dockerhub.hi.inet evolved 5g fogusnetapp evolved5g_pilot_php - Telefonica/Evolved5g-FogusNetApp Wiki

Scan of image: dockerhub.hi.inet/evolved-5g/fogusnetapp-evolved5g_pilot_php


Summary

Severity Number of vulnerabilities
CRITICAL 13
HIGH 67
MEDIUM 53
LOW 277

Vulnerabilities

Severity ID Title PkgName InstalledVersion FixedVersion
CRITICAL CVE-2022-28615 httpd: out-of-bounds read in ap_strcmp_match() apache2 2.4.53-1~deb11u1
CRITICAL CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism apache2 2.4.53-1~deb11u1
CRITICAL CVE-2022-28615 httpd: out-of-bounds read in ap_strcmp_match() apache2-bin 2.4.53-1~deb11u1
CRITICAL CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism apache2-bin 2.4.53-1~deb11u1
CRITICAL CVE-2022-28615 httpd: out-of-bounds read in ap_strcmp_match() apache2-data 2.4.53-1~deb11u1
CRITICAL CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism apache2-data 2.4.53-1~deb11u1
CRITICAL CVE-2022-28615 httpd: out-of-bounds read in ap_strcmp_match() apache2-utils 2.4.53-1~deb11u1
CRITICAL CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism apache2-utils 2.4.53-1~deb11u1
CRITICAL CVE-2021-22945 curl: use-after-free and double-free in MQTT sending curl 7.74.0-1.3+deb11u1
CRITICAL CVE-2021-22945 curl: use-after-free and double-free in MQTT sending libcurl4 7.74.0-1.3+deb11u1
CRITICAL CVE-2019-8457 sqlite: heap out-of-bound read in function rtreenode() libdb5.3 5.3.28+dfsg1-0.8
CRITICAL CVE-2022-1586 pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c libpcre2-8-0 10.36-2
CRITICAL CVE-2022-1587 pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c libpcre2-8-0 10.36-2
HIGH CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling apache2 2.4.53-1~deb11u1
HIGH CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody apache2 2.4.53-1~deb11u1
HIGH CVE-2022-30522 httpd: mod_sed: DoS vulnerability apache2 2.4.53-1~deb11u1
HIGH CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets apache2 2.4.53-1~deb11u1
HIGH CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling apache2-bin 2.4.53-1~deb11u1
HIGH CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody apache2-bin 2.4.53-1~deb11u1
HIGH CVE-2022-30522 httpd: mod_sed: DoS vulnerability apache2-bin 2.4.53-1~deb11u1
HIGH CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets apache2-bin 2.4.53-1~deb11u1
HIGH CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling apache2-data 2.4.53-1~deb11u1
HIGH CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody apache2-data 2.4.53-1~deb11u1
HIGH CVE-2022-30522 httpd: mod_sed: DoS vulnerability apache2-data 2.4.53-1~deb11u1
HIGH CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets apache2-data 2.4.53-1~deb11u1
HIGH CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling apache2-utils 2.4.53-1~deb11u1
HIGH CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody apache2-utils 2.4.53-1~deb11u1
HIGH CVE-2022-30522 httpd: mod_sed: DoS vulnerability apache2-utils 2.4.53-1~deb11u1
HIGH CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets apache2-utils 2.4.53-1~deb11u1
HIGH CVE-2021-22946 curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols curl 7.74.0-1.3+deb11u1
HIGH CVE-2022-22576 curl: OAUTH2 bearer bypass in connection re-use curl 7.74.0-1.3+deb11u1
HIGH CVE-2022-27775 curl: bad local IPv6 connection reuse curl 7.74.0-1.3+deb11u1
HIGH CVE-2022-27781 curl: CERTINFO never-ending busy-loop curl 7.74.0-1.3+deb11u1
HIGH CVE-2022-27782 curl: TLS and SSH connection too eager reuse curl 7.74.0-1.3+deb11u1
HIGH CVE-2022-1304 e2fsprogs: out-of-bounds read/write via crafted filesystem e2fsprogs 1.46.2-2
HIGH CVE-2021-3999 glibc: Off-by-one buffer overflow/underflow in getcwd() libc-bin 2.31-13+deb11u3
HIGH CVE-2021-3999 glibc: Off-by-one buffer overflow/underflow in getcwd() libc-dev-bin 2.31-13+deb11u3
HIGH CVE-2021-3999 glibc: Off-by-one buffer overflow/underflow in getcwd() libc6 2.31-13+deb11u3
HIGH CVE-2021-3999 glibc: Off-by-one buffer overflow/underflow in getcwd() libc6-dev 2.31-13+deb11u3
HIGH CVE-2022-1304 e2fsprogs: out-of-bounds read/write via crafted filesystem libcom-err2 1.46.2-2
HIGH CVE-2021-22946 curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols libcurl4 7.74.0-1.3+deb11u1
HIGH CVE-2022-22576 curl: OAUTH2 bearer bypass in connection re-use libcurl4 7.74.0-1.3+deb11u1
HIGH CVE-2022-27775 curl: bad local IPv6 connection reuse libcurl4 7.74.0-1.3+deb11u1
HIGH CVE-2022-27781 curl: CERTINFO never-ending busy-loop libcurl4 7.74.0-1.3+deb11u1
HIGH CVE-2022-27782 curl: TLS and SSH connection too eager reuse libcurl4 7.74.0-1.3+deb11u1
HIGH CVE-2022-1304 e2fsprogs: out-of-bounds read/write via crafted filesystem libext2fs2 1.46.2-2
HIGH CVE-2021-33560 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channe libgcrypt20 1.8.7-6
HIGH CVE-2019-6706 lua: use-after-free in lua_upvaluejoin in lapi.c resulting in denial of service liblua5.3-0 5.3.3-1.1
HIGH CVE-2022-29458 ncurses: segfaulting OOB read libncurses6 6.2+20201114-2
HIGH CVE-2022-29458 ncurses: segfaulting OOB read libncursesw6 6.2+20201114-2
HIGH CVE-2020-16156 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files libperl5.32 5.32.1-4+deb11u2
HIGH CVE-2022-1304 e2fsprogs: out-of-bounds read/write via crafted filesystem libss2 1.46.2-2
HIGH CVE-2022-29458 ncurses: segfaulting OOB read libtinfo6 6.2+20201114-2
