
libgssapi-krb5-2 CVE-2024-26461 LOW 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26461 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md https://linux.oracle.com/cve/CVE-2024-26461.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26461 https://security.netapp.com/advisory/ntap-20240415-0011/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26461
libheif1 CVE-2023-49463 LOW 1.15.1-1+deb12u1 https://github.com/strukturag/libheif https://github.com/strukturag/libheif/issues/1042 https://ubuntu.com/security/notices/USN-6847-1 https://www.cve.org/CVERecord?id=CVE-2023-49463
libheif1 CVE-2024-25269 LOW 1.15.1-1+deb12u1 https://github.com/strukturag/libheif/issues/1073
libheif1 CVE-2025-43966 UNKNOWN 1.15.1-1+deb12u1 https://github.com/strukturag/libheif/commit/b38555387e4b5dcf036fe45b0c440aca19b7b69c https://github.com/strukturag/libheif/compare/v1.19.5...v1.19.6
libheif1 CVE-2025-43967 UNKNOWN 1.15.1-1+deb12u1 https://github.com/strukturag/libheif/commit/6e35af7b0ff9fb6cc952a1539590d160db32f671 https://github.com/strukturag/libheif/compare/v1.19.5...v1.19.6 https://github.com/strukturag/libheif/issues/1455
libjbig0 CVE-2017-9937 LOW 2.1-6.1 http://bugzilla.maptools.org/show_bug.cgi?id=2707 http://www.securityfocus.com/bid/99304 https://access.redhat.com/security/cve/CVE-2017-9937 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2017-9937 https://ubuntu.com/security/notices/USN-5742-1 https://www.cve.org/CVERecord?id=CVE-2017-9937
libk5crypto3 CVE-2024-26462 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26462 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://errata.almalinux.org/9/ALSA-2024-9331.html https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_3.md https://linux.oracle.com/cve/CVE-2024-26462.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26462 https://security.netapp.com/advisory/ntap-20240415-0012/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26462
libk5crypto3 CVE-2025-24528 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2025:2722 https://access.redhat.com/security/cve/CVE-2025-24528 https://bugzilla.redhat.com/2342796 https://errata.almalinux.org/8/ALSA-2025-2722.html https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0 https://linux.oracle.com/cve/CVE-2025-24528.html https://linux.oracle.com/errata/ELSA-2025-2722.html https://nvd.nist.gov/vuln/detail/CVE-2025-24528 https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2025-24528
libk5crypto3 CVE-2025-3576 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/security/cve/CVE-2025-3576 https://bugzilla.redhat.com/show_bug.cgi?id=2359465 https://nvd.nist.gov/vuln/detail/CVE-2025-3576 https://www.cve.org/CVERecord?id=CVE-2025-3576
libk5crypto3 CVE-2018-5709 LOW 1.20.1-2+deb12u2 https://access.redhat.com/security/cve/CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2018-5709 https://www.cve.org/CVERecord?id=CVE-2018-5709
libk5crypto3 CVE-2024-26458 LOW 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26458 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md https://linux.oracle.com/cve/CVE-2024-26458.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26458 https://security.netapp.com/advisory/ntap-20240415-0010/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26458
libk5crypto3 CVE-2024-26461 LOW 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26461 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md https://linux.oracle.com/cve/CVE-2024-26461.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26461 https://security.netapp.com/advisory/ntap-20240415-0011/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26461
libkrb5-3 CVE-2024-26462 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26462 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://errata.almalinux.org/9/ALSA-2024-9331.html https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_3.md https://linux.oracle.com/cve/CVE-2024-26462.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26462 https://security.netapp.com/advisory/ntap-20240415-0012/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26462
libkrb5-3 CVE-2025-24528 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2025:2722 https://access.redhat.com/security/cve/CVE-2025-24528 https://bugzilla.redhat.com/2342796 https://errata.almalinux.org/8/ALSA-2025-2722.html https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0 https://linux.oracle.com/cve/CVE-2025-24528.html https://linux.oracle.com/errata/ELSA-2025-2722.html https://nvd.nist.gov/vuln/detail/CVE-2025-24528 https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2025-24528
libkrb5-3 CVE-2025-3576 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/security/cve/CVE-2025-3576 https://bugzilla.redhat.com/show_bug.cgi?id=2359465 https://nvd.nist.gov/vuln/detail/CVE-2025-3576 https://www.cve.org/CVERecord?id=CVE-2025-3576
libkrb5-3 CVE-2018-5709 LOW 1.20.1-2+deb12u2 https://access.redhat.com/security/cve/CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2018-5709 https://www.cve.org/CVERecord?id=CVE-2018-5709
libkrb5-3 CVE-2024-26458 LOW 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26458 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md https://linux.oracle.com/cve/CVE-2024-26458.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26458 https://security.netapp.com/advisory/ntap-20240415-0010/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26458
libkrb5-3 CVE-2024-26461 LOW 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26461 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md https://linux.oracle.com/cve/CVE-2024-26461.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26461 https://security.netapp.com/advisory/ntap-20240415-0011/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26461
