Skip to content

ghcr.io/oss-review-toolkit/ort:latest (ubuntu 22.04)

Trivy Image Scan

  • Image: ghcr.io/oss-review-toolkit/ort:latest (ubuntu 22.04)
  • Scan date: 2025-06-27

ghcr.io/oss-review-toolkit/ort:latest (ubuntu 22.04) (ubuntu)

Package Vulnerability ID Severity Installed Version Fixed Version Links
binutils CVE-2017-13716 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2017-13716 https://nvd.nist.gov/vuln/detail/CVE-2017-13716 https://sourceware.org/bugzilla/show_bug.cgi?id=22009 https://www.cve.org/CVERecord?id=CVE-2017-13716
binutils CVE-2019-1010204 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2019-1010204 https://linux.oracle.com/cve/CVE-2019-1010204.html https://linux.oracle.com/errata/ELSA-2020-1797.html https://nvd.nist.gov/vuln/detail/CVE-2019-1010204 https://security.netapp.com/advisory/ntap-20190822-0001/ https://sourceware.org/bugzilla/show_bug.cgi?id=23765 https://support.f5.com/csp/article/K05032915?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/notices/USN-5349-1 https://www.cve.org/CVERecord?id=CVE-2019-1010204
binutils CVE-2022-27943 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
binutils CVE-2022-48064 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2022-48064 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XKYUAIORNQ32IZUOZFURECZKEXOHX7Z/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KGSKF4GH7425S6XFDQMWTJGD5U47BAZN/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSUNHSOWWLLNGHRM5TUBNCJHEYHPDX2M/ https://nvd.nist.gov/vuln/detail/CVE-2022-48064 https://security.netapp.com/advisory/ntap-20231006-0008/ https://sourceware.org/bugzilla/show_bug.cgi?id=29922 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=8f2c64de86bc3d7556121fe296dd679000283931 https://www.cve.org/CVERecord?id=CVE-2022-48064
binutils-common CVE-2017-13716 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2017-13716 https://nvd.nist.gov/vuln/detail/CVE-2017-13716 https://sourceware.org/bugzilla/show_bug.cgi?id=22009 https://www.cve.org/CVERecord?id=CVE-2017-13716
binutils-common CVE-2019-1010204 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2019-1010204 https://linux.oracle.com/cve/CVE-2019-1010204.html https://linux.oracle.com/errata/ELSA-2020-1797.html https://nvd.nist.gov/vuln/detail/CVE-2019-1010204 https://security.netapp.com/advisory/ntap-20190822-0001/ https://sourceware.org/bugzilla/show_bug.cgi?id=23765 https://support.f5.com/csp/article/K05032915?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/notices/USN-5349-1 https://www.cve.org/CVERecord?id=CVE-2019-1010204
binutils-common CVE-2022-27943 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
binutils-common CVE-2022-48064 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2022-48064 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XKYUAIORNQ32IZUOZFURECZKEXOHX7Z/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KGSKF4GH7425S6XFDQMWTJGD5U47BAZN/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSUNHSOWWLLNGHRM5TUBNCJHEYHPDX2M/ https://nvd.nist.gov/vuln/detail/CVE-2022-48064 https://security.netapp.com/advisory/ntap-20231006-0008/ https://sourceware.org/bugzilla/show_bug.cgi?id=29922 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=8f2c64de86bc3d7556121fe296dd679000283931 https://www.cve.org/CVERecord?id=CVE-2022-48064
binutils-x86-64-linux-gnu CVE-2017-13716 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2017-13716 https://nvd.nist.gov/vuln/detail/CVE-2017-13716 https://sourceware.org/bugzilla/show_bug.cgi?id=22009 https://www.cve.org/CVERecord?id=CVE-2017-13716
binutils-x86-64-linux-gnu CVE-2019-1010204 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2019-1010204 https://linux.oracle.com/cve/CVE-2019-1010204.html https://linux.oracle.com/errata/ELSA-2020-1797.html https://nvd.nist.gov/vuln/detail/CVE-2019-1010204 https://security.netapp.com/advisory/ntap-20190822-0001/ https://sourceware.org/bugzilla/show_bug.cgi?id=23765 https://support.f5.com/csp/article/K05032915?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/notices/USN-5349-1 https://www.cve.org/CVERecord?id=CVE-2019-1010204
binutils-x86-64-linux-gnu CVE-2022-27943 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
binutils-x86-64-linux-gnu CVE-2022-48064 LOW 2.38-4ubuntu2.8 no fix available https://access.redhat.com/security/cve/CVE-2022-48064 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XKYUAIORNQ32IZUOZFURECZKEXOHX7Z/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KGSKF4GH7425S6XFDQMWTJGD5U47BAZN/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSUNHSOWWLLNGHRM5TUBNCJHEYHPDX2M/ https://nvd.nist.gov/vuln/detail/CVE-2022-48064 https://security.netapp.com/advisory/ntap-20231006-0008/ https://sourceware.org/bugzilla/show_bug.cgi?id=29922 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=8f2c64de86bc3d7556121fe296dd679000283931 https://www.cve.org/CVERecord?id=CVE-2022-48064
coreutils CVE-2016-2781 LOW 8.32-4.1ubuntu1.2 no fix available http://seclists.org/oss-sec/2016/q1/452 http://www.openwall.com/lists/oss-security/2016/02/28/2 http://www.openwall.com/lists/oss-security/2016/02/28/3 https://access.redhat.com/security/cve/CVE-2016-2781 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://lore.kernel.org/patchwork/patch/793178/ https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.28/v2.28-ReleaseNotes https://nvd.nist.gov/vuln/detail/CVE-2016-2781 https://www.cve.org/CVERecord?id=CVE-2016-2781
cpp-11 CVE-2021-3826 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/errata/RHSA-2023:6372 https://access.redhat.com/security/cve/CVE-2021-3826 https://bugzilla.redhat.com/2122627 https://errata.almalinux.org/9/ALSA-2023-6372.html https://gcc.gnu.org/git/?p=gcc.git%3Ba=commit%3Bh=5481040197402be6dfee265bd2ff5a4c88e30505 https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=5481040197402be6dfee265bd2ff5a4c88e30505 https://gcc.gnu.org/pipermail/gcc-patches/2021-September/579987 https://linux.oracle.com/cve/CVE-2021-3826.html https://linux.oracle.com/errata/ELSA-2023-6372.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4MYLS3VR4OPL5ECRWOR4ZHMGXUSCJFZY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXFC74WRZ2Q7F2TSUKPYNIL7ZPBWYI6L/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2021-3826 https://www.cve.org/CVERecord?id=CVE-2021-3826
cpp-11 CVE-2021-46195 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/errata/RHSA-2022:8415 https://access.redhat.com/security/cve/CVE-2021-46195 https://bugzilla.redhat.com/2046300 https://errata.almalinux.org/9/ALSA-2022-8415.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103841 https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=f10bec5ffa487ad3033ed5f38cfd0fc7d696deab https://linux.oracle.com/cve/CVE-2021-46195.html https://linux.oracle.com/errata/ELSA-2022-8415.html https://nvd.nist.gov/vuln/detail/CVE-2021-46195 https://www.cve.org/CVERecord?id=CVE-2021-46195
cpp-11 CVE-2022-27943 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
cpp-11 CVE-2023-4039 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/security/cve/CVE-2023-4039 https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org https://linux.oracle.com/cve/CVE-2023-4039.html https://linux.oracle.com/errata/ELSA-2023-28766.html https://nvd.nist.gov/vuln/detail/CVE-2023-4039 https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html https://www.cve.org/CVERecord?id=CVE-2023-4039
curl CVE-2025-0167 LOW 7.81.0-1ubuntu1.20 no fix available https://curl.se/docs/CVE-2025-0167.html https://curl.se/docs/CVE-2025-0167.json https://hackerone.com/reports/2917232 https://nvd.nist.gov/vuln/detail/CVE-2025-0167 https://security.netapp.com/advisory/ntap-20250306-0008/ https://www.cve.org/CVERecord?id=CVE-2025-0167
dbus CVE-2023-34969 LOW 1.12.20-2ubuntu4.1 no fix available https://access.redhat.com/errata/RHSA-2023:4569 https://access.redhat.com/security/cve/CVE-2023-34969 https://bugzilla.redhat.com/2213166 https://bugzilla.redhat.com/show_bug.cgi?id=2213166 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34969 https://errata.almalinux.org/9/ALSA-2023-4569.html https://errata.rockylinux.org/RLSA-2023:4569 https://gitlab.freedesktop.org/dbus/dbus/-/issues/457 https://linux.oracle.com/cve/CVE-2023-34969.html https://linux.oracle.com/errata/ELSA-2023-4569.html https://lists.debian.org/debian-lts-announce/2023/10/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZYCDRMD7B4XO4HF6C6YTLH4YUD7TANP/ https://nvd.nist.gov/vuln/detail/CVE-2023-34969 https://security.netapp.com/advisory/ntap-20231208-0007/ https://ubuntu.com/security/notices/USN-6372-1 https://www.cve.org/CVERecord?id=CVE-2023-34969
dirmngr CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
g++-11 CVE-2021-3826 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/errata/RHSA-2023:6372 https://access.redhat.com/security/cve/CVE-2021-3826 https://bugzilla.redhat.com/2122627 https://errata.almalinux.org/9/ALSA-2023-6372.html https://gcc.gnu.org/git/?p=gcc.git%3Ba=commit%3Bh=5481040197402be6dfee265bd2ff5a4c88e30505 https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=5481040197402be6dfee265bd2ff5a4c88e30505 https://gcc.gnu.org/pipermail/gcc-patches/2021-September/579987 https://linux.oracle.com/cve/CVE-2021-3826.html https://linux.oracle.com/errata/ELSA-2023-6372.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4MYLS3VR4OPL5ECRWOR4ZHMGXUSCJFZY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXFC74WRZ2Q7F2TSUKPYNIL7ZPBWYI6L/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2021-3826 https://www.cve.org/CVERecord?id=CVE-2021-3826
g++-11 CVE-2021-46195 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/errata/RHSA-2022:8415 https://access.redhat.com/security/cve/CVE-2021-46195 https://bugzilla.redhat.com/2046300 https://errata.almalinux.org/9/ALSA-2022-8415.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103841 https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=f10bec5ffa487ad3033ed5f38cfd0fc7d696deab https://linux.oracle.com/cve/CVE-2021-46195.html https://linux.oracle.com/errata/ELSA-2022-8415.html https://nvd.nist.gov/vuln/detail/CVE-2021-46195 https://www.cve.org/CVERecord?id=CVE-2021-46195
g++-11 CVE-2022-27943 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
g++-11 CVE-2023-4039 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/security/cve/CVE-2023-4039 https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org https://linux.oracle.com/cve/CVE-2023-4039.html https://linux.oracle.com/errata/ELSA-2023-28766.html https://nvd.nist.gov/vuln/detail/CVE-2023-4039 https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html https://www.cve.org/CVERecord?id=CVE-2023-4039
gcc-11 CVE-2021-3826 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/errata/RHSA-2023:6372 https://access.redhat.com/security/cve/CVE-2021-3826 https://bugzilla.redhat.com/2122627 https://errata.almalinux.org/9/ALSA-2023-6372.html https://gcc.gnu.org/git/?p=gcc.git%3Ba=commit%3Bh=5481040197402be6dfee265bd2ff5a4c88e30505 https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=5481040197402be6dfee265bd2ff5a4c88e30505 https://gcc.gnu.org/pipermail/gcc-patches/2021-September/579987 https://linux.oracle.com/cve/CVE-2021-3826.html https://linux.oracle.com/errata/ELSA-2023-6372.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4MYLS3VR4OPL5ECRWOR4ZHMGXUSCJFZY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXFC74WRZ2Q7F2TSUKPYNIL7ZPBWYI6L/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2021-3826 https://www.cve.org/CVERecord?id=CVE-2021-3826
gcc-11 CVE-2021-46195 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/errata/RHSA-2022:8415 https://access.redhat.com/security/cve/CVE-2021-46195 https://bugzilla.redhat.com/2046300 https://errata.almalinux.org/9/ALSA-2022-8415.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103841 https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=f10bec5ffa487ad3033ed5f38cfd0fc7d696deab https://linux.oracle.com/cve/CVE-2021-46195.html https://linux.oracle.com/errata/ELSA-2022-8415.html https://nvd.nist.gov/vuln/detail/CVE-2021-46195 https://www.cve.org/CVERecord?id=CVE-2021-46195
gcc-11 CVE-2022-27943 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
gcc-11 CVE-2023-4039 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/security/cve/CVE-2023-4039 https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org https://linux.oracle.com/cve/CVE-2023-4039.html https://linux.oracle.com/errata/ELSA-2023-28766.html https://nvd.nist.gov/vuln/detail/CVE-2023-4039 https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html https://www.cve.org/CVERecord?id=CVE-2023-4039
gcc-11-base CVE-2021-3826 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/errata/RHSA-2023:6372 https://access.redhat.com/security/cve/CVE-2021-3826 https://bugzilla.redhat.com/2122627 https://errata.almalinux.org/9/ALSA-2023-6372.html https://gcc.gnu.org/git/?p=gcc.git%3Ba=commit%3Bh=5481040197402be6dfee265bd2ff5a4c88e30505 https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=5481040197402be6dfee265bd2ff5a4c88e30505 https://gcc.gnu.org/pipermail/gcc-patches/2021-September/579987 https://linux.oracle.com/cve/CVE-2021-3826.html https://linux.oracle.com/errata/ELSA-2023-6372.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4MYLS3VR4OPL5ECRWOR4ZHMGXUSCJFZY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXFC74WRZ2Q7F2TSUKPYNIL7ZPBWYI6L/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2021-3826 https://www.cve.org/CVERecord?id=CVE-2021-3826
gcc-11-base CVE-2021-46195 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/errata/RHSA-2022:8415 https://access.redhat.com/security/cve/CVE-2021-46195 https://bugzilla.redhat.com/2046300 https://errata.almalinux.org/9/ALSA-2022-8415.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103841 https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=f10bec5ffa487ad3033ed5f38cfd0fc7d696deab https://linux.oracle.com/cve/CVE-2021-46195.html https://linux.oracle.com/errata/ELSA-2022-8415.html https://nvd.nist.gov/vuln/detail/CVE-2021-46195 https://www.cve.org/CVERecord?id=CVE-2021-46195
gcc-11-base CVE-2022-27943 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
gcc-11-base CVE-2023-4039 LOW 11.4.0-1ubuntu1~22.04 no fix available https://access.redhat.com/security/cve/CVE-2023-4039 https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org https://linux.oracle.com/cve/CVE-2023-4039.html https://linux.oracle.com/errata/ELSA-2023-28766.html https://nvd.nist.gov/vuln/detail/CVE-2023-4039 https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html https://www.cve.org/CVERecord?id=CVE-2023-4039
gcc-12-base CVE-2022-27943 LOW 12.3.0-1ubuntu1~22.04 no fix available https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
gcc-12-base CVE-2023-4039 LOW 12.3.0-1ubuntu1~22.04 no fix available https://access.redhat.com/security/cve/CVE-2023-4039 https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org https://linux.oracle.com/cve/CVE-2023-4039.html https://linux.oracle.com/errata/ELSA-2023-28766.html https://nvd.nist.gov/vuln/detail/CVE-2023-4039 https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html https://www.cve.org/CVERecord?id=CVE-2023-4039
git CVE-2024-52005 MEDIUM 1:2.34.1-1ubuntu1.12 no fix available https://access.redhat.com/errata/RHSA-2025:7409 https://access.redhat.com/security/cve/CVE-2024-52005 https://bugzilla.redhat.com/2338289 https://errata.almalinux.org/9/ALSA-2025-7409.html https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329 https://linux.oracle.com/cve/CVE-2024-52005.html https://linux.oracle.com/errata/ELSA-2025-8414.html https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net https://lore.kernel.org/git/8570a129-d66a-465a-905e-0a077c69c409@gmail.com/T/#t https://nvd.nist.gov/vuln/detail/CVE-2024-52005 https://www.cve.org/CVERecord?id=CVE-2024-52005
git-man CVE-2024-52005 MEDIUM 1:2.34.1-1ubuntu1.12 no fix available https://access.redhat.com/errata/RHSA-2025:7409 https://access.redhat.com/security/cve/CVE-2024-52005 https://bugzilla.redhat.com/2338289 https://errata.almalinux.org/9/ALSA-2025-7409.html https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329 https://linux.oracle.com/cve/CVE-2024-52005.html https://linux.oracle.com/errata/ELSA-2025-8414.html https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net https://lore.kernel.org/git/8570a129-d66a-465a-905e-0a077c69c409@gmail.com/T/#t https://nvd.nist.gov/vuln/detail/CVE-2024-52005 https://www.cve.org/CVERecord?id=CVE-2024-52005
gnupg CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gnupg-l10n CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gnupg-utils CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gnupg2 CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gpg CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gpg-agent CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gpg-wks-client CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gpg-wks-server CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gpgconf CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gpgsm CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gpgv CVE-2022-3219 LOW 2.2.27-3ubuntu2.3 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
libarchive-tools CVE-2025-5914 MEDIUM 3.6.0-1ubuntu1.4 3.6.0-1ubuntu1.5 https://access.redhat.com/security/cve/CVE-2025-5914 https://bugzilla.redhat.com/show_bug.cgi?id=2370861 https://github.com/libarchive/libarchive/pull/2598 https://github.com/libarchive/libarchive/pull/2598/commits/196029dd0a17cd17c916eada9085839032b76ec9 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://nvd.nist.gov/vuln/detail/CVE-2025-5914 https://ubuntu.com/security/notices/USN-7601-1 https://www.cve.org/CVERecord?id=CVE-2025-5914
libarchive-tools CVE-2025-5915 MEDIUM 3.6.0-1ubuntu1.4 3.6.0-1ubuntu1.5 https://access.redhat.com/security/cve/CVE-2025-5915 https://bugzilla.redhat.com/show_bug.cgi?id=2370865 https://github.com/libarchive/libarchive/pull/2599 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://nvd.nist.gov/vuln/detail/CVE-2025-5915 https://ubuntu.com/security/notices/USN-7601-1 https://www.cve.org/CVERecord?id=CVE-2025-5915
libarchive-tools CVE-2025-5916 MEDIUM 3.6.0-1ubuntu1.4 3.6.0-1ubuntu1.5 https://access.redhat.com/security/cve/CVE-2025-5916 https://bugzilla.redhat.com/show_bug.cgi?id=2370872 https://github.com/libarchive/libarchive/pull/2568 https://github.com/libarchive/libarchive/pull/2568/commits/bce70c4c26864df2a8d6953e7db6e4b156253508 https://github.com/libarchive/libarchive/releases/tag/v3.8.0 https://nvd.nist.gov/vuln/detail/CVE-2025-5916 https://ubuntu.com/security/notices/USN-7601-1 https://www.cve.org/CVERecord?id=CVE-2025-5916
1147 other vulnerabilities found...
No Misconfigurations found