HIGH CVE-2013-7445 kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects linux-libc-dev 5.10.113-1
HIGH CVE-2019-19378 kernel: out-of-bounds write in index_rbio_pages in fs/btrfs/raid56.c linux-libc-dev 5.10.113-1
HIGH CVE-2019-19449 kernel: mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_ linux-libc-dev 5.10.113-1
HIGH CVE-2019-19814 kernel: out-of-bounds write in __remove_dirty_segment in fs/f2fs/segment.c linux-libc-dev 5.10.113-1
HIGH CVE-2020-12362 kernel: Integer overflow in Intel(R) Graphics Drivers linux-libc-dev 5.10.113-1
HIGH CVE-2021-3847 kernel: low-privileged user privileges escalation linux-libc-dev 5.10.113-1
HIGH CVE-2021-3864 kernel: descendant's dumpable setting with certain SUID binaries linux-libc-dev 5.10.113-1
HIGH CVE-2021-39686 kernel: race condition in the Android binder driver could lead to incorrect security checks linux-libc-dev 5.10.113-1
HIGH CVE-2021-4204 kernel: improper input validation may lead to privilege escalation linux-libc-dev 5.10.113-1
HIGH CVE-2022-0500 kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileg linux-libc-dev 5.10.113-1
HIGH CVE-2022-1012 kernel: Small table perturb size in the TCP source port generation algorithm can lead to information linux-libc-dev 5.10.113-1 5.10.120-1
HIGH CVE-2022-1247 kernel: A race condition bug in rose_connect() linux-libc-dev 5.10.113-1
HIGH CVE-2022-1652 kernel: A concurrency use-after-free in bad_flp_intr linux-libc-dev 5.10.113-1 5.10.120-1
HIGH CVE-2022-1679 kernel: Use-After-Free in ath9k_htc_probe_device() could cause an escalation of privileges linux-libc-dev 5.10.113-1
HIGH CVE-2022-1786 kernel: invalid-free in io_uring that can lead to LPE linux-libc-dev 5.10.113-1 5.10.120-1
HIGH CVE-2022-1882 kernel: Use-After-Free in free_pipe_info() could cause an escalation of privileges linux-libc-dev 5.10.113-1
HIGH CVE-2022-28893 kernel: Use after free in SUNRPC subsystem linux-libc-dev 5.10.113-1 5.10.120-1
HIGH CVE-2022-32250 kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) linux-libc-dev 5.10.113-1 5.10.120-1
HIGH CVE-2022-32981 kernel: Linux kernel for powerpc 32-bit buffer overflow in ptrace PEEKUSER/POKEUSER linux-libc-dev 5.10.113-1
HIGH CVE-2022-1304 e2fsprogs: out-of-bounds read/write via crafted filesystem logsave 1.46.2-2
HIGH CVE-2022-29458 ncurses: segfaulting OOB read ncurses-base 6.2+20201114-2
HIGH CVE-2022-29458 ncurses: segfaulting OOB read ncurses-bin 6.2+20201114-2
HIGH CVE-2020-16156 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files perl 5.32.1-4+deb11u2
HIGH CVE-2020-16156 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files perl-base 5.32.1-4+deb11u2
HIGH CVE-2020-16156 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files perl-modules-5.32 5.32.1-4+deb11u2
HIGH CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes ansi-regex 3.0.0 3.0.1, 4.1.1, 5.0.1, 6.0.1
HIGH CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes ansi-regex 4.1.0 3.0.1, 4.1.1, 5.0.1, 6.0.1
MEDIUM CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite() apache2 2.4.53-1~deb11u1
MEDIUM CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite() apache2-bin 2.4.53-1~deb11u1
MEDIUM CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite() apache2-data 2.4.53-1~deb11u1
MEDIUM CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite() apache2-utils 2.4.53-1~deb11u1
MEDIUM CVE-2021-22947 curl: Server responses received before STARTTLS processed after TLS handshake curl 7.74.0-1.3+deb11u1
MEDIUM CVE-2022-27774 curl: credential leak on redirect curl 7.74.0-1.3+deb11u1
MEDIUM CVE-2022-27776 curl: auth/cookie leak on redirect curl 7.74.0-1.3+deb11u1
MEDIUM CVE-2021-22947 curl: Server responses received before STARTTLS processed after TLS handshake libcurl4 7.74.0-1.3+deb11u1
MEDIUM CVE-2022-27774 curl: credential leak on redirect libcurl4 7.74.0-1.3+deb11u1
MEDIUM CVE-2022-27776 curl: auth/cookie leak on redirect libcurl4 7.74.0-1.3+deb11u1
MEDIUM CVE-2021-4209 GnuTLS: Null pointer dereference in MD_UPDATE libgnutls30 3.7.1-5
MEDIUM CVE-2020-24370 lua: segmentation fault in getlocal and setlocal functions in ldebug.c liblua5.3-0 5.3.3-1.1
MEDIUM CVE-2021-43519 lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file liblua5.3-0 5.3.3-1.1
MEDIUM CVE-2021-45346 sqlite: crafted SQL query allows a malicious user to obtain sensitive information libsqlite3-0 3.34.1-3
MEDIUM CVE-2022-2068 openssl: the c_rehash script allows command injection libssl1.1 1.1.1n-0+deb11u2
MEDIUM CVE-2019-15213 kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c linux-libc-dev 5.10.113-1
MEDIUM CVE-2019-15794 kernel: Overlayfs in the Linux kernel and shiftfs not restoring original value on error leading to linux-libc-dev 5.10.113-1
MEDIUM CVE-2019-16089 kernel: Improper return check in nbd_genl_status function in drivers/block/nbd.c linux-libc-dev 5.10.113-1
MEDIUM CVE-2019-20794 kernel: task processes not being properly ended could lead to resource exhaustion linux-libc-dev 5.10.113-1
MEDIUM CVE-2020-12363 kernel: Improper input validation in some Intel(R) Graphics Drivers linux-libc-dev 5.10.113-1
MEDIUM CVE-2020-12364 kernel: Null pointer dereference in some Intel(R) Graphics Drivers linux-libc-dev 5.10.113-1
MEDIUM CVE-2020-14304 kernel: ethtool when reading eeprom of device could lead to memory leak linux-libc-dev 5.10.113-1