libkrb5support0 CVE-2024-26462 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26462 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://errata.almalinux.org/9/ALSA-2024-9331.html https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_3.md https://linux.oracle.com/cve/CVE-2024-26462.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26462 https://security.netapp.com/advisory/ntap-20240415-0012/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26462
libkrb5support0 CVE-2025-24528 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2025:2722 https://access.redhat.com/security/cve/CVE-2025-24528 https://bugzilla.redhat.com/2342796 https://errata.almalinux.org/8/ALSA-2025-2722.html https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0 https://linux.oracle.com/cve/CVE-2025-24528.html https://linux.oracle.com/errata/ELSA-2025-2722.html https://nvd.nist.gov/vuln/detail/CVE-2025-24528 https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2025-24528
libkrb5support0 CVE-2025-3576 MEDIUM 1.20.1-2+deb12u2 https://access.redhat.com/security/cve/CVE-2025-3576 https://bugzilla.redhat.com/show_bug.cgi?id=2359465 https://nvd.nist.gov/vuln/detail/CVE-2025-3576 https://www.cve.org/CVERecord?id=CVE-2025-3576
libkrb5support0 CVE-2018-5709 LOW 1.20.1-2+deb12u2 https://access.redhat.com/security/cve/CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2018-5709 https://www.cve.org/CVERecord?id=CVE-2018-5709
libkrb5support0 CVE-2024-26458 LOW 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26458 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md https://linux.oracle.com/cve/CVE-2024-26458.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26458 https://security.netapp.com/advisory/ntap-20240415-0010/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26458
libkrb5support0 CVE-2024-26461 LOW 1.20.1-2+deb12u2 https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26461 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md https://linux.oracle.com/cve/CVE-2024-26461.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26461 https://security.netapp.com/advisory/ntap-20240415-0011/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26461
libldap-2.5-0 CVE-2023-2953 HIGH 2.5.13+dfsg-5 http://seclists.org/fulldisclosure/2023/Jul/47 http://seclists.org/fulldisclosure/2023/Jul/48 http://seclists.org/fulldisclosure/2023/Jul/52 https://access.redhat.com/errata/RHSA-2024:4264 https://access.redhat.com/security/cve/CVE-2023-2953 https://bugs.openldap.org/show_bug.cgi?id=9904 https://bugzilla.redhat.com/2210651 https://errata.almalinux.org/8/ALSA-2024-4264.html https://linux.oracle.com/cve/CVE-2023-2953.html https://linux.oracle.com/errata/ELSA-2024-4264.html https://nvd.nist.gov/vuln/detail/CVE-2023-2953 https://security.netapp.com/advisory/ntap-20230703-0005/ https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845 https://ubuntu.com/security/notices/USN-6197-1 https://ubuntu.com/security/notices/USN-6616-1 https://www.cve.org/CVERecord?id=CVE-2023-2953
libldap-2.5-0 CVE-2015-3276 LOW 2.5.13+dfsg-5 http://rhn.redhat.com/errata/RHSA-2015-2131.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securitytracker.com/id/1034221 https://access.redhat.com/security/cve/CVE-2015-3276 https://bugzilla.redhat.com/show_bug.cgi?id=1238322 https://linux.oracle.com/cve/CVE-2015-3276.html https://linux.oracle.com/errata/ELSA-2015-2131.html https://nvd.nist.gov/vuln/detail/CVE-2015-3276 https://www.cve.org/CVERecord?id=CVE-2015-3276
libldap-2.5-0 CVE-2017-14159 LOW 2.5.13+dfsg-5 http://www.openldap.org/its/index.cgi?findid=8703 https://access.redhat.com/security/cve/CVE-2017-14159 https://nvd.nist.gov/vuln/detail/CVE-2017-14159 https://www.cve.org/CVERecord?id=CVE-2017-14159 https://www.oracle.com/security-alerts/cpuapr2022.html
libldap-2.5-0 CVE-2017-17740 LOW 2.5.13+dfsg-5 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html http://www.openldap.org/its/index.cgi/Incoming?id=8759 https://access.redhat.com/security/cve/CVE-2017-17740 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://nvd.nist.gov/vuln/detail/CVE-2017-17740 https://www.cve.org/CVERecord?id=CVE-2017-17740 https://www.oracle.com/security-alerts/cpuapr2022.html
libldap-2.5-0 CVE-2020-15719 LOW 2.5.13+dfsg-5 http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html https://access.redhat.com/errata/RHBA-2019:3674 https://access.redhat.com/security/cve/CVE-2020-15719 https://bugs.openldap.org/show_bug.cgi?id=9266 https://bugzilla.redhat.com/show_bug.cgi?id=1740070 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://nvd.nist.gov/vuln/detail/CVE-2020-15719 https://www.cve.org/CVERecord?id=CVE-2020-15719 https://www.oracle.com/security-alerts/cpuapr2022.html
libmount1 CVE-2022-0563 LOW 2.38.1-5+deb12u3 https://access.redhat.com/security/cve/CVE-2022-0563 https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/ https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.gentoo.org/glsa/202401-08 https://security.netapp.com/advisory/ntap-20220331-0002/ https://www.cve.org/CVERecord?id=CVE-2022-0563
libpam-modules CVE-2024-10041 MEDIUM 1.5.2-6+deb12u1 https://access.redhat.com/errata/RHSA-2024:10379 https://access.redhat.com/errata/RHSA-2024:11250 https://access.redhat.com/errata/RHSA-2024:9941 https://access.redhat.com/security/cve/CVE-2024-10041 https://bugzilla.redhat.com/2319212 https://bugzilla.redhat.com/show_bug.cgi?id=2319212 https://bugzilla.redhat.com/show_bug.cgi?id=2324291 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10041 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10963 https://errata.almalinux.org/9/ALSA-2024-11250.html https://errata.rockylinux.org/RLSA-2024:10379 https://linux.oracle.com/cve/CVE-2024-10041.html https://linux.oracle.com/errata/ELSA-2024-11250.html https://nvd.nist.gov/vuln/detail/CVE-2024-10041 https://www.cve.org/CVERecord?id=CVE-2024-10041
