snyk says authui-container shows 21 vulnerabilities (1 critical, 9 high, 11 medium)

[lancehudson]

Running snyk container on authui-container shows 21 vulnerabilities (1 critical, 9 high, 11 medium) Will this be addressed? Full output below.

---

Testing gcr.io/gcip-iap/authui@sha256:27c7908ccc66941a89e4774a858d75d514a0422ab4d9b0600bd41332d9e57bd1...

✗ Low severity vulnerability found in util-linux/libblkid1 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-UTILLINUX-2401081 Introduced through: util-linux/libblkid1@2.36.1-8+deb11u1, e2fsprogs@1.46.2-2, util-linux/libmount1@2.36.1-8+deb11u1, util-linux/mount@2.36.1-8+deb11u1, util-linux/libuuid1@2.36.1-8+deb11u1, util-linux@2.36.1-8+deb11u1, util-linux/bsdutils@1:2.36.1-8+deb11u1, util-linux/libsmartcols1@2.36.1-8+deb11u1 From: util-linux/libblkid1@2.36.1-8+deb11u1 From: e2fsprogs@1.46.2-2 > util-linux/libblkid1@2.36.1-8+deb11u1 From: util-linux/libmount1@2.36.1-8+deb11u1 > util-linux/libblkid1@2.36.1-8+deb11u1 and 15 more...

✗ Low severity vulnerability found in util-linux/libblkid1 Description: CVE-2024-28085 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-UTILLINUX-6508632 Introduced through: util-linux/libblkid1@2.36.1-8+deb11u1, e2fsprogs@1.46.2-2, util-linux/libmount1@2.36.1-8+deb11u1, util-linux/mount@2.36.1-8+deb11u1, util-linux/libuuid1@2.36.1-8+deb11u1, util-linux@2.36.1-8+deb11u1, util-linux/bsdutils@1:2.36.1-8+deb11u1, util-linux/libsmartcols1@2.36.1-8+deb11u1 From: util-linux/libblkid1@2.36.1-8+deb11u1 From: e2fsprogs@1.46.2-2 > util-linux/libblkid1@2.36.1-8+deb11u1 From: util-linux/libmount1@2.36.1-8+deb11u1 > util-linux/libblkid1@2.36.1-8+deb11u1 and 15 more... Fixed in: 2.36.1-8+deb11u2

✗ Low severity vulnerability found in tar Description: CVE-2005-2541 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-TAR-523480 Introduced through: tar@1.34+dfsg-1 From: tar@1.34+dfsg-1

✗ Low severity vulnerability found in tar Description: CVE-2023-39804 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-TAR-6120424 Introduced through: tar@1.34+dfsg-1 From: tar@1.34+dfsg-1 Fixed in: 1.34+dfsg-1+deb11u1

✗ Low severity vulnerability found in systemd/libsystemd0 Description: Authentication Bypass Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SYSTEMD-1291054 Introduced through: systemd/libsystemd0@247.3-7+deb11u2, apt@2.2.4, util-linux/bsdutils@1:2.36.1-8+deb11u1, util-linux/mount@2.36.1-8+deb11u1, systemd/libudev1@247.3-7+deb11u2 From: systemd/libsystemd0@247.3-7+deb11u2 From: apt@2.2.4 > systemd/libsystemd0@247.3-7+deb11u2 From: util-linux/bsdutils@1:2.36.1-8+deb11u1 > systemd/libsystemd0@247.3-7+deb11u2 and 5 more...

✗ Low severity vulnerability found in systemd/libsystemd0 Description: Link Following Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SYSTEMD-524969 Introduced through: systemd/libsystemd0@247.3-7+deb11u2, apt@2.2.4, util-linux/bsdutils@1:2.36.1-8+deb11u1, util-linux/mount@2.36.1-8+deb11u1, systemd/libudev1@247.3-7+deb11u2 From: systemd/libsystemd0@247.3-7+deb11u2 From: apt@2.2.4 > systemd/libsystemd0@247.3-7+deb11u2 From: util-linux/bsdutils@1:2.36.1-8+deb11u1 > systemd/libsystemd0@247.3-7+deb11u2 and 5 more...