Java (jar)

Package Vulnerability ID Severity Installed Version Fixed Version Links
com.google.guava:guava CVE-2023-2976 MEDIUM 31.1-jre 32.0.0-android https://access.redhat.com/security/cve/CVE-2023-2976 https://github.com/google/guava https://github.com/google/guava/commit/feb83a1c8fd2e7670b244d5afd23cba5aca43284 https://github.com/google/guava/issues/2575 https://github.com/google/guava/issues/6532 https://github.com/google/guava/releases/tag/v32.0.0 https://nvd.nist.gov/vuln/detail/CVE-2023-2976 https://security.netapp.com/advisory/ntap-20230818-0008 https://security.netapp.com/advisory/ntap-20230818-0008/ https://www.cve.org/CVERecord?id=CVE-2023-2976 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html
com.google.guava:guava CVE-2020-8908 LOW 31.1-jre 32.0.0-android https://access.redhat.com/security/cve/CVE-2020-8908 https://github.com/google/guava https://github.com/google/guava/commit/feb83a1c8fd2e7670b244d5afd23cba5aca43284 https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40 https://github.com/google/guava/issues/4011 https://github.com/google/guava/issues/4011#issuecomment-1578991974 https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r037fed1d0ebde50c9caf8d99815db3093c344c3f651c5a49a09824ce@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2020-8908 https://security.netapp.com/advisory/ntap-20220210-0003 https://security.netapp.com/advisory/ntap-20220210-0003/ https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415 https://www.cve.org/CVERecord?id=CVE-2020-8908 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
com.google.protobuf:protobuf-java CVE-2021-22569 HIGH 2.6.1 3.16.1, 3.18.2, 3.19.2 http://www.openwall.com/lists/oss-security/2022/01/12/4 http://www.openwall.com/lists/oss-security/2022/01/12/7 https://access.redhat.com/security/cve/CVE-2021-22569 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330 https://cloud.google.com/support/bulletins#gcp-2022-001 https://github.com/protocolbuffers/protobuf https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67 https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html https://nvd.nist.gov/vuln/detail/CVE-2021-22569 https://ubuntu.com/security/notices/USN-5945-1 https://www.cve.org/CVERecord?id=CVE-2021-22569 https://www.openwall.com/lists/oss-security/2022/01/12/4 https://www.oracle.com/security-alerts/cpuapr2022.html
com.google.protobuf:protobuf-java CVE-2021-22569 HIGH 2.6.1 3.16.1, 3.18.2, 3.19.2 http://www.openwall.com/lists/oss-security/2022/01/12/4 http://www.openwall.com/lists/oss-security/2022/01/12/7 https://access.redhat.com/security/cve/CVE-2021-22569 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330 https://cloud.google.com/support/bulletins#gcp-2022-001 https://github.com/protocolbuffers/protobuf https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67 https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html https://nvd.nist.gov/vuln/detail/CVE-2021-22569 https://ubuntu.com/security/notices/USN-5945-1 https://www.cve.org/CVERecord?id=CVE-2021-22569 https://www.openwall.com/lists/oss-security/2022/01/12/4 https://www.oracle.com/security-alerts/cpuapr2022.html
com.google.protobuf:protobuf-java CVE-2022-3509 HIGH 2.6.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 https://access.redhat.com/security/cve/CVE-2022-3509 https://github.com/protocolbuffers/protobuf/commit/a3888f53317a8018e7a439bac4abeb8f3425d5e9 https://github.com/protocolbuffers/protobuf/tree/main/java https://nvd.nist.gov/vuln/detail/CVE-2022-3509 https://www.cve.org/CVERecord?id=CVE-2022-3509
com.google.protobuf:protobuf-java CVE-2022-3509 HIGH 2.6.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 https://access.redhat.com/security/cve/CVE-2022-3509 https://github.com/protocolbuffers/protobuf/commit/a3888f53317a8018e7a439bac4abeb8f3425d5e9 https://github.com/protocolbuffers/protobuf/tree/main/java https://nvd.nist.gov/vuln/detail/CVE-2022-3509 https://www.cve.org/CVERecord?id=CVE-2022-3509
com.google.protobuf:protobuf-java CVE-2022-3510 HIGH 2.6.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 https://access.redhat.com/security/cve/CVE-2022-3510 https://github.com/protocolbuffers/protobuf/commit/db7c17803320525722f45c1d26fc08bc41d1bf48 https://github.com/protocolbuffers/protobuf/tree/main/java https://nvd.nist.gov/vuln/detail/CVE-2022-3510 https://www.cve.org/CVERecord?id=CVE-2022-3510
com.google.protobuf:protobuf-java CVE-2022-3510 HIGH 2.6.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 https://access.redhat.com/security/cve/CVE-2022-3510 https://github.com/protocolbuffers/protobuf/commit/db7c17803320525722f45c1d26fc08bc41d1bf48 https://github.com/protocolbuffers/protobuf/tree/main/java https://nvd.nist.gov/vuln/detail/CVE-2022-3510 https://www.cve.org/CVERecord?id=CVE-2022-3510
com.google.protobuf:protobuf-java CVE-2024-7254 HIGH 2.6.1 3.25.5, 4.27.5, 4.28.2 https://access.redhat.com/security/cve/CVE-2024-7254 https://github.com/advisories/GHSA-735f-pc8j-v9w8 https://github.com/protocolbuffers/protobuf https://github.com/protocolbuffers/protobuf/commit/4728531c162f2f9e8c2ca1add713cfee2db6be3b https://github.com/protocolbuffers/protobuf/commit/850fcce9176e2c9070614dab53537760498c926b https://github.com/protocolbuffers/protobuf/commit/9a5f5fe752a20cbac2e722b06949ac985abdd534 https://github.com/protocolbuffers/protobuf/commit/ac9fb5b4c71b0dd80985b27684e265d1f03abf46 https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa https://github.com/protocolbuffers/protobuf/commit/d6c82fc55a76481c676f541a255571e8950bb8c3 https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2024-7254.yml https://nvd.nist.gov/vuln/detail/CVE-2024-7254 https://security.netapp.com/advisory/ntap-20241213-0010 https://security.netapp.com/advisory/ntap-20241213-0010/ https://security.netapp.com/advisory/ntap-20250418-0006 https://security.netapp.com/advisory/ntap-20250418-0006/ https://ubuntu.com/security/notices/USN-7435-1 https://www.cve.org/CVERecord?id=CVE-2024-7254
com.google.protobuf:protobuf-java CVE-2024-7254 HIGH 2.6.1 3.25.5, 4.27.5, 4.28.2 https://access.redhat.com/security/cve/CVE-2024-7254 https://github.com/advisories/GHSA-735f-pc8j-v9w8 https://github.com/protocolbuffers/protobuf https://github.com/protocolbuffers/protobuf/commit/4728531c162f2f9e8c2ca1add713cfee2db6be3b https://github.com/protocolbuffers/protobuf/commit/850fcce9176e2c9070614dab53537760498c926b https://github.com/protocolbuffers/protobuf/commit/9a5f5fe752a20cbac2e722b06949ac985abdd534 https://github.com/protocolbuffers/protobuf/commit/ac9fb5b4c71b0dd80985b27684e265d1f03abf46 https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa https://github.com/protocolbuffers/protobuf/commit/d6c82fc55a76481c676f541a255571e8950bb8c3 https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2024-7254.yml https://nvd.nist.gov/vuln/detail/CVE-2024-7254 https://security.netapp.com/advisory/ntap-20241213-0010 https://security.netapp.com/advisory/ntap-20241213-0010/ https://security.netapp.com/advisory/ntap-20250418-0006 https://security.netapp.com/advisory/ntap-20250418-0006/ https://ubuntu.com/security/notices/USN-7435-1 https://www.cve.org/CVERecord?id=CVE-2024-7254
com.google.protobuf:protobuf-java CVE-2022-3171 MEDIUM 2.6.1 3.21.7, 3.20.3, 3.19.6, 3.16.3 https://access.redhat.com/security/cve/CVE-2022-3171 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48771 https://github.com/protocolbuffers/protobuf https://github.com/protocolbuffers/protobuf/releases/tag/v21.7 https://github.com/protocolbuffers/protobuf/releases/tag/v3.16.3 https://github.com/protocolbuffers/protobuf/releases/tag/v3.19.6 https://github.com/protocolbuffers/protobuf/releases/tag/v3.20.3 https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2022-3171.yml https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP https://nvd.nist.gov/vuln/detail/CVE-2022-3171 https://security.gentoo.org/glsa/202301-09 https://www.cve.org/CVERecord?id=CVE-2022-3171
com.google.protobuf:protobuf-java CVE-2022-3171 MEDIUM 2.6.1 3.21.7, 3.20.3, 3.19.6, 3.16.3 https://access.redhat.com/security/cve/CVE-2022-3171 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48771 https://github.com/protocolbuffers/protobuf https://github.com/protocolbuffers/protobuf/releases/tag/v21.7 https://github.com/protocolbuffers/protobuf/releases/tag/v3.16.3 https://github.com/protocolbuffers/protobuf/releases/tag/v3.19.6 https://github.com/protocolbuffers/protobuf/releases/tag/v3.20.3 https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2022-3171.yml https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP https://nvd.nist.gov/vuln/detail/CVE-2022-3171 https://security.gentoo.org/glsa/202301-09 https://www.cve.org/CVERecord?id=CVE-2022-3171
com.google.protobuf:protobuf-java CVE-2022-3509 HIGH 3.19.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 https://access.redhat.com/security/cve/CVE-2022-3509 https://github.com/protocolbuffers/protobuf/commit/a3888f53317a8018e7a439bac4abeb8f3425d5e9 https://github.com/protocolbuffers/protobuf/tree/main/java https://nvd.nist.gov/vuln/detail/CVE-2022-3509 https://www.cve.org/CVERecord?id=CVE-2022-3509
com.google.protobuf:protobuf-java CVE-2022-3510 HIGH 3.19.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 https://access.redhat.com/security/cve/CVE-2022-3510 https://github.com/protocolbuffers/protobuf/commit/db7c17803320525722f45c1d26fc08bc41d1bf48 https://github.com/protocolbuffers/protobuf/tree/main/java https://nvd.nist.gov/vuln/detail/CVE-2022-3510 https://www.cve.org/CVERecord?id=CVE-2022-3510
com.google.protobuf:protobuf-java CVE-2024-7254 HIGH 3.19.3 3.25.5, 4.27.5, 4.28.2 https://access.redhat.com/security/cve/CVE-2024-7254 https://github.com/advisories/GHSA-735f-pc8j-v9w8 https://github.com/protocolbuffers/protobuf https://github.com/protocolbuffers/protobuf/commit/4728531c162f2f9e8c2ca1add713cfee2db6be3b https://github.com/protocolbuffers/protobuf/commit/850fcce9176e2c9070614dab53537760498c926b https://github.com/protocolbuffers/protobuf/commit/9a5f5fe752a20cbac2e722b06949ac985abdd534 https://github.com/protocolbuffers/protobuf/commit/ac9fb5b4c71b0dd80985b27684e265d1f03abf46 https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa https://github.com/protocolbuffers/protobuf/commit/d6c82fc55a76481c676f541a255571e8950bb8c3 https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2024-7254.yml https://nvd.nist.gov/vuln/detail/CVE-2024-7254 https://security.netapp.com/advisory/ntap-20241213-0010 https://security.netapp.com/advisory/ntap-20241213-0010/ https://security.netapp.com/advisory/ntap-20250418-0006 https://security.netapp.com/advisory/ntap-20250418-0006/ https://ubuntu.com/security/notices/USN-7435-1 https://www.cve.org/CVERecord?id=CVE-2024-7254
com.google.protobuf:protobuf-java CVE-2022-3171 MEDIUM 3.19.3 3.21.7, 3.20.3, 3.19.6, 3.16.3 https://access.redhat.com/security/cve/CVE-2022-3171 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48771 https://github.com/protocolbuffers/protobuf https://github.com/protocolbuffers/protobuf/releases/tag/v21.7 https://github.com/protocolbuffers/protobuf/releases/tag/v3.16.3 https://github.com/protocolbuffers/protobuf/releases/tag/v3.19.6 https://github.com/protocolbuffers/protobuf/releases/tag/v3.20.3 https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2022-3171.yml https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP https://nvd.nist.gov/vuln/detail/CVE-2022-3171 https://security.gentoo.org/glsa/202301-09 https://www.cve.org/CVERecord?id=CVE-2022-3171
com.google.protobuf:protobuf-java CVE-2024-7254 HIGH 3.24.4 3.25.5, 4.27.5, 4.28.2 https://access.redhat.com/security/cve/CVE-2024-7254 https://github.com/advisories/GHSA-735f-pc8j-v9w8 https://github.com/protocolbuffers/protobuf https://github.com/protocolbuffers/protobuf/commit/4728531c162f2f9e8c2ca1add713cfee2db6be3b https://github.com/protocolbuffers/protobuf/commit/850fcce9176e2c9070614dab53537760498c926b https://github.com/protocolbuffers/protobuf/commit/9a5f5fe752a20cbac2e722b06949ac985abdd534 https://github.com/protocolbuffers/protobuf/commit/ac9fb5b4c71b0dd80985b27684e265d1f03abf46 https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa https://github.com/protocolbuffers/protobuf/commit/d6c82fc55a76481c676f541a255571e8950bb8c3 https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2024-7254.yml https://nvd.nist.gov/vuln/detail/CVE-2024-7254 https://security.netapp.com/advisory/ntap-20241213-0010 https://security.netapp.com/advisory/ntap-20241213-0010/ https://security.netapp.com/advisory/ntap-20250418-0006 https://security.netapp.com/advisory/ntap-20250418-0006/ https://ubuntu.com/security/notices/USN-7435-1 https://www.cve.org/CVERecord?id=CVE-2024-7254
commons-io:commons-io CVE-2024-47554 HIGH 2.4 2.14.0 http://www.openwall.com/lists/oss-security/2024/10/03/2 https://access.redhat.com/security/cve/CVE-2024-47554 https://github.com/apache/commons-io https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1 https://nvd.nist.gov/vuln/detail/CVE-2024-47554 https://security.netapp.com/advisory/ntap-20250131-0010 https://security.netapp.com/advisory/ntap-20250131-0010/ https://www.cve.org/CVERecord?id=CVE-2024-47554
commons-io:commons-io CVE-2021-29425 MEDIUM 2.4 2.7 https://access.redhat.com/security/cve/CVE-2021-29425 https://arxiv.org/pdf/2306.05534.pdf https://github.com/jensdietrich/xshady-release/tree/main/CVE-2021-29425 https://issues.apache.org/jira/browse/IO-556 https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436%40%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71%40%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34%40%3Cdev.myfaces.apache.org%3E https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e%40%3Cpluto-scm.portals.apache.org%3E https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2%40%3Ccommits.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa%40%3Cuser.commons.apache.org%3E https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04%40%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31%40%3Cdev.commons.apache.org%3E https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a%40%3Cuser.commons.apache.org%3E https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80%40%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0%40%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0@%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d%40%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330%40%3Cdev.commons.apache.org%3E https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/08/msg00016.html https://nvd.nist.gov/vuln/detail/CVE-2021-29425 https://security.netapp.com/advisory/ntap-20220210-0004 https://security.netapp.com/advisory/ntap-20220210-0004/ https://ubuntu.com/security/notices/USN-5095-1 https://www.cve.org/CVERecord?id=CVE-2021-29425 https://www.openwall.com/lists/oss-security/2021/04/12/1 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
net.i2p.crypto:eddsa CVE-2020-36843 MEDIUM 0.3.0 no fix available https://eprint.iacr.org/2020/1244 https://github.com/i2p/i2p.i2p/commit/d7d1dcb5399c61cf2916ccc45aa25b0209c88712#diff-658f7b1aa34b58d27796fccdb8b756c72702d64ae44703374960f1cb89a5a5c3 https://github.com/str4d/ed25519-java https://github.com/str4d/ed25519-java/issues/82#issue-727629226 https://nvd.nist.gov/vuln/detail/CVE-2020-36843
net.minidev:json-smart CVE-2024-57699 HIGH 2.5.0 2.5.2 https://access.redhat.com/security/cve/CVE-2024-57699 https://github.com/TurtleLiu/Vul_PoC/tree/main/CVE-2024-57699 https://github.com/netplex/json-smart-v2 https://github.com/netplex/json-smart-v2/issues/232 https://github.com/netplex/json-smart-v2/issues/233 https://github.com/netplex/json-smart-v2/issues/236 https://github.com/netplex/json-smart-v2/releases/tag/2.5.2 https://nvd.nist.gov/vuln/detail/CVE-2024-57699 https://nvd.nist.gov/vuln/detail/cve-2023-1370 https://www.cve.org/CVERecord?id=CVE-2024-57699
org.apache.commons:commons-compress CVE-2024-25710 MEDIUM 1.21 1.26.0 http://www.openwall.com/lists/oss-security/2024/02/19/1 https://access.redhat.com/security/cve/CVE-2024-25710 https://github.com/apache/commons-compress https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf https://nvd.nist.gov/vuln/detail/CVE-2024-25710 https://security.netapp.com/advisory/ntap-20240307-0010 https://security.netapp.com/advisory/ntap-20240307-0010/ https://www.cve.org/CVERecord?id=CVE-2024-25710
org.apache.commons:commons-compress CVE-2024-25710 MEDIUM 1.21 1.26.0 http://www.openwall.com/lists/oss-security/2024/02/19/1 https://access.redhat.com/security/cve/CVE-2024-25710 https://github.com/apache/commons-compress https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf https://nvd.nist.gov/vuln/detail/CVE-2024-25710 https://security.netapp.com/advisory/ntap-20240307-0010 https://security.netapp.com/advisory/ntap-20240307-0010/ https://www.cve.org/CVERecord?id=CVE-2024-25710
org.apache.commons:commons-compress CVE-2024-26308 MEDIUM 1.21 1.26.0 http://www.openwall.com/lists/oss-security/2024/02/19/2 https://access.redhat.com/security/cve/CVE-2024-26308 https://github.com/apache/commons-compress https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg https://nvd.nist.gov/vuln/detail/CVE-2024-26308 https://security.netapp.com/advisory/ntap-20240307-0009 https://security.netapp.com/advisory/ntap-20240307-0009/ https://www.cve.org/CVERecord?id=CVE-2024-26308 https://www.openwall.com/lists/oss-security/2024/02/19/2