libpam-modules CVE-2024-22365 MEDIUM 1.5.2-6+deb12u1 http://www.openwall.com/lists/oss-security/2024/01/18/3 https://access.redhat.com/errata/RHSA-2024:2438 https://access.redhat.com/security/cve/CVE-2024-22365 https://bugzilla.redhat.com/2257722 https://bugzilla.redhat.com/show_bug.cgi?id=2257722 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365 https://errata.almalinux.org/9/ALSA-2024-2438.html https://errata.rockylinux.org/RLSA-2024:3163 https://github.com/linux-pam/linux-pam https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0 https://linux.oracle.com/cve/CVE-2024-22365.html https://linux.oracle.com/errata/ELSA-2024-3163.html https://nvd.nist.gov/vuln/detail/CVE-2024-22365 https://ubuntu.com/security/notices/USN-6588-1 https://ubuntu.com/security/notices/USN-6588-2 https://www.cve.org/CVERecord?id=CVE-2024-22365 https://www.openwall.com/lists/oss-security/2024/01/18/3
libpam-modules-bin CVE-2024-10041 MEDIUM 1.5.2-6+deb12u1 https://access.redhat.com/errata/RHSA-2024:10379 https://access.redhat.com/errata/RHSA-2024:11250 https://access.redhat.com/errata/RHSA-2024:9941 https://access.redhat.com/security/cve/CVE-2024-10041 https://bugzilla.redhat.com/2319212 https://bugzilla.redhat.com/show_bug.cgi?id=2319212 https://bugzilla.redhat.com/show_bug.cgi?id=2324291 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10041 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10963 https://errata.almalinux.org/9/ALSA-2024-11250.html https://errata.rockylinux.org/RLSA-2024:10379 https://linux.oracle.com/cve/CVE-2024-10041.html https://linux.oracle.com/errata/ELSA-2024-11250.html https://nvd.nist.gov/vuln/detail/CVE-2024-10041 https://www.cve.org/CVERecord?id=CVE-2024-10041
libpam-modules-bin CVE-2024-22365 MEDIUM 1.5.2-6+deb12u1 http://www.openwall.com/lists/oss-security/2024/01/18/3 https://access.redhat.com/errata/RHSA-2024:2438 https://access.redhat.com/security/cve/CVE-2024-22365 https://bugzilla.redhat.com/2257722 https://bugzilla.redhat.com/show_bug.cgi?id=2257722 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365 https://errata.almalinux.org/9/ALSA-2024-2438.html https://errata.rockylinux.org/RLSA-2024:3163 https://github.com/linux-pam/linux-pam https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0 https://linux.oracle.com/cve/CVE-2024-22365.html https://linux.oracle.com/errata/ELSA-2024-3163.html https://nvd.nist.gov/vuln/detail/CVE-2024-22365 https://ubuntu.com/security/notices/USN-6588-1 https://ubuntu.com/security/notices/USN-6588-2 https://www.cve.org/CVERecord?id=CVE-2024-22365 https://www.openwall.com/lists/oss-security/2024/01/18/3
libpam-runtime CVE-2024-10041 MEDIUM 1.5.2-6+deb12u1 https://access.redhat.com/errata/RHSA-2024:10379 https://access.redhat.com/errata/RHSA-2024:11250 https://access.redhat.com/errata/RHSA-2024:9941 https://access.redhat.com/security/cve/CVE-2024-10041 https://bugzilla.redhat.com/2319212 https://bugzilla.redhat.com/show_bug.cgi?id=2319212 https://bugzilla.redhat.com/show_bug.cgi?id=2324291 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10041 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10963 https://errata.almalinux.org/9/ALSA-2024-11250.html https://errata.rockylinux.org/RLSA-2024:10379 https://linux.oracle.com/cve/CVE-2024-10041.html https://linux.oracle.com/errata/ELSA-2024-11250.html https://nvd.nist.gov/vuln/detail/CVE-2024-10041 https://www.cve.org/CVERecord?id=CVE-2024-10041
libpam-runtime CVE-2024-22365 MEDIUM 1.5.2-6+deb12u1 http://www.openwall.com/lists/oss-security/2024/01/18/3 https://access.redhat.com/errata/RHSA-2024:2438 https://access.redhat.com/security/cve/CVE-2024-22365 https://bugzilla.redhat.com/2257722 https://bugzilla.redhat.com/show_bug.cgi?id=2257722 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365 https://errata.almalinux.org/9/ALSA-2024-2438.html https://errata.rockylinux.org/RLSA-2024:3163 https://github.com/linux-pam/linux-pam https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0 https://linux.oracle.com/cve/CVE-2024-22365.html https://linux.oracle.com/errata/ELSA-2024-3163.html https://nvd.nist.gov/vuln/detail/CVE-2024-22365 https://ubuntu.com/security/notices/USN-6588-1 https://ubuntu.com/security/notices/USN-6588-2 https://www.cve.org/CVERecord?id=CVE-2024-22365 https://www.openwall.com/lists/oss-security/2024/01/18/3
libpam0g CVE-2024-10041 MEDIUM 1.5.2-6+deb12u1 https://access.redhat.com/errata/RHSA-2024:10379 https://access.redhat.com/errata/RHSA-2024:11250 https://access.redhat.com/errata/RHSA-2024:9941 https://access.redhat.com/security/cve/CVE-2024-10041 https://bugzilla.redhat.com/2319212 https://bugzilla.redhat.com/show_bug.cgi?id=2319212 https://bugzilla.redhat.com/show_bug.cgi?id=2324291 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10041 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10963 https://errata.almalinux.org/9/ALSA-2024-11250.html https://errata.rockylinux.org/RLSA-2024:10379 https://linux.oracle.com/cve/CVE-2024-10041.html https://linux.oracle.com/errata/ELSA-2024-11250.html https://nvd.nist.gov/vuln/detail/CVE-2024-10041 https://www.cve.org/CVERecord?id=CVE-2024-10041
libpam0g CVE-2024-22365 MEDIUM 1.5.2-6+deb12u1 http://www.openwall.com/lists/oss-security/2024/01/18/3 https://access.redhat.com/errata/RHSA-2024:2438 https://access.redhat.com/security/cve/CVE-2024-22365 https://bugzilla.redhat.com/2257722 https://bugzilla.redhat.com/show_bug.cgi?id=2257722 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365 https://errata.almalinux.org/9/ALSA-2024-2438.html https://errata.rockylinux.org/RLSA-2024:3163 https://github.com/linux-pam/linux-pam https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0 https://linux.oracle.com/cve/CVE-2024-22365.html https://linux.oracle.com/errata/ELSA-2024-3163.html https://nvd.nist.gov/vuln/detail/CVE-2024-22365 https://ubuntu.com/security/notices/USN-6588-1 https://ubuntu.com/security/notices/USN-6588-2 https://www.cve.org/CVERecord?id=CVE-2024-22365 https://www.openwall.com/lists/oss-security/2024/01/18/3
