Skip to content

Security Overview

Helm-Chart

Scan Results

Chart Object: pyload/templates/common.yaml

Type Misconfiguration ID Check Severity Explaination Links
Kubernetes Security Check KSV001 Process can elevate its own privileges MEDIUM
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'RELEASE-NAME-pyload' of Deployment 'RELEASE-NAME-pyload' should set 'securityContext.allowPrivilegeEscalation' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv001
Kubernetes Security Check KSV001 Process can elevate its own privileges MEDIUM
Expand... A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.


Container 'autopermissions' of Deployment 'RELEASE-NAME-pyload' should set 'securityContext.allowPrivilegeEscalation' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv001
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-pyload' of Deployment 'RELEASE-NAME-pyload' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/misconfig/ksv003
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'autopermissions' of Deployment 'RELEASE-NAME-pyload' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/misconfig/ksv003
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'RELEASE-NAME-pyload' of Deployment 'RELEASE-NAME-pyload' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv012
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-pyload' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv012
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'autopermissions' of Deployment 'RELEASE-NAME-pyload' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/misconfig/ksv014
Kubernetes Security Check KSV017 Privileged container HIGH
Expand... Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-pyload' should set 'securityContext.privileged' to false
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/misconfig/ksv017
Kubernetes Security Check KSV020 Runs with low user ID LOW
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'RELEASE-NAME-pyload' of Deployment 'RELEASE-NAME-pyload' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv020
Kubernetes Security Check KSV020 Runs with low user ID LOW
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-pyload' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv020
Kubernetes Security Check KSV021 Runs with low group ID LOW
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.


Container 'RELEASE-NAME-pyload' of Deployment 'RELEASE-NAME-pyload' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv021
Kubernetes Security Check KSV021 Runs with low group ID LOW
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-pyload' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/misconfig/ksv021
Kubernetes Security Check KSV030 Default Seccomp profile not set LOW
Expand... The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.


Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault'
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv030
Kubernetes Security Check KSV030 Default Seccomp profile not set LOW
Expand... The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles.


Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault'
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv030
Kubernetes Security Check KSV105 Containers must not set runAsUser to 0 LOW
Expand... Containers should be forbidden from running with a root UID.


securityContext.runAsUser should be set to a value greater than 0
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv105
Kubernetes Security Check KSV105 Containers must not set runAsUser to 0 LOW
Expand... Containers should be forbidden from running with a root UID.


securityContext.runAsUser should be set to a value greater than 0
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv105
Kubernetes Security Check KSV106 Container capabilities must only include NET_BIND_SERVICE LOW
Expand... Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.


container should drop all
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv106
Kubernetes Security Check KSV106 Container capabilities must only include NET_BIND_SERVICE LOW
Expand... Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability.


container should drop all
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/misconfig/ksv106

Containers

Detected Containers
      tccr.io/truecharts/alpine:[email protected]:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730
      tccr.io/truecharts/pyload:[email protected]:c33489498cb4541bbf936b1ebd1eaebfb0cae279f738aa0e6184969089e94081
Scan Results

Container: tccr.io/truecharts/alpine:[email protected]:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)

alpine

No Vulnerabilities found

Container: tccr.io/truecharts/pyload:[email protected]:c33489498cb4541bbf936b1ebd1eaebfb0cae279f738aa0e6184969089e94081 (alpine 3.11)