✗ Low severity vulnerability found in systemd/libsystemd0 Description: Improper Validation of Integrity Check Value Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SYSTEMD-5733387 Introduced through: systemd/libsystemd0@247.3-7+deb11u2, apt@2.2.4, util-linux/bsdutils@1:2.36.1-8+deb11u1, util-linux/mount@2.36.1-8+deb11u1, systemd/libudev1@247.3-7+deb11u2 From: systemd/libsystemd0@247.3-7+deb11u2 From: apt@2.2.4 > systemd/libsystemd0@247.3-7+deb11u2 From: util-linux/bsdutils@1:2.36.1-8+deb11u1 > systemd/libsystemd0@247.3-7+deb11u2 and 5 more...

✗ Low severity vulnerability found in systemd/libsystemd0 Description: Improper Validation of Integrity Check Value Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SYSTEMD-5733391 Introduced through: systemd/libsystemd0@247.3-7+deb11u2, apt@2.2.4, util-linux/bsdutils@1:2.36.1-8+deb11u1, util-linux/mount@2.36.1-8+deb11u1, systemd/libudev1@247.3-7+deb11u2 From: systemd/libsystemd0@247.3-7+deb11u2 From: apt@2.2.4 > systemd/libsystemd0@247.3-7+deb11u2 From: util-linux/bsdutils@1:2.36.1-8+deb11u1 > systemd/libsystemd0@247.3-7+deb11u2 and 5 more...

✗ Low severity vulnerability found in systemd/libsystemd0 Description: Improper Validation of Integrity Check Value Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SYSTEMD-5733392 Introduced through: systemd/libsystemd0@247.3-7+deb11u2, apt@2.2.4, util-linux/bsdutils@1:2.36.1-8+deb11u1, util-linux/mount@2.36.1-8+deb11u1, systemd/libudev1@247.3-7+deb11u2 From: systemd/libsystemd0@247.3-7+deb11u2 From: apt@2.2.4 > systemd/libsystemd0@247.3-7+deb11u2 From: util-linux/bsdutils@1:2.36.1-8+deb11u1 > systemd/libsystemd0@247.3-7+deb11u2 and 5 more...

✗ Low severity vulnerability found in systemd/libsystemd0 Description: CVE-2023-7008 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SYSTEMD-6137713 Introduced through: systemd/libsystemd0@247.3-7+deb11u2, apt@2.2.4, util-linux/bsdutils@1:2.36.1-8+deb11u1, util-linux/mount@2.36.1-8+deb11u1, systemd/libudev1@247.3-7+deb11u2 From: systemd/libsystemd0@247.3-7+deb11u2 From: apt@2.2.4 > systemd/libsystemd0@247.3-7+deb11u2 From: util-linux/bsdutils@1:2.36.1-8+deb11u1 > systemd/libsystemd0@247.3-7+deb11u2 and 5 more...

✗ Low severity vulnerability found in systemd/libsystemd0 Description: CVE-2023-50868 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SYSTEMD-6277512 Introduced through: systemd/libsystemd0@247.3-7+deb11u2, apt@2.2.4, util-linux/bsdutils@1:2.36.1-8+deb11u1, util-linux/mount@2.36.1-8+deb11u1, systemd/libudev1@247.3-7+deb11u2 From: systemd/libsystemd0@247.3-7+deb11u2 From: apt@2.2.4 > systemd/libsystemd0@247.3-7+deb11u2 From: util-linux/bsdutils@1:2.36.1-8+deb11u1 > systemd/libsystemd0@247.3-7+deb11u2 and 5 more...

✗ Low severity vulnerability found in shadow/passwd Description: Access Restriction Bypass Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SHADOW-526940 Introduced through: shadow/passwd@1:4.8.1-1, adduser@3.118, shadow/login@1:4.8.1-1, util-linux/mount@2.36.1-8+deb11u1 From: shadow/passwd@1:4.8.1-1 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 From: shadow/login@1:4.8.1-1 and 1 more...