libpng16-16 CVE-2021-4214 LOW 1.6.39-2 https://access.redhat.com/security/cve/CVE-2021-4214 https://bugzilla.redhat.com/show_bug.cgi?id=2043393 https://github.com/glennrp/libpng/issues/302 https://nvd.nist.gov/vuln/detail/CVE-2021-4214 https://security-tracker.debian.org/tracker/CVE-2021-4214 https://security.netapp.com/advisory/ntap-20221020-0001/ https://www.cve.org/CVERecord?id=CVE-2021-4214
libsmartcols1 CVE-2022-0563 LOW 2.38.1-5+deb12u3 https://access.redhat.com/security/cve/CVE-2022-0563 https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/ https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.gentoo.org/glsa/202401-08 https://security.netapp.com/advisory/ntap-20220331-0002/ https://www.cve.org/CVERecord?id=CVE-2022-0563
libssl3 CVE-2024-13176 MEDIUM 3.0.15-1~deb12u1 http://www.openwall.com/lists/oss-security/2025/01/20/2 https://access.redhat.com/security/cve/CVE-2024-13176 https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844 https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467 https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902 https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65 https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86 https://nvd.nist.gov/vuln/detail/CVE-2024-13176 https://openssl-library.org/news/secadv/20250120.txt https://security.netapp.com/advisory/ntap-20250124-0005/ https://security.netapp.com/advisory/ntap-20250418-0010/ https://ubuntu.com/security/notices/USN-7264-1 https://ubuntu.com/security/notices/USN-7278-1 https://www.cve.org/CVERecord?id=CVE-2024-13176 https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL
libstdc++6 CVE-2022-27943 LOW 12.2.0-14 https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
libstdc++6 CVE-2023-4039 LOW 12.2.0-14 https://access.redhat.com/security/cve/CVE-2023-4039 https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org https://linux.oracle.com/cve/CVE-2023-4039.html https://linux.oracle.com/errata/ELSA-2023-28766.html https://nvd.nist.gov/vuln/detail/CVE-2023-4039 https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html https://www.cve.org/CVERecord?id=CVE-2023-4039
libsystemd0 CVE-2013-4392 LOW 252.36-1~deb12u1 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357 http://www.openwall.com/lists/oss-security/2013/10/01/9 https://access.redhat.com/security/cve/CVE-2013-4392 https://bugzilla.redhat.com/show_bug.cgi?id=859060 https://nvd.nist.gov/vuln/detail/CVE-2013-4392 https://www.cve.org/CVERecord?id=CVE-2013-4392
libsystemd0 CVE-2023-31437 LOW 252.36-1~deb12u1 https://github.com/kastel-security/Journald https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf https://github.com/systemd/systemd/releases
libsystemd0 CVE-2023-31438 LOW 252.36-1~deb12u1 https://github.com/kastel-security/Journald https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf https://github.com/systemd/systemd/pull/28886 https://github.com/systemd/systemd/releases
libsystemd0 CVE-2023-31439 LOW 252.36-1~deb12u1 https://github.com/kastel-security/Journald https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf https://github.com/systemd/systemd/pull/28885 https://github.com/systemd/systemd/releases
libtiff6 CVE-2023-52355 HIGH 4.5.0-6+deb12u2 https://access.redhat.com/security/cve/CVE-2023-52355 https://bugzilla.redhat.com/show_bug.cgi?id=2251326 https://gitlab.com/libtiff/libtiff/-/issues/621 https://nvd.nist.gov/vuln/detail/CVE-2023-52355 https://www.cve.org/CVERecord?id=CVE-2023-52355
libtiff6 CVE-2023-6277 MEDIUM 4.5.0-6+deb12u2 http://seclists.org/fulldisclosure/2024/Jul/16 http://seclists.org/fulldisclosure/2024/Jul/17 http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19 http://seclists.org/fulldisclosure/2024/Jul/20 http://seclists.org/fulldisclosure/2024/Jul/21 http://seclists.org/fulldisclosure/2024/Jul/22 http://seclists.org/fulldisclosure/2024/Jul/23 https://access.redhat.com/security/cve/CVE-2023-6277 https://bugzilla.redhat.com/show_bug.cgi?id=2251311 https://gitlab.com/libtiff/libtiff/-/issues/614 https://gitlab.com/libtiff/libtiff/-/merge_requests/545 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJIN6DTSL3VODZUGWEUXLEL5DR53EZMV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7ZGN2MZXJ6E57W3L4YBM3ZPAU3T7T5C/ https://nvd.nist.gov/vuln/detail/CVE-2023-6277 https://security.netapp.com/advisory/ntap-20240119-0002/ https://support.apple.com/kb/HT214116 https://support.apple.com/kb/HT214117 https://support.apple.com/kb/HT214118 https://support.apple.com/kb/HT214119 https://support.apple.com/kb/HT214120 https://support.apple.com/kb/HT214122 https://support.apple.com/kb/HT214123 https://support.apple.com/kb/HT214124 https://ubuntu.com/security/notices/USN-6644-1 https://ubuntu.com/security/notices/USN-6644-2 https://www.cve.org/CVERecord?id=CVE-2023-6277
libtiff6 CVE-2017-16232 LOW 4.5.0-6+deb12u2 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00041.html http://packetstormsecurity.com/files/150896/LibTIFF-4.0.8-Memory-Leak.html http://seclists.org/fulldisclosure/2018/Dec/32 http://seclists.org/fulldisclosure/2018/Dec/47 http://www.openwall.com/lists/oss-security/2017/11/01/11 http://www.openwall.com/lists/oss-security/2017/11/01/3 http://www.openwall.com/lists/oss-security/2017/11/01/7 http://www.openwall.com/lists/oss-security/2017/11/01/8 http://www.securityfocus.com/bid/101696 https://access.redhat.com/security/cve/CVE-2017-16232 https://nvd.nist.gov/vuln/detail/CVE-2017-16232 https://www.cve.org/CVERecord?id=CVE-2017-16232
libtiff6 CVE-2017-17973 LOW 4.5.0-6+deb12u2 http://bugzilla.maptools.org/show_bug.cgi?id=2769 http://www.securityfocus.com/bid/102331 https://access.redhat.com/security/cve/CVE-2017-17973 https://bugzilla.novell.com/show_bug.cgi?id=1074318 https://bugzilla.redhat.com/show_bug.cgi?id=1530912 https://nvd.nist.gov/vuln/detail/CVE-2017-17973 https://www.cve.org/CVERecord?id=CVE-2017-17973