alpine

Package Vulnerability Severity Installed Version Fixed Version Links
apk-tools CVE-2021-36159 CRITICAL 2.10.6-r0 2.10.7-r0
Expand...https://github.com/freebsd/freebsd-src/commits/main/lib/libfetch
https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749
https://lists.apache.org/thread.html/[email protected]%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cusers.kafka.apache.org%3E
busybox CVE-2021-42378 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42378
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42379 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42379
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42380 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42380
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42381 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42381
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42382 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42382
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42383 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42383
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
busybox CVE-2021-42384 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42384
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42385 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42385
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42386 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42386
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42374 MEDIUM 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42374
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
c-ares CVE-2021-3672 MEDIUM 1.15.0-r0 1.17.2-r0
Expand...https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22931.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23343.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3672.json
https://access.redhat.com/security/cve/CVE-2021-3672
https://bugzilla.redhat.com/show_bug.cgi?id=1988342
https://c-ares.haxx.se/adv_20210810.html
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672
https://errata.almalinux.org/8/ALSA-2022-2043.html
https://linux.oracle.com/cve/CVE-2021-3672.html
https://linux.oracle.com/errata/ELSA-2022-2043.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3672
https://ubuntu.com/security/notices/USN-5034-1
https://ubuntu.com/security/notices/USN-5034-2
curl CVE-2021-22945 CRITICAL 7.67.0-r4 7.79.0-r0
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22945
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22945.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
https://hackerone.com/reports/1269242
https://lists.fedoraproject.org/archives/list/[email protected]/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22945
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://www.oracle.com/security-alerts/cpuoct2021.html
curl CVE-2021-22926 HIGH 7.67.0-r4 7.67.0-r5
Expand...https://access.redhat.com/security/cve/CVE-2021-22926
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22926.html
https://hackerone.com/reports/1234760
https://lists.apache.org/thread.html/[email protected]%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cusers.kafka.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22926
https://security.netapp.com/advisory/ntap-20210902-0003/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
curl CVE-2021-22946 HIGH 7.67.0-r4 7.79.0-r0
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json
https://access.redhat.com/security/cve/CVE-2021-22946
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22946.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
https://hackerone.com/reports/1334111
https://linux.oracle.com/cve/CVE-2021-22946.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22946
https://security.netapp.com/advisory/ntap-20211029-0003/
https://security.netapp.com/advisory/ntap-20220121-0008/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
curl CVE-2021-22923 MEDIUM 7.67.0-r4 7.79.0-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-22923
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22923.html
https://hackerone.com/reports/1213181
https://linux.oracle.com/cve/CVE-2021-22923.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22923
https://security.netapp.com/advisory/ntap-20210902-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
curl CVE-2021-22925 MEDIUM 7.67.0-r4 7.67.0-r5
Expand...http://seclists.org/fulldisclosure/2021/Sep/39
http://seclists.org/fulldisclosure/2021/Sep/40
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json
https://access.redhat.com/security/cve/CVE-2021-22925
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://curl.se/docs/CVE-2021-22925.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925
https://errata.almalinux.org/8/ALSA-2021-4511.html
https://hackerone.com/reports/1223882
https://linux.oracle.com/cve/CVE-2021-22925.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22925
https://security.netapp.com/advisory/ntap-20210902-0003/
https://support.apple.com/kb/HT212804
https://support.apple.com/kb/HT212805
https://ubuntu.com/security/notices/USN-5021-1
https://ubuntu.com/security/notices/USN-5021-2
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
curl CVE-2021-22947 MEDIUM 7.67.0-r4 7.79.0-r0
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json
https://access.redhat.com/security/cve/CVE-2021-22947
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22947.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
https://hackerone.com/reports/1334763
https://launchpad.net/bugs/1944120 (regression bug)
https://linux.oracle.com/cve/CVE-2021-22947.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22947
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://ubuntu.com/security/notices/USN-5079-3
https://ubuntu.com/security/notices/USN-5079-4
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
curl CVE-2020-8284 LOW 7.67.0-r4 7.79.0-r0
Expand...https://access.redhat.com/security/cve/CVE-2020-8284
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2020-8284.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
https://hackerone.com/reports/1040166
https://linux.oracle.com/cve/CVE-2020-8284.html
https://linux.oracle.com/errata/ELSA-2021-1610.html
https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/
https://lists.fedoraproject.org/archives/list/[email protected]/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/
https://nvd.nist.gov/vuln/detail/CVE-2020-8284
https://security.gentoo.org/glsa/202012-14
https://security.netapp.com/advisory/ntap-20210122-0007/
https://support.apple.com/kb/HT212325
https://support.apple.com/kb/HT212326
https://support.apple.com/kb/HT212327
https://ubuntu.com/security/notices/USN-4665-1
https://ubuntu.com/security/notices/USN-4665-2
https://www.debian.org/security/2021/dsa-4881
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
libcrypto1.1 CVE-2021-3711 CRITICAL 1.1.1k-r0 1.1.1l-r0
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/security/cve/CVE-2021-3711
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-3711
https://rustsec.org/advisories/RUSTSEC-2021-0097.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://ubuntu.com/security/notices/USN-5051-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