✗ Low severity vulnerability found in shadow/passwd Description: Time-of-check Time-of-use (TOCTOU) Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SHADOW-528840 Introduced through: shadow/passwd@1:4.8.1-1, adduser@3.118, shadow/login@1:4.8.1-1, util-linux/mount@2.36.1-8+deb11u1 From: shadow/passwd@1:4.8.1-1 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 From: shadow/login@1:4.8.1-1 and 1 more...

✗ Low severity vulnerability found in shadow/passwd Description: Incorrect Permission Assignment for Critical Resource Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SHADOW-539870 Introduced through: shadow/passwd@1:4.8.1-1, adduser@3.118, shadow/login@1:4.8.1-1, util-linux/mount@2.36.1-8+deb11u1 From: shadow/passwd@1:4.8.1-1 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 From: shadow/login@1:4.8.1-1 and 1 more...

✗ Low severity vulnerability found in shadow/passwd Description: Arbitrary Code Injection Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SHADOW-5423922 Introduced through: shadow/passwd@1:4.8.1-1, adduser@3.118, shadow/login@1:4.8.1-1, util-linux/mount@2.36.1-8+deb11u1 From: shadow/passwd@1:4.8.1-1 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 From: shadow/login@1:4.8.1-1 and 1 more...

✗ Low severity vulnerability found in shadow/passwd Description: Improper Authentication Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SHADOW-5879152 Introduced through: shadow/passwd@1:4.8.1-1, adduser@3.118, shadow/login@1:4.8.1-1, util-linux/mount@2.36.1-8+deb11u1 From: shadow/passwd@1:4.8.1-1 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 From: shadow/login@1:4.8.1-1 and 1 more...

✗ Low severity vulnerability found in perl/perl-base Description: Improper Verification of Cryptographic Signature Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PERL-1925976 Introduced through: perl/perl-base@5.32.1-4+deb11u2 From: perl/perl-base@5.32.1-4+deb11u2

✗ Low severity vulnerability found in perl/perl-base Description: Link Following Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PERL-532614 Introduced through: perl/perl-base@5.32.1-4+deb11u2 From: perl/perl-base@5.32.1-4+deb11u2

✗ Low severity vulnerability found in perl/perl-base Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PERL-5489185 Introduced through: perl/perl-base@5.32.1-4+deb11u2 From: perl/perl-base@5.32.1-4+deb11u2

✗ Low severity vulnerability found in perl/perl-base Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PERL-5489191 Introduced through: perl/perl-base@5.32.1-4+deb11u2 From: perl/perl-base@5.32.1-4+deb11u2

✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PCRE3-523392 Introduced through: pcre3/libpcre3@2:8.39-13, grep@3.6-1+deb11u1 From: pcre3/libpcre3@2:8.39-13 From: grep@3.6-1+deb11u1 > pcre3/libpcre3@2:8.39-13

✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PCRE3-525075 Introduced through: pcre3/libpcre3@2:8.39-13, grep@3.6-1+deb11u1 From: pcre3/libpcre3@2:8.39-13 From: grep@3.6-1+deb11u1 > pcre3/libpcre3@2:8.39-13

✗ Low severity vulnerability found in pcre3/libpcre3 Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PCRE3-529298 Introduced through: pcre3/libpcre3@2:8.39-13, grep@3.6-1+deb11u1 From: pcre3/libpcre3@2:8.39-13 From: grep@3.6-1+deb11u1 > pcre3/libpcre3@2:8.39-13

✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PCRE3-529490 Introduced through: pcre3/libpcre3@2:8.39-13, grep@3.6-1+deb11u1 From: pcre3/libpcre3@2:8.39-13 From: grep@3.6-1+deb11u1 > pcre3/libpcre3@2:8.39-13

✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PCRE3-572353 Introduced through: pcre3/libpcre3@2:8.39-13, grep@3.6-1+deb11u1 From: pcre3/libpcre3@2:8.39-13 From: grep@3.6-1+deb11u1 > pcre3/libpcre3@2:8.39-13