MEDIUM CVE-2020-15802 hardware: BLURtooth: "Dual mode" hardware using CTKD are vulnerable to key overwrite linux-libc-dev 5.10.113-1
MEDIUM CVE-2020-24504 kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers linux-libc-dev 5.10.113-1
MEDIUM CVE-2020-26555 kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack linux-libc-dev 5.10.113-1
MEDIUM CVE-2020-36516 kernel: an off-path attacker may inject data or terminate a victim's TCP session linux-libc-dev 5.10.113-1
MEDIUM CVE-2021-33061 kernel: insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapter linux-libc-dev 5.10.113-1
MEDIUM CVE-2021-3669 kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts linux-libc-dev 5.10.113-1
MEDIUM CVE-2021-3714 kernel: Remote Page Deduplication Attacks linux-libc-dev 5.10.113-1
MEDIUM CVE-2021-3759 kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks linux-libc-dev 5.10.113-1
MEDIUM CVE-2021-4023 kernel: Improper IO-uring request cancellation operation allows local users to cause a crash linux-libc-dev 5.10.113-1
MEDIUM CVE-2021-4037 kernel: security regression for CVE-2018-13405 linux-libc-dev 5.10.113-1
MEDIUM CVE-2021-4149 kernel: Improper lock operation in btrfs linux-libc-dev 5.10.113-1
MEDIUM CVE-2021-44879 kernel: NULL pointer dereference in folio_mark_dirty() via a crafted f2fs image linux-libc-dev 5.10.113-1
MEDIUM CVE-2022-0171 kernel: KVM: cache incoherence issue in SEV API may lead to kernel crash linux-libc-dev 5.10.113-1
MEDIUM CVE-2022-0400 kernel: Out of bounds read in the smc protocol stack linux-libc-dev 5.10.113-1
MEDIUM CVE-2022-0480 kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion linux-libc-dev 5.10.113-1
MEDIUM CVE-2022-0494 kernel: information leak in scsi_ioctl() linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-0854 kernel: swiotlb information leak with DMA_FROM_DEVICE linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-1184 kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image linux-libc-dev 5.10.113-1
MEDIUM CVE-2022-1280 kernel: concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources linux-libc-dev 5.10.113-1
MEDIUM CVE-2022-1462 kernel: possible race condition in drivers/tty/tty_buffers.c linux-libc-dev 5.10.113-1
MEDIUM CVE-2022-1508 kernel: out-of-bounds read in iov_iter_revert() in lib/iov_iter.c linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-1729 kernel: race condition in perf_event_open leads to privilege escalation linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-1789 kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-1852 kernel: NULL pointer dereference in x86_emulate_insn may lead to DoS linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-1972 kernel: out-of-bounds write vulnerability in nftable may lead to local privilege escalation linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-1974 kernel: use-after-free in /net/nfc/core.c causes kernel crash by simulating nfc device from user-spa linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-1975 kernel: sleep in atomic bug when firmware download timeout linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-2078 kernel: Vulnerability of buffer overflow in nft_set_desc_concat_parse() linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-21499 kernel: possible to use the debugger to write zero into a location of choice linux-libc-dev 5.10.113-1 5.10.120-1
MEDIUM CVE-2022-2068 openssl: the c_rehash script allows command injection openssl 1.1.1n-0+deb11u2
MEDIUM CVE-2022-33987 The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allow ... got 6.7.1 11.8.5, 12.1.0
LOW CVE-2001-1534 mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... apache2 2.4.53-1~deb11u1
LOW CVE-2003-1307 apache2 2.4.53-1~deb11u1
LOW CVE-2003-1580 The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... apache2 2.4.53-1~deb11u1
LOW CVE-2003-1581 httpd: Injection of arbitrary text into log files when DNS resolution is enabled apache2 2.4.53-1~deb11u1
LOW CVE-2007-0086 CVE-2007-0086 affecting package httpd 2.4.46 apache2 2.4.53-1~deb11u1
LOW CVE-2007-1743 suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... apache2 2.4.53-1~deb11u1
LOW CVE-2007-3303 Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... apache2 2.4.53-1~deb11u1
LOW CVE-2008-0456 httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enable apache2 2.4.53-1~deb11u1
LOW CVE-2001-1534 mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... apache2-bin 2.4.53-1~deb11u1
LOW CVE-2003-1307 apache2-bin 2.4.53-1~deb11u1
LOW CVE-2003-1580 The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... apache2-bin 2.4.53-1~deb11u1
LOW CVE-2003-1581 httpd: Injection of arbitrary text into log files when DNS resolution is enabled apache2-bin 2.4.53-1~deb11u1
LOW CVE-2007-0086 CVE-2007-0086 affecting package httpd 2.4.46 apache2-bin 2.4.53-1~deb11u1
LOW CVE-2007-1743 suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... apache2-bin 2.4.53-1~deb11u1
LOW CVE-2007-3303 Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... apache2-bin 2.4.53-1~deb11u1
LOW CVE-2008-0456 httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enable apache2-bin 2.4.53-1~deb11u1
LOW CVE-2001-1534 mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... apache2-data 2.4.53-1~deb11u1
LOW CVE-2003-1307 apache2-data 2.4.53-1~deb11u1