org.apache.commons:commons-compress CVE-2024-26308 MEDIUM 1.21 1.26.0 http://www.openwall.com/lists/oss-security/2024/02/19/2 https://access.redhat.com/security/cve/CVE-2024-26308 https://github.com/apache/commons-compress https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg https://nvd.nist.gov/vuln/detail/CVE-2024-26308 https://security.netapp.com/advisory/ntap-20240307-0009 https://security.netapp.com/advisory/ntap-20240307-0009/ https://www.cve.org/CVERecord?id=CVE-2024-26308 https://www.openwall.com/lists/oss-security/2024/02/19/2
org.apache.commons:commons-compress CVE-2023-42503 MEDIUM 1.22 1.24.0 https://access.redhat.com/security/cve/CVE-2023-42503 https://github.com/apache/commons-compress https://github.com/apache/commons-compress/commit/aae38bfb820159ae7a0b792e779571f6a46b3889 https://lists.apache.org/thread/5xwcyr600mn074vgxq92tjssrchmc93c https://nvd.nist.gov/vuln/detail/CVE-2023-42503 https://security.netapp.com/advisory/ntap-20231020-0003 https://security.netapp.com/advisory/ntap-20231020-0003/ https://www.cve.org/CVERecord?id=CVE-2023-42503
org.apache.commons:commons-compress CVE-2024-25710 MEDIUM 1.22 1.26.0 http://www.openwall.com/lists/oss-security/2024/02/19/1 https://access.redhat.com/security/cve/CVE-2024-25710 https://github.com/apache/commons-compress https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf https://nvd.nist.gov/vuln/detail/CVE-2024-25710 https://security.netapp.com/advisory/ntap-20240307-0010 https://security.netapp.com/advisory/ntap-20240307-0010/ https://www.cve.org/CVERecord?id=CVE-2024-25710
org.apache.commons:commons-compress CVE-2024-26308 MEDIUM 1.22 1.26.0 http://www.openwall.com/lists/oss-security/2024/02/19/2 https://access.redhat.com/security/cve/CVE-2024-26308 https://github.com/apache/commons-compress https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg https://nvd.nist.gov/vuln/detail/CVE-2024-26308 https://security.netapp.com/advisory/ntap-20240307-0009 https://security.netapp.com/advisory/ntap-20240307-0009/ https://www.cve.org/CVERecord?id=CVE-2024-26308 https://www.openwall.com/lists/oss-security/2024/02/19/2
org.apache.httpcomponents:httpclient CVE-2020-13956 MEDIUM 4.5.6 4.5.13, 5.0.3 https://access.redhat.com/security/cve/CVE-2020-13956 https://bugzilla.redhat.com/show_bug.cgi?id=1886587 https://errata.almalinux.org/8/ALSA-2022-1861.html https://github.com/apache/httpcomponents-client https://linux.oracle.com/cve/CVE-2020-13956.html https://linux.oracle.com/errata/ELSA-2022-1861.html https://lists.apache.org/thread.html/r03bbc318c81be21f5c8a9b85e34f2ecc741aa804a8e43b0ef2c37749%40%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/r03bbc318c81be21f5c8a9b85e34f2ecc741aa804a8e43b0ef2c37749@%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9%40%3Cdev.hive.apache.org%3E https://lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9@%3Cdev.hive.apache.org%3E https://lists.apache.org/thread.html/r06cf3ca5c8ceb94b39cd24a73d4e96153b485a7dac88444dd876accb%40%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/r06cf3ca5c8ceb94b39cd24a73d4e96153b485a7dac88444dd876accb@%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r0bebe6f9808ac7bdf572873b4fa96a29c6398c90dab29f131f3ebffe%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r0bebe6f9808ac7bdf572873b4fa96a29c6398c90dab29f131f3ebffe@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r12cb62751b35bdcda0ae2a08b67877d665a1f4d41eee0fa7367169e0%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r12cb62751b35bdcda0ae2a08b67877d665a1f4d41eee0fa7367169e0@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r132e4c6a560cfc519caa1aaee63bdd4036327610eadbd89f76dd5457%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r132e4c6a560cfc519caa1aaee63bdd4036327610eadbd89f76dd5457@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r2a03dc210231d7e852ef73015f71792ac0fcaca6cccc024c522ef17d%40%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r2a03dc210231d7e852ef73015f71792ac0fcaca6cccc024c522ef17d@%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r2dc7930b43eadc78220d269b79e13ecd387e4bee52db67b2f47d4303%40%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/r2dc7930b43eadc78220d269b79e13ecd387e4bee52db67b2f47d4303@%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/r34178ab6ef106bc940665fd3f4ba5026fac3603b3fa2aefafa0b619d%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r34178ab6ef106bc940665fd3f4ba5026fac3603b3fa2aefafa0b619d@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r34efec51cb817397ccf9f86e25a75676d435ba5f83ee7b2eabdad707%40%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r34efec51cb817397ccf9f86e25a75676d435ba5f83ee7b2eabdad707@%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r3f740e4c38bba1face49078aa5cbeeb558c27be601cc9712ad2dcd1e%40%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r3f740e4c38bba1face49078aa5cbeeb558c27be601cc9712ad2dcd1e@%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r4850b3fbaea02fde2886e461005e4af8d37c80a48b3ce2a6edca0e30%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r4850b3fbaea02fde2886e461005e4af8d37c80a48b3ce2a6edca0e30@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r549ac8c159bf0c568c19670bedeb8d7c0074beded951d34b1c1d0d05%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r549ac8c159bf0c568c19670bedeb8d7c0074beded951d34b1c1d0d05@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r55b2a1d1e9b1ec9db792b93da8f0f99a4fd5a5310b02673359d9b4d1%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r55b2a1d1e9b1ec9db792b93da8f0f99a4fd5a5310b02673359d9b4d1@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r5b55f65c123a7481104d663a915ec45a0d103e6aaa03f42ed1c07a89%40%3Cdev.jackrabbit.apache.org%3E https://lists.apache.org/thread.html/r5b55f65c123a7481104d663a915ec45a0d103e6aaa03f42ed1c07a89@%3Cdev.jackrabbit.apache.org%3E https://lists.apache.org/thread.html/r5de3d3808e7b5028df966e45115e006456c4e8931dc1e29036f17927%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r5de3d3808e7b5028df966e45115e006456c4e8931dc1e29036f17927@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r5fec9c1d67f928179adf484b01e7becd7c0a6fdfe3a08f92ea743b90%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r5fec9c1d67f928179adf484b01e7becd7c0a6fdfe3a08f92ea743b90@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r63296c45d5d84447babaf39bd1487329d8a80d8d563e67a4b6f3d8a7%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r63296c45d5d84447babaf39bd1487329d8a80d8d563e67a4b6f3d8a7@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r69a94e2f302d1b778bdfefe90fcb4b8c50b226438c3c8c1d0de85a19%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r69a94e2f302d1b778bdfefe90fcb4b8c50b226438c3c8c1d0de85a19@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r6a3cda38d050ebe13c1bc9a28d0a8ec38945095d07eca49046bcb89f%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r6a3cda38d050ebe13c1bc9a28d0a8ec38945095d07eca49046bcb89f@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r6d672b46622842e565e00f6ef6bef83eb55d8792aac2bee75bff9a2a%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r6d672b46622842e565e00f6ef6bef83eb55d8792aac2bee75bff9a2a@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r6dab7da30f8bf075f79ee189e33b45a197502e2676481bb8787fc0d7%40%3Cdev.hc.apache.org%3E https://lists.apache.org/thread.html/r6eb2dae157dbc9af1f30d1f64e9c60d4ebef618f3dce4a0e32d6ea4d%40%3Ccommits.drill.apache.org%3E https://lists.apache.org/thread.html/r6eb2dae157dbc9af1f30d1f64e9c60d4ebef618f3dce4a0e32d6ea4d@%3Ccommits.drill.apache.org%3E https://lists.apache.org/thread.html/r70c429923100c5a4fae8e5bc71c8a2d39af3de4888f50a0ac3755e6f%40%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r70c429923100c5a4fae8e5bc71c8a2d39af3de4888f50a0ac3755e6f@%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r87ddc09295c27f25471269ad0a79433a91224045988b88f0413a97ec%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r87ddc09295c27f25471269ad0a79433a91224045988b88f0413a97ec@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r8aa1e5c343b89aec5b69961471950e862f15246cb6392910161c389b%40%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/r8aa1e5c343b89aec5b69961471950e862f15246cb6392910161c389b@%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/r9e52a6c72c8365000ecd035e48cc9fee5a677a150350d4420c46443d%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r9e52a6c72c8365000ecd035e48cc9fee5a677a150350d4420c46443d@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/ra539f20ef0fb0c27ee39945b5f56bf162e5c13d1c60f7344dab8de3b%40%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/ra539f20ef0fb0c27ee39945b5f56bf162e5c13d1c60f7344dab8de3b@%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/ra8bc6b61c5df301a6fe5a716315528ecd17ccb8a7f907e24a47a1a5e%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/ra8bc6b61c5df301a6fe5a716315528ecd17ccb8a7f907e24a47a1a5e@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rad6222134183046f3928f733bf680919e0c390739bfbfe6c90049673%40%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/rad6222134183046f3928f733bf680919e0c390739bfbfe6c90049673@%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/rae14ae25ff4a60251e3ba2629c082c5ba3851dfd4d21218b99b56652%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rae14ae25ff4a60251e3ba2629c082c5ba3851dfd4d21218b99b56652@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rb33212dab7beccaf1ffef9b88610047c644f644c7a0ebdc44d77e381%40%3Ccommits.turbine.apache.org%3E https://lists.apache.org/thread.html/rb33212dab7beccaf1ffef9b88610047c644f644c7a0ebdc44d77e381@%3Ccommits.turbine.apache.org%3E https://lists.apache.org/thread.html/rb4ba262d6f08ab9cf8b1ebbcd9b00b0368ffe90dad7ad7918b4b56fc%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/rb4ba262d6f08ab9cf8b1ebbcd9b00b0368ffe90dad7ad7918b4b56fc@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/rb725052404fabffbe093c83b2c46f3f87e12c3193a82379afbc529f8%40%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/rb725052404fabffbe093c83b2c46f3f87e12c3193a82379afbc529f8@%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/rc0863892ccfd9fd0d0ae10091f24ee769fb39b8957fe4ebabfc11f17%40%3Cdev.jackrabbit.apache.org%3E https://lists.apache.org/thread.html/rc0863892ccfd9fd0d0ae10091f24ee769fb39b8957fe4ebabfc11f17@%3Cdev.jackrabbit.apache.org%3E https://lists.apache.org/thread.html/rc3739e0ad4bcf1888c6925233bfc37dd71156bbc8416604833095c42%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/rc3739e0ad4bcf1888c6925233bfc37dd71156bbc8416604833095c42@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/rc505fee574fe8d18f9b0c655a4d120b0ae21bb6a73b96003e1d9be35%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rc505fee574fe8d18f9b0c655a4d120b0ae21bb6a73b96003e1d9be35@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rc5c6ccb86d2afe46bbd4b71573f0448dc1f87bbcd5a0d8c7f8f904b2%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rc5c6ccb86d2afe46bbd4b71573f0448dc1f87bbcd5a0d8c7f8f904b2@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rc990e2462ec32b09523deafb2c73606208599e196fa2d7f50bdbc587%40%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/rc990e2462ec32b09523deafb2c73606208599e196fa2d7f50bdbc587@%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/rcced7ed3237c29cd19c1e9bf465d0038b8b2e967b99fc283db7ca553%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/rcced7ed3237c29cd19c1e9bf465d0038b8b2e967b99fc283db7ca553@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/rcd9ad5dda60c82ab0d0c9bd3e9cb1dc740804451fc20c7f451ef5cc4%40%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/rcd9ad5dda60c82ab0d0c9bd3e9cb1dc740804451fc20c7f451ef5cc4@%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/rd5ab56beb2ac6879f6ab427bc4e5f7691aed8362d17b713f61779858%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/rd5ab56beb2ac6879f6ab427bc4e5f7691aed8362d17b713f61779858@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/re504acd4d63b8df2a7353658f45c9a3137e5f80e41cf7de50058b2c1%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/re504acd4d63b8df2a7353658f45c9a3137e5f80e41cf7de50058b2c1@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rea3dbf633dde5008d38bf6600a3738b9216e733e03f9ff7becf79625%40%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/rea3dbf633dde5008d38bf6600a3738b9216e733e03f9ff7becf79625@%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/ree942561f4620313c75982a4e5f3b74fe6f7062b073210779648eec2%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/ree942561f4620313c75982a4e5f3b74fe6f7062b073210779648eec2@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/reef569c2419705754a3acf42b5f19b2a158153cef0e448158bc54917%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/reef569c2419705754a3acf42b5f19b2a158153cef0e448158bc54917@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/rf03228972e56cb4a03e6d9558188c2938078cf3ceb23a3fead87c9ca%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf03228972e56cb4a03e6d9558188c2938078cf3ceb23a3fead87c9ca@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf43d17ed0d1fb4fb79036b582810ef60b18b1ef3add0d5dea825af1e%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rf43d17ed0d1fb4fb79036b582810ef60b18b1ef3add0d5dea825af1e@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rf4db88c22e1be9eb60c7dc623d0528642c045fb196a24774ac2fa3a3%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rf4db88c22e1be9eb60c7dc623d0528642c045fb196a24774ac2fa3a3@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rf7ca60f78f05b772cc07d27e31bcd112f9910a05caf9095e38ee150f%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/rf7ca60f78f05b772cc07d27e31bcd112f9910a05caf9095e38ee150f@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/rfb35f6db9ba1f1e061b63769a4eff5abadcc254ebfefc280e5a0dcf1%40%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/rfb35f6db9ba1f1e061b63769a4eff5abadcc254ebfefc280e5a0dcf1@%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/rfbedcb586a1e7dfce87ee03c720e583fc2ceeafa05f35c542cecc624%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rfbedcb586a1e7dfce87ee03c720e583fc2ceeafa05f35c542cecc624@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rfc00884c7b7ca878297bffe45fcb742c362b00b26ba37070706d44c3%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/rfc00884c7b7ca878297bffe45fcb742c362b00b26ba37070706d44c3@%3Cissues.hive.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2020-13956 https://security.netapp.com/advisory/ntap-20220210-0002 https://security.netapp.com/advisory/ntap-20220210-0002/ https://ubuntu.com/security/notices/USN-5239-1 https://www.cve.org/CVERecord?id=CVE-2020-13956 https://www.openwall.com/lists/oss-security/2020/10/08/4 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 MEDIUM 1.67 no fix available https://access.redhat.com/security/cve/CVE-2023-33201 https://bouncycastle.org https://bouncycastle.org/releasenotes.html#r1rv74 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/ccf93ca736b89250ff4ce079a5aa56f5cbf0ebbd https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc https://github.com/bcgit/bc-java/commits/main/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java https://github.com/bcgit/bc-java/wiki/CVE-2023-33201 https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html https://nvd.nist.gov/vuln/detail/CVE-2023-33201 https://security.netapp.com/advisory/ntap-20230824-0008 https://security.netapp.com/advisory/ntap-20230824-0008/ https://www.cve.org/CVERecord?id=CVE-2023-33201
org.bouncycastle:bcprov-jdk15on CVE-2023-33202 MEDIUM 1.67 1.70 https://access.redhat.com/security/cve/CVE-2023-33202 https://bouncycastle.org https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/0c576892862ed41894f49a8f639112e8d66d229c https://github.com/bcgit/bc-java/wiki/CVE-2023-33202 https://nvd.nist.gov/vuln/detail/CVE-2023-33202 https://security.netapp.com/advisory/ntap-20240125-0001 https://security.netapp.com/advisory/ntap-20240125-0001/ https://www.cve.org/CVERecord?id=CVE-2023-33202
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 MEDIUM 1.67 1.78 https://access.redhat.com/security/cve/CVE-2024-29857 https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63 https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857 https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857 https://nvd.nist.gov/vuln/detail/CVE-2024-29857 https://security.netapp.com/advisory/ntap-20241206-0008 https://security.netapp.com/advisory/ntap-20241206-0008/ https://www.bouncycastle.org/latest_releases.html https://www.cve.org/CVERecord?id=CVE-2024-29857
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 MEDIUM 1.67 1.78 https://access.redhat.com/security/cve/CVE-2024-30171 https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217 https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171 https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0 https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171 https://nvd.nist.gov/vuln/detail/CVE-2024-30171 https://people.redhat.com/~hkario/marvin/ https://security.netapp.com/advisory/ntap-20240614-0008 https://security.netapp.com/advisory/ntap-20240614-0008/ https://www.bouncycastle.org/latest_releases.html https://www.cve.org/CVERecord?id=CVE-2024-30171
No Misconfigurations found