✗ Low severity vulnerability found in pcre2/libpcre2-8-0 Description: Integer Overflow or Wraparound Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PCRE2-5788325 Introduced through: pcre2/libpcre2-8-0@10.36-2+deb11u1 From: pcre2/libpcre2-8-0@10.36-2+deb11u1

✗ Low severity vulnerability found in pam/libpam0g Description: CVE-2024-22365 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PAM-6178915 Introduced through: pam/libpam0g@1.4.0-9+deb11u1, shadow/login@1:4.8.1-1, util-linux/mount@2.36.1-8+deb11u1, adduser@3.118, pam/libpam-modules-bin@1.4.0-9+deb11u1, pam/libpam-modules@1.4.0-9+deb11u1, pam/libpam-runtime@1.4.0-9+deb11u1 From: pam/libpam0g@1.4.0-9+deb11u1 From: shadow/login@1:4.8.1-1 > pam/libpam0g@1.4.0-9+deb11u1 From: util-linux/mount@2.36.1-8+deb11u1 > util-linux@2.36.1-8+deb11u1 > pam/libpam0g@1.4.0-9+deb11u1 and 11 more...

✗ Low severity vulnerability found in openssl/libssl1.1 Description: Improper Check for Unusual or Exceptional Conditions Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-6048819 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4

✗ Low severity vulnerability found in openssl/libssl1.1 Description: CVE-2024-0727 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-6190224 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4

✗ Low severity vulnerability found in openssl/libssl1.1 Description: CVE-2024-2511 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-6592093 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4

✗ Low severity vulnerability found in openssl/libssl1.1 Description: CVE-2024-4741 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-7151355 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4

✗ Low severity vulnerability found in openssl/libssl1.1 Description: CVE-2024-5535 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-7411351 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4

✗ Low severity vulnerability found in ncurses/libtinfo6 Description: CVE-2023-50495 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-NCURSES-6123820 Introduced through: ncurses/libtinfo6@6.2+20201114-2+deb11u1, bash@5.1-2+deb11u1, ncurses/ncurses-bin@6.2+20201114-2+deb11u1, util-linux/mount@2.36.1-8+deb11u1, ncurses/ncurses-base@6.2+20201114-2+deb11u1 From: ncurses/libtinfo6@6.2+20201114-2+deb11u1 From: bash@5.1-2+deb11u1 > ncurses/libtinfo6@6.2+20201114-2+deb11u1 From: ncurses/ncurses-bin@6.2+20201114-2+deb11u1 > ncurses/libtinfo6@6.2+20201114-2+deb11u1 and 3 more...

✗ Low severity vulnerability found in ncurses/libtinfo6 Description: CVE-2023-45918 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-NCURSES-6252771 Introduced through: ncurses/libtinfo6@6.2+20201114-2+deb11u1, bash@5.1-2+deb11u1, ncurses/ncurses-bin@6.2+20201114-2+deb11u1, util-linux/mount@2.36.1-8+deb11u1, ncurses/ncurses-base@6.2+20201114-2+deb11u1 From: ncurses/libtinfo6@6.2+20201114-2+deb11u1 From: bash@5.1-2+deb11u1 > ncurses/libtinfo6@6.2+20201114-2+deb11u1 From: ncurses/ncurses-bin@6.2+20201114-2+deb11u1 > ncurses/libtinfo6@6.2+20201114-2+deb11u1 and 3 more...

✗ Low severity vulnerability found in libzstd/libzstd1 Description: Resource Exhaustion Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-LIBZSTD-5406388 Introduced through: libzstd/libzstd1@1.4.8+dfsg-2.1, apt@2.2.4 From: libzstd/libzstd1@1.4.8+dfsg-2.1 From: apt@2.2.4 > apt/libapt-pkg6.0@2.2.4 > libzstd/libzstd1@1.4.8+dfsg-2.1 From: apt@2.2.4 > apt/libapt-pkg6.0@2.2.4 > systemd/libsystemd0@247.3-7+deb11u2 > libzstd/libzstd1@1.4.8+dfsg-2.1