LOW CVE-2003-1580 The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... apache2-data 2.4.53-1~deb11u1
LOW CVE-2003-1581 httpd: Injection of arbitrary text into log files when DNS resolution is enabled apache2-data 2.4.53-1~deb11u1
LOW CVE-2007-0086 CVE-2007-0086 affecting package httpd 2.4.46 apache2-data 2.4.53-1~deb11u1
LOW CVE-2007-1743 suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... apache2-data 2.4.53-1~deb11u1
LOW CVE-2007-3303 Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... apache2-data 2.4.53-1~deb11u1
LOW CVE-2008-0456 httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enable apache2-data 2.4.53-1~deb11u1
LOW CVE-2001-1534 mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... apache2-utils 2.4.53-1~deb11u1
LOW CVE-2003-1307 apache2-utils 2.4.53-1~deb11u1
LOW CVE-2003-1580 The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... apache2-utils 2.4.53-1~deb11u1
LOW CVE-2003-1581 httpd: Injection of arbitrary text into log files when DNS resolution is enabled apache2-utils 2.4.53-1~deb11u1
LOW CVE-2007-0086 CVE-2007-0086 affecting package httpd 2.4.46 apache2-utils 2.4.53-1~deb11u1
LOW CVE-2007-1743 suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... apache2-utils 2.4.53-1~deb11u1
LOW CVE-2007-3303 Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... apache2-utils 2.4.53-1~deb11u1
LOW CVE-2008-0456 httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enable apache2-utils 2.4.53-1~deb11u1
LOW CVE-2011-3374 It was found that apt-key in apt, all versions, do not correctly valid ... apt 2.2.4
LOW CVE-2017-13716 binutils: Memory leak with the C++ symbol demangler routine in libiberty binutils 2.35.2-2
LOW CVE-2018-12934 binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c binutils 2.35.2-2
LOW CVE-2018-18483 binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service binutils 2.35.2-2
LOW CVE-2018-20623 binutils: Use-after-free in the error function binutils 2.35.2-2
LOW CVE-2018-20673 libiberty: Integer overflow in demangle_template() function binutils 2.35.2-2
LOW CVE-2018-20712 libiberty: heap-based buffer over-read in d_expression_1 binutils 2.35.2-2
LOW CVE-2018-9996 binutils: Stack-overflow in libiberty/cplus-dem.c causes crash binutils 2.35.2-2
LOW CVE-2019-1010204 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread binutils 2.35.2-2
LOW CVE-2020-35448 binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v binutils 2.35.2-2
LOW CVE-2021-20197 binutils: Race window allows users to own arbitrary files binutils 2.35.2-2
LOW CVE-2021-20284 binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c binutils 2.35.2-2
LOW CVE-2021-3487 binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read binutils 2.35.2-2
LOW CVE-2021-3530 binutils: stack memory exhaustion in demangle_path() in rust-demangle.c binutils 2.35.2-2
LOW CVE-2021-3549 binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para binutils 2.35.2-2
LOW CVE-2021-45078 binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c binutils 2.35.2-2
LOW CVE-2021-46195 gcc: uncontrolled recursion in libiberty/rust-demangle.c binutils 2.35.2-2
LOW CVE-2017-13716 binutils: Memory leak with the C++ symbol demangler routine in libiberty binutils-common 2.35.2-2
LOW CVE-2018-12934 binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c binutils-common 2.35.2-2
LOW CVE-2018-18483 binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service binutils-common 2.35.2-2
LOW CVE-2018-20623 binutils: Use-after-free in the error function binutils-common 2.35.2-2
LOW CVE-2018-20673 libiberty: Integer overflow in demangle_template() function binutils-common 2.35.2-2
LOW CVE-2018-20712 libiberty: heap-based buffer over-read in d_expression_1 binutils-common 2.35.2-2
LOW CVE-2018-9996 binutils: Stack-overflow in libiberty/cplus-dem.c causes crash binutils-common 2.35.2-2
LOW CVE-2019-1010204 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread binutils-common 2.35.2-2
LOW CVE-2020-35448 binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v binutils-common 2.35.2-2
LOW CVE-2021-20197 binutils: Race window allows users to own arbitrary files binutils-common 2.35.2-2
LOW CVE-2021-20284 binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c binutils-common 2.35.2-2
LOW CVE-2021-3487 binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read binutils-common 2.35.2-2
LOW CVE-2021-3530 binutils: stack memory exhaustion in demangle_path() in rust-demangle.c binutils-common 2.35.2-2
LOW CVE-2021-3549 binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para binutils-common 2.35.2-2
LOW CVE-2021-45078 binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c binutils-common 2.35.2-2
LOW CVE-2021-46195 gcc: uncontrolled recursion in libiberty/rust-demangle.c binutils-common 2.35.2-2