Node.js (node-pkg)

Package Vulnerability ID Severity Installed Version Fixed Version Links
ajv CVE-2020-15366 MEDIUM 4.11.8 6.12.3 https://access.redhat.com/security/cve/CVE-2020-15366 https://errata.almalinux.org/8/ALSA-2021-0551.html https://github.com/ajv-validator/ajv https://github.com/ajv-validator/ajv/commit/65b2f7d76b190ac63a0d4e9154c712d7aa37049f https://github.com/ajv-validator/ajv/releases/tag/v6.12.3 https://github.com/ajv-validator/ajv/tags https://hackerone.com/bugs?subject=user&report_id=894259 https://linux.oracle.com/cve/CVE-2020-15366.html https://linux.oracle.com/errata/ELSA-2021-0551.html https://nvd.nist.gov/vuln/detail/CVE-2020-15366 https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://snyk.io/vuln/SNYK-JS-AJV-584908 https://www.cve.org/CVERecord?id=CVE-2020-15366
async CVE-2021-43138 HIGH 2.5.0 3.2.2, 2.6.4 https://access.redhat.com/security/cve/CVE-2021-43138 https://github.com/advisories/GHSA-fwr7-v2mv-hh25 https://github.com/caolan/async https://github.com/caolan/async/blob/master/lib/internal/iterator.js https://github.com/caolan/async/blob/master/lib/mapValuesLimit.js https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md#v264 https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2 https://github.com/caolan/async/commit/e1ecdbf79264f9ab488c7799f4c76996d5dca66d https://github.com/caolan/async/compare/v2.6.3...v2.6.4 https://github.com/caolan/async/pull/1828 https://jsfiddle.net/oz5twjd9 https://jsfiddle.net/oz5twjd9/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK https://nvd.nist.gov/vuln/detail/CVE-2021-43138 https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://www.cve.org/CVERecord?id=CVE-2021-43138
bl CVE-2020-8244 MEDIUM 1.0.3 1.2.3, 2.2.1, 3.0.1, 4.0.3 https://access.redhat.com/security/cve/CVE-2020-8244 https://github.com/rvagg/bl/commit/8a8c13c880e2bef519133ea43e0e9b78b5d0c91e https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190 https://github.com/rvagg/bl/commit/dacc4ac7d5fcd6201bcf26fbd886951be9537466 https://hackerone.com/reports/966347 https://lists.debian.org/debian-lts-announce/2021/06/msg00028.html https://nvd.nist.gov/vuln/detail/CVE-2020-8244 https://ubuntu.com/security/notices/USN-5098-1 https://ubuntu.com/security/notices/USN-5159-1 https://www.cve.org/CVERecord?id=CVE-2020-8244
bl CVE-2020-8244 MEDIUM 1.2.1 1.2.3, 2.2.1, 3.0.1, 4.0.3 https://access.redhat.com/security/cve/CVE-2020-8244 https://github.com/rvagg/bl/commit/8a8c13c880e2bef519133ea43e0e9b78b5d0c91e https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190 https://github.com/rvagg/bl/commit/dacc4ac7d5fcd6201bcf26fbd886951be9537466 https://hackerone.com/reports/966347 https://lists.debian.org/debian-lts-announce/2021/06/msg00028.html https://nvd.nist.gov/vuln/detail/CVE-2020-8244 https://ubuntu.com/security/notices/USN-5098-1 https://ubuntu.com/security/notices/USN-5159-1 https://www.cve.org/CVERecord?id=CVE-2020-8244
brace-expansion CVE-2025-5889 LOW 1.1.8 2.0.2, 1.1.12, 3.0.1, 4.0.1 https://access.redhat.com/security/cve/CVE-2025-5889 https://gist.github.com/mmmsssttt404/37a40ce7d6e5ca604858fe30814d9466 https://github.com/juliangruber/brace-expansion https://github.com/juliangruber/brace-expansion/commit/0b6a9781e18e9d2769bb2931f4856d1360243ed2 https://github.com/juliangruber/brace-expansion/commit/15f9b3c75ebf5988198241fecaebdc45eff28a9f https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217 https://github.com/juliangruber/brace-expansion/pull/65/commits/a5b98a4f30d7813266b221435e1eaaf25a1b0ac5 https://github.com/juliangruber/brace-expansion/releases/tag/v4.0.1 https://nvd.nist.gov/vuln/detail/CVE-2025-5889 https://vuldb.com/?ctiid.311660 https://vuldb.com/?id.311660 https://vuldb.com/?submit.585717 https://www.cve.org/CVERecord?id=CVE-2025-5889
brace-expansion CVE-2025-5889 LOW 2.0.1 2.0.2, 1.1.12, 3.0.1, 4.0.1 https://access.redhat.com/security/cve/CVE-2025-5889 https://gist.github.com/mmmsssttt404/37a40ce7d6e5ca604858fe30814d9466 https://github.com/juliangruber/brace-expansion https://github.com/juliangruber/brace-expansion/commit/0b6a9781e18e9d2769bb2931f4856d1360243ed2 https://github.com/juliangruber/brace-expansion/commit/15f9b3c75ebf5988198241fecaebdc45eff28a9f https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217 https://github.com/juliangruber/brace-expansion/pull/65/commits/a5b98a4f30d7813266b221435e1eaaf25a1b0ac5 https://github.com/juliangruber/brace-expansion/releases/tag/v4.0.1 https://nvd.nist.gov/vuln/detail/CVE-2025-5889 https://vuldb.com/?ctiid.311660 https://vuldb.com/?id.311660 https://vuldb.com/?submit.585717 https://www.cve.org/CVERecord?id=CVE-2025-5889
brace-expansion CVE-2025-5889 LOW 2.0.1 2.0.2, 1.1.12, 3.0.1, 4.0.1 https://access.redhat.com/security/cve/CVE-2025-5889 https://gist.github.com/mmmsssttt404/37a40ce7d6e5ca604858fe30814d9466 https://github.com/juliangruber/brace-expansion https://github.com/juliangruber/brace-expansion/commit/0b6a9781e18e9d2769bb2931f4856d1360243ed2 https://github.com/juliangruber/brace-expansion/commit/15f9b3c75ebf5988198241fecaebdc45eff28a9f https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217 https://github.com/juliangruber/brace-expansion/pull/65/commits/a5b98a4f30d7813266b221435e1eaaf25a1b0ac5 https://github.com/juliangruber/brace-expansion/releases/tag/v4.0.1 https://nvd.nist.gov/vuln/detail/CVE-2025-5889 https://vuldb.com/?ctiid.311660 https://vuldb.com/?id.311660 https://vuldb.com/?submit.585717 https://www.cve.org/CVERecord?id=CVE-2025-5889
chownr CVE-2017-18869 LOW 1.0.1 1.1.0 https://access.redhat.com/security/cve/CVE-2017-18869 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863985 https://bugzilla.redhat.com/show_bug.cgi?id=1611614 https://github.com/isaacs/chownr/commit/36a93e3f0a220062c47b237cf6ab6d5f55cd79c9 https://github.com/isaacs/chownr/commit/a631d841022880e5c8d694408a7e96d6d576d0ce https://github.com/isaacs/chownr/issues/14 https://nvd.nist.gov/vuln/detail/CVE-2017-18869 https://snyk.io/vuln/npm:chownr:20180731 https://www.cve.org/CVERecord?id=CVE-2017-18869
dot-prop CVE-2020-8116 HIGH 3.0.0 4.2.1, 5.1.1 https://access.redhat.com/security/cve/CVE-2020-8116 https://errata.almalinux.org/8/ALSA-2021-0548.html https://github.com/advisories/GHSA-ff7x-qrg7-qggm https://github.com/sindresorhus/dot-prop https://github.com/sindresorhus/dot-prop/commit/3039c8c07f6fdaa8b595ec869ae0895686a7a0f2 https://github.com/sindresorhus/dot-prop/commit/c914124f418f55edea27928e89c94d931babe587 https://github.com/sindresorhus/dot-prop/issues/63 https://github.com/sindresorhus/dot-prop/tree/v4 https://hackerone.com/reports/719856 https://linux.oracle.com/cve/CVE-2020-8116.html https://linux.oracle.com/errata/ELSA-2021-0548.html https://nvd.nist.gov/vuln/detail/CVE-2020-8116 https://www.cve.org/CVERecord?id=CVE-2020-8116
got CVE-2022-33987 MEDIUM 5.7.1 12.1.0, 11.8.5 https://access.redhat.com/errata/RHSA-2022:6595 https://access.redhat.com/security/cve/CVE-2022-33987 https://bugzilla.redhat.com/1907444 https://bugzilla.redhat.com/1945459 https://bugzilla.redhat.com/1964461 https://bugzilla.redhat.com/2007557 https://bugzilla.redhat.com/2098556 https://bugzilla.redhat.com/2102001 https://bugzilla.redhat.com/2105422 https://bugzilla.redhat.com/2105426 https://bugzilla.redhat.com/2105428 https://bugzilla.redhat.com/2105430 https://errata.almalinux.org/9/ALSA-2022-6595.html https://github.com/sindresorhus/got https://github.com/sindresorhus/got/commit/861ccd9ac2237df762a9e2beed7edd88c60782dc https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0 https://github.com/sindresorhus/got/pull/2047 https://github.com/sindresorhus/got/releases/tag/v11.8.5 https://github.com/sindresorhus/got/releases/tag/v12.1.0 https://linux.oracle.com/cve/CVE-2022-33987.html https://linux.oracle.com/errata/ELSA-2022-6595.html https://nvd.nist.gov/vuln/detail/CVE-2022-33987 https://www.cve.org/CVERecord?id=CVE-2022-33987
handlebars CVE-2021-23369 CRITICAL 4.5.3 4.7.7 https://access.redhat.com/security/cve/CVE-2021-23369 https://github.com/advisories/GHSA-f2jv-r9rf-7988 https://github.com/handlebars-lang/handlebars.js/commit/b6d3de7123eebba603e321f04afdbae608e8fea8 https://github.com/handlebars-lang/handlebars.js/commit/f0589701698268578199be25285b2ebea1c1e427 https://github.com/wycats/handlebars.js https://nvd.nist.gov/vuln/detail/CVE-2021-23369 https://security.netapp.com/advisory/ntap-20210604-0008 https://security.netapp.com/advisory/ntap-20210604-0008/ https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074950 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074951 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074952 https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767 https://www.cve.org/CVERecord?id=CVE-2021-23369
handlebars CVE-2021-23383 CRITICAL 4.5.3 4.7.7 https://access.redhat.com/security/cve/CVE-2021-23383 https://github.com/advisories/GHSA-765h-qjxv-5f44 https://github.com/handlebars-lang/handlebars.js https://github.com/handlebars-lang/handlebars.js/commit/f0589701698268578199be25285b2ebea1c1e427 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/handlebars-source/CVE-2021-23383.yml https://nvd.nist.gov/vuln/detail/CVE-2021-23383 https://security.netapp.com/advisory/ntap-20210618-0007 https://security.netapp.com/advisory/ntap-20210618-0007/ https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1279031 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1279032 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279030 https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1279029 https://www.cve.org/CVERecord?id=CVE-2021-23383 https://www.npmjs.com/package/handlebars
handlebars NSWG-ECO-519 MEDIUM 4.5.3 >=4.6.0 https://hackerone.com/reports/726364
hawk CVE-2022-29167 HIGH 3.1.3 9.0.1 https://access.redhat.com/security/cve/CVE-2022-29167 https://github.com/mozilla/hawk https://github.com/mozilla/hawk/commit/ade134119bf1fdc4909d00f5a952c966f0075ad3 https://github.com/mozilla/hawk/commit/d10d72ca82db967f6c5fcf866ff78e3ca25ce1ab https://github.com/mozilla/hawk/pull/286 https://github.com/mozilla/hawk/security/advisories/GHSA-44pw-h2cw-w3vq https://nvd.nist.gov/vuln/detail/CVE-2022-29167 https://ubuntu.com/security/notices/USN-6116-1 https://www.cve.org/CVERecord?id=CVE-2022-29167
hoek CVE-2020-36604 HIGH 2.16.3 no fix available https://access.redhat.com/security/cve/CVE-2020-36604 https://github.com/advisories/GHSA-c429-5p7v-vgjp https://github.com/hapijs/hoek/commit/4d0804bc6135ad72afdc5e1ec002b935b2f5216a https://github.com/hapijs/hoek/commit/948baf98634a5c206875b67d11368f133034fa90 https://github.com/hapijs/hoek/issues/352 https://nvd.nist.gov/vuln/detail/CVE-2020-36604 https://security.snyk.io/vuln/SNYK-JS-HAPIHOEK-548452%29 https://www.cve.org/CVERecord?id=CVE-2020-36604
hoek CVE-2018-3728 LOW 2.16.3 >=5.0.3 >=4.2.1 http://www.securityfocus.com/bid/103108 https://access.redhat.com/errata/RHSA-2018:1263 https://access.redhat.com/errata/RHSA-2018:1264 https://access.redhat.com/security/cve/CVE-2018-3728 https://github.com/hapijs/hoek https://github.com/hapijs/hoek/commit/32ed5c9413321fbc37da5ca81a7cbab693786dee https://github.com/hapijs/hoek/commit/5aed1a8c4a3d55722d1c799f2368857bf418d6df https://hackerone.com/reports/310439 https://nodesecurity.io/advisories/566 https://nvd.nist.gov/vuln/detail/CVE-2018-3728 https://snyk.io/vuln/npm:hoek:20180212 https://web.archive.org/web/20200227131737/https://www.securityfocus.com/bid/103108 https://www.cve.org/CVERecord?id=CVE-2018-3728
json-schema CVE-2021-3918 CRITICAL 0.2.3 0.4.0 https://access.redhat.com/security/cve/CVE-2021-3918 https://errata.almalinux.org/8/ALSA-2022-0350.html https://github.com/kriszyp/json-schema https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741 https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741 (v0.4.0) https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9 https://linux.oracle.com/cve/CVE-2021-3918.html https://linux.oracle.com/errata/ELSA-2022-0350.html https://lists.debian.org/debian-lts-announce/2022/12/msg00013.html https://nvd.nist.gov/vuln/detail/CVE-2021-3918 https://security.netapp.com/advisory/ntap-20250117-0004 https://security.netapp.com/advisory/ntap-20250117-0004/ https://ubuntu.com/security/notices/USN-6103-1 https://www.cve.org/CVERecord?id=CVE-2021-3918
jsonpointer CVE-2021-23807 MEDIUM 4.0.1 5.0.0 https://access.redhat.com/security/cve/CVE-2021-23807 https://github.com/janl/node-jsonpointer https://github.com/janl/node-jsonpointer/commit/a0345f3550cd9c4d89f33b126390202b89510ad4 https://github.com/janl/node-jsonpointer/pull/51 https://nvd.nist.gov/vuln/detail/CVE-2021-23807 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910273 https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577288 https://www.cve.org/CVERecord?id=CVE-2021-23807
lodash CVE-2019-10744 CRITICAL 3.10.1 4.17.12 https://access.redhat.com/errata/RHSA-2019:3024 https://access.redhat.com/security/cve/CVE-2019-10744 https://github.com/lodash/lodash/pull/4336 https://nvd.nist.gov/vuln/detail/CVE-2019-10744 https://security.netapp.com/advisory/ntap-20191004-0005 https://security.netapp.com/advisory/ntap-20191004-0005/ https://snyk.io/vuln/SNYK-JS-LODASH-450202 https://support.f5.com/csp/article/K47105354?utm_source=f5support&amp%3Butm_medium=RSS https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS https://www.cve.org/CVERecord?id=CVE-2019-10744 https://www.npmjs.com/advisories/1065 https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpuoct2020.html
lodash CVE-2018-16487 HIGH 3.10.1 >=4.17.11 https://access.redhat.com/security/cve/CVE-2018-16487 https://github.com/advisories/GHSA-4xc9-xhrj-v574 https://github.com/lodash/lodash/commit/90e6199a161b6445b01454517b40ef65ebecd2ad https://hackerone.com/reports/380873 https://nvd.nist.gov/vuln/detail/CVE-2018-16487 https://security.netapp.com/advisory/ntap-20190919-0004 https://security.netapp.com/advisory/ntap-20190919-0004/ https://www.cve.org/CVERecord?id=CVE-2018-16487 https://www.npmjs.com/advisories/782
lodash CVE-2020-8203 HIGH 3.10.1 4.17.19 https://access.redhat.com/security/cve/CVE-2020-8203 https://github.com/github/advisory-database/pull/2884 https://github.com/lodash/lodash https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12 https://github.com/lodash/lodash/issues/4744 https://github.com/lodash/lodash/issues/4874 https://github.com/lodash/lodash/wiki/Changelog#v41719 https://hackerone.com/reports/712065 https://hackerone.com/reports/864701 https://nvd.nist.gov/vuln/detail/CVE-2020-8203 https://security.netapp.com/advisory/ntap-20200724-0006 https://security.netapp.com/advisory/ntap-20200724-0006/ https://web.archive.org/web/20210914001339/https://github.com/lodash/lodash/issues/4744 https://www.cve.org/CVERecord?id=CVE-2020-8203 https://www.npmjs.com/advisories/1523 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
lodash CVE-2021-23337 HIGH 3.10.1 4.17.21 https://access.redhat.com/security/cve/CVE-2021-23337 https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf https://github.com/lodash/lodash https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851 https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851 https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c https://nvd.nist.gov/vuln/detail/CVE-2021-23337 https://security.netapp.com/advisory/ntap-20210312-0006 https://security.netapp.com/advisory/ntap-20210312-0006/ https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929 https://snyk.io/vuln/SNYK-JS-LODASH-1040724 https://www.cve.org/CVERecord?id=CVE-2021-23337 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
lodash CVE-2019-1010266 MEDIUM 3.10.1 4.17.11 https://access.redhat.com/security/cve/CVE-2019-1010266 https://github.com/lodash/lodash/commit/5c08f18d365b64063bfbfa686cbb97cdd6267347 https://github.com/lodash/lodash/issues/3359 https://github.com/lodash/lodash/wiki/Changelog https://nvd.nist.gov/vuln/detail/CVE-2019-1010266 https://security.netapp.com/advisory/ntap-20190919-0004 https://security.netapp.com/advisory/ntap-20190919-0004/ https://snyk.io/vuln/SNYK-JS-LODASH-73639 https://www.cve.org/CVERecord?id=CVE-2019-1010266
lodash CVE-2020-28500 MEDIUM 3.10.1 4.17.21 https://access.redhat.com/security/cve/CVE-2020-28500 https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf https://github.com/lodash/lodash https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8 https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8 https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a https://github.com/lodash/lodash/pull/5065 https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7 https://nvd.nist.gov/vuln/detail/CVE-2020-28500 https://security.netapp.com/advisory/ntap-20210312-0006 https://security.netapp.com/advisory/ntap-20210312-0006/ https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893 https://snyk.io/vuln/SNYK-JS-LODASH-1018905 https://www.cve.org/CVERecord?id=CVE-2020-28500 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
lodash CVE-2018-3721 LOW 3.10.1 >=4.17.5 https://access.redhat.com/security/cve/CVE-2018-3721 https://github.com/advisories/GHSA-fvqr-27wr-82fm https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a https://hackerone.com/reports/310443 https://nvd.nist.gov/vuln/detail/CVE-2018-3721 https://security.netapp.com/advisory/ntap-20190919-0004 https://security.netapp.com/advisory/ntap-20190919-0004/ https://snyk.io/vuln/npm:lodash:20180130 https://www.cve.org/CVERecord?id=CVE-2018-3721 https://www.npmjs.com/advisories/577
lodash CVE-2019-10744 CRITICAL 4.17.4 4.17.12 https://access.redhat.com/errata/RHSA-2019:3024 https://access.redhat.com/security/cve/CVE-2019-10744 https://github.com/lodash/lodash/pull/4336 https://nvd.nist.gov/vuln/detail/CVE-2019-10744 https://security.netapp.com/advisory/ntap-20191004-0005 https://security.netapp.com/advisory/ntap-20191004-0005/ https://snyk.io/vuln/SNYK-JS-LODASH-450202 https://support.f5.com/csp/article/K47105354?utm_source=f5support&amp%3Butm_medium=RSS https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS https://www.cve.org/CVERecord?id=CVE-2019-10744 https://www.npmjs.com/advisories/1065 https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpuoct2020.html
lodash CVE-2018-16487 HIGH 4.17.4 >=4.17.11 https://access.redhat.com/security/cve/CVE-2018-16487 https://github.com/advisories/GHSA-4xc9-xhrj-v574 https://github.com/lodash/lodash/commit/90e6199a161b6445b01454517b40ef65ebecd2ad https://hackerone.com/reports/380873 https://nvd.nist.gov/vuln/detail/CVE-2018-16487 https://security.netapp.com/advisory/ntap-20190919-0004 https://security.netapp.com/advisory/ntap-20190919-0004/ https://www.cve.org/CVERecord?id=CVE-2018-16487 https://www.npmjs.com/advisories/782