✗ Low severity vulnerability found in libsepol/libsepol1 Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-LIBSEPOL-1315627 Introduced through: libsepol/libsepol1@3.1-1, adduser@3.118 From: libsepol/libsepol1@3.1-1 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > libsemanage/libsemanage1@3.1-1+b2 > libsepol/libsepol1@3.1-1

✗ Low severity vulnerability found in libsepol/libsepol1 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-LIBSEPOL-1315629 Introduced through: libsepol/libsepol1@3.1-1, adduser@3.118 From: libsepol/libsepol1@3.1-1 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > libsemanage/libsemanage1@3.1-1+b2 > libsepol/libsepol1@3.1-1

✗ Low severity vulnerability found in libsepol/libsepol1 Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-LIBSEPOL-1315635 Introduced through: libsepol/libsepol1@3.1-1, adduser@3.118 From: libsepol/libsepol1@3.1-1 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > libsemanage/libsemanage1@3.1-1+b2 > libsepol/libsepol1@3.1-1

✗ Low severity vulnerability found in libsepol/libsepol1 Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-LIBSEPOL-1315641 Introduced through: libsepol/libsepol1@3.1-1, adduser@3.118 From: libsepol/libsepol1@3.1-1 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > libsemanage/libsemanage1@3.1-1+b2 > libsepol/libsepol1@3.1-1

✗ Low severity vulnerability found in libgcrypt20 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-LIBGCRYPT20-1297892 Introduced through: libgcrypt20@1.8.7-6, apt@2.2.4 From: libgcrypt20@1.8.7-6 From: apt@2.2.4 > apt/libapt-pkg6.0@2.2.4 > libgcrypt20@1.8.7-6 From: apt@2.2.4 > gnupg2/gpgv@2.2.27-2+deb11u2 > libgcrypt20@1.8.7-6 and 1 more...

✗ Low severity vulnerability found in libgcrypt20 Description: Use of a Broken or Risky Cryptographic Algorithm Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-LIBGCRYPT20-523947 Introduced through: libgcrypt20@1.8.7-6, apt@2.2.4 From: libgcrypt20@1.8.7-6 From: apt@2.2.4 > apt/libapt-pkg6.0@2.2.4 > libgcrypt20@1.8.7-6 From: apt@2.2.4 > gnupg2/gpgv@2.2.27-2+deb11u2 > libgcrypt20@1.8.7-6 and 1 more...

✗ Low severity vulnerability found in libgcrypt20 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-LIBGCRYPT20-6405987 Introduced through: libgcrypt20@1.8.7-6, apt@2.2.4 From: libgcrypt20@1.8.7-6 From: apt@2.2.4 > apt/libapt-pkg6.0@2.2.4 > libgcrypt20@1.8.7-6 From: apt@2.2.4 > gnupg2/gpgv@2.2.27-2+deb11u2 > libgcrypt20@1.8.7-6 and 1 more...

✗ Low severity vulnerability found in krb5/libk5crypto3 Description: Integer Overflow or Wraparound Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-KRB5-524883 Introduced through: krb5/libk5crypto3@1.18.3-6+deb11u3, adduser@3.118, krb5/libkrb5-3@1.18.3-6+deb11u3, krb5/libgssapi-krb5-2@1.18.3-6+deb11u3, krb5/libkrb5support0@1.18.3-6+deb11u3 From: krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 and 5 more...

✗ Low severity vulnerability found in krb5/libk5crypto3 Description: CVE-2024-26461 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-KRB5-6277418 Introduced through: krb5/libk5crypto3@1.18.3-6+deb11u3, adduser@3.118, krb5/libkrb5-3@1.18.3-6+deb11u3, krb5/libgssapi-krb5-2@1.18.3-6+deb11u3, krb5/libkrb5support0@1.18.3-6+deb11u3 From: krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 and 5 more...