libcrypto1.1 CVE-2021-3712 HIGH 1.1.1k-r0 1.1.1l-r0
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json
https://access.redhat.com/security/cve/CVE-2021-3712
https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://linux.oracle.com/cve/CVE-2021-3712.html
https://linux.oracle.com/errata/ELSA-2022-9023.html
https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3712
https://rustsec.org/advisories/RUSTSEC-2021-0098.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://ubuntu.com/security/notices/USN-5051-1
https://ubuntu.com/security/notices/USN-5051-2
https://ubuntu.com/security/notices/USN-5051-3
https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)
https://ubuntu.com/security/notices/USN-5088-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
libcurl CVE-2021-22945 CRITICAL 7.67.0-r4 7.79.0-r0
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/security/cve/CVE-2021-22945
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22945.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
https://hackerone.com/reports/1269242
https://lists.fedoraproject.org/archives/list/[email protected]/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22945
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://www.oracle.com/security-alerts/cpuoct2021.html
libcurl CVE-2021-22926 HIGH 7.67.0-r4 7.67.0-r5
Expand...https://access.redhat.com/security/cve/CVE-2021-22926
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22926.html
https://hackerone.com/reports/1234760
https://lists.apache.org/thread.html/[email protected]%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9[email protected]%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cusers.kafka.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-22926
https://security.netapp.com/advisory/ntap-20210902-0003/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
libcurl CVE-2021-22946 HIGH 7.67.0-r4 7.79.0-r0
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json
https://access.redhat.com/security/cve/CVE-2021-22946
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22946.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
https://hackerone.com/reports/1334111
https://linux.oracle.com/cve/CVE-2021-22946.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22946
https://security.netapp.com/advisory/ntap-20211029-0003/
https://security.netapp.com/advisory/ntap-20220121-0008/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
libcurl CVE-2021-22923 MEDIUM 7.67.0-r4 7.79.0-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-22923
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22923.html
https://hackerone.com/reports/1213181
https://linux.oracle.com/cve/CVE-2021-22923.html
https://linux.oracle.com/errata/ELSA-2021-3582.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22923
https://security.netapp.com/advisory/ntap-20210902-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
libcurl CVE-2021-22925 MEDIUM 7.67.0-r4 7.67.0-r5
Expand...http://seclists.org/fulldisclosure/2021/Sep/39
http://seclists.org/fulldisclosure/2021/Sep/40
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22925.json
https://access.redhat.com/security/cve/CVE-2021-22925
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://curl.se/docs/CVE-2021-22925.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925
https://errata.almalinux.org/8/ALSA-2021-4511.html
https://hackerone.com/reports/1223882
https://linux.oracle.com/cve/CVE-2021-22925.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://nvd.nist.gov/vuln/detail/CVE-2021-22925
https://security.netapp.com/advisory/ntap-20210902-0003/
https://support.apple.com/kb/HT212804
https://support.apple.com/kb/HT212805
https://ubuntu.com/security/notices/USN-5021-1
https://ubuntu.com/security/notices/USN-5021-2
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
libcurl CVE-2021-22947 MEDIUM 7.67.0-r4 7.79.0-r0
Expand...http://seclists.org/fulldisclosure/2022/Mar/29
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22946.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22947.json
https://access.redhat.com/security/cve/CVE-2021-22947
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2021-22947.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
https://hackerone.com/reports/1334763
https://launchpad.net/bugs/1944120 (regression bug)
https://linux.oracle.com/cve/CVE-2021-22947.html
https://linux.oracle.com/errata/ELSA-2021-4059.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
https://nvd.nist.gov/vuln/detail/CVE-2021-22947
https://security.netapp.com/advisory/ntap-20211029-0003/
https://support.apple.com/kb/HT213183
https://ubuntu.com/security/notices/USN-5079-1
https://ubuntu.com/security/notices/USN-5079-2
https://ubuntu.com/security/notices/USN-5079-3
https://ubuntu.com/security/notices/USN-5079-4
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
libcurl CVE-2020-8284 LOW 7.67.0-r4 7.79.0-r0
Expand...https://access.redhat.com/security/cve/CVE-2020-8284
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://curl.se/docs/CVE-2020-8284.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284
https://hackerone.com/reports/1040166
https://linux.oracle.com/cve/CVE-2020-8284.html
https://linux.oracle.com/errata/ELSA-2021-1610.html
https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/
https://lists.fedoraproject.org/archives/list/[email protected]/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/
https://nvd.nist.gov/vuln/detail/CVE-2020-8284
https://security.gentoo.org/glsa/202012-14
https://security.netapp.com/advisory/ntap-20210122-0007/
https://support.apple.com/kb/HT212325
https://support.apple.com/kb/HT212326
https://support.apple.com/kb/HT212327
https://ubuntu.com/security/notices/USN-4665-1
https://ubuntu.com/security/notices/USN-4665-2
https://www.debian.org/security/2021/dsa-4881
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
libssl1.1 CVE-2021-3711 CRITICAL 1.1.1k-r0 1.1.1l-r0
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/security/cve/CVE-2021-3711
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2021-3711
https://rustsec.org/advisories/RUSTSEC-2021-0097.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://ubuntu.com/security/notices/USN-5051-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
libssl1.1 CVE-2021-3712 HIGH 1.1.1k-r0 1.1.1l-r0
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json
https://access.redhat.com/security/cve/CVE-2021-3712
https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://crates.io/crates/openssl-src
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://linux.oracle.com/cve/CVE-2021-3712.html
https://linux.oracle.com/errata/ELSA-2022-9023.html
https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3712
https://rustsec.org/advisories/RUSTSEC-2021-0098.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://ubuntu.com/security/notices/USN-5051-1
https://ubuntu.com/security/notices/USN-5051-2
https://ubuntu.com/security/notices/USN-5051-3
https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)
https://ubuntu.com/security/notices/USN-5088-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
https://www.tenable.com/security/tns-2022-02
libvpx CVE-2020-0034 HIGH 1.8.1-r0 1.8.2-r0