lodash CVE-2020-8203 HIGH 4.17.4 4.17.19 https://access.redhat.com/security/cve/CVE-2020-8203 https://github.com/github/advisory-database/pull/2884 https://github.com/lodash/lodash https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12 https://github.com/lodash/lodash/issues/4744 https://github.com/lodash/lodash/issues/4874 https://github.com/lodash/lodash/wiki/Changelog#v41719 https://hackerone.com/reports/712065 https://hackerone.com/reports/864701 https://nvd.nist.gov/vuln/detail/CVE-2020-8203 https://security.netapp.com/advisory/ntap-20200724-0006 https://security.netapp.com/advisory/ntap-20200724-0006/ https://web.archive.org/web/20210914001339/https://github.com/lodash/lodash/issues/4744 https://www.cve.org/CVERecord?id=CVE-2020-8203 https://www.npmjs.com/advisories/1523 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
lodash CVE-2021-23337 HIGH 4.17.4 4.17.21 https://access.redhat.com/security/cve/CVE-2021-23337 https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf https://github.com/lodash/lodash https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851 https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851 https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c https://nvd.nist.gov/vuln/detail/CVE-2021-23337 https://security.netapp.com/advisory/ntap-20210312-0006 https://security.netapp.com/advisory/ntap-20210312-0006/ https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929 https://snyk.io/vuln/SNYK-JS-LODASH-1040724 https://www.cve.org/CVERecord?id=CVE-2021-23337 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
lodash CVE-2019-1010266 MEDIUM 4.17.4 4.17.11 https://access.redhat.com/security/cve/CVE-2019-1010266 https://github.com/lodash/lodash/commit/5c08f18d365b64063bfbfa686cbb97cdd6267347 https://github.com/lodash/lodash/issues/3359 https://github.com/lodash/lodash/wiki/Changelog https://nvd.nist.gov/vuln/detail/CVE-2019-1010266 https://security.netapp.com/advisory/ntap-20190919-0004 https://security.netapp.com/advisory/ntap-20190919-0004/ https://snyk.io/vuln/SNYK-JS-LODASH-73639 https://www.cve.org/CVERecord?id=CVE-2019-1010266
lodash CVE-2020-28500 MEDIUM 4.17.4 4.17.21 https://access.redhat.com/security/cve/CVE-2020-28500 https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf https://github.com/lodash/lodash https://github.com/lodash/lodash/blob/npm/trimEnd.js#L8 https://github.com/lodash/lodash/blob/npm/trimEnd.js%23L8 https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a https://github.com/lodash/lodash/pull/5065 https://github.com/lodash/lodash/pull/5065/commits/02906b8191d3c100c193fe6f7b27d1c40f200bb7 https://nvd.nist.gov/vuln/detail/CVE-2020-28500 https://security.netapp.com/advisory/ntap-20210312-0006 https://security.netapp.com/advisory/ntap-20210312-0006/ https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074896 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074894 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074892 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074895 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074893 https://snyk.io/vuln/SNYK-JS-LODASH-1018905 https://www.cve.org/CVERecord?id=CVE-2020-28500 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
lodash CVE-2018-3721 LOW 4.17.4 >=4.17.5 https://access.redhat.com/security/cve/CVE-2018-3721 https://github.com/advisories/GHSA-fvqr-27wr-82fm https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a https://hackerone.com/reports/310443 https://nvd.nist.gov/vuln/detail/CVE-2018-3721 https://security.netapp.com/advisory/ntap-20190919-0004 https://security.netapp.com/advisory/ntap-20190919-0004/ https://snyk.io/vuln/npm:lodash:20180130 https://www.cve.org/CVERecord?id=CVE-2018-3721 https://www.npmjs.com/advisories/577
minimatch CVE-2016-10540 HIGH 2.0.10 3.0.2 https://github.com/advisories/GHSA-hxm2-r34f-qmc5 https://nodesecurity.io/advisories/118 https://nvd.nist.gov/vuln/detail/CVE-2016-10540 https://ubuntu.com/security/notices/USN-4783-1 https://www.cve.org/CVERecord?id=CVE-2016-10540 https://www.npmjs.com/advisories/118
minimatch CVE-2022-3517 HIGH 2.0.10 3.0.5 https://access.redhat.com/errata/RHSA-2023:0321 https://access.redhat.com/security/cve/CVE-2022-3517 https://bugzilla.redhat.com/2066009 https://bugzilla.redhat.com/2130518 https://bugzilla.redhat.com/2134609 https://bugzilla.redhat.com/2140911 https://bugzilla.redhat.com/show_bug.cgi?id=2066009 https://bugzilla.redhat.com/show_bug.cgi?id=2130518 https://bugzilla.redhat.com/show_bug.cgi?id=2134609 https://bugzilla.redhat.com/show_bug.cgi?id=2140911 https://bugzilla.redhat.com/show_bug.cgi?id=2142808 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548 https://errata.almalinux.org/9/ALSA-2023-0321.html https://errata.rockylinux.org/RLSA-2023:0321 https://github.com/grafana/grafana-image-renderer/issues/329 https://github.com/isaacs/minimatch https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6 https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6 (v3.0.5) https://github.com/nodejs/node/issues/42510 https://linux.oracle.com/cve/CVE-2022-3517.html https://linux.oracle.com/errata/ELSA-2023-1743.html https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK https://nvd.nist.gov/vuln/detail/CVE-2022-3517 https://ubuntu.com/security/notices/USN-6086-1 https://www.cve.org/CVERecord?id=CVE-2022-3517
minimatch NSWG-ECO-118 HIGH 2.0.10 >=3.0.2 https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS
minimatch CVE-2022-3517 HIGH 3.0.4 3.0.5 https://access.redhat.com/errata/RHSA-2023:0321 https://access.redhat.com/security/cve/CVE-2022-3517 https://bugzilla.redhat.com/2066009 https://bugzilla.redhat.com/2130518 https://bugzilla.redhat.com/2134609 https://bugzilla.redhat.com/2140911 https://bugzilla.redhat.com/show_bug.cgi?id=2066009 https://bugzilla.redhat.com/show_bug.cgi?id=2130518 https://bugzilla.redhat.com/show_bug.cgi?id=2134609 https://bugzilla.redhat.com/show_bug.cgi?id=2140911 https://bugzilla.redhat.com/show_bug.cgi?id=2142808 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548 https://errata.almalinux.org/9/ALSA-2023-0321.html https://errata.rockylinux.org/RLSA-2023:0321 https://github.com/grafana/grafana-image-renderer/issues/329 https://github.com/isaacs/minimatch https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6 https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6 (v3.0.5) https://github.com/nodejs/node/issues/42510 https://linux.oracle.com/cve/CVE-2022-3517.html https://linux.oracle.com/errata/ELSA-2023-1743.html https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK https://nvd.nist.gov/vuln/detail/CVE-2022-3517 https://ubuntu.com/security/notices/USN-6086-1 https://www.cve.org/CVERecord?id=CVE-2022-3517
minimist CVE-2021-44906 CRITICAL 0.2.1 1.2.6, 0.2.4 https://access.redhat.com/errata/RHSA-2023:0321 https://access.redhat.com/security/cve/CVE-2021-44906 https://bugzilla.redhat.com/2066009 https://bugzilla.redhat.com/2130518 https://bugzilla.redhat.com/2134609 https://bugzilla.redhat.com/2140911 https://bugzilla.redhat.com/show_bug.cgi?id=2066009 https://bugzilla.redhat.com/show_bug.cgi?id=2130518 https://bugzilla.redhat.com/show_bug.cgi?id=2134609 https://bugzilla.redhat.com/show_bug.cgi?id=2140911 https://bugzilla.redhat.com/show_bug.cgi?id=2142808 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548 https://errata.almalinux.org/9/ALSA-2023-0321.html https://errata.rockylinux.org/RLSA-2023:0321 https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip https://github.com/advisories/GHSA-xvch-5gv4-984h https://github.com/minimistjs/minimist/commit/34e20b8461118608703d6485326abbb8e35e1703 https://github.com/minimistjs/minimist/commit/bc8ecee43875261f4f17eb20b1243d3ed15e70eb https://github.com/minimistjs/minimist/commit/c2b981977fa834b223b408cfb860f933c9811e4d https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11 https://github.com/minimistjs/minimist/commits/v0.2.4 https://github.com/minimistjs/minimist/issues/11 https://github.com/minimistjs/minimist/pull/24 https://github.com/substack/minimist https://github.com/substack/minimist/blob/master/index.js#L69 https://github.com/substack/minimist/issues/164 https://linux.oracle.com/cve/CVE-2021-44906.html https://linux.oracle.com/errata/ELSA-2023-0321.html https://nvd.nist.gov/vuln/detail/CVE-2021-44906 https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://snyk.io/vuln/SNYK-JS-MINIMIST-559764 https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068 https://www.cve.org/CVERecord?id=CVE-2021-44906
mout CVE-2020-7792 HIGH 0.11.1 1.2.3 https://github.com/mout/mout/blob/master/src/object/deepFillIn.js https://github.com/mout/mout/blob/master/src/object/deepMixIn.js https://github.com/mout/mout/commit/3fecf1333e6d71ae72edf48c71dc665e40df7605 https://nvd.nist.gov/vuln/detail/CVE-2020-7792 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1050374 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050373 https://snyk.io/vuln/SNYK-JS-MOUT-1014544
mout CVE-2022-21213 HIGH 0.11.1 1.2.4 https://github.com/mout/mout https://github.com/mout/mout/blob/master/src/object/deepFillIn.js https://github.com/mout/mout/blob/master/src/object/deepMixIn.js https://github.com/mout/mout/commit/17ffdc2a96417a63a0147156dc045e90d0d14c64 https://github.com/mout/mout/pull/279 https://nvd.nist.gov/vuln/detail/CVE-2022-21213 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-2870623 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2870622 https://snyk.io/vuln/SNYK-JS-MOUT-2342654
mout CVE-2020-7792 HIGH 1.0.0 1.2.3 https://github.com/mout/mout/blob/master/src/object/deepFillIn.js https://github.com/mout/mout/blob/master/src/object/deepMixIn.js https://github.com/mout/mout/commit/3fecf1333e6d71ae72edf48c71dc665e40df7605 https://nvd.nist.gov/vuln/detail/CVE-2020-7792 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1050374 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1050373 https://snyk.io/vuln/SNYK-JS-MOUT-1014544
mout CVE-2022-21213 HIGH 1.0.0 1.2.4 https://github.com/mout/mout https://github.com/mout/mout/blob/master/src/object/deepFillIn.js https://github.com/mout/mout/blob/master/src/object/deepMixIn.js https://github.com/mout/mout/commit/17ffdc2a96417a63a0147156dc045e90d0d14c64 https://github.com/mout/mout/pull/279 https://nvd.nist.gov/vuln/detail/CVE-2022-21213 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-2870623 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2870622 https://snyk.io/vuln/SNYK-JS-MOUT-2342654
path-parse CVE-2021-23343 MEDIUM 1.0.5 1.0.7 https://access.redhat.com/security/cve/CVE-2021-23343 https://bugzilla.redhat.com/show_bug.cgi?id=1956818 https://bugzilla.redhat.com/show_bug.cgi?id=1988342 https://bugzilla.redhat.com/show_bug.cgi?id=1988394 https://bugzilla.redhat.com/show_bug.cgi?id=1990409 https://bugzilla.redhat.com/show_bug.cgi?id=1990415 https://bugzilla.redhat.com/show_bug.cgi?id=1993019 https://bugzilla.redhat.com/show_bug.cgi?id=1993029 https://bugzilla.redhat.com/show_bug.cgi?id=1993039 https://bugzilla.redhat.com/show_bug.cgi?id=1993924 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22931 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22940 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23343 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32803 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32804 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672 https://errata.almalinux.org/8/ALSA-2021-3666.html https://errata.rockylinux.org/RLSA-2021:3666 https://github.com/jbgutierrez/path-parse https://github.com/jbgutierrez/path-parse/commit/eca63a7b9a473bf6978a2f5b7b3343662d1506f7 https://github.com/jbgutierrez/path-parse/issues/8 https://github.com/jbgutierrez/path-parse/pull/10 https://linux.oracle.com/cve/CVE-2021-23343.html https://linux.oracle.com/errata/ELSA-2021-3666.html https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85%40%3Cdev.myfaces.apache.org%3E https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85@%3Cdev.myfaces.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2021-23343 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028 https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067 https://www.cve.org/CVERecord?id=CVE-2021-23343
pnpm CVE-2024-47829 MEDIUM 9.15.4 10.0.0 https://access.redhat.com/security/cve/CVE-2024-47829 https://github.com/pnpm/pnpm https://github.com/pnpm/pnpm/security/advisories/GHSA-8cc4-rfj6-fhg4 https://nvd.nist.gov/vuln/detail/CVE-2024-47829 https://www.cve.org/CVERecord?id=CVE-2024-47829
qs CVE-2017-1000048 HIGH 5.2.1 6.0.4, 6.1.2, 6.2.3, 6.3.2 https://access.redhat.com/errata/RHSA-2017:2672 https://access.redhat.com/security/cve/CVE-2017-1000048 https://github.com/ljharb/qs https://github.com/ljharb/qs/commit/beade029171b8cef9cee0d03ebe577e2dd84976d https://github.com/ljharb/qs/issues/200 https://nvd.nist.gov/vuln/detail/CVE-2017-1000048 https://snyk.io/vuln/npm:qs:20170213 https://www.cve.org/CVERecord?id=CVE-2017-1000048 https://www.npmjs.com/advisories/1469
qs CVE-2022-24999 HIGH 5.2.1 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 https://access.redhat.com/errata/RHSA-2023:0050 https://access.redhat.com/security/cve/CVE-2022-24999 https://bugzilla.redhat.com/2044591 https://bugzilla.redhat.com/2066009 https://bugzilla.redhat.com/2134609 https://bugzilla.redhat.com/2140911 https://bugzilla.redhat.com/2150323 https://errata.almalinux.org/8/ALSA-2023-0050.html https://github.com/expressjs/express/releases/tag/4.17.3 https://github.com/ljharb/qs https://github.com/ljharb/qs/commit/4310742efbd8c03f6495f07906b45213da0a32ec https://github.com/ljharb/qs/commit/727ef5d34605108acb3513f72d5435972ed15b68 https://github.com/ljharb/qs/commit/73205259936317b40f447c5cdb71c5b341848e1b https://github.com/ljharb/qs/commit/8b4cc14cda94a5c89341b77e5fe435ec6c41be2d https://github.com/ljharb/qs/commit/ba24e74dd17931f825adb52f5633e48293b584e1 https://github.com/ljharb/qs/commit/e799ba57e573a30c14b67c1889c7c04d508b9105 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f https://github.com/ljharb/qs/commit/f945393cfe442fe8c6e62b4156fd35452c0686ee https://github.com/ljharb/qs/commit/fc3682776670524a42e19709ec4a8138d0d7afda https://github.com/ljharb/qs/pull/428 https://github.com/n8tz/CVE-2022-24999 https://linux.oracle.com/cve/CVE-2022-24999.html https://linux.oracle.com/errata/ELSA-2023-0050.html https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html https://nvd.nist.gov/vuln/detail/CVE-2022-24999 https://security.netapp.com/advisory/ntap-20230908-0005 https://security.netapp.com/advisory/ntap-20230908-0005/ https://www.cve.org/CVERecord?id=CVE-2022-24999
qs CVE-2022-24999 HIGH 6.4.0 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 https://access.redhat.com/errata/RHSA-2023:0050 https://access.redhat.com/security/cve/CVE-2022-24999 https://bugzilla.redhat.com/2044591 https://bugzilla.redhat.com/2066009 https://bugzilla.redhat.com/2134609 https://bugzilla.redhat.com/2140911 https://bugzilla.redhat.com/2150323 https://errata.almalinux.org/8/ALSA-2023-0050.html https://github.com/expressjs/express/releases/tag/4.17.3 https://github.com/ljharb/qs https://github.com/ljharb/qs/commit/4310742efbd8c03f6495f07906b45213da0a32ec https://github.com/ljharb/qs/commit/727ef5d34605108acb3513f72d5435972ed15b68 https://github.com/ljharb/qs/commit/73205259936317b40f447c5cdb71c5b341848e1b https://github.com/ljharb/qs/commit/8b4cc14cda94a5c89341b77e5fe435ec6c41be2d https://github.com/ljharb/qs/commit/ba24e74dd17931f825adb52f5633e48293b584e1 https://github.com/ljharb/qs/commit/e799ba57e573a30c14b67c1889c7c04d508b9105 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f https://github.com/ljharb/qs/commit/f945393cfe442fe8c6e62b4156fd35452c0686ee https://github.com/ljharb/qs/commit/fc3682776670524a42e19709ec4a8138d0d7afda https://github.com/ljharb/qs/pull/428 https://github.com/n8tz/CVE-2022-24999 https://linux.oracle.com/cve/CVE-2022-24999.html https://linux.oracle.com/errata/ELSA-2023-0050.html https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html https://nvd.nist.gov/vuln/detail/CVE-2022-24999 https://security.netapp.com/advisory/ntap-20230908-0005 https://security.netapp.com/advisory/ntap-20230908-0005/ https://www.cve.org/CVERecord?id=CVE-2022-24999
request CVE-2017-16026 MEDIUM 2.67.0 2.68.0 https://access.redhat.com/security/cve/CVE-2017-16026 https://github.com/request/request https://github.com/request/request/commit/29d81814bc16bc79cb112b4face8be6fc00061dd https://github.com/request/request/issues/1904 https://github.com/request/request/pull/2018 https://github.com/request/request/pull/2022 https://nodesecurity.io/advisories/309 https://nvd.nist.gov/vuln/detail/CVE-2017-16026 https://www.cve.org/CVERecord?id=CVE-2017-16026
request CVE-2023-28155 MEDIUM 2.67.0 no fix available https://doyensec.com/resources/Doyensec_Advisory_RequestSSRF_Q12023.pdf https://github.com/cypress-io/request/blob/master/lib/redirect.js#L116 https://github.com/cypress-io/request/commit/c5bcf21d40fb61feaff21a0e5a2b3934a440024f https://github.com/cypress-io/request/pull/28 https://github.com/cypress-io/request/releases/tag/v3.0.0 https://github.com/github/advisory-database/pull/2500 https://github.com/request/request https://github.com/request/request/blob/master/lib/redirect.js#L111 https://github.com/request/request/issues/3442 https://github.com/request/request/pull/3444 https://nvd.nist.gov/vuln/detail/CVE-2023-28155 https://security.netapp.com/advisory/ntap-20230413-0007 https://security.netapp.com/advisory/ntap-20230413-0007/
request NSWG-ECO-309 MEDIUM 2.67.0 >=2.68.0 https://github.com/request/request/issues/1904 https://github.com/request/request/pull/2018
request CVE-2023-28155 MEDIUM 2.81.0 no fix available https://doyensec.com/resources/Doyensec_Advisory_RequestSSRF_Q12023.pdf https://github.com/cypress-io/request/blob/master/lib/redirect.js#L116 https://github.com/cypress-io/request/commit/c5bcf21d40fb61feaff21a0e5a2b3934a440024f https://github.com/cypress-io/request/pull/28 https://github.com/cypress-io/request/releases/tag/v3.0.0 https://github.com/github/advisory-database/pull/2500 https://github.com/request/request https://github.com/request/request/blob/master/lib/redirect.js#L111 https://github.com/request/request/issues/3442 https://github.com/request/request/pull/3444 https://nvd.nist.gov/vuln/detail/CVE-2023-28155 https://security.netapp.com/advisory/ntap-20230413-0007 https://security.netapp.com/advisory/ntap-20230413-0007/
14 other vulnerabilities found...
No Misconfigurations found

