CRITICAL |
CVE-2019-12900 |
bzip2: out-of-bounds write in function BZ2_decompress |
libbz2-1.0 |
1.0.6-8.1 |
|
CRITICAL |
CVE-2019-8457 |
heap out-of-bound read in function rtreenode() |
libdb5.3 |
5.3.28-12+deb9u1 |
|
CRITICAL |
CVE-2019-8457 |
heap out-of-bound read in function rtreenode() |
libsqlite3-0 |
3.16.2-5+deb9u3 |
|
HIGH |
CVE-2016-2779 |
util-linux: runuser tty hijack via TIOCSTI ioctl |
bsdutils |
1:2.29.2-1+deb9u1 |
|
HIGH |
CVE-2018-1000858 |
gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of se |
dirmngr |
2.1.18-8~deb9u4 |
|
HIGH |
CVE-2022-1304 |
out-of-bounds read/write via crafted filesystem |
e2fslibs |
1.43.4-2+deb9u2 |
|
HIGH |
CVE-2022-1304 |
out-of-bounds read/write via crafted filesystem |
e2fsprogs |
1.43.4-2+deb9u2 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
gcc-6-base |
6.3.0-18+deb9u1 |
|
HIGH |
CVE-2018-1000858 |
gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of se |
gnupg |
2.1.18-8~deb9u4 |
|
HIGH |
CVE-2018-1000858 |
gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of se |
gnupg-agent |
2.1.18-8~deb9u4 |
|
HIGH |
CVE-2018-1000858 |
gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of se |
gpgv |
2.1.18-8~deb9u4 |
|
HIGH |
CVE-2016-2779 |
util-linux: runuser tty hijack via TIOCSTI ioctl |
libblkid1 |
2.29.2-1+deb9u1 |
|
HIGH |
CVE-2022-1304 |
out-of-bounds read/write via crafted filesystem |
libcomerr2 |
1.43.4-2+deb9u2 |
|
HIGH |
CVE-2016-2779 |
util-linux: runuser tty hijack via TIOCSTI ioctl |
libfdisk1 |
2.29.2-1+deb9u1 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libgcc1 |
1:6.3.0-18+deb9u1 |
|
HIGH |
CVE-2021-33560 |
mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack ag |
libgcrypt20 |
1.7.6-2+deb9u4 |
|
HIGH |
CVE-2016-2779 |
util-linux: runuser tty hijack via TIOCSTI ioctl |
libmount1 |
2.29.2-1+deb9u1 |
|
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
libncurses5 |
6.0+20161126-1+deb9u2 |
|
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
libncursesw5 |
6.0+20161126-1+deb9u2 |
|
HIGH |
CVE-2020-16156 |
Bypass of verification of signatures in CHECKSUMS files |
libperl5.24 |
5.24.1-3+deb9u7 |
|
HIGH |
CVE-2016-2779 |
util-linux: runuser tty hijack via TIOCSTI ioctl |
libsmartcols1 |
2.29.2-1+deb9u1 |
|
HIGH |
CVE-2022-1304 |
out-of-bounds read/write via crafted filesystem |
libss2 |
1.43.4-2+deb9u2 |
|
HIGH |
CVE-2018-12886 |
gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot |
libstdc++6 |
6.3.0-18+deb9u1 |
|
HIGH |
CVE-2019-3843 |
systemd: services with DynamicUser can create SUID/SGID binaries |
libsystemd0 |
232-25+deb9u13 |
|
HIGH |
CVE-2019-3844 |
systemd: services with DynamicUser can get new privileges and create SGID binaries |
libsystemd0 |
232-25+deb9u13 |
|
HIGH |
CVE-2020-1712 |
systemd: use-after-free when asynchronous polkit queries are performed |
libsystemd0 |
232-25+deb9u13 |
232-25+deb9u14 |
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
libtinfo5 |
6.0+20161126-1+deb9u2 |
|
HIGH |
CVE-2019-3843 |
systemd: services with DynamicUser can create SUID/SGID binaries |
libudev1 |
232-25+deb9u13 |
|
HIGH |
CVE-2019-3844 |
systemd: services with DynamicUser can get new privileges and create SGID binaries |
libudev1 |
232-25+deb9u13 |
|
HIGH |
CVE-2020-1712 |
systemd: use-after-free when asynchronous polkit queries are performed |
libudev1 |
232-25+deb9u13 |
232-25+deb9u14 |
HIGH |
CVE-2016-2779 |
util-linux: runuser tty hijack via TIOCSTI ioctl |
libuuid1 |
2.29.2-1+deb9u1 |
|
HIGH |
CVE-2016-2779 |
util-linux: runuser tty hijack via TIOCSTI ioctl |
mount |
2.29.2-1+deb9u1 |
|
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
ncurses-base |
6.0+20161126-1+deb9u2 |
|
HIGH |
CVE-2022-29458 |
segfaulting OOB read |
ncurses-bin |
6.0+20161126-1+deb9u2 |
|
HIGH |
CVE-2020-16156 |
Bypass of verification of signatures in CHECKSUMS files |
perl |
5.24.1-3+deb9u7 |
|
HIGH |
CVE-2020-16156 |
Bypass of verification of signatures in CHECKSUMS files |