libtiff6 CVE-2017-5563 LOW 4.5.0-6+deb12u2 http://bugzilla.maptools.org/show_bug.cgi?id=2664 http://www.securityfocus.com/bid/95705 https://access.redhat.com/security/cve/CVE-2017-5563 https://nvd.nist.gov/vuln/detail/CVE-2017-5563 https://security.gentoo.org/glsa/201709-27 https://ubuntu.com/security/notices/USN-3606-1 https://usn.ubuntu.com/3606-1/ https://www.cve.org/CVERecord?id=CVE-2017-5563
libtiff6 CVE-2017-9117 LOW 4.5.0-6+deb12u2 http://bugzilla.maptools.org/show_bug.cgi?id=2690 http://www.securityfocus.com/bid/98581 https://access.redhat.com/security/cve/CVE-2017-9117 https://gitlab.com/libtiff/libtiff/-/issues/89 https://nvd.nist.gov/vuln/detail/CVE-2017-9117 https://ubuntu.com/security/notices/USN-3606-1 https://usn.ubuntu.com/3606-1/ https://www.cve.org/CVERecord?id=CVE-2017-9117
libtiff6 CVE-2018-10126 LOW 4.5.0-6+deb12u2 http://bugzilla.maptools.org/show_bug.cgi?id=2786 https://access.redhat.com/security/cve/CVE-2018-10126 https://gitlab.com/libtiff/libtiff/-/issues/128 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2018-10126 https://www.cve.org/CVERecord?id=CVE-2018-10126
libtiff6 CVE-2022-1210 LOW 4.5.0-6+deb12u2 https://access.redhat.com/security/cve/CVE-2022-1210 https://gitlab.com/libtiff/libtiff/-/issues/402 https://gitlab.com/libtiff/libtiff/uploads/c3da94e53cf1e1e8e6d4d3780dc8c42f/example.tiff https://nvd.nist.gov/vuln/detail/CVE-2022-1210 https://security.gentoo.org/glsa/202210-10 https://security.netapp.com/advisory/ntap-20220513-0005/ https://vuldb.com/?id.196363 https://www.cve.org/CVERecord?id=CVE-2022-1210
libtiff6 CVE-2023-1916 LOW 4.5.0-6+deb12u2 https://access.redhat.com/security/cve/CVE-2023-1916 https://gitlab.com/libtiff/libtiff/-/issues/536 https://gitlab.com/libtiff/libtiff/-/issues/536%2C https://gitlab.com/libtiff/libtiff/-/issues/536, https://gitlab.com/libtiff/libtiff/-/issues/537 https://nvd.nist.gov/vuln/detail/CVE-2023-1916 https://support.apple.com/kb/HT213844 https://ubuntu.com/security/notices/USN-6428-1 https://www.cve.org/CVERecord?id=CVE-2023-1916
libtiff6 CVE-2023-3164 LOW 4.5.0-6+deb12u2 https://access.redhat.com/security/cve/CVE-2023-3164 https://bugzilla.redhat.com/show_bug.cgi?id=2213531 https://gitlab.com/libtiff/libtiff/-/issues/542 https://gitlab.com/libtiff/libtiff/-/merge_requests/595 https://nvd.nist.gov/vuln/detail/CVE-2023-3164 https://ubuntu.com/security/notices/USN-6827-1 https://www.cve.org/CVERecord?id=CVE-2023-3164
libtiff6 CVE-2023-6228 LOW 4.5.0-6+deb12u2 https://access.redhat.com/errata/RHSA-2024:2289 https://access.redhat.com/errata/RHSA-2024:5079 https://access.redhat.com/security/cve/CVE-2023-6228 https://bugzilla.redhat.com/2215865 https://bugzilla.redhat.com/2234970 https://bugzilla.redhat.com/2235264 https://bugzilla.redhat.com/2235265 https://bugzilla.redhat.com/2240995 https://bugzilla.redhat.com/show_bug.cgi?id=1614051 https://bugzilla.redhat.com/show_bug.cgi?id=2218744 https://bugzilla.redhat.com/show_bug.cgi?id=2240995 https://bugzilla.redhat.com/show_bug.cgi?id=2251344 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25433 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52356 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6228 https://errata.almalinux.org/9/ALSA-2024-2289.html https://errata.rockylinux.org/RLSA-2024:5079 https://linux.oracle.com/cve/CVE-2023-6228.html https://linux.oracle.com/errata/ELSA-2024-5079.html https://nvd.nist.gov/vuln/detail/CVE-2023-6228 https://ubuntu.com/security/notices/USN-6644-1 https://ubuntu.com/security/notices/USN-6644-2 https://www.cve.org/CVERecord?id=CVE-2023-6228
libtinfo6 CVE-2023-50495 MEDIUM 6.4-4 https://access.redhat.com/security/cve/CVE-2023-50495 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/ https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.netapp.com/advisory/ntap-20240119-0008/ https://ubuntu.com/security/notices/USN-6684-1 https://www.cve.org/CVERecord?id=CVE-2023-50495
libudev1 CVE-2013-4392 LOW 252.36-1~deb12u1 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357 http://www.openwall.com/lists/oss-security/2013/10/01/9 https://access.redhat.com/security/cve/CVE-2013-4392 https://bugzilla.redhat.com/show_bug.cgi?id=859060 https://nvd.nist.gov/vuln/detail/CVE-2013-4392 https://www.cve.org/CVERecord?id=CVE-2013-4392
libudev1 CVE-2023-31437 LOW 252.36-1~deb12u1 https://github.com/kastel-security/Journald https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf https://github.com/systemd/systemd/releases
libudev1 CVE-2023-31438 LOW 252.36-1~deb12u1 https://github.com/kastel-security/Journald https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf https://github.com/systemd/systemd/pull/28886 https://github.com/systemd/systemd/releases
libudev1 CVE-2023-31439 LOW 252.36-1~deb12u1 https://github.com/kastel-security/Journald https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf https://github.com/systemd/systemd/pull/28885 https://github.com/systemd/systemd/releases
libuuid1 CVE-2022-0563 LOW 2.38.1-5+deb12u3 https://access.redhat.com/security/cve/CVE-2022-0563 https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/ https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.gentoo.org/glsa/202401-08 https://security.netapp.com/advisory/ntap-20220331-0002/ https://www.cve.org/CVERecord?id=CVE-2022-0563
libxml2 CVE-2024-25062 HIGH 2.9.14+dfsg-1.3~deb12u1 https://access.redhat.com/errata/RHSA-2024:2679 https://access.redhat.com/security/cve/CVE-2024-25062 https://bugzilla.redhat.com/2262726 https://bugzilla.redhat.com/show_bug.cgi?id=2262726 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062 https://errata.almalinux.org/9/ALSA-2024-2679.html https://errata.rockylinux.org/RLSA-2024:2679 https://gitlab.gnome.org/GNOME/libxml2/-/issues/604 https://gitlab.gnome.org/GNOME/libxml2/-/tags https://linux.oracle.com/cve/CVE-2024-25062.html https://linux.oracle.com/errata/ELSA-2024-3626.html https://nvd.nist.gov/vuln/detail/CVE-2024-25062 https://ubuntu.com/security/notices/USN-6658-1 https://ubuntu.com/security/notices/USN-6658-2 https://www.cve.org/CVERecord?id=CVE-2024-25062