Python (python-pkg)

Package Vulnerability ID Severity Installed Version Fixed Version Links
Jinja2 CVE-2024-34064 MEDIUM 3.1.3 3.1.4 https://access.redhat.com/errata/RHSA-2024:9150 https://access.redhat.com/security/cve/CVE-2024-34064 https://bugzilla.redhat.com/2279476 https://bugzilla.redhat.com/show_bug.cgi?id=2279476 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34064 https://errata.almalinux.org/9/ALSA-2024-9150.html https://errata.rockylinux.org/RLSA-2024:3820 https://github.com/pallets/jinja https://github.com/pallets/jinja/commit/0668239dc6b44ef38e7a6c9f91f312fd4ca581cb https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj https://linux.oracle.com/cve/CVE-2024-34064.html https://linux.oracle.com/errata/ELSA-2024-9150.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/567XIGSZMABG6TSMYWD7MIYNJSUQQRUC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/567XIGSZMABG6TSMYWD7MIYNJSUQQRUC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCLF44KY43BSVMTE6S53B4V5WP3FRRSE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCLF44KY43BSVMTE6S53B4V5WP3FRRSE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SSCBHIL6BYKR5NRCBXP4XMP2CEEKGFVS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SSCBHIL6BYKR5NRCBXP4XMP2CEEKGFVS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZALNWE3TXPPHVPSI3AZ5CTMSTAVN5UMS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZALNWE3TXPPHVPSI3AZ5CTMSTAVN5UMS/ https://nvd.nist.gov/vuln/detail/CVE-2024-34064 https://ubuntu.com/security/notices/USN-6787-1 https://www.cve.org/CVERecord?id=CVE-2024-34064
Jinja2 CVE-2024-56201 MEDIUM 3.1.3 3.1.5 https://access.redhat.com/errata/RHSA-2025:0308 https://access.redhat.com/security/cve/CVE-2024-56201 https://errata.almalinux.org/9/ALSA-2025-0308.html https://github.com/pallets/jinja https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f https://github.com/pallets/jinja/issues/1792 https://github.com/pallets/jinja/releases/tag/3.1.5 https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699 https://linux.oracle.com/cve/CVE-2024-56201.html https://linux.oracle.com/errata/ELSA-2025-0308.html https://nvd.nist.gov/vuln/detail/CVE-2024-56201 https://ubuntu.com/security/notices/USN-7244-1 https://ubuntu.com/security/notices/USN-7343-1 https://www.cve.org/CVERecord?id=CVE-2024-56201
Jinja2 CVE-2024-56326 MEDIUM 3.1.3 3.1.5 https://access.redhat.com/errata/RHSA-2025:0667 https://access.redhat.com/security/cve/CVE-2024-56326 https://bugzilla.redhat.com/2333856 https://bugzilla.redhat.com/show_bug.cgi?id=2333856 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56326 https://errata.almalinux.org/9/ALSA-2025-0667.html https://errata.rockylinux.org/RLSA-2025:0711 https://github.com/pallets/jinja https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4 https://github.com/pallets/jinja/releases/tag/3.1.5 https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h https://linux.oracle.com/cve/CVE-2024-56326.html https://linux.oracle.com/errata/ELSA-2025-1250.html https://nvd.nist.gov/vuln/detail/CVE-2024-56326 https://ubuntu.com/security/notices/USN-7244-1 https://ubuntu.com/security/notices/USN-7343-1 https://www.cve.org/CVERecord?id=CVE-2024-56326
Jinja2 CVE-2025-27516 MEDIUM 3.1.3 3.1.6 https://access.redhat.com/errata/RHSA-2025:3406 https://access.redhat.com/security/cve/CVE-2025-27516 https://bugzilla.redhat.com/2350190 https://errata.almalinux.org/9/ALSA-2025-3406.html https://github.com/pallets/jinja https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403 https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7 https://linux.oracle.com/cve/CVE-2025-27516.html https://linux.oracle.com/errata/ELSA-2025-3406.html https://lists.debian.org/debian-lts-announce/2025/04/msg00045.html https://nvd.nist.gov/vuln/detail/CVE-2025-27516 https://ubuntu.com/security/notices/USN-7343-1 https://www.cve.org/CVERecord?id=CVE-2025-27516
Pygments CVE-2022-40896 MEDIUM 2.13.0 2.15.0 https://access.redhat.com/security/cve/CVE-2022-40896 https://github.com/pygments/pygments https://github.com/pygments/pygments/blob/master/pygments/lexers/smithy.py#L61 https://github.com/pygments/pygments/commit/97eb3d5ec7c1b3ea4fcf9dee30a2309cf92bd194 https://github.com/pygments/pygments/commit/dd52102c38ebe78cd57748e09f38929fd283ad04 https://github.com/pygments/pygments/commit/fdf182a7af85b1deeeb637ca970d31935e7c9d52 https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2023-117.yaml https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZGMXALE3HSP4OXC7UUWIKX3OXKZDTY3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZGMXALE3HSP4OXC7UUWIKX3OXKZDTY3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZO4BQCIY2S2KZYHERQMKURB7AHXDBO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZO4BQCIY2S2KZYHERQMKURB7AHXDBO/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZGMXALE3HSP4OXC7UUWIKX3OXKZDTY3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUZO4BQCIY2S2KZYHERQMKURB7AHXDBO/ https://nvd.nist.gov/vuln/detail/CVE-2022-40896 https://pypi.org/project/Pygments https://pypi.org/project/Pygments/ https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2 https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2/ https://ubuntu.com/security/notices/USN-7128-1 https://www.cve.org/CVERecord?id=CVE-2022-40896
certifi CVE-2024-39689 LOW 2024.2.2 2024.7.4 https://access.redhat.com/security/cve/CVE-2024-39689 https://github.com/certifi/python-certifi https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463 https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc https://github.com/pypa/advisory-database/tree/main/vulns/certifi/PYSEC-2024-230.yaml https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI https://nvd.nist.gov/vuln/detail/CVE-2024-39689 https://security.netapp.com/advisory/ntap-20241206-0001 https://security.netapp.com/advisory/ntap-20241206-0001/ https://www.cve.org/CVERecord?id=CVE-2024-39689
cryptography GHSA-h4gh-qq45-vh27 MEDIUM 42.0.5 43.0.1 https://github.com/pyca/cryptography https://github.com/pyca/cryptography/security/advisories/GHSA-h4gh-qq45-vh27 https://openssl-library.org/news/secadv/20240903.txt
cryptography CVE-2024-12797 LOW 42.0.5 44.0.1 http://www.openwall.com/lists/oss-security/2025/02/11/3 http://www.openwall.com/lists/oss-security/2025/02/11/4 https://access.redhat.com/errata/RHSA-2025:1330 https://access.redhat.com/security/cve/CVE-2024-12797 https://bugzilla.redhat.com/2342757 https://errata.almalinux.org/9/ALSA-2025-1330.html https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9 https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7 https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699 https://github.com/pyca/cryptography https://github.com/pyca/cryptography/security/advisories/GHSA-79v4-65xg-pq4g https://linux.oracle.com/cve/CVE-2024-12797.html https://linux.oracle.com/errata/ELSA-2025-1330.html https://nvd.nist.gov/vuln/detail/CVE-2024-12797 https://openssl-library.org/news/secadv/20250211.txt https://security.netapp.com/advisory/ntap-20250214-0001/ https://ubuntu.com/security/notices/USN-7264-1 https://www.cve.org/CVERecord?id=CVE-2024-12797
future CVE-2022-40899 HIGH 0.18.2 0.18.3 https://access.redhat.com/security/cve/CVE-2022-40899 https://github.com/PythonCharmers/python-future https://github.com/PythonCharmers/python-future/blob/master/src/future/backports/http/cookiejar.py#L215 https://github.com/PythonCharmers/python-future/commit/c91d70b34ef0402aef3e9d04364ba98509dca76f https://github.com/PythonCharmers/python-future/pull/610 https://github.com/pypa/advisory-database/tree/main/vulns/future/PYSEC-2022-42991.yaml https://github.com/python/cpython/pull/17157 https://nvd.nist.gov/vuln/detail/CVE-2022-40899 https://pypi.org/project/future https://pypi.org/project/future/ https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/ https://ubuntu.com/security/notices/USN-5833-1 https://www.cve.org/CVERecord?id=CVE-2022-40899
idna CVE-2024-3651 MEDIUM 3.3 3.7 https://access.redhat.com/errata/RHSA-2024:3846 https://access.redhat.com/security/cve/CVE-2024-3651 https://bugzilla.redhat.com/2274779 https://bugzilla.redhat.com/show_bug.cgi?id=2274779 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3651 https://errata.almalinux.org/9/ALSA-2024-3846.html https://errata.rockylinux.org/RLSA-2024:3846 https://github.com/kjd/idna https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d https://github.com/kjd/idna/security/advisories/GHSA-jjg7-2v4v-x38h https://github.com/pypa/advisory-database/tree/main/vulns/idna/PYSEC-2024-60.yaml https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb https://linux.oracle.com/cve/CVE-2024-3651.html https://linux.oracle.com/errata/ELSA-2024-8365.html https://nvd.nist.gov/vuln/detail/CVE-2024-3651 https://ubuntu.com/security/notices/USN-6780-1 https://www.cve.org/CVERecord?id=CVE-2024-3651
requests CVE-2024-35195 MEDIUM 2.31.0 2.32.0 https://access.redhat.com/errata/RHSA-2025:0012 https://access.redhat.com/security/cve/CVE-2024-35195 https://bugzilla.redhat.com/2282114 https://bugzilla.redhat.com/show_bug.cgi?id=2282114 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35195 https://errata.almalinux.org/8/ALSA-2025-0012.html https://errata.rockylinux.org/RLSA-2025:0012 https://github.com/psf/requests https://github.com/psf/requests/commit/a58d7f2ffb4d00b46dca2d70a3932a0b37e22fac https://github.com/psf/requests/pull/6655 https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56 https://linux.oracle.com/cve/CVE-2024-35195.html https://linux.oracle.com/errata/ELSA-2025-7049.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ/ https://nvd.nist.gov/vuln/detail/CVE-2024-35195 https://www.cve.org/CVERecord?id=CVE-2024-35195
requests CVE-2024-47081 MEDIUM 2.31.0 2.32.4 http://seclists.org/fulldisclosure/2025/Jun/2 http://www.openwall.com/lists/oss-security/2025/06/03/11 http://www.openwall.com/lists/oss-security/2025/06/03/9 http://www.openwall.com/lists/oss-security/2025/06/04/1 http://www.openwall.com/lists/oss-security/2025/06/04/6 https://access.redhat.com/security/cve/CVE-2024-47081 https://github.com/psf/requests https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef https://github.com/psf/requests/pull/6965 https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7 https://nvd.nist.gov/vuln/detail/CVE-2024-47081 https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env https://seclists.org/fulldisclosure/2025/Jun/2 https://ubuntu.com/security/notices/USN-7568-1 https://www.cve.org/CVERecord?id=CVE-2024-47081 https://www.openwall.com/lists/oss-security/2025/06/03/9
setuptools CVE-2022-40897 HIGH 58.1.0 65.5.1 https://access.redhat.com/errata/RHSA-2023:0952 https://access.redhat.com/security/cve/CVE-2022-40897 https://bugzilla.redhat.com/2158559 https://bugzilla.redhat.com/show_bug.cgi?id=2158559 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897 https://errata.almalinux.org/9/ALSA-2023-0952.html https://errata.rockylinux.org/RLSA-2023:0952 https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2022-43012.yaml https://github.com/pypa/setuptools https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200 https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1 https://github.com/pypa/setuptools/issues/3659 https://linux.oracle.com/cve/CVE-2022-40897.html https://linux.oracle.com/errata/ELSA-2024-2987.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H https://nvd.nist.gov/vuln/detail/CVE-2022-40897 https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/ https://pyup.io/vulnerabilities/CVE-2022-40897/52495 https://pyup.io/vulnerabilities/CVE-2022-40897/52495/ https://security.netapp.com/advisory/ntap-20230214-0001 https://security.netapp.com/advisory/ntap-20230214-0001/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://setuptools.pypa.io/en/latest https://ubuntu.com/security/notices/USN-5817-1 https://www.cve.org/CVERecord?id=CVE-2022-40897
setuptools CVE-2024-6345 HIGH 58.1.0 70.0.0 https://access.redhat.com/errata/RHSA-2024:6726 https://access.redhat.com/security/cve/CVE-2024-6345 https://bugzilla.redhat.com/2297771 https://bugzilla.redhat.com/show_bug.cgi?id=2297771 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345 https://errata.almalinux.org/9/ALSA-2024-6726.html https://errata.rockylinux.org/RLSA-2024:6726 https://github.com/pypa/setuptools https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0 https://github.com/pypa/setuptools/pull/4332 https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 https://linux.oracle.com/cve/CVE-2024-6345.html https://linux.oracle.com/errata/ELSA-2024-6726.html https://nvd.nist.gov/vuln/detail/CVE-2024-6345 https://ubuntu.com/security/notices/USN-7002-1 https://www.cve.org/CVERecord?id=CVE-2024-6345
setuptools CVE-2025-47273 HIGH 58.1.0 78.1.1 https://access.redhat.com/security/cve/CVE-2025-47273 https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2025-49.yaml https://github.com/pypa/setuptools https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b https://github.com/pypa/setuptools/issues/4946 https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html https://nvd.nist.gov/vuln/detail/CVE-2025-47273 https://ubuntu.com/security/notices/USN-7544-1 https://www.cve.org/CVERecord?id=CVE-2025-47273
setuptools CVE-2025-47273 HIGH 74.1.3 78.1.1 https://access.redhat.com/security/cve/CVE-2025-47273 https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2025-49.yaml https://github.com/pypa/setuptools https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b https://github.com/pypa/setuptools/issues/4946 https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html https://nvd.nist.gov/vuln/detail/CVE-2025-47273 https://ubuntu.com/security/notices/USN-7544-1 https://www.cve.org/CVERecord?id=CVE-2025-47273
urllib3 CVE-2025-50181 MEDIUM 1.26.20 2.5.0 https://access.redhat.com/security/cve/CVE-2025-50181 https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857 https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v https://nvd.nist.gov/vuln/detail/CVE-2025-50181 https://ubuntu.com/security/notices/USN-7599-1 https://www.cve.org/CVERecord?id=CVE-2025-50181
urllib3 CVE-2025-50182 MEDIUM 1.26.20 2.5.0 https://access.redhat.com/security/cve/CVE-2025-50182 https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f https://github.com/urllib3/urllib3/security/advisories/GHSA-48p4-8xcf-vxj5 https://nvd.nist.gov/vuln/detail/CVE-2025-50182 https://ubuntu.com/security/notices/USN-7599-1 https://www.cve.org/CVERecord?id=CVE-2025-50182
zipp CVE-2024-5569 MEDIUM 3.8.1 3.19.1 https://access.redhat.com/security/cve/CVE-2024-5569 https://github.com/jaraco/zipp https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae https://nvd.nist.gov/vuln/detail/CVE-2024-5569 https://ubuntu.com/security/notices/USN-6906-1 https://www.cve.org/CVERecord?id=CVE-2024-5569
No Misconfigurations found