perl-base |
5.24.1-3+deb9u7 |
|
HIGH |
CVE-2020-16156 |
Bypass of verification of signatures in CHECKSUMS files |
perl-modules-5.24 |
5.24.1-3+deb9u7 |
|
HIGH |
CVE-2016-2779 |
util-linux: runuser tty hijack via TIOCSTI ioctl |
util-linux |
2.29.2-1+deb9u1 |
|
HIGH |
CVE-2023-27561 |
volume mount race condition (regression of CVE-2019-19921) |
github.com/opencontainers/runc |
v1.0.1 |
1.1.5 |
MEDIUM |
CVE-2019-13627 |
ECDSA timing attack allowing private key leak |
libgcrypt20 |
1.7.6-2+deb9u4 |
|
MEDIUM |
CVE-2018-16868 |
Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification |
libgnutls30 |
3.5.8-5+deb9u6 |
|
MEDIUM |
CVE-2021-4209 |
Null pointer dereference in MD_UPDATE |
libgnutls30 |
3.5.8-5+deb9u6 |
|
MEDIUM |
CVE-2018-16869 |
Leaky data conversion exposing a manager oracle |
libhogweed4 |
3.3-1+deb9u1 |
|
MEDIUM |
CVE-2018-16869 |
Leaky data conversion exposing a manager oracle |
libnettle6 |
3.3-1+deb9u1 |
|
MEDIUM |
CVE-2020-14155 |
pcre: Integer overflow when parsing callout numeric arguments |
libpcre3 |
2:8.39-3 |
|
MEDIUM |
CVE-2019-19645 |
sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TAB |
libsqlite3-0 |
3.16.2-5+deb9u3 |
|
MEDIUM |
CVE-2020-13631 |
sqlite: Virtual table can be renamed into the name of one of its shadow tables |
libsqlite3-0 |
3.16.2-5+deb9u3 |
|
MEDIUM |
CVE-2021-4160 |
openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure |
libssl1.1 |
1.1.0l-1~deb9u6 |
|
MEDIUM |
CVE-2021-3997 |
Uncontrolled recursion in systemd-tmpfiles when removing files |
libsystemd0 |
232-25+deb9u13 |
|
MEDIUM |
CVE-2021-3997 |
Uncontrolled recursion in systemd-tmpfiles when removing files |
libudev1 |
232-25+deb9u13 |
|
MEDIUM |
CVE-2021-4160 |
openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure |
openssl |
1.1.0l-1~deb9u6 |
|
MEDIUM |
CVE-2021-43784 |
integer overflow in netlink bytemsg length field allows attacker to override netlink-based container |
github.com/opencontainers/runc |
v1.0.1 |
1.0.3 |
MEDIUM |
CVE-2022-29162 |
runc: incorrect handling of inheritable capabilities |
github.com/opencontainers/runc |
v1.0.1 |
1.1.2 |
MEDIUM |
CVE-2023-28642 |
AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount config |
github.com/opencontainers/runc |
v1.0.1 |
1.1.5 |
MEDIUM |
CVE-2022-29526 |
faccessat checks wrong group |
golang.org/x/sys |
v0.0.0-20210817142637-7d9622a276b7 |
0.0.0-20220412211240-33da011f77ad |
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
bsdutils |
1:2.29.2-1+deb9u1 |
|
LOW |
CVE-2016-2781 |
coreutils: Non-privileged session can escape to the parent session in chroot |
coreutils |
8.26-3 |
|
LOW |
CVE-2018-9234 |
GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signin |
dirmngr |
2.1.18-8~deb9u4 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
dirmngr |
2.1.18-8~deb9u4 |
|
LOW |
CVE-2018-9234 |
GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signin |
gnupg |
2.1.18-8~deb9u4 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gnupg |
2.1.18-8~deb9u4 |
|
LOW |
CVE-2018-9234 |
GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signin |
gnupg-agent |
2.1.18-8~deb9u4 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gnupg-agent |
2.1.18-8~deb9u4 |
|
LOW |
CVE-2018-9234 |
GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signin |
gpgv |
2.1.18-8~deb9u4 |
|
LOW |
CVE-2019-14855 |
gnupg2: OpenPGP Key Certification Forgeries with SHA-1 |
gpgv |
2.1.18-8~deb9u4 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libblkid1 |
2.29.2-1+deb9u1 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libfdisk1 |
2.29.2-1+deb9u1 |
|
LOW |
CVE-2017-11462 |
krb5: Automatic sec context deletion could lead to double-free |
libgssapi-krb5-2 |
1.15-1+deb9u3 |
|
LOW |
CVE-2017-11462 |
krb5: Automatic sec context deletion could lead to double-free |
libk5crypto3 |
1.15-1+deb9u3 |
|
LOW |
CVE-2017-11462 |
krb5: Automatic sec context deletion could lead to double-free |
libkrb5-3 |
1.15-1+deb9u3 |
|