libxml2 CVE-2024-56171 HIGH 2.9.14+dfsg-1.3~deb12u1 https://access.redhat.com/errata/RHSA-2025:2679 https://access.redhat.com/security/cve/CVE-2024-56171 https://bugzilla.redhat.com/2346416 https://bugzilla.redhat.com/2346421 https://errata.almalinux.org/9/ALSA-2025-2679.html https://gitlab.gnome.org/GNOME/libxml2/-/issues/828 https://linux.oracle.com/cve/CVE-2024-56171.html https://linux.oracle.com/errata/ELSA-2025-2686.html https://nvd.nist.gov/vuln/detail/CVE-2024-56171 https://security.netapp.com/advisory/ntap-20250328-0010/ https://ubuntu.com/security/notices/USN-7302-1 https://www.cve.org/CVERecord?id=CVE-2024-56171 https://www.openwall.com/lists/oss-security/2025/02/18/2
libxml2 CVE-2025-24928 HIGH 2.9.14+dfsg-1.3~deb12u1 https://access.redhat.com/errata/RHSA-2025:2679 https://access.redhat.com/security/cve/CVE-2025-24928 https://bugzilla.redhat.com/2346416 https://bugzilla.redhat.com/2346421 https://errata.almalinux.org/9/ALSA-2025-2679.html https://gitlab.gnome.org/GNOME/libxml2/-/issues/847 https://issues.oss-fuzz.com/issues/392687022 https://linux.oracle.com/cve/CVE-2025-24928.html https://linux.oracle.com/errata/ELSA-2025-2686.html https://nvd.nist.gov/vuln/detail/CVE-2025-24928 https://security.netapp.com/advisory/ntap-20250321-0006/ https://ubuntu.com/security/notices/USN-7302-1 https://www.cve.org/CVERecord?id=CVE-2025-24928 https://www.openwall.com/lists/oss-security/2025/02/18/2
libxml2 CVE-2025-27113 HIGH 2.9.14+dfsg-1.3~deb12u1 https://access.redhat.com/security/cve/CVE-2025-27113 https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://nvd.nist.gov/vuln/detail/CVE-2025-27113 https://security.netapp.com/advisory/ntap-20250306-0004/ https://ubuntu.com/security/notices/USN-7302-1 https://www.cve.org/CVERecord?id=CVE-2025-27113 https://www.openwall.com/lists/oss-security/2025/02/18/2
libxml2 CVE-2025-32414 HIGH 2.9.14+dfsg-1.3~deb12u1 https://access.redhat.com/security/cve/CVE-2025-32414 https://gitlab.gnome.org/GNOME/libxml2/-/issues/889 https://nvd.nist.gov/vuln/detail/CVE-2025-32414 https://ubuntu.com/security/notices/USN-7467-1 https://ubuntu.com/security/notices/USN-7467-2 https://www.cve.org/CVERecord?id=CVE-2025-32414
libxml2 CVE-2025-32415 HIGH 2.9.14+dfsg-1.3~deb12u1 https://access.redhat.com/security/cve/CVE-2025-32415 https://gitlab.gnome.org/GNOME/libxml2/-/issues/890 https://nvd.nist.gov/vuln/detail/CVE-2025-32415 https://ubuntu.com/security/notices/USN-7467-1 https://ubuntu.com/security/notices/USN-7467-2 https://www.cve.org/CVERecord?id=CVE-2025-32415
libxml2 CVE-2022-49043 MEDIUM 2.9.14+dfsg-1.3~deb12u1 https://access.redhat.com/errata/RHSA-2025:1350 https://access.redhat.com/security/cve/CVE-2022-49043 https://bugzilla.redhat.com/2342118 https://bugzilla.redhat.com/show_bug.cgi?id=2342118 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043 https://errata.almalinux.org/9/ALSA-2025-1350.html https://errata.rockylinux.org/RLSA-2025:1517 https://github.com/php/php-src/issues/17467 https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b https://linux.oracle.com/cve/CVE-2022-49043.html https://linux.oracle.com/errata/ELSA-2025-1517.html https://nvd.nist.gov/vuln/detail/CVE-2022-49043 https://ubuntu.com/security/notices/USN-7240-1 https://ubuntu.com/security/notices/USN-7302-1 https://www.cve.org/CVERecord?id=CVE-2022-49043
libxml2 CVE-2023-39615 MEDIUM 2.9.14+dfsg-1.3~deb12u1 https://access.redhat.com/errata/RHSA-2023:7747 https://access.redhat.com/security/cve/CVE-2023-39615 https://bugzilla.redhat.com/2235864 https://errata.almalinux.org/9/ALSA-2023-7747.html https://gitlab.gnome.org/GNOME/libxml2/-/issues/535 https://linux.oracle.com/cve/CVE-2023-39615.html https://linux.oracle.com/errata/ELSA-2024-0119.html https://nvd.nist.gov/vuln/detail/CVE-2023-39615 https://www.cve.org/CVERecord?id=CVE-2023-39615
libxml2 CVE-2023-45322 MEDIUM 2.9.14+dfsg-1.3~deb12u1 http://www.openwall.com/lists/oss-security/2023/10/06/5 https://access.redhat.com/security/cve/CVE-2023-45322 https://gitlab.gnome.org/GNOME/libxml2/-/issues/344 https://gitlab.gnome.org/GNOME/libxml2/-/issues/583 https://nvd.nist.gov/vuln/detail/CVE-2023-45322 https://www.cve.org/CVERecord?id=CVE-2023-45322
libxml2 CVE-2024-34459 LOW 2.9.14+dfsg-1.3~deb12u1 https://access.redhat.com/security/cve/CVE-2024-34459 https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8 https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/ https://nvd.nist.gov/vuln/detail/CVE-2024-34459 https://ubuntu.com/security/notices/USN-7240-1 https://ubuntu.com/security/notices/USN-7302-1 https://www.cve.org/CVERecord?id=CVE-2024-34459
libxslt1.1 CVE-2015-9019 LOW 1.1.35-1+deb12u1 https://access.redhat.com/security/cve/CVE-2015-9019 https://bugzilla.gnome.org/show_bug.cgi?id=758400 https://bugzilla.suse.com/show_bug.cgi?id=934119 https://nvd.nist.gov/vuln/detail/CVE-2015-9019 https://www.cve.org/CVERecord?id=CVE-2015-9019
login CVE-2023-4641 MEDIUM 1:4.13+dfsg1-1+b1 https://access.redhat.com/errata/RHSA-2023:6632 https://access.redhat.com/errata/RHSA-2023:7112 https://access.redhat.com/errata/RHSA-2024:0417 https://access.redhat.com/errata/RHSA-2024:2577 https://access.redhat.com/security/cve/CVE-2023-4641 https://bugzilla.redhat.com/2215945 https://bugzilla.redhat.com/show_bug.cgi?id=2215945 https://errata.almalinux.org/9/ALSA-2023-6632.html https://linux.oracle.com/cve/CVE-2023-4641.html https://linux.oracle.com/errata/ELSA-2023-7112.html https://nvd.nist.gov/vuln/detail/CVE-2023-4641 https://ubuntu.com/security/notices/USN-6640-1 https://www.cve.org/CVERecord?id=CVE-2023-4641