Ruby (gemspec)

No Vulnerabilities found
No Misconfigurations found

opt/bazel/bin/bazel (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2024-24790 CRITICAL v1.20.5 1.21.11, 1.22.4 http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2025-7256.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://security.netapp.com/advisory/ntap-20240905-0002/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib CVE-2023-39325 HIGH v1.20.5 1.20.10, 1.21.3 golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib CVE-2023-45283 HIGH v1.20.5 1.20.11, 1.21.4, 1.20.12, 1.21.5 http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib CVE-2023-45288 HIGH v1.20.5 1.21.9, 1.22.2 http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib CVE-2024-34156 HIGH v1.20.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2025:3773 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2025-3773.html https://errata.rockylinux.org/RLSA-2024:8111 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2025-3773.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://security.netapp.com/advisory/ntap-20240926-0004/ https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib CVE-2023-29406 MEDIUM v1.20.5 1.19.11, 1.20.6 https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib CVE-2023-29409 MEDIUM v1.20.5 1.19.12, 1.20.7, 1.21.0-rc.4 https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib CVE-2023-39318 MEDIUM v1.20.5 1.20.8, 1.21.1 https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib CVE-2023-39319 MEDIUM v1.20.5 1.20.8, 1.21.1 https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib CVE-2023-39326 MEDIUM v1.20.5 1.20.12, 1.21.5 https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib CVE-2023-45284 MEDIUM v1.20.5 1.20.11, 1.21.4 https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib CVE-2023-45289 MEDIUM v1.20.5 1.21.8, 1.22.1 http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib CVE-2023-45290 MEDIUM v1.20.5 1.21.8, 1.22.1 http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib CVE-2024-24783 MEDIUM v1.20.5 1.21.8, 1.22.1 http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib CVE-2024-24784 MEDIUM v1.20.5 1.21.8, 1.22.1 http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib CVE-2024-24785 MEDIUM v1.20.5 1.21.8, 1.22.1 http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib CVE-2024-24789 MEDIUM v1.20.5 1.21.11, 1.22.4 http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://security.netapp.com/advisory/ntap-20250131-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib CVE-2024-24791 MEDIUM v1.20.5 1.21.12, 1.22.5 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2025-7256.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://security.netapp.com/advisory/ntap-20241004-0004/ https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib CVE-2024-34155 MEDIUM v1.20.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://bugzilla.redhat.com/show_bug.cgi?id=2315691 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9341 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:8039 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://security.netapp.com/advisory/ntap-20240926-0005/ https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib CVE-2024-34158 MEDIUM v1.20.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://bugzilla.redhat.com/show_bug.cgi?id=2315691 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9341 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:8039 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2025-7118.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://security.netapp.com/advisory/ntap-20241004-0003/ https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
stdlib CVE-2024-45336 MEDIUM v1.20.5 1.22.11, 1.23.5, 1.24.0-rc.2 https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45336 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643100 https://go.dev/issue/70530 https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45336.html https://linux.oracle.com/errata/ELSA-2025-3772.html https://nvd.nist.gov/vuln/detail/CVE-2024-45336 https://pkg.go.dev/vuln/GO-2025-3420 https://security.netapp.com/advisory/ntap-20250221-0003/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2024-45336
stdlib CVE-2024-45341 MEDIUM v1.20.5 1.22.11, 1.23.5, 1.24.0-rc.2 https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45341 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643099 https://go.dev/issue/71156 https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45341.html https://linux.oracle.com/errata/ELSA-2025-3772.html https://nvd.nist.gov/vuln/detail/CVE-2024-45341 https://pkg.go.dev/vuln/GO-2025-3373 https://security.netapp.com/advisory/ntap-20250221-0004/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2024-45341
stdlib CVE-2025-0913 MEDIUM v1.20.5 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-22866 MEDIUM v1.20.5 1.22.12, 1.23.6, 1.24.0-rc.3 https://access.redhat.com/security/cve/CVE-2025-22866 https://github.com/golang/go/commit/0cc45e7ca668b103c1055ae84402ad3f3425dd56 (go1.22.12) https://github.com/golang/go/commit/6644ed63b1e6ccc129647ef6b0d4647fdbe14056 (go1.23.6) https://github.com/golang/go/commit/6fc23a3cff5e38ff72923fee50f51254dcdc6e93 (go1.24rc3) https://github.com/golang/go/issues/71383 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://security.netapp.com/advisory/ntap-20250221-0002/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-22866
stdlib CVE-2025-22871 MEDIUM v1.20.5 1.23.8, 1.24.2 http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/errata/RHSA-2025:9150 https://access.redhat.com/security/cve/CVE-2025-22871 https://bugzilla.redhat.com/2358493 https://errata.almalinux.org/9/ALSA-2025-9150.html https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://linux.oracle.com/cve/CVE-2025-22871.html https://linux.oracle.com/errata/ELSA-2025-9635.html https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
stdlib CVE-2025-4673 MEDIUM v1.20.5 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/dotnet/bin/nuget-inspector.deps.json (dotnet-core)

Package Vulnerability ID Severity Installed Version Fixed Version Links
NuGet.Commands CVE-2023-29337 HIGH 6.4.0 6.0.5, 6.2.4, 6.3.3, 6.4.2, 6.5.1, 6.6.1, 5.11.5 https://access.redhat.com/errata/RHSA-2023:3592 https://access.redhat.com/security/cve/CVE-2023-29337 https://bugzilla.redhat.com/2192438 https://bugzilla.redhat.com/2212615 https://bugzilla.redhat.com/2212617 https://bugzilla.redhat.com/2212618 https://bugzilla.redhat.com/2213703 https://bugzilla.redhat.com/show_bug.cgi?id=2192438 https://bugzilla.redhat.com/show_bug.cgi?id=2212615 https://bugzilla.redhat.com/show_bug.cgi?id=2212617 https://bugzilla.redhat.com/show_bug.cgi?id=2212618 https://bugzilla.redhat.com/show_bug.cgi?id=2213703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24936 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29331 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29337 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32032 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33128 https://devblogs.microsoft.com/dotnet/dotnet-framework-june-2023-security-and-quality-rollup/ https://devblogs.microsoft.com/dotnet/june-2023-updates/ https://errata.almalinux.org/9/ALSA-2023-3592.html https://errata.rockylinux.org/RLSA-2023:3593 https://github.com/NuGet/NuGet.Client https://github.com/NuGet/NuGet.Client/commit/7fe6b814c901490292f02d8ea12749505fbb959a https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-6qmf-mmc7-6c2p https://github.com/dotnet/core/blob/c73158b8ef08db362585f9ed16b97c1d1372c666/release-notes/6.0/6.0.18/6.0.18.md https://github.com/dotnet/core/blob/c73158b8ef08db362585f9ed16b97c1d1372c666/release-notes/7.0/7.0.7/7.0.7.md https://linux.oracle.com/cve/CVE-2023-29337.html https://linux.oracle.com/errata/ELSA-2023-3593.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337 https://nvd.nist.gov/vuln/detail/CVE-2023-29337 https://ubuntu.com/security/notices/USN-6161-1 https://www.cve.org/CVERecord?id=CVE-2023-29337
NuGet.Common CVE-2023-29337 HIGH 6.4.0 6.0.5, 6.2.4, 6.3.3, 6.4.2, 6.5.1, 6.6.1, 5.11.5 https://access.redhat.com/errata/RHSA-2023:3592 https://access.redhat.com/security/cve/CVE-2023-29337 https://bugzilla.redhat.com/2192438 https://bugzilla.redhat.com/2212615 https://bugzilla.redhat.com/2212617 https://bugzilla.redhat.com/2212618 https://bugzilla.redhat.com/2213703 https://bugzilla.redhat.com/show_bug.cgi?id=2192438 https://bugzilla.redhat.com/show_bug.cgi?id=2212615 https://bugzilla.redhat.com/show_bug.cgi?id=2212617 https://bugzilla.redhat.com/show_bug.cgi?id=2212618 https://bugzilla.redhat.com/show_bug.cgi?id=2213703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24936 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29331 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29337 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32032 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33128 https://devblogs.microsoft.com/dotnet/dotnet-framework-june-2023-security-and-quality-rollup/ https://devblogs.microsoft.com/dotnet/june-2023-updates/ https://errata.almalinux.org/9/ALSA-2023-3592.html https://errata.rockylinux.org/RLSA-2023:3593 https://github.com/NuGet/NuGet.Client https://github.com/NuGet/NuGet.Client/commit/7fe6b814c901490292f02d8ea12749505fbb959a https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-6qmf-mmc7-6c2p https://github.com/dotnet/core/blob/c73158b8ef08db362585f9ed16b97c1d1372c666/release-notes/6.0/6.0.18/6.0.18.md https://github.com/dotnet/core/blob/c73158b8ef08db362585f9ed16b97c1d1372c666/release-notes/7.0/7.0.7/7.0.7.md https://linux.oracle.com/cve/CVE-2023-29337.html https://linux.oracle.com/errata/ELSA-2023-3593.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337 https://nvd.nist.gov/vuln/detail/CVE-2023-29337 https://ubuntu.com/security/notices/USN-6161-1 https://www.cve.org/CVERecord?id=CVE-2023-29337
NuGet.PackageManagement CVE-2023-29337 HIGH 6.4.0 6.0.5, 6.2.4, 6.3.3, 6.4.2, 6.5.1, 6.6.1, 5.11.5 https://access.redhat.com/errata/RHSA-2023:3592 https://access.redhat.com/security/cve/CVE-2023-29337 https://bugzilla.redhat.com/2192438 https://bugzilla.redhat.com/2212615 https://bugzilla.redhat.com/2212617 https://bugzilla.redhat.com/2212618 https://bugzilla.redhat.com/2213703 https://bugzilla.redhat.com/show_bug.cgi?id=2192438 https://bugzilla.redhat.com/show_bug.cgi?id=2212615 https://bugzilla.redhat.com/show_bug.cgi?id=2212617 https://bugzilla.redhat.com/show_bug.cgi?id=2212618 https://bugzilla.redhat.com/show_bug.cgi?id=2213703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24936 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29331 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29337 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32032 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33128 https://devblogs.microsoft.com/dotnet/dotnet-framework-june-2023-security-and-quality-rollup/ https://devblogs.microsoft.com/dotnet/june-2023-updates/ https://errata.almalinux.org/9/ALSA-2023-3592.html https://errata.rockylinux.org/RLSA-2023:3593 https://github.com/NuGet/NuGet.Client https://github.com/NuGet/NuGet.Client/commit/7fe6b814c901490292f02d8ea12749505fbb959a https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-6qmf-mmc7-6c2p https://github.com/dotnet/core/blob/c73158b8ef08db362585f9ed16b97c1d1372c666/release-notes/6.0/6.0.18/6.0.18.md https://github.com/dotnet/core/blob/c73158b8ef08db362585f9ed16b97c1d1372c666/release-notes/7.0/7.0.7/7.0.7.md https://linux.oracle.com/cve/CVE-2023-29337.html https://linux.oracle.com/errata/ELSA-2023-3593.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337 https://nvd.nist.gov/vuln/detail/CVE-2023-29337 https://ubuntu.com/security/notices/USN-6161-1 https://www.cve.org/CVERecord?id=CVE-2023-29337
NuGet.Packaging CVE-2024-0057 CRITICAL 6.4.0 5.11.6, 6.0.6, 6.3.4, 6.4.3, 6.6.2, 6.7.1, 6.8.1 https://access.redhat.com/errata/RHSA-2024:0156 https://access.redhat.com/security/cve/CVE-2024-0057 https://bugzilla.redhat.com/2255384 https://bugzilla.redhat.com/2255386 https://bugzilla.redhat.com/2257566 https://bugzilla.redhat.com/show_bug.cgi?id=2255384 https://bugzilla.redhat.com/show_bug.cgi?id=2255386 https://bugzilla.redhat.com/show_bug.cgi?id=2257566 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0056 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0057 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21319 https://devblogs.microsoft.com/dotnet/january-2024-updates/ https://errata.almalinux.org/9/ALSA-2024-0156.html https://errata.rockylinux.org/RLSA-2024:0158 https://github.com/NuGet/NuGet.Client https://github.com/NuGet/NuGet.Client/commit/3333f352ec47f0ebb489f20353dea7017f6cb00c https://github.com/NuGet/NuGet.Client/commit/5e1ba955cca14328d2cb5723f211d5fbc9bcacb3 https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-68w7-72jg-6qpp https://github.com/dotnet/core/blob/ce802c56fde3abe2ae14ad09a1b8991b6709c18b/release-notes/6.0/6.0.26/6.0.26.md https://linux.oracle.com/cve/CVE-2024-0057.html https://linux.oracle.com/errata/ELSA-2024-0158.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 https://nvd.nist.gov/vuln/detail/CVE-2024-0057 https://security.netapp.com/advisory/ntap-20240208-0007 https://security.netapp.com/advisory/ntap-20240208-0007/ https://ubuntu.com/security/notices/USN-6578-1 https://www.cve.org/CVERecord?id=CVE-2024-0057
NuGet.Protocol CVE-2023-29337 HIGH 6.4.0 6.0.5, 6.2.4, 6.3.3, 6.4.2, 6.5.1, 6.6.1, 5.11.5 https://access.redhat.com/errata/RHSA-2023:3592 https://access.redhat.com/security/cve/CVE-2023-29337 https://bugzilla.redhat.com/2192438 https://bugzilla.redhat.com/2212615 https://bugzilla.redhat.com/2212617 https://bugzilla.redhat.com/2212618 https://bugzilla.redhat.com/2213703 https://bugzilla.redhat.com/show_bug.cgi?id=2192438 https://bugzilla.redhat.com/show_bug.cgi?id=2212615 https://bugzilla.redhat.com/show_bug.cgi?id=2212617 https://bugzilla.redhat.com/show_bug.cgi?id=2212618 https://bugzilla.redhat.com/show_bug.cgi?id=2213703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24936 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29331 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29337 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32032 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33128 https://devblogs.microsoft.com/dotnet/dotnet-framework-june-2023-security-and-quality-rollup/ https://devblogs.microsoft.com/dotnet/june-2023-updates/ https://errata.almalinux.org/9/ALSA-2023-3592.html https://errata.rockylinux.org/RLSA-2023:3593 https://github.com/NuGet/NuGet.Client https://github.com/NuGet/NuGet.Client/commit/7fe6b814c901490292f02d8ea12749505fbb959a https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-6qmf-mmc7-6c2p https://github.com/dotnet/core/blob/c73158b8ef08db362585f9ed16b97c1d1372c666/release-notes/6.0/6.0.18/6.0.18.md https://github.com/dotnet/core/blob/c73158b8ef08db362585f9ed16b97c1d1372c666/release-notes/7.0/7.0.7/7.0.7.md https://linux.oracle.com/cve/CVE-2023-29337.html https://linux.oracle.com/errata/ELSA-2023-3593.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337 https://nvd.nist.gov/vuln/detail/CVE-2023-29337 https://ubuntu.com/security/notices/USN-6161-1 https://www.cve.org/CVERecord?id=CVE-2023-29337
No Misconfigurations found