Expand...http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.html
https://access.redhat.com/security/cve/CVE-2020-0034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0034
https://linux.oracle.com/cve/CVE-2020-0034.html
https://linux.oracle.com/errata/ELSA-2020-3876.html
https://lists.debian.org/debian-lts-announce/2021/11/msg00024.html
https://source.android.com/security/bulletin/2020-03-01
nodejs CVE-2021-22930 CRITICAL 12.22.1-r0 12.22.4-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-22930
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://errata.almalinux.org/8/ALSA-2021-3666.html
https://hackerone.com/reports/1238162
https://linux.oracle.com/cve/CVE-2021-22930.html
https://linux.oracle.com/errata/ELSA-2021-3666.html
https://nodejs.org/en/blog/vulnerability/july-2021-security-releases-2/
https://nvd.nist.gov/vuln/detail/CVE-2021-22930
https://security.netapp.com/advisory/ntap-20211112-0002/
nodejs CVE-2021-22931 CRITICAL 12.22.1-r0 12.22.5-r0
Expand...https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22931.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23343.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3672.json
https://access.redhat.com/security/cve/CVE-2021-22931
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://errata.almalinux.org/8/ALSA-2021-3666.html
https://hackerone.com/reports/1178337
https://linux.oracle.com/cve/CVE-2021-22931.html
https://linux.oracle.com/errata/ELSA-2021-3666.html
https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/
https://nvd.nist.gov/vuln/detail/CVE-2021-22931
https://security.netapp.com/advisory/ntap-20210923-0001/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
nodejs CVE-2021-37701 HIGH 12.22.1-r0 12.22.6-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-37701
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://github.com/advisories/GHSA-9r2w-394v-53qc
https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc
https://linux.oracle.com/cve/CVE-2021-37701.html
https://linux.oracle.com/errata/ELSA-2022-0350.html
https://nvd.nist.gov/vuln/detail/CVE-2021-37701
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1779
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
nodejs CVE-2021-37712 HIGH 12.22.1-r0 12.22.6-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-37712
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://github.com/advisories/GHSA-qq89-hq3f-393p
https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p
https://linux.oracle.com/cve/CVE-2021-37712.html
https://linux.oracle.com/errata/ELSA-2022-0350.html
https://nvd.nist.gov/vuln/detail/CVE-2021-37712
https://www.debian.org/security/2021/dsa-5008
https://www.npmjs.com/advisories/1780
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
nodejs CVE-2021-37713 HIGH 12.22.1-r0 12.22.6-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-37713
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://github.com/advisories/GHSA-5955-9wpr-37jh
https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh
https://nvd.nist.gov/vuln/detail/CVE-2021-37713
https://www.npmjs.com/package/tar
https://www.oracle.com/security-alerts/cpuoct2021.html
nodejs CVE-2021-39134 HIGH 12.22.1-r0 12.22.6-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-39134
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://github.com/advisories/GHSA-2h3h-q99f-3fhc
https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc
https://nvd.nist.gov/vuln/detail/CVE-2021-39134
https://www.npmjs.com/package/@npmcli/arborist
https://www.oracle.com/security-alerts/cpuoct2021.html
nodejs CVE-2021-39135 HIGH 12.22.1-r0 12.22.6-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-39135
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://github.com/advisories/GHSA-gmw6-94gg-2rc2
https://github.com/npm/arborist/security/advisories/GHSA-gmw6-94gg-2rc2
https://nvd.nist.gov/vuln/detail/CVE-2021-39135
https://www.npmjs.com/package/@npmcli/arborist
https://www.oracle.com/security-alerts/cpuoct2021.html
nodejs CVE-2021-22918 MEDIUM 12.22.1-r0 12.22.2-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-22918
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918
https://hackerone.com/reports/1209681
https://linux.oracle.com/cve/CVE-2021-22918.html
https://linux.oracle.com/errata/ELSA-2021-3075.html
https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
https://nvd.nist.gov/vuln/detail/CVE-2021-22918
https://security.netapp.com/advisory/ntap-20210805-0003/
https://ubuntu.com/security/notices/USN-5007-1
nodejs CVE-2021-22939 MEDIUM 12.22.1-r0 12.22.5-r0
Expand...https://access.redhat.com/security/cve/CVE-2021-22939
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://errata.almalinux.org/8/ALSA-2021-3666.html
https://hackerone.com/reports/1278254
https://linux.oracle.com/cve/CVE-2021-22939.html
https://linux.oracle.com/errata/ELSA-2021-3666.html
https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/
https://nvd.nist.gov/vuln/detail/CVE-2021-22939
https://security.netapp.com/advisory/ntap-20210917-0003/
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
nodejs CVE-2021-3672 MEDIUM 12.22.1-r0 12.22.5-r0
Expand...https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22931.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23343.json
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3672.json
https://access.redhat.com/security/cve/CVE-2021-3672
https://bugzilla.redhat.com/show_bug.cgi?id=1988342
https://c-ares.haxx.se/adv_20210810.html
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672
https://errata.almalinux.org/8/ALSA-2022-2043.html
https://linux.oracle.com/cve/CVE-2021-3672.html
https://linux.oracle.com/errata/ELSA-2022-2043.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3672
https://ubuntu.com/security/notices/USN-5034-1
https://ubuntu.com/security/notices/USN-5034-2
ssl_client CVE-2021-42378 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42378
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42379 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42379
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42380 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42380
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42381 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42381
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42382 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42382
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42383 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42383
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
ssl_client CVE-2021-42384 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42384
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42385 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42385
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42386 HIGH 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42386
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42374 MEDIUM 1.31.1-r10 1.31.1-r11
Expand...https://access.redhat.com/security/cve/CVE-2021-42374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/[email protected]/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://nvd.nist.gov/vuln/detail/CVE-2021-42374
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1