✗ Low severity vulnerability found in krb5/libk5crypto3 Description: CVE-2024-26458 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-KRB5-6277420 Introduced through: krb5/libk5crypto3@1.18.3-6+deb11u3, adduser@3.118, krb5/libkrb5-3@1.18.3-6+deb11u3, krb5/libgssapi-krb5-2@1.18.3-6+deb11u3, krb5/libkrb5support0@1.18.3-6+deb11u3 From: krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 and 5 more...

✗ Low severity vulnerability found in krb5/libk5crypto3 Description: CVE-2024-37371 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-KRB5-7411316 Introduced through: krb5/libk5crypto3@1.18.3-6+deb11u3, adduser@3.118, krb5/libkrb5-3@1.18.3-6+deb11u3, krb5/libgssapi-krb5-2@1.18.3-6+deb11u3, krb5/libkrb5support0@1.18.3-6+deb11u3 From: krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 and 5 more... Fixed in: 1.18.3-6+deb11u5

✗ Low severity vulnerability found in krb5/libk5crypto3 Description: CVE-2024-37370 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-KRB5-7411320 Introduced through: krb5/libk5crypto3@1.18.3-6+deb11u3, adduser@3.118, krb5/libkrb5-3@1.18.3-6+deb11u3, krb5/libgssapi-krb5-2@1.18.3-6+deb11u3, krb5/libkrb5support0@1.18.3-6+deb11u3 From: krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 and 5 more... Fixed in: 1.18.3-6+deb11u5

✗ Low severity vulnerability found in gnutls28/libgnutls30 Description: Improper Input Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GNUTLS28-515971 Introduced through: gnutls28/libgnutls30@3.7.1-5+deb11u3, apt@2.2.4 From: gnutls28/libgnutls30@3.7.1-5+deb11u3 From: apt@2.2.4 > gnutls28/libgnutls30@3.7.1-5+deb11u3

✗ Low severity vulnerability found in gnutls28/libgnutls30 Description: Uncaught Exception Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GNUTLS28-6474582 Introduced through: gnutls28/libgnutls30@3.7.1-5+deb11u3, apt@2.2.4 From: gnutls28/libgnutls30@3.7.1-5+deb11u3 From: apt@2.2.4 > gnutls28/libgnutls30@3.7.1-5+deb11u3

✗ Low severity vulnerability found in gnutls28/libgnutls30 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GNUTLS28-6474587 Introduced through: gnutls28/libgnutls30@3.7.1-5+deb11u3, apt@2.2.4 From: gnutls28/libgnutls30@3.7.1-5+deb11u3 From: apt@2.2.4 > gnutls28/libgnutls30@3.7.1-5+deb11u3

✗ Low severity vulnerability found in gnupg2/gpgv Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GNUPG2-3330745 Introduced through: gnupg2/gpgv@2.2.27-2+deb11u2, apt@2.2.4 From: gnupg2/gpgv@2.2.27-2+deb11u2 From: apt@2.2.4 > gnupg2/gpgv@2.2.27-2+deb11u2

✗ Low severity vulnerability found in glibc/libc-bin Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-521063 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6

✗ Low severity vulnerability found in glibc/libc-bin Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-521199 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6

✗ Low severity vulnerability found in glibc/libc-bin Description: Use of Insufficiently Random Values Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-522385 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6

✗ Low severity vulnerability found in glibc/libc-bin Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-529848 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6

✗ Low severity vulnerability found in glibc/libc-bin Description: CVE-2019-1010023 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-531451 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6

✗ Low severity vulnerability found in glibc/libc-bin Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-531492 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6

✗ Low severity vulnerability found in glibc/libc-bin Description: Resource Management Errors Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-532215 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6

✗ Low severity vulnerability found in glibc/libc-bin Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5894105 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6

✗ Low severity vulnerability found in glibc/libc-bin Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5894112 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6

✗ Low severity vulnerability found in glibc/libc-bin Description: CVE-2024-2961 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-6617104 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6 Fixed in: 2.31-13+deb11u9

✗ Low severity vulnerability found in glibc/libc-bin Description: CVE-2024-33599 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-6673955 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6 Fixed in: 2.31-13+deb11u10