LOW |
CVE-2017-11462 |
krb5: Automatic sec context deletion could lead to double-free |
libkrb5support0 |
1.15-1+deb9u3 |
|
LOW |
CVE-2019-17543 |
lz4: heap-based buffer overflow in LZ4_write32 |
liblz4-1 |
0.0~r131-2+deb9u1 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libmount1 |
2.29.2-1+deb9u1 |
|
LOW |
CVE-2018-19211 |
ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c |
libncurses5 |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2019-17594 |
heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c |
libncurses5 |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2019-17595 |
heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c |
libncurses5 |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2018-19211 |
ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c |
libncursesw5 |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2019-17594 |
heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c |
libncursesw5 |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2019-17595 |
heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c |
libncursesw5 |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2021-36084 |
libsepol: use-after-free in __cil_verify_classperms() |
libsepol1 |
2.6-2 |
|
LOW |
CVE-2021-36085 |
libsepol: use-after-free in __cil_verify_classperms() |
libsepol1 |
2.6-2 |
|
LOW |
CVE-2021-36086 |
use-after-free in cil_reset_classpermission() |
libsepol1 |
2.6-2 |
|
LOW |
CVE-2021-36087 |
libsepol: heap-based buffer overflow in ebitmap_match_any() |
libsepol1 |
2.6-2 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libsmartcols1 |
2.29.2-1+deb9u1 |
|
LOW |
CVE-2018-16888 |
systemd: kills privileged process if unprivileged PIDFile was tampered |
libsystemd0 |
232-25+deb9u13 |
|
LOW |
CVE-2018-6954 |
Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files |
libsystemd0 |
232-25+deb9u13 |
|
LOW |
CVE-2018-19211 |
ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c |
libtinfo5 |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2019-17594 |
heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c |
libtinfo5 |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2019-17595 |
heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c |
libtinfo5 |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2018-16888 |
systemd: kills privileged process if unprivileged PIDFile was tampered |
libudev1 |
232-25+deb9u13 |
|
LOW |
CVE-2018-6954 |
Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files |
libudev1 |
232-25+deb9u13 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
libuuid1 |
2.29.2-1+deb9u1 |
|
LOW |
CVE-2018-7169 |
shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p |
login |
1:4.4-4.1+deb9u1 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
mount |
2.29.2-1+deb9u1 |
|
LOW |
CVE-2018-19211 |
ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c |
ncurses-base |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2019-17594 |
heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c |
ncurses-base |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2019-17595 |
heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c |
ncurses-base |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2018-19211 |
ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c |
ncurses-bin |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2019-17594 |
heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c |
ncurses-bin |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2019-17595 |
heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c |
ncurses-bin |
6.0+20161126-1+deb9u2 |
|
LOW |
CVE-2018-7169 |
shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p |
passwd |
1:4.4-4.1+deb9u1 |
|
LOW |
CVE-2021-37600 |
util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils |
util-linux |
2.29.2-1+deb9u1 |
|
LOW |
CVE-2023-25809 |
Rootless runc makes /sys/fs/cgroup writable |
github.com/opencontainers/runc |
v1.0.1 |
1.1.5 |