LOW CVE-2017-13716 binutils: Memory leak with the C++ symbol demangler routine in libiberty binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2018-12934 binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2018-18483 binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2018-20623 binutils: Use-after-free in the error function binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2018-20673 libiberty: Integer overflow in demangle_template() function binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2018-20712 libiberty: heap-based buffer over-read in d_expression_1 binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2018-9996 binutils: Stack-overflow in libiberty/cplus-dem.c causes crash binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2019-1010204 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2020-35448 binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2021-20197 binutils: Race window allows users to own arbitrary files binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2021-20284 binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2021-3487 binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2021-3530 binutils: stack memory exhaustion in demangle_path() in rust-demangle.c binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2021-3549 binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2021-45078 binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2021-46195 gcc: uncontrolled recursion in libiberty/rust-demangle.c binutils-x86-64-linux-gnu 2.35.2-2
LOW CVE-2022-0563 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline bsdutils 2.36.1-8+deb11u1
LOW CVE-2016-2781 coreutils: Non-privileged session can escape to the parent session in chroot coreutils 8.32-4
LOW CVE-2017-18018 coreutils: race condition vulnerability in chown and chgrp coreutils 8.32-4
LOW CVE-2021-22898 curl: TELNET stack contents disclosure curl 7.74.0-1.3+deb11u1
LOW CVE-2021-22922 curl: Content not matching hash in Metalink is not being discarded curl 7.74.0-1.3+deb11u1
LOW CVE-2021-22923 curl: Metalink download sends credentials curl 7.74.0-1.3+deb11u1
LOW CVE-2021-22924 curl: Bad connection reuse due to flawed path name checks curl 7.74.0-1.3+deb11u1
LOW CVE-2011-3374 It was found that apt-key in apt, all versions, do not correctly valid ... libapt-pkg6.0 2.2.4
LOW CVE-2017-13716 binutils: Memory leak with the C++ symbol demangler routine in libiberty libbinutils 2.35.2-2
LOW CVE-2018-12934 binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c libbinutils 2.35.2-2
LOW CVE-2018-18483 binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service libbinutils 2.35.2-2
LOW CVE-2018-20623 binutils: Use-after-free in the error function libbinutils 2.35.2-2
LOW CVE-2018-20673 libiberty: Integer overflow in demangle_template() function libbinutils 2.35.2-2
LOW CVE-2018-20712 libiberty: heap-based buffer over-read in d_expression_1 libbinutils 2.35.2-2
LOW CVE-2018-9996 binutils: Stack-overflow in libiberty/cplus-dem.c causes crash libbinutils 2.35.2-2
LOW CVE-2019-1010204 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread libbinutils 2.35.2-2
LOW CVE-2020-35448 binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v libbinutils 2.35.2-2
LOW CVE-2021-20197 binutils: Race window allows users to own arbitrary files libbinutils 2.35.2-2
LOW CVE-2021-20284 binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c libbinutils 2.35.2-2
LOW CVE-2021-3487 binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read libbinutils 2.35.2-2
LOW CVE-2021-3530 binutils: stack memory exhaustion in demangle_path() in rust-demangle.c libbinutils 2.35.2-2
LOW CVE-2021-3549 binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para libbinutils 2.35.2-2
LOW CVE-2021-45078 binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c libbinutils 2.35.2-2
LOW CVE-2021-46195 gcc: uncontrolled recursion in libiberty/rust-demangle.c libbinutils 2.35.2-2
LOW CVE-2022-0563 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline libblkid1 2.36.1-8+deb11u1
LOW CVE-2010-4756 glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres libc-bin 2.31-13+deb11u3
LOW CVE-2018-20796 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c libc-bin 2.31-13+deb11u3
LOW CVE-2019-1010022 glibc: stack guard protection bypass libc-bin 2.31-13+deb11u3
LOW CVE-2019-1010023 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation libc-bin 2.31-13+deb11u3
LOW CVE-2019-1010024 glibc: ASLR bypass using cache of thread stack and heap libc-bin 2.31-13+deb11u3
LOW CVE-2019-1010025 glibc: information disclosure of heap addresses of pthread_created thread libc-bin 2.31-13+deb11u3
LOW CVE-2019-9192 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c libc-bin 2.31-13+deb11u3
LOW CVE-2010-4756 glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres libc-dev-bin 2.31-13+deb11u3
LOW CVE-2018-20796 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c libc-dev-bin 2.31-13+deb11u3
LOW CVE-2019-1010022 glibc: stack guard protection bypass libc-dev-bin 2.31-13+deb11u3
LOW CVE-2019-1010023 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation libc-dev-bin 2.31-13+deb11u3
LOW CVE-2019-1010024 glibc: ASLR bypass using cache of thread stack and heap libc-dev-bin 2.31-13+deb11u3
LOW CVE-2019-1010025 glibc: information disclosure of heap addresses of pthread_created thread libc-dev-bin 2.31-13+deb11u3
LOW CVE-2019-9192 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c libc-dev-bin 2.31-13+deb11u3
LOW CVE-2010-4756 glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres libc6 2.31-13+deb11u3
LOW CVE-2018-20796 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c libc6 2.31-13+deb11u3
LOW CVE-2019-1010022 glibc: stack guard protection bypass libc6 2.31-13+deb11u3
LOW CVE-2019-1010023 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation libc6 2.31-13+deb11u3
LOW CVE-2019-1010024 glibc: ASLR bypass using cache of thread stack and heap libc6 2.31-13+deb11u3