python-pkg

Package Vulnerability Severity Installed Version Fixed Version Links
Pillow CVE-2021-25287 CRITICAL 6.2.2 8.2.0
Expand...https://access.redhat.com/security/cve/CVE-2021-25287
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25287
https://github.com/advisories/GHSA-77gc-v2xv-rvvh
https://github.com/python-pillow/Pillow/commit/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://github.com/python-pillow/Pillow/pull/5377/commits/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://lists.fedoraproject.org/archives/list/[email protected]/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25287
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
Pillow CVE-2021-25288 CRITICAL 6.2.2 8.2.0
Expand...https://access.redhat.com/security/cve/CVE-2021-25288
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25288
https://github.com/advisories/GHSA-rwv7-3v45-hg29
https://github.com/python-pillow/Pillow/commit/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87
https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470
https://lists.fedoraproject.org/archives/list/[email protected]/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-25288
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
Pillow CVE-2021-25289 CRITICAL 6.2.2 8.1.1
Expand...https://access.redhat.com/security/cve/CVE-2021-25289
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25289
https://github.com/advisories/GHSA-57h3-9rgr-c24m
https://github.com/python-pillow/Pillow/commit/3fee28eb9479bf7d59e0fa08068f9cc4a6e2f04c
https://nvd.nist.gov/vuln/detail/CVE-2021-25289
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4763-1
Pillow CVE-2021-34552 CRITICAL 6.2.2 8.3.0
Expand...https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34552.json
https://access.redhat.com/security/cve/CVE-2021-34552
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34552
https://github.com/advisories/GHSA-7534-mm45-c74v
https://github.com/python-pillow/Pillow/pull/5567
https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/7V6LCG525ARIX6LX5QRYNAWVDD2MD2SV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/VUGBBT63VL7G4JNOEIPDJIOC34ZFBKNJ/
https://nvd.nist.gov/vuln/detail/CVE-2021-34552
https://pillow.readthedocs.io/en/stable/releasenotes/8.3.0.html#buffer-overflow
https://pillow.readthedocs.io/en/stable/releasenotes/index.html
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
Pillow CVE-2022-22817 CRITICAL 6.2.2 9.0.0
Expand...https://access.redhat.com/security/cve/CVE-2022-22817
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817
https://github.com/advisories/GHSA-8vj2-vxx3-667w
https://github.com/python-pillow/Pillow/commit/8531b01d6cdf0b70f256f93092caa2a5d91afc11
https://linux.oracle.com/cve/CVE-2022-22817.html
https://linux.oracle.com/errata/ELSA-2022-0643.html
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22817
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
Pillow CVE-2022-24303 CRITICAL 6.2.2 9.0.1
Expand...https://access.redhat.com/security/cve/CVE-2022-24303
https://github.com/advisories/GHSA-9j59-75qj-795w
https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2022-168.yaml
https://github.com/python-pillow/Pillow/commit/427221ef5f19157001bf8b1ad7cfe0b905ca8c26
https://github.com/python-pillow/Pillow/pull/3450
https://lists.fedoraproject.org/archives/list/[email protected]/message/W4ZUXPKEX72O3E5IHBPVY5ZCPMJ4GHHV/
https://lists.fedoraproject.org/archives/list/[email protected]/message/XR6UP2XONXOVXI4446VY72R63YRO2YTP/
https://nvd.nist.gov/vuln/detail/CVE-2022-24303
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security
Pillow CVE-2020-10379 HIGH 6.2.2 7.1.0
Expand...https://access.redhat.com/security/cve/CVE-2020-10379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10379
https://github.com/advisories/GHSA-8843-m7mw-mxqm
https://github.com/python-pillow/Pillow/commit/46f4a349b88915787fea3fb91348bb1665831bbb#diff-9478f2787e3ae9668a15123b165c23ac
https://github.com/python-pillow/Pillow/commits/master/src/libImaging
https://github.com/python-pillow/Pillow/pull/4538
https://lists.fedoraproject.org/archives/list/[email protected]/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/
https://nvd.nist.gov/vuln/detail/CVE-2020-10379
https://pillow.readthedocs.io/en/stable/releasenotes/6.2.3.html
https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html
https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574577
https://ubuntu.com/security/notices/USN-4430-2
https://usn.ubuntu.com/4430-2/
Pillow CVE-2020-11538 HIGH 6.2.2 7.1.0
Expand...https://access.redhat.com/security/cve/CVE-2020-11538
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11538
https://github.com/advisories/GHSA-43fq-w8qq-v88h
https://github.com/python-pillow/Pillow/blob/master/docs/releasenotes/7.1.0.rst#security
https://github.com/python-pillow/Pillow/commit/2ef59fdbaeb756bc512ab3f2ad15ac45665b303d
https://github.com/python-pillow/Pillow/pull/4504
https://github.com/python-pillow/Pillow/pull/4538
https://linux.oracle.com/cve/CVE-2020-11538.html
https://linux.oracle.com/errata/ELSA-2020-3185.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/
https://nvd.nist.gov/vuln/detail/CVE-2020-11538
https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html
https://pillow.readthedocs.io/en/stable/releasenotes/index.html
https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574574