✗ Low severity vulnerability found in glibc/libc-bin Description: CVE-2024-33601 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-6673958 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6 Fixed in: 2.31-13+deb11u10

✗ Low severity vulnerability found in glibc/libc-bin Description: CVE-2024-33600 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-6673967 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6 Fixed in: 2.31-13+deb11u10

✗ Low severity vulnerability found in glibc/libc-bin Description: CVE-2024-33602 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-6673973 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6 Fixed in: 2.31-13+deb11u10

✗ Low severity vulnerability found in gcc-9/gcc-9-base Description: CVE-2023-4039 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GCC9-5901306 Introduced through: gcc-9/gcc-9-base@9.3.0-22 From: gcc-9/gcc-9-base@9.3.0-22

✗ Low severity vulnerability found in gcc-10/libstdc++6 Description: CVE-2023-4039 Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GCC10-5901313 Introduced through: gcc-10/libstdc++6@10.2.1-6, apt@2.2.4, gcc-10/gcc-10-base@10.2.1-6, gcc-10/libgcc-s1@10.2.1-6 From: gcc-10/libstdc++6@10.2.1-6 From: apt@2.2.4 > gcc-10/libstdc++6@10.2.1-6 From: apt@2.2.4 > apt/libapt-pkg6.0@2.2.4 > gcc-10/libstdc++6@10.2.1-6 and 2 more...

✗ Low severity vulnerability found in e2fsprogs/libcom-err2 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-E2FSPROGS-2628459 Introduced through: e2fsprogs/libcom-err2@1.46.2-2, e2fsprogs@1.46.2-2, adduser@3.118, e2fsprogs/libext2fs2@1.46.2-2, e2fsprogs/libss2@1.46.2-2, e2fsprogs/logsave@1.46.2-2 From: e2fsprogs/libcom-err2@1.46.2-2 From: e2fsprogs@1.46.2-2 > e2fsprogs/libcom-err2@1.46.2-2 From: e2fsprogs@1.46.2-2 > e2fsprogs/libss2@1.46.2-2 > e2fsprogs/libcom-err2@1.46.2-2 and 9 more...

✗ Low severity vulnerability found in db5.3/libdb5.3 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-DB53-2825168 Introduced through: db5.3/libdb5.3@5.3.28+dfsg1-0.8, adduser@3.118 From: db5.3/libdb5.3@5.3.28+dfsg1-0.8 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > db5.3/libdb5.3@5.3.28+dfsg1-0.8

✗ Low severity vulnerability found in coreutils/coreutils Description: Improper Input Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-COREUTILS-514776 Introduced through: coreutils/coreutils@8.32-4+b1 From: coreutils/coreutils@8.32-4+b1

✗ Low severity vulnerability found in coreutils/coreutils Description: Race Condition Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-COREUTILS-527269 Introduced through: coreutils/coreutils@8.32-4+b1 From: coreutils/coreutils@8.32-4+b1

✗ Low severity vulnerability found in bash Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-BASH-3112361 Introduced through: bash@5.1-2+deb11u1 From: bash@5.1-2+deb11u1

✗ Low severity vulnerability found in apt/libapt-pkg6.0 Description: Improper Verification of Cryptographic Signature Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-APT-522585 Introduced through: apt/libapt-pkg6.0@2.2.4, apt@2.2.4 From: apt/libapt-pkg6.0@2.2.4 From: apt@2.2.4 > apt/libapt-pkg6.0@2.2.4 From: apt@2.2.4

✗ Medium severity vulnerability found in tar Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-TAR-3253527 Introduced through: tar@1.34+dfsg-1 From: tar@1.34+dfsg-1 Fixed in: 1.34+dfsg-1+deb11u1

✗ Medium severity vulnerability found in openssl/libssl1.1 Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5291773 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4 Fixed in: 1.1.1n-0+deb11u5

✗ Medium severity vulnerability found in openssl/libssl1.1 Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5291777 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4 Fixed in: 1.1.1n-0+deb11u5