LOW CVE-2019-1010025 glibc: information disclosure of heap addresses of pthread_created thread libc6 2.31-13+deb11u3
LOW CVE-2019-9192 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c libc6 2.31-13+deb11u3
LOW CVE-2010-4756 glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres libc6-dev 2.31-13+deb11u3
LOW CVE-2018-20796 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c libc6-dev 2.31-13+deb11u3
LOW CVE-2019-1010022 glibc: stack guard protection bypass libc6-dev 2.31-13+deb11u3
LOW CVE-2019-1010023 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation libc6-dev 2.31-13+deb11u3
LOW CVE-2019-1010024 glibc: ASLR bypass using cache of thread stack and heap libc6-dev 2.31-13+deb11u3
LOW CVE-2019-1010025 glibc: information disclosure of heap addresses of pthread_created thread libc6-dev 2.31-13+deb11u3
LOW CVE-2019-9192 glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c libc6-dev 2.31-13+deb11u3
LOW CVE-2017-13716 binutils: Memory leak with the C++ symbol demangler routine in libiberty libctf-nobfd0 2.35.2-2
LOW CVE-2018-12934 binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c libctf-nobfd0 2.35.2-2
LOW CVE-2018-18483 binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service libctf-nobfd0 2.35.2-2
LOW CVE-2018-20623 binutils: Use-after-free in the error function libctf-nobfd0 2.35.2-2
LOW CVE-2018-20673 libiberty: Integer overflow in demangle_template() function libctf-nobfd0 2.35.2-2
LOW CVE-2018-20712 libiberty: heap-based buffer over-read in d_expression_1 libctf-nobfd0 2.35.2-2
LOW CVE-2018-9996 binutils: Stack-overflow in libiberty/cplus-dem.c causes crash libctf-nobfd0 2.35.2-2
LOW CVE-2019-1010204 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread libctf-nobfd0 2.35.2-2
LOW CVE-2020-35448 binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v libctf-nobfd0 2.35.2-2
LOW CVE-2021-20197 binutils: Race window allows users to own arbitrary files libctf-nobfd0 2.35.2-2
LOW CVE-2021-20284 binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c libctf-nobfd0 2.35.2-2
LOW CVE-2021-3487 binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read libctf-nobfd0 2.35.2-2
LOW CVE-2021-3530 binutils: stack memory exhaustion in demangle_path() in rust-demangle.c libctf-nobfd0 2.35.2-2
LOW CVE-2021-3549 binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para libctf-nobfd0 2.35.2-2
LOW CVE-2021-45078 binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c libctf-nobfd0 2.35.2-2
LOW CVE-2021-46195 gcc: uncontrolled recursion in libiberty/rust-demangle.c libctf-nobfd0 2.35.2-2
LOW CVE-2017-13716 binutils: Memory leak with the C++ symbol demangler routine in libiberty libctf0 2.35.2-2
LOW CVE-2018-12934 binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c libctf0 2.35.2-2
LOW CVE-2018-18483 binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service libctf0 2.35.2-2
LOW CVE-2018-20623 binutils: Use-after-free in the error function libctf0 2.35.2-2
LOW CVE-2018-20673 libiberty: Integer overflow in demangle_template() function libctf0 2.35.2-2
LOW CVE-2018-20712 libiberty: heap-based buffer over-read in d_expression_1 libctf0 2.35.2-2
LOW CVE-2018-9996 binutils: Stack-overflow in libiberty/cplus-dem.c causes crash libctf0 2.35.2-2
LOW CVE-2019-1010204 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread libctf0 2.35.2-2
LOW CVE-2020-35448 binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not v libctf0 2.35.2-2
LOW CVE-2021-20197 binutils: Race window allows users to own arbitrary files libctf0 2.35.2-2
LOW CVE-2021-20284 binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c libctf0 2.35.2-2
LOW CVE-2021-3487 binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read libctf0 2.35.2-2
LOW CVE-2021-3530 binutils: stack memory exhaustion in demangle_path() in rust-demangle.c libctf0 2.35.2-2
LOW CVE-2021-3549 binutils: heap-based buffer overflow in avr_elf32_load_records_from_section() via large section para libctf0 2.35.2-2
LOW CVE-2021-45078 binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c libctf0 2.35.2-2
LOW CVE-2021-46195 gcc: uncontrolled recursion in libiberty/rust-demangle.c libctf0 2.35.2-2
LOW CVE-2021-22898 curl: TELNET stack contents disclosure libcurl4 7.74.0-1.3+deb11u1
LOW CVE-2021-22922 curl: Content not matching hash in Metalink is not being discarded libcurl4 7.74.0-1.3+deb11u1
LOW CVE-2021-22923 curl: Metalink download sends credentials libcurl4 7.74.0-1.3+deb11u1
LOW CVE-2021-22924 curl: Bad connection reuse due to flawed path name checks libcurl4 7.74.0-1.3+deb11u1
LOW CVE-2013-0340 expat: internal entity expansion libexpat1 2.2.10-2+deb11u3
LOW CVE-2018-6829 libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintex libgcrypt20 1.8.7-6
LOW CVE-2012-0039 glib2: hash table collisions CPU usage DoS libglib2.0-0 2.66.8-1
LOW CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) libgnutls30 3.7.1-5
LOW CVE-2004-0971 security flaw libgssapi-krb5-2 1.18.3-6+deb11u1
LOW CVE-2018-5709 krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c libgssapi-krb5-2 1.18.3-6+deb11u1
LOW CVE-2020-36325 jansson: out-of-bounds read in json_loads() due to a parsing error libjansson4 2.13.1-1.1
LOW CVE-2004-0971 security flaw libk5crypto3 1.18.3-6+deb11u1
LOW CVE-2018-5709 krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c libk5crypto3 1.18.3-6+deb11u1