https://ubuntu.com/security/notices/USN-4430-1
https://ubuntu.com/security/notices/USN-4430-2
https://usn.ubuntu.com/4430-1/
https://usn.ubuntu.com/4430-2/
Pillow CVE-2020-35653 HIGH 6.2.2 8.1.0
Expand...https://access.redhat.com/security/cve/CVE-2020-35653
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35653
https://github.com/advisories/GHSA-f5g8-5qq7-938w
https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE/
https://lists.fedoraproject.org/archives/list/[email protected]/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD/
https://nvd.nist.gov/vuln/detail/CVE-2020-35653
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security
https://pillow.readthedocs.io/en/stable/releasenotes/index.html
https://ubuntu.com/security/notices/USN-4697-1
https://ubuntu.com/security/notices/USN-4697-2
Pillow CVE-2020-35654 HIGH 6.2.2 8.1.0
Expand...https://access.redhat.com/security/cve/CVE-2020-35654
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35654
https://github.com/advisories/GHSA-vqcj-wrf2-7v73
https://lists.fedoraproject.org/archives/list/[email protected]/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE/
https://lists.fedoraproject.org/archives/list/[email protected]/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/TQQY6472RX4J2SUJENWDZAWKTJJGP2ML/
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZTSY25UJU7NJUFHH3HWT575LT4TDFWBZ/
https://nvd.nist.gov/vuln/detail/CVE-2020-35654
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security
https://pillow.readthedocs.io/en/stable/releasenotes/index.html
https://ubuntu.com/security/notices/USN-4697-1
Pillow CVE-2021-23437 HIGH 6.2.2 8.3.2
Expand...https://access.redhat.com/security/cve/CVE-2021-23437
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23437
https://github.com/advisories/GHSA-98vv-pw6r-q6q4
https://github.com/python-pillow/Pillow/commit/9e08eb8f78fdfd2f476e1b20b7cf38683754866b
https://lists.fedoraproject.org/archives/list/[email protected]/message/RNSG6VFXTAROGF7ACYLMAZNQV4EJ6I2C/
https://lists.fedoraproject.org/archives/list/[email protected]/message/VKRCL7KKAKOXCVD7M6WC5OKFGL4L3SJT/
https://nvd.nist.gov/vuln/detail/CVE-2021-23437
https://pillow.readthedocs.io/en/stable/releasenotes/8.3.2.html
https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1319443
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
Pillow CVE-2021-25290 HIGH 6.2.2 8.1.1
Expand...https://access.redhat.com/security/cve/CVE-2021-25290
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25290
https://github.com/advisories/GHSA-8xjq-8fcg-g5hw
https://github.com/python-pillow/Pillow/commit/86f02f7c70862a0954bfe8133736d352db978eaa
https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2021-25290
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4763-1
Pillow CVE-2021-25291 HIGH 6.2.2 8.1.1
Expand...https://access.redhat.com/security/cve/CVE-2021-25291
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25291
https://github.com/advisories/GHSA-mvg9-xffr-p774
https://github.com/python-pillow/Pillow/commit/cbdce6c5d054fccaf4af34b47f212355c64ace7a
https://nvd.nist.gov/vuln/detail/CVE-2021-25291
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4763-1
Pillow CVE-2021-25293 HIGH 6.2.2 8.1.1
Expand...https://access.redhat.com/security/cve/CVE-2021-25293
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25293
https://github.com/advisories/GHSA-p43w-g3c5-g5mq
https://github.com/python-pillow/Pillow/commit/4853e522bddbec66022c0915b9a56255d0188bf9
https://nvd.nist.gov/vuln/detail/CVE-2021-25293
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4763-1
Pillow CVE-2021-27921 HIGH 6.2.2 8.1.1
Expand...https://access.redhat.com/security/cve/CVE-2021-27921
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27921
https://github.com/advisories/GHSA-f4w8-cv6p-x6r5
https://lists.fedoraproject.org/archives/list/[email protected]/message/S7G44Z33J4BNI2DPDROHWGVG2U7ZH5JU/
https://lists.fedoraproject.org/archives/list/[email protected]/message/TQQY6472RX4J2SUJENWDZAWKTJJGP2ML/
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZTSY25UJU7NJUFHH3HWT575LT4TDFWBZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-27921
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4763-1
Pillow CVE-2021-27922 HIGH 6.2.2 8.1.1
Expand...https://access.redhat.com/security/cve/CVE-2021-27922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27922
https://github.com/advisories/GHSA-3wvg-mj6g-m9cv
https://lists.fedoraproject.org/archives/list/[email protected]/message/S7G44Z33J4BNI2DPDROHWGVG2U7ZH5JU/
https://lists.fedoraproject.org/archives/list/[email protected]/message/TQQY6472RX4J2SUJENWDZAWKTJJGP2ML/
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZTSY25UJU7NJUFHH3HWT575LT4TDFWBZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-27922
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4763-1
Pillow CVE-2021-27923 HIGH 6.2.2 8.1.1
Expand...https://access.redhat.com/security/cve/CVE-2021-27923
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27923
https://github.com/advisories/GHSA-95q3-8gr9-gm8w
https://lists.fedoraproject.org/archives/list/[email protected]/message/S7G44Z33J4BNI2DPDROHWGVG2U7ZH5JU/
https://lists.fedoraproject.org/archives/list/[email protected]/message/TQQY6472RX4J2SUJENWDZAWKTJJGP2ML/
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZTSY25UJU7NJUFHH3HWT575LT4TDFWBZ/