login CVE-2007-5686 LOW 1:4.13+dfsg1-1+b1 http://secunia.com/advisories/27215 http://www.securityfocus.com/archive/1/482129/100/100/threaded http://www.securityfocus.com/archive/1/482857/100/0/threaded http://www.securityfocus.com/bid/26048 http://www.vupen.com/english/advisories/2007/3474 https://issues.rpath.com/browse/RPL-1825
login CVE-2023-29383 LOW 1:4.13+dfsg1-1+b1 https://access.redhat.com/security/cve/CVE-2023-29383 https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d https://github.com/shadow-maint/shadow/pull/687 https://nvd.nist.gov/vuln/detail/CVE-2023-29383 https://www.cve.org/CVERecord?id=CVE-2023-29383 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/ https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797
login CVE-2024-56433 LOW 1:4.13+dfsg1-1+b1 https://access.redhat.com/security/cve/CVE-2024-56433 https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241 https://github.com/shadow-maint/shadow/issues/1157 https://github.com/shadow-maint/shadow/releases/tag/4.4 https://nvd.nist.gov/vuln/detail/CVE-2024-56433 https://www.cve.org/CVERecord?id=CVE-2024-56433
login TEMP-0628843-DBAD28 LOW 1:4.13+dfsg1-1+b1
mount CVE-2022-0563 LOW 2.38.1-5+deb12u3 https://access.redhat.com/security/cve/CVE-2022-0563 https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/ https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.gentoo.org/glsa/202401-08 https://security.netapp.com/advisory/ntap-20220331-0002/ https://www.cve.org/CVERecord?id=CVE-2022-0563
ncurses-base CVE-2023-50495 MEDIUM 6.4-4 https://access.redhat.com/security/cve/CVE-2023-50495 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/ https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.netapp.com/advisory/ntap-20240119-0008/ https://ubuntu.com/security/notices/USN-6684-1 https://www.cve.org/CVERecord?id=CVE-2023-50495
ncurses-bin CVE-2023-50495 MEDIUM 6.4-4 https://access.redhat.com/security/cve/CVE-2023-50495 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/ https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html https://nvd.nist.gov/vuln/detail/CVE-2023-50495 https://security.netapp.com/advisory/ntap-20240119-0008/ https://ubuntu.com/security/notices/USN-6684-1 https://www.cve.org/CVERecord?id=CVE-2023-50495
nginx CVE-2024-7347 MEDIUM 1.27.5-1~bookworm http://www.openwall.com/lists/oss-security/2024/08/14/4 https://access.redhat.com/errata/RHSA-2025:3261 https://access.redhat.com/security/cve/CVE-2024-7347 https://errata.almalinux.org/9/ALSA-2025-3261.html https://forum.nginx.org/read.php?27,300027 https://linux.oracle.com/cve/CVE-2024-7347.html https://linux.oracle.com/errata/ELSA-2025-3262.html https://my.f5.com/manage/s/article/K000140529 https://nvd.nist.gov/vuln/detail/CVE-2024-7347 https://ubuntu.com/security/notices/USN-7014-1 https://ubuntu.com/security/notices/USN-7014-2 https://ubuntu.com/security/notices/USN-7014-3 https://www.cve.org/CVERecord?id=CVE-2024-7347
nginx CVE-2009-4487 LOW 1.27.5-1~bookworm http://www.securityfocus.com/archive/1/508830/100/0/threaded http://www.securityfocus.com/bid/37711 http://www.ush.it/team/ush/hack_httpd_escape/adv.txt https://access.redhat.com/security/cve/CVE-2009-4487 https://nvd.nist.gov/vuln/detail/CVE-2009-4487 https://www.cve.org/CVERecord?id=CVE-2009-4487
nginx CVE-2013-0337 LOW 1.27.5-1~bookworm http://secunia.com/advisories/55181 http://security.gentoo.org/glsa/glsa-201310-04.xml http://www.openwall.com/lists/oss-security/2013/02/21/15 http://www.openwall.com/lists/oss-security/2013/02/22/1 http://www.openwall.com/lists/oss-security/2013/02/24/1
nginx CVE-2023-44487 LOW 1.27.5-1~bookworm http://www.openwall.com/lists/oss-security/2023/10/10/6 http://www.openwall.com/lists/oss-security/2023/10/10/7 http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/grpc/grpc/releases/tag/v1.59.2 https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://ubuntu.com/security/notices/USN-7410-1 https://ubuntu.com/security/notices/USN-7469-1 https://ubuntu.com/security/notices/USN-7469-2 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/ https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause
openssl CVE-2024-13176 MEDIUM 3.0.15-1~deb12u1 http://www.openwall.com/lists/oss-security/2025/01/20/2 https://access.redhat.com/security/cve/CVE-2024-13176 https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844 https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467 https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902 https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65 https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86 https://nvd.nist.gov/vuln/detail/CVE-2024-13176 https://openssl-library.org/news/secadv/20250120.txt https://security.netapp.com/advisory/ntap-20250124-0005/ https://security.netapp.com/advisory/ntap-20250418-0010/ https://ubuntu.com/security/notices/USN-7264-1 https://ubuntu.com/security/notices/USN-7278-1 https://www.cve.org/CVERecord?id=CVE-2024-13176 https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL
passwd CVE-2023-4641 MEDIUM 1:4.13+dfsg1-1+b1 https://access.redhat.com/errata/RHSA-2023:6632 https://access.redhat.com/errata/RHSA-2023:7112 https://access.redhat.com/errata/RHSA-2024:0417 https://access.redhat.com/errata/RHSA-2024:2577 https://access.redhat.com/security/cve/CVE-2023-4641 https://bugzilla.redhat.com/2215945 https://bugzilla.redhat.com/show_bug.cgi?id=2215945 https://errata.almalinux.org/9/ALSA-2023-6632.html https://linux.oracle.com/cve/CVE-2023-4641.html https://linux.oracle.com/errata/ELSA-2023-7112.html https://nvd.nist.gov/vuln/detail/CVE-2023-4641 https://ubuntu.com/security/notices/USN-6640-1 https://www.cve.org/CVERecord?id=CVE-2023-4641
passwd CVE-2007-5686 LOW 1:4.13+dfsg1-1+b1 http://secunia.com/advisories/27215 http://www.securityfocus.com/archive/1/482129/100/100/threaded http://www.securityfocus.com/archive/1/482857/100/0/threaded http://www.securityfocus.com/bid/26048 http://www.vupen.com/english/advisories/2007/3474 https://issues.rpath.com/browse/RPL-1825