opt/dotnet/sdk/6.0.428/DotnetTools/dotnet-format/dotnet-format.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/dotnet/sdk/6.0.428/DotnetTools/dotnet-user-secrets/6.0.36-servicing.24516.4/tools/net6.0/any/dotnet-user-secrets.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/dotnet/sdk/6.0.428/DotnetTools/dotnet-watch/6.0.428-servicing.24517.40/tools/net6.0/any/dotnet-watch.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/dotnet/sdk/6.0.428/FSharp/fsc.deps.json (dotnet-core)

Package Vulnerability ID Severity Installed Version Fixed Version Links
Microsoft.Build.Tasks.Core CVE-2025-26646 HIGH 17.3.4 15.9.30, 16.11.6, 17.8.29, 17.10.29, 17.12.36, 17.13.26, 17.14.8 https://access.redhat.com/errata/RHSA-2025:7598 https://access.redhat.com/security/cve/CVE-2025-26646 https://bugzilla.redhat.com/2365317 https://errata.almalinux.org/9/ALSA-2025-7598.html https://github.com/dotnet/announcements/issues/356 https://github.com/dotnet/msbuild https://github.com/dotnet/msbuild/issues/11846 https://github.com/dotnet/msbuild/security/advisories/GHSA-h4j7-5rxr-p4wc https://linux.oracle.com/cve/CVE-2025-26646.html https://linux.oracle.com/errata/ELSA-2025-7600.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646 https://nvd.nist.gov/vuln/detail/CVE-2025-26646 https://ubuntu.com/security/notices/USN-7509-1 https://www.cve.org/CVERecord?id=CVE-2025-26646
No Misconfigurations found

opt/dotnet/sdk/6.0.428/FSharp/fsi.deps.json (dotnet-core)

Package Vulnerability ID Severity Installed Version Fixed Version Links
Microsoft.Build.Tasks.Core CVE-2025-26646 HIGH 17.3.4 15.9.30, 16.11.6, 17.8.29, 17.10.29, 17.12.36, 17.13.26, 17.14.8 https://access.redhat.com/errata/RHSA-2025:7598 https://access.redhat.com/security/cve/CVE-2025-26646 https://bugzilla.redhat.com/2365317 https://errata.almalinux.org/9/ALSA-2025-7598.html https://github.com/dotnet/announcements/issues/356 https://github.com/dotnet/msbuild https://github.com/dotnet/msbuild/issues/11846 https://github.com/dotnet/msbuild/security/advisories/GHSA-h4j7-5rxr-p4wc https://linux.oracle.com/cve/CVE-2025-26646.html https://linux.oracle.com/errata/ELSA-2025-7600.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646 https://nvd.nist.gov/vuln/detail/CVE-2025-26646 https://ubuntu.com/security/notices/USN-7509-1 https://www.cve.org/CVERecord?id=CVE-2025-26646
No Misconfigurations found

opt/dotnet/sdk/6.0.428/MSBuild.deps.json (dotnet-core)

Package Vulnerability ID Severity Installed Version Fixed Version Links
Microsoft.Build.Tasks.Core CVE-2025-26646 HIGH 17.3.4 15.9.30, 16.11.6, 17.8.29, 17.10.29, 17.12.36, 17.13.26, 17.14.8 https://access.redhat.com/errata/RHSA-2025:7598 https://access.redhat.com/security/cve/CVE-2025-26646 https://bugzilla.redhat.com/2365317 https://errata.almalinux.org/9/ALSA-2025-7598.html https://github.com/dotnet/announcements/issues/356 https://github.com/dotnet/msbuild https://github.com/dotnet/msbuild/issues/11846 https://github.com/dotnet/msbuild/security/advisories/GHSA-h4j7-5rxr-p4wc https://linux.oracle.com/cve/CVE-2025-26646.html https://linux.oracle.com/errata/ELSA-2025-7600.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646 https://nvd.nist.gov/vuln/detail/CVE-2025-26646 https://ubuntu.com/security/notices/USN-7509-1 https://www.cve.org/CVERecord?id=CVE-2025-26646
NuGet.Packaging CVE-2024-0057 CRITICAL 6.3.4-rc.2 5.11.6, 6.0.6, 6.3.4, 6.4.3, 6.6.2, 6.7.1, 6.8.1 https://access.redhat.com/errata/RHSA-2024:0156 https://access.redhat.com/security/cve/CVE-2024-0057 https://bugzilla.redhat.com/2255384 https://bugzilla.redhat.com/2255386 https://bugzilla.redhat.com/2257566 https://bugzilla.redhat.com/show_bug.cgi?id=2255384 https://bugzilla.redhat.com/show_bug.cgi?id=2255386 https://bugzilla.redhat.com/show_bug.cgi?id=2257566 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0056 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0057 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21319 https://devblogs.microsoft.com/dotnet/january-2024-updates/ https://errata.almalinux.org/9/ALSA-2024-0156.html https://errata.rockylinux.org/RLSA-2024:0158 https://github.com/NuGet/NuGet.Client https://github.com/NuGet/NuGet.Client/commit/3333f352ec47f0ebb489f20353dea7017f6cb00c https://github.com/NuGet/NuGet.Client/commit/5e1ba955cca14328d2cb5723f211d5fbc9bcacb3 https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-68w7-72jg-6qpp https://github.com/dotnet/core/blob/ce802c56fde3abe2ae14ad09a1b8991b6709c18b/release-notes/6.0/6.0.26/6.0.26.md https://linux.oracle.com/cve/CVE-2024-0057.html https://linux.oracle.com/errata/ELSA-2024-0158.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 https://nvd.nist.gov/vuln/detail/CVE-2024-0057 https://security.netapp.com/advisory/ntap-20240208-0007 https://security.netapp.com/advisory/ntap-20240208-0007/ https://ubuntu.com/security/notices/USN-6578-1 https://www.cve.org/CVERecord?id=CVE-2024-0057
No Misconfigurations found

opt/dotnet/sdk/6.0.428/Microsoft.VisualStudio.TestPlatform.ObjectModel.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/dotnet/sdk/6.0.428/NuGet.CommandLine.XPlat.deps.json (dotnet-core)

Package Vulnerability ID Severity Installed Version Fixed Version Links
Microsoft.Build.Tasks.Core CVE-2025-26646 HIGH 17.3.4 15.9.30, 16.11.6, 17.8.29, 17.10.29, 17.12.36, 17.13.26, 17.14.8 https://access.redhat.com/errata/RHSA-2025:7598 https://access.redhat.com/security/cve/CVE-2025-26646 https://bugzilla.redhat.com/2365317 https://errata.almalinux.org/9/ALSA-2025-7598.html https://github.com/dotnet/announcements/issues/356 https://github.com/dotnet/msbuild https://github.com/dotnet/msbuild/issues/11846 https://github.com/dotnet/msbuild/security/advisories/GHSA-h4j7-5rxr-p4wc https://linux.oracle.com/cve/CVE-2025-26646.html https://linux.oracle.com/errata/ELSA-2025-7600.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646 https://nvd.nist.gov/vuln/detail/CVE-2025-26646 https://ubuntu.com/security/notices/USN-7509-1 https://www.cve.org/CVERecord?id=CVE-2025-26646
NuGet.Packaging CVE-2024-0057 CRITICAL 6.3.4-rc.2 5.11.6, 6.0.6, 6.3.4, 6.4.3, 6.6.2, 6.7.1, 6.8.1 https://access.redhat.com/errata/RHSA-2024:0156 https://access.redhat.com/security/cve/CVE-2024-0057 https://bugzilla.redhat.com/2255384 https://bugzilla.redhat.com/2255386 https://bugzilla.redhat.com/2257566 https://bugzilla.redhat.com/show_bug.cgi?id=2255384 https://bugzilla.redhat.com/show_bug.cgi?id=2255386 https://bugzilla.redhat.com/show_bug.cgi?id=2257566 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0056 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0057 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21319 https://devblogs.microsoft.com/dotnet/january-2024-updates/ https://errata.almalinux.org/9/ALSA-2024-0156.html https://errata.rockylinux.org/RLSA-2024:0158 https://github.com/NuGet/NuGet.Client https://github.com/NuGet/NuGet.Client/commit/3333f352ec47f0ebb489f20353dea7017f6cb00c https://github.com/NuGet/NuGet.Client/commit/5e1ba955cca14328d2cb5723f211d5fbc9bcacb3 https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-68w7-72jg-6qpp https://github.com/dotnet/core/blob/ce802c56fde3abe2ae14ad09a1b8991b6709c18b/release-notes/6.0/6.0.26/6.0.26.md https://linux.oracle.com/cve/CVE-2024-0057.html https://linux.oracle.com/errata/ELSA-2024-0158.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 https://nvd.nist.gov/vuln/detail/CVE-2024-0057 https://security.netapp.com/advisory/ntap-20240208-0007 https://security.netapp.com/advisory/ntap-20240208-0007/ https://ubuntu.com/security/notices/USN-6578-1 https://www.cve.org/CVERecord?id=CVE-2024-0057
No Misconfigurations found

opt/dotnet/sdk/6.0.428/Sdks/Microsoft.NET.Sdk.BlazorWebAssembly/tools/net6.0/Microsoft.NET.Sdk.BlazorWebAssembly.Tool.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/dotnet/sdk/6.0.428/Sdks/Microsoft.NET.Sdk.Razor/tools/rzc.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/dotnet/sdk/6.0.428/datacollector.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/dotnet/sdk/6.0.428/dotnet-watch.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/dotnet/sdk/6.0.428/dotnet.deps.json (dotnet-core)

Package Vulnerability ID Severity Installed Version Fixed Version Links
Microsoft.Build.Tasks.Core CVE-2025-26646 HIGH 17.3.4 15.9.30, 16.11.6, 17.8.29, 17.10.29, 17.12.36, 17.13.26, 17.14.8 https://access.redhat.com/errata/RHSA-2025:7598 https://access.redhat.com/security/cve/CVE-2025-26646 https://bugzilla.redhat.com/2365317 https://errata.almalinux.org/9/ALSA-2025-7598.html https://github.com/dotnet/announcements/issues/356 https://github.com/dotnet/msbuild https://github.com/dotnet/msbuild/issues/11846 https://github.com/dotnet/msbuild/security/advisories/GHSA-h4j7-5rxr-p4wc https://linux.oracle.com/cve/CVE-2025-26646.html https://linux.oracle.com/errata/ELSA-2025-7600.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646 https://nvd.nist.gov/vuln/detail/CVE-2025-26646 https://ubuntu.com/security/notices/USN-7509-1 https://www.cve.org/CVERecord?id=CVE-2025-26646
NuGet.Packaging CVE-2024-0057 CRITICAL 6.3.4-rc.2 5.11.6, 6.0.6, 6.3.4, 6.4.3, 6.6.2, 6.7.1, 6.8.1 https://access.redhat.com/errata/RHSA-2024:0156 https://access.redhat.com/security/cve/CVE-2024-0057 https://bugzilla.redhat.com/2255384 https://bugzilla.redhat.com/2255386 https://bugzilla.redhat.com/2257566 https://bugzilla.redhat.com/show_bug.cgi?id=2255384 https://bugzilla.redhat.com/show_bug.cgi?id=2255386 https://bugzilla.redhat.com/show_bug.cgi?id=2257566 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0056 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0057 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21319 https://devblogs.microsoft.com/dotnet/january-2024-updates/ https://errata.almalinux.org/9/ALSA-2024-0156.html https://errata.rockylinux.org/RLSA-2024:0158 https://github.com/NuGet/NuGet.Client https://github.com/NuGet/NuGet.Client/commit/3333f352ec47f0ebb489f20353dea7017f6cb00c https://github.com/NuGet/NuGet.Client/commit/5e1ba955cca14328d2cb5723f211d5fbc9bcacb3 https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-68w7-72jg-6qpp https://github.com/dotnet/core/blob/ce802c56fde3abe2ae14ad09a1b8991b6709c18b/release-notes/6.0/6.0.26/6.0.26.md https://linux.oracle.com/cve/CVE-2024-0057.html https://linux.oracle.com/errata/ELSA-2024-0158.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 https://nvd.nist.gov/vuln/detail/CVE-2024-0057 https://security.netapp.com/advisory/ntap-20240208-0007 https://security.netapp.com/advisory/ntap-20240208-0007/ https://ubuntu.com/security/notices/USN-6578-1 https://www.cve.org/CVERecord?id=CVE-2024-0057
No Misconfigurations found

opt/dotnet/sdk/6.0.428/package.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/dotnet/sdk/6.0.428/vstest.console.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/dotnet/shared/Microsoft.AspNetCore.App/6.0.36/Microsoft.AspNetCore.App.deps.json (dotnet-core)

Package Vulnerability ID Severity Installed Version Fixed Version Links
Microsoft.AspNetCore.App.Runtime.linux-x64 CVE-2025-24070 HIGH 6.0.36 9.0.3, 8.0.14 https://access.redhat.com/errata/RHSA-2025:2669 https://access.redhat.com/security/cve/CVE-2025-24070 https://bugzilla.redhat.com/2349733 https://bugzilla.redhat.com/show_bug.cgi?id=2349733 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24070 https://devblogs.microsoft.com/dotnet/dotnet-and-dotnet-framework-march-2025-servicing-updates/ https://errata.almalinux.org/9/ALSA-2025-2669.html https://errata.rockylinux.org/RLSA-2025:2670 https://github.com/dotnet/aspnetcore https://github.com/dotnet/aspnetcore/security/advisories/GHSA-2865-hh9g-w894 https://linux.oracle.com/cve/CVE-2025-24070.html https://linux.oracle.com/errata/ELSA-2025-2670.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24070 https://nvd.nist.gov/vuln/detail/CVE-2025-24070 https://ubuntu.com/security/notices/USN-7345-1 https://www.cve.org/CVERecord?id=CVE-2025-24070 https://www.herodevs.com/vulnerability-directory/cve-2025-24070
No Misconfigurations found

opt/dotnet/shared/Microsoft.NETCore.App/6.0.36/Microsoft.NETCore.App.deps.json (dotnet-core)

No Vulnerabilities found
No Misconfigurations found

opt/go/bin/buildozer (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/bin/go (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/bin/gofmt (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/addr2line (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/asm (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/buildid (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/cgo (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/compile (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/covdata (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/cover (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/doc (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/fix (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found
Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/nm (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/objdump (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/pack (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/pprof (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/preprofile (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/test2json (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/trace (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

opt/go/pkg/tool/linux_amd64/vet (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-22874 HIGH v1.24.2 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-0913 MEDIUM v1.24.2 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-4673 MEDIUM v1.24.2 1.23.10, 1.24.4 https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found