https://nvd.nist.gov/vuln/detail/CVE-2021-27923
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4763-1
Pillow CVE-2021-28676 HIGH 6.2.2 8.2.0
Expand...https://access.redhat.com/security/cve/CVE-2021-28676
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28676
https://github.com/advisories/GHSA-7r7m-5h27-29hp
https://github.com/python-pillow/Pillow/pull/5377
https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28676
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28676-fix-fli-dos
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#security
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
Pillow CVE-2021-28677 HIGH 6.2.2 8.2.0
Expand...https://access.redhat.com/security/cve/CVE-2021-28677
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28677
https://github.com/advisories/GHSA-q5hq-fp76-qmrc
https://github.com/python-pillow/Pillow/pull/5377
https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28677
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28677-fix-eps-dos-on-open
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
Pillow CVE-2020-10177 MEDIUM 6.2.2 7.1.0
Expand...https://access.redhat.com/security/cve/CVE-2020-10177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10177
https://github.com/advisories/GHSA-cqhg-xjhh-p8hf
https://github.com/python-pillow/Pillow/commits/master/src/libImaging
https://github.com/python-pillow/Pillow/pull/4503
https://github.com/python-pillow/Pillow/pull/4538
https://lists.debian.org/debian-lts-announce/2020/08/msg00012.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/
https://nvd.nist.gov/vuln/detail/CVE-2020-10177
https://pillow.readthedocs.io/en/stable/releasenotes/6.2.3.html
https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html
https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574573
https://ubuntu.com/security/notices/USN-4430-1
https://ubuntu.com/security/notices/USN-4430-2
https://ubuntu.com/security/notices/USN-4697-2
https://usn.ubuntu.com/4430-1/
https://usn.ubuntu.com/4430-2/
Pillow CVE-2020-10378 MEDIUM 6.2.2 7.1.0
Expand...https://access.redhat.com/security/cve/CVE-2020-10378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10378
https://github.com/advisories/GHSA-3xv8-3j54-hgrp
https://github.com/pypa/advisory-db/blob/7872b0a91b4d980f749e6d75a81f8cc1af32829f/vulns/pillow/PYSEC-2020-77.yaml
https://github.com/python-pillow/Pillow/commit/6a83e4324738bb0452fbe8074a995b1c73f08de7#diff-9478f2787e3ae9668a15123b165c23ac
https://github.com/python-pillow/Pillow/commits/master/src/libImaging
https://github.com/python-pillow/Pillow/pull/4538
https://lists.fedoraproject.org/archives/list/[email protected]/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/
https://nvd.nist.gov/vuln/detail/CVE-2020-10378
https://pillow.readthedocs.io/en/stable/releasenotes/6.2.3.html
https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html
https://ubuntu.com/security/notices/USN-4430-1
https://ubuntu.com/security/notices/USN-4430-2
https://usn.ubuntu.com/4430-1/
https://usn.ubuntu.com/4430-2/
Pillow CVE-2020-10994 MEDIUM 6.2.2 7.0.0
Expand...https://access.redhat.com/security/cve/CVE-2020-10994
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10994
https://github.com/advisories/GHSA-vj42-xq3r-hr3r
https://github.com/python-pillow/Pillow/blob/master/docs/releasenotes/7.1.0.rst#security
https://github.com/python-pillow/Pillow/commit/ff60894d697d1992147b791101ad53a8bf1352e4
https://github.com/python-pillow/Pillow/commits/master/src/libImaging/
https://github.com/python-pillow/Pillow/pull/4505
https://github.com/python-pillow/Pillow/pull/4538
https://lists.fedoraproject.org/archives/list/[email protected]/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/
https://nvd.nist.gov/vuln/detail/CVE-2020-10994
https://pillow.readthedocs.io/en/stable/releasenotes/
https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html
https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574575
https://ubuntu.com/security/notices/USN-4430-1
https://ubuntu.com/security/notices/USN-4430-2
https://usn.ubuntu.com/4430-1/
https://usn.ubuntu.com/4430-2/
Pillow CVE-2020-35655 MEDIUM 6.2.2 8.1.0
Expand...https://access.redhat.com/security/cve/CVE-2020-35655
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35655
https://github.com/advisories/GHSA-hf64-x4gq-p99h
https://lists.fedoraproject.org/archives/list/[email protected]/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE/
https://lists.fedoraproject.org/archives/list/[email protected]/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD/
https://nvd.nist.gov/vuln/detail/CVE-2020-35655
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security
https://pillow.readthedocs.io/en/stable/releasenotes/index.html
https://ubuntu.com/security/notices/USN-4697-1
Pillow CVE-2021-25292 MEDIUM 6.2.2 8.1.1
Expand...https://access.redhat.com/security/cve/CVE-2021-25292
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25292
https://github.com/advisories/GHSA-9hx2-hgq2-2g4f
https://github.com/python-pillow/Pillow/commit/3bce145966374dd39ce58a6fc0083f8d1890719c
https://github.com/python-pillow/Pillow/commit/6207b44ab1ff4a91d8ddc7579619876d0bb191a4
https://nvd.nist.gov/vuln/detail/CVE-2021-25292
https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4763-1
Pillow CVE-2021-28675 MEDIUM 6.2.2 8.2.0