passwd CVE-2023-29383 LOW 1:4.13+dfsg1-1+b1 https://access.redhat.com/security/cve/CVE-2023-29383 https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d https://github.com/shadow-maint/shadow/pull/687 https://nvd.nist.gov/vuln/detail/CVE-2023-29383 https://www.cve.org/CVERecord?id=CVE-2023-29383 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/ https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797
passwd CVE-2024-56433 LOW 1:4.13+dfsg1-1+b1 https://access.redhat.com/security/cve/CVE-2024-56433 https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241 https://github.com/shadow-maint/shadow/issues/1157 https://github.com/shadow-maint/shadow/releases/tag/4.4 https://nvd.nist.gov/vuln/detail/CVE-2024-56433 https://www.cve.org/CVERecord?id=CVE-2024-56433
passwd TEMP-0628843-DBAD28 LOW 1:4.13+dfsg1-1+b1
perl-base CVE-2023-31484 HIGH 5.36.0-7+deb12u2 http://www.openwall.com/lists/oss-security/2023/04/29/1 http://www.openwall.com/lists/oss-security/2023/05/03/3 http://www.openwall.com/lists/oss-security/2023/05/03/5 http://www.openwall.com/lists/oss-security/2023/05/07/2 https://access.redhat.com/errata/RHSA-2023:6539 https://access.redhat.com/security/cve/CVE-2023-31484 https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/ https://bugzilla.redhat.com/2218667 https://bugzilla.redhat.com/show_bug.cgi?id=2218667 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484 https://errata.almalinux.org/9/ALSA-2023-6539.html https://errata.rockylinux.org/RLSA-2023:6539 https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL) https://github.com/andk/cpanpm/pull/175 https://linux.oracle.com/cve/CVE-2023-31484.html https://linux.oracle.com/errata/ELSA-2024-3094.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/ https://metacpan.org/dist/CPAN/changes https://nvd.nist.gov/vuln/detail/CVE-2023-31484 https://security.netapp.com/advisory/ntap-20240621-0007/ https://ubuntu.com/security/notices/USN-6112-1 https://ubuntu.com/security/notices/USN-6112-2 https://www.cve.org/CVERecord?id=CVE-2023-31484 https://www.openwall.com/lists/oss-security/2023/04/18/14
perl-base CVE-2011-4116 LOW 5.36.0-7+deb12u2 http://www.openwall.com/lists/oss-security/2011/11/04/2 http://www.openwall.com/lists/oss-security/2011/11/04/4 https://access.redhat.com/security/cve/CVE-2011-4116 https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14 https://nvd.nist.gov/vuln/detail/CVE-2011-4116 https://rt.cpan.org/Public/Bug/Display.html?id=69106 https://seclists.org/oss-sec/2011/q4/238 https://www.cve.org/CVERecord?id=CVE-2011-4116
perl-base CVE-2023-31486 LOW 5.36.0-7+deb12u2 http://www.openwall.com/lists/oss-security/2023/04/29/1 http://www.openwall.com/lists/oss-security/2023/05/03/3 http://www.openwall.com/lists/oss-security/2023/05/03/5 http://www.openwall.com/lists/oss-security/2023/05/07/2 https://access.redhat.com/errata/RHSA-2023:6542 https://access.redhat.com/security/cve/CVE-2023-31486 https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/ https://bugzilla.redhat.com/2228392 https://errata.almalinux.org/9/ALSA-2023-6542.html https://github.com/chansen/p5-http-tiny/pull/153 https://hackeriet.github.io/cpan-http-tiny-overview/ https://linux.oracle.com/cve/CVE-2023-31486.html https://linux.oracle.com/errata/ELSA-2023-7174.html https://nvd.nist.gov/vuln/detail/CVE-2023-31486 https://security.netapp.com/advisory/ntap-20241129-0011/ https://www.cve.org/CVERecord?id=CVE-2023-31486 https://www.openwall.com/lists/oss-security/2023/04/18/14 https://www.openwall.com/lists/oss-security/2023/05/03/4 https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/
sysvinit-utils TEMP-0517018-A83CE6 LOW 3.06-4
tar CVE-2005-2541 LOW 1.34+dfsg-1.2+deb12u1 http://marc.info/?l=bugtraq&m=112327628230258&w=2 https://access.redhat.com/security/cve/CVE-2005-2541 https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2005-2541 https://www.cve.org/CVERecord?id=CVE-2005-2541
tar TEMP-0290435-0B57B5 LOW 1.34+dfsg-1.2+deb12u1
util-linux CVE-2022-0563 LOW 2.38.1-5+deb12u3 https://access.redhat.com/security/cve/CVE-2022-0563 https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/ https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.gentoo.org/glsa/202401-08 https://security.netapp.com/advisory/ntap-20220331-0002/ https://www.cve.org/CVERecord?id=CVE-2022-0563
util-linux-extra CVE-2022-0563 LOW 2.38.1-5+deb12u3 https://access.redhat.com/security/cve/CVE-2022-0563 https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/ https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.gentoo.org/glsa/202401-08 https://security.netapp.com/advisory/ntap-20220331-0002/ https://www.cve.org/CVERecord?id=CVE-2022-0563
zlib1g CVE-2023-45853 CRITICAL 1:1.2.13.dfsg-1 http://www.openwall.com/lists/oss-security/2023/10/20/9 http://www.openwall.com/lists/oss-security/2024/01/24/10 https://access.redhat.com/security/cve/CVE-2023-45853 https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356 https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61 https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4 https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c https://github.com/madler/zlib/pull/843 https://github.com/smihica/pyminizip https://github.com/smihica/pyminizip/blob/master/zlib-1.2.11/contrib/minizip/zip.c https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2023-45853 https://pypi.org/project/pyminizip/#history https://security.gentoo.org/glsa/202401-18 https://security.netapp.com/advisory/ntap-20231130-0009 https://security.netapp.com/advisory/ntap-20231130-0009/ https://ubuntu.com/security/notices/USN-7107-1 https://www.cve.org/CVERecord?id=CVE-2023-45853 https://www.winimage.com/zLibDll/minizip.html
No Misconfigurations found