LOW CVE-2004-0971 security flaw libkrb5-3 1.18.3-6+deb11u1
LOW CVE-2018-5709 krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c libkrb5-3 1.18.3-6+deb11u1
LOW CVE-2004-0971 security flaw libkrb5support0 1.18.3-6+deb11u1
LOW CVE-2018-5709 krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c libkrb5support0 1.18.3-6+deb11u1
LOW CVE-2015-3276 openldap: incorrect multi-keyword mode cipherstring parsing libldap-2.4-2 2.4.57+dfsg-3+deb11u1
LOW CVE-2017-14159 openldap: Privilege escalation via PID file manipulation libldap-2.4-2 2.4.57+dfsg-3+deb11u1
LOW CVE-2017-17740 openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers libldap-2.4-2 2.4.57+dfsg-3+deb11u1
LOW CVE-2020-15719 openldap: Certificate validation incorrectly matches name against CN-ID libldap-2.4-2 2.4.57+dfsg-3+deb11u1
LOW CVE-2022-0563 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline libmount1 2.36.1-8+deb11u1
LOW CVE-2021-39537 ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c libncurses6 6.2+20201114-2
LOW CVE-2021-39537 ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c libncursesw6 6.2+20201114-2
LOW CVE-2017-11164 pcre: OP_KETRMAX feature in the match function in pcre_exec.c libpcre3 2:8.39-13
LOW CVE-2017-16231 pcre: self-recursive call in match() in pcre_exec.c leads to denial of service libpcre3 2:8.39-13
LOW CVE-2017-7245 pcre: stack-based buffer overflow write in pcre32_copy_substring libpcre3 2:8.39-13
LOW CVE-2017-7246 pcre: stack-based buffer overflow write in pcre32_copy_substring libpcre3 2:8.39-13
LOW CVE-2019-20838 pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 libpcre3 2:8.39-13
LOW CVE-2011-4116 perl: File::Temp insecure temporary file handling libperl5.32 5.32.1-4+deb11u2
LOW CVE-2021-36084 libsepol: use-after-free in __cil_verify_classperms() libsepol1 3.1-1
LOW CVE-2021-36085 libsepol: use-after-free in __cil_verify_classperms() libsepol1 3.1-1
LOW CVE-2021-36086 libsepol: use-after-free in cil_reset_classpermission() libsepol1 3.1-1
LOW CVE-2021-36087 libsepol: heap-based buffer overflow in ebitmap_match_any() libsepol1 3.1-1
LOW CVE-2022-0563 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline libsmartcols1 2.36.1-8+deb11u1
LOW CVE-2021-36690 ** DISPUTED ** A segmentation fault can occur in the sqlite3.exe comma ... libsqlite3-0 3.34.1-3
LOW CVE-2007-6755 Dual_EC_DRBG: weak pseudo random number generator libssl1.1 1.1.1n-0+deb11u2
LOW CVE-2010-0928 openssl: RSA authentication weakness libssl1.1 1.1.1n-0+deb11u2
LOW CVE-2013-4392 systemd: TOCTOU race condition when updating file permissions and SELinux security contexts libsystemd0 247.3-7
LOW CVE-2020-13529 systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t libsystemd0 247.3-7
LOW CVE-2021-39537 ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c libtinfo6 6.2+20201114-2
LOW CVE-2013-4392 systemd: TOCTOU race condition when updating file permissions and SELinux security contexts libudev1 247.3-7
LOW CVE-2020-13529 systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t libudev1 247.3-7
LOW CVE-2022-0563 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline libuuid1 2.36.1-8+deb11u1
LOW CVE-2004-0230 TCP, when using a large Window Size, makes it easier for remote attack ... linux-libc-dev 5.10.113-1
LOW CVE-2005-3660 Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ... linux-libc-dev 5.10.113-1
LOW CVE-2007-3719 kernel: secretly Monopolizing the CPU Without Superuser Privileges linux-libc-dev 5.10.113-1
LOW CVE-2008-2544 kernel: mounting proc readonly on a different mount point silently mounts it rw if the /proc mount i linux-libc-dev 5.10.113-1
LOW CVE-2008-4609 kernel: TCP protocol vulnerabilities from Outpost24 linux-libc-dev 5.10.113-1
LOW CVE-2010-4563 kernel: ipv6: sniffer detection linux-libc-dev 5.10.113-1
LOW CVE-2010-5321 kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap() linux-libc-dev 5.10.113-1
LOW CVE-2011-4915 fs/proc/base.c in the Linux kernel through 3.1 allows local users to o ... linux-libc-dev 5.10.113-1
LOW CVE-2011-4917 In the Linux kernel through 3.1 there is an information disclosure iss ... linux-libc-dev 5.10.113-1
LOW CVE-2012-4542 kernel: block: default SCSI command filter does not accomodate commands overlap across device classe linux-libc-dev 5.10.113-1
LOW CVE-2014-9892 The snd_compr_tstamp function in sound/core/compress_offload.c in the ... linux-libc-dev 5.10.113-1
LOW CVE-2014-9900 kernel: Info leak in uninitialized structure ethtool_wolinfo in ethtool_get_wol() linux-libc-dev 5.10.113-1
LOW CVE-2015-2877 Kernel: Cross-VM ASL INtrospection (CAIN) linux-libc-dev 5.10.113-1
LOW CVE-2016-10723 ** DISPUTED ** An issue was discovered in the Linux kernel through 4.1 ... linux-libc-dev 5.10.113-1
LOW CVE-2016-8660 kernel: xfs: local DoS due to a page lock order bug in the XFS seek hole/data implementation linux-libc-dev 5.10.113-1
LOW CVE-2017-0630 kernel: Information disclosure vulnerability in kernel trace subsystem linux-libc-dev 5.10.113-1
LOW CVE-2017-13693 kernel: ACPI operand cache leak in dsutils.c linux-libc-dev 5.10.113-1
LOW CVE-2017-13694 kernel: ACPI node and node_ext cache leak linux-libc-dev 5.10.113-1
LOW CVE-2018-1121 procps-ng, procps: process hiding through race condition enumerating /proc linux-libc-dev 5.10.113-1
LOW CVE-2018-12928 kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko linux-libc-dev 5.10.113-1