Expand...https://access.redhat.com/security/cve/CVE-2021-28675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28675
https://github.com/advisories/GHSA-g6rj-rv7j-xwp4
https://github.com/python-pillow/Pillow/pull/5377/commits/22e9bee4ef225c0edbb9323f94c26cee0c623497
https://lists.fedoraproject.org/archives/list/[email protected]/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28675
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28675-fix-dos-in-psdimageplugin
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
Pillow CVE-2021-28678 MEDIUM 6.2.2 8.2.0
Expand...https://access.redhat.com/security/cve/CVE-2021-28678
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28678
https://github.com/advisories/GHSA-hjfx-8p6c-g7gx
https://github.com/python-pillow/Pillow/pull/5377
https://github.com/python-pillow/Pillow/pull/5377/commits/496245aa4365d0827390bd0b6fbd11287453b3a1
https://lists.fedoraproject.org/archives/list/[email protected]/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/
https://nvd.nist.gov/vuln/detail/CVE-2021-28678
https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28678-fix-blp-dos
https://security.gentoo.org/glsa/202107-33
https://ubuntu.com/security/notices/USN-4963-1
Pillow CVE-2022-22815 MEDIUM 6.2.2 9.0.0
Expand...https://access.redhat.com/security/cve/CVE-2022-22815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22815
https://github.com/advisories/GHSA-pw3c-h7wp-cvhx
https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331
https://github.com/python-pillow/Pillow/commit/c48271ab354db49cdbd740bc45e13be4f0f7993c
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22815
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
Pillow CVE-2022-22816 MEDIUM 6.2.2 9.0.0
Expand...https://access.redhat.com/security/cve/CVE-2022-22816
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22816
https://github.com/advisories/GHSA-xrcv-f9gm-v42c
https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331
https://linux.oracle.com/cve/CVE-2022-22816.html
https://linux.oracle.com/errata/ELSA-2022-0643.html
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22816
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
Pillow GHSA-jgpv-4h4c-xhw3 MEDIUM 6.2.2 8.1.2
Expand...https://github.com/advisories/GHSA-jgpv-4h4c-xhw3
https://github.com/calix2/pyVulApp/security/advisories/GHSA-jgpv-4h4c-xhw3
Pillow GHSA-4fx9-vc88-q2xc LOW 6.2.2 9.0.0
Expand...https://github.com/advisories/GHSA-4fx9-vc88-q2xc
https://github.com/python-pillow/Pillow/commit/baae9ec4b67c68e3adaf1208cf54e8de5e38a6fd
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#ensure-jpegimageplugin-stops-at-the-end-of-a-truncated-file
Pillow PYSEC-2020-77 UNKNOWN 6.2.2 7.1.0
Expand...https://github.com/python-pillow/Pillow/commit/6a83e4324738bb0452fbe8074a995b1c73f08de7#diff-9478f2787e3ae9668a15123b165c23ac
https://github.com/python-pillow/Pillow/commits/master/src/libImaging
https://github.com/python-pillow/Pillow/pull/4538
https://lists.fedoraproject.org/archives/list/[email protected]/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/
https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html
https://usn.ubuntu.com/4430-1/
https://usn.ubuntu.com/4430-2/
Pillow PYSEC-2020-78 UNKNOWN 6.2.2 7.1.0
Expand...https://github.com/python-pillow/Pillow/commit/46f4a349b88915787fea3fb91348bb1665831bbb#diff-9478f2787e3ae9668a15123b165c23ac
https://github.com/python-pillow/Pillow/commits/master/src/libImaging
https://github.com/python-pillow/Pillow/pull/4538
https://lists.fedoraproject.org/archives/list/[email protected]/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427/
https://pillow.readthedocs.io/en/stable/releasenotes/7.1.0.html
https://usn.ubuntu.com/4430-2/
pycrypto CVE-2013-7459 CRITICAL 2.6.1
Expand...http://www.openwall.com/lists/oss-security/2016/12/27/8
http://www.securityfocus.com/bid/95122
https://access.redhat.com/security/cve/CVE-2013-7459
https://bugzilla.redhat.com/show_bug.cgi?id=1409754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7459
https://github.com/advisories/GHSA-cq27-v7xp-c356
https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4
https://github.com/dlitz/pycrypto/issues/176
https://lists.fedoraproject.org/archives/list/[email protected]/message/C6BWNADPLKDBBQBUT3P75W7HAJCE7M3B/
https://lists.fedoraproject.org/archives/list/[email protected]/message/RJ37R2YLX56YZABFNAOWV4VTHTGYREAE/
https://nvd.nist.gov/vuln/detail/CVE-2013-7459
https://pony7.fr/ctf:public:32c3:cryptmsg
https://security.gentoo.org/glsa/201702-14
https://ubuntu.com/security/notices/USN-3199-1
https://ubuntu.com/security/notices/USN-3199-2
https://ubuntu.com/security/notices/USN-3199-3
pycrypto CVE-2018-6594 HIGH 2.6.1
Expand...https://access.redhat.com/security/cve/CVE-2018-6594
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6594
https://github.com/Legrandin/pycryptodome/issues/90
https://github.com/TElgamal/attack-on-pycrypto-elgamal
https://github.com/advisories/GHSA-6528-wvf6-f6qg
https://github.com/dlitz/pycrypto/issues/253
https://lists.debian.org/debian-lts-announce/2018/02/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2018-6594
https://security.gentoo.org/glsa/202007-62
https://ubuntu.com/security/notices/USN-3616-1
https://ubuntu.com/security/notices/USN-3616-2
https://usn.ubuntu.com/3616-1/
https://usn.ubuntu.com/3616-2/