LOW CVE-2018-17977 kernel: Mishandled interactions among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP pack linux-libc-dev 5.10.113-1
LOW CVE-2019-11191 kernel: race condition in load_aout_binary() allows local users to bypass ASLR on setuid a.out progr linux-libc-dev 5.10.113-1
LOW CVE-2019-12378 kernel: unchecked kmalloc of new_ra in ip6_ra_control leads to denial of service linux-libc-dev 5.10.113-1
LOW CVE-2019-12379 kernel: memory leak in con_insert_unipair in drivers/tty/vt/consolemap.c linux-libc-dev 5.10.113-1
LOW CVE-2019-12380 kernel: memory allocation failure in the efi subsystem leads to denial of service linux-libc-dev 5.10.113-1
LOW CVE-2019-12381 kernel: unchecked kmalloc of new_ra in ip_ra_control leads to denial of service linux-libc-dev 5.10.113-1
LOW CVE-2019-12382 kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service linux-libc-dev 5.10.113-1
LOW CVE-2019-12455 kernel: null pointer dereference in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c causing de linux-libc-dev 5.10.113-1
LOW CVE-2019-12456 kernel: double fetch in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl. linux-libc-dev 5.10.113-1
LOW CVE-2019-16229 kernel: null pointer dereference in drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c linux-libc-dev 5.10.113-1
LOW CVE-2019-16230 kernel: null pointer dereference in drivers/gpu/drm/radeon/radeon_display.c linux-libc-dev 5.10.113-1
LOW CVE-2019-16231 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c linux-libc-dev 5.10.113-1
LOW CVE-2019-16232 kernel: null-pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c linux-libc-dev 5.10.113-1
LOW CVE-2019-16233 kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c linux-libc-dev 5.10.113-1
LOW CVE-2019-16234 kernel: null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c linux-libc-dev 5.10.113-1
LOW CVE-2019-19070 kernel: A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c allows for a DoS linux-libc-dev 5.10.113-1
LOW CVE-2020-11725 kernel: improper handling of private_size*count multiplication due to count=info->owner typo linux-libc-dev 5.10.113-1
LOW CVE-2020-35501 kernel: audit not logging access to syscall open_by_handle_at for users with CAP_DAC_READ_SEARCH cap linux-libc-dev 5.10.113-1
LOW CVE-2021-26934 An issue was discovered in the Linux kernel 4.18 through 5.10.16, as u ... linux-libc-dev 5.10.113-1
LOW CVE-2021-32078 kernel: out-of-bounds read in arch/arm/mach-footbridge/personal-pci.c due to improper input validati linux-libc-dev 5.10.113-1
LOW CVE-2022-1734 kernel: Use-After-Free in NFC driver in nfcmrvl_nci_unregister_dev when simulating NFC device from u linux-libc-dev 5.10.113-1 5.10.120-1
LOW CVE-2022-25265 kernel: Executable Space Protection Bypass linux-libc-dev 5.10.113-1
LOW CVE-2022-32296 kernel: insufficient TCP source port randomness leads to client identification linux-libc-dev 5.10.113-1
LOW CVE-2007-5686 initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... login 1:4.8.1-1
LOW CVE-2013-4235 shadow-utils: TOCTOU race conditions by copying and removing directory trees login 1:4.8.1-1
LOW CVE-2019-19882 shadow-utils: local users can obtain root access because setuid programs are misconfigured login 1:4.8.1-1
LOW CVE-2008-1687 m4: unquoted output of maketemp and mkstemp m4 1.4.18-5
LOW CVE-2008-1688 m4: code execution via -F argument m4 1.4.18-5
LOW CVE-2022-0563 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline mount 2.36.1-8+deb11u1
LOW CVE-2021-39537 ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c ncurses-base 6.2+20201114-2
LOW CVE-2021-39537 ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c ncurses-bin 6.2+20201114-2
LOW CVE-2007-6755 Dual_EC_DRBG: weak pseudo random number generator openssl 1.1.1n-0+deb11u2
LOW CVE-2010-0928 openssl: RSA authentication weakness openssl 1.1.1n-0+deb11u2
LOW CVE-2007-5686 initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... passwd 1:4.8.1-1
LOW CVE-2013-4235 shadow-utils: TOCTOU race conditions by copying and removing directory trees passwd 1:4.8.1-1
LOW CVE-2019-19882 shadow-utils: local users can obtain root access because setuid programs are misconfigured passwd 1:4.8.1-1
LOW CVE-2010-4651 patch: directory traversal flaw allows for arbitrary file creation patch 2.7.6-7
LOW CVE-2018-6951 patch: NULL pointer dereference in pch.c:intuit_diff_type() causes a crash patch 2.7.6-7
LOW CVE-2018-6952 patch: Double free of memory in pch.c:another_hunk() causes a crash patch 2.7.6-7
LOW CVE-2021-45261 patch: Invalid Pointer via another_hunk function patch 2.7.6-7
LOW CVE-2011-4116 perl: File::Temp insecure temporary file handling perl 5.32.1-4+deb11u2
LOW CVE-2011-4116 perl: File::Temp insecure temporary file handling perl-base 5.32.1-4+deb11u2
LOW CVE-2011-4116 perl: File::Temp insecure temporary file handling perl-modules-5.32 5.32.1-4+deb11u2
LOW CVE-2018-21232 re2c: uncontrolled recursion that causes stack consumption in find_fixed_tags re2c 2.0.3-1
LOW CVE-2022-23901 A stack overflow re2c 2.2 exists due to infinite recursion issues in s ... re2c 2.0.3-1
LOW CVE-2005-2541 tar: does not properly warn the user when extracting setuid or setgid files tar 1.34+dfsg-1
LOW CVE-2022-0563 util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline util-linux 2.36.1-8+deb11u1

Date: 2022-06-23