✗ Medium severity vulnerability found in openssl/libssl1.1 Description: Allocation of Resources Without Limits or Throttling Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5661566 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4 Fixed in: 1.1.1n-0+deb11u5

✗ Medium severity vulnerability found in openssl/libssl1.1 Description: Inefficient Regular Expression Complexity Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5788324 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4 Fixed in: 1.1.1v-0~deb11u1

✗ Medium severity vulnerability found in openssl/libssl1.1 Description: Excessive Iteration Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5812634 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4 Fixed in: 1.1.1v-0~deb11u1

✗ Medium severity vulnerability found in krb5/libk5crypto3 Description: Access of Uninitialized Pointer Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-KRB5-5825661 Introduced through: krb5/libk5crypto3@1.18.3-6+deb11u3, adduser@3.118, krb5/libkrb5-3@1.18.3-6+deb11u3, krb5/libgssapi-krb5-2@1.18.3-6+deb11u3, krb5/libkrb5support0@1.18.3-6+deb11u3 From: krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > krb5/libk5crypto3@1.18.3-6+deb11u3 and 5 more... Fixed in: 1.18.3-6+deb11u4

✗ Medium severity vulnerability found in gnutls28/libgnutls30 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GNUTLS28-6062102 Introduced through: gnutls28/libgnutls30@3.7.1-5+deb11u3, apt@2.2.4 From: gnutls28/libgnutls30@3.7.1-5+deb11u3 From: apt@2.2.4 > gnutls28/libgnutls30@3.7.1-5+deb11u3 Fixed in: 3.7.1-5+deb11u4

✗ High severity vulnerability found in systemd/libsystemd0 Description: Allocation of Resources Without Limits or Throttling Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-SYSTEMD-6277510 Introduced through: systemd/libsystemd0@247.3-7+deb11u2, apt@2.2.4, util-linux/bsdutils@1:2.36.1-8+deb11u1, util-linux/mount@2.36.1-8+deb11u1, systemd/libudev1@247.3-7+deb11u2 From: systemd/libsystemd0@247.3-7+deb11u2 From: apt@2.2.4 > systemd/libsystemd0@247.3-7+deb11u2 From: util-linux/bsdutils@1:2.36.1-8+deb11u1 > systemd/libsystemd0@247.3-7+deb11u2 and 5 more...

✗ High severity vulnerability found in perl/perl-base Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-PERL-6085272 Introduced through: perl/perl-base@5.32.1-4+deb11u2 From: perl/perl-base@5.32.1-4+deb11u2 Fixed in: 5.32.1-4+deb11u3

✗ High severity vulnerability found in openssl/libssl1.1 Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-3368735 Introduced through: openssl/libssl1.1@1.1.1n-0+deb11u4, adduser@3.118 From: openssl/libssl1.1@1.1.1n-0+deb11u4 From: adduser@3.118 > shadow/passwd@1:4.8.1-1 > pam/libpam-modules@1.4.0-9+deb11u1 > libnsl/libnsl2@1.3.0-2 > libtirpc/libtirpc3@1.3.1-1+deb11u1 > krb5/libgssapi-krb5-2@1.18.3-6+deb11u3 > krb5/libkrb5-3@1.18.3-6+deb11u3 > openssl/libssl1.1@1.1.1n-0+deb11u4 Fixed in: 1.1.1n-0+deb11u5

✗ High severity vulnerability found in ncurses/libtinfo6 Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197 Introduced through: ncurses/libtinfo6@6.2+20201114-2+deb11u1, bash@5.1-2+deb11u1, ncurses/ncurses-bin@6.2+20201114-2+deb11u1, util-linux/mount@2.36.1-8+deb11u1, ncurses/ncurses-base@6.2+20201114-2+deb11u1 From: ncurses/libtinfo6@6.2+20201114-2+deb11u1 From: bash@5.1-2+deb11u1 > ncurses/libtinfo6@6.2+20201114-2+deb11u1 From: ncurses/ncurses-bin@6.2+20201114-2+deb11u1 > ncurses/libtinfo6@6.2+20201114-2+deb11u1 and 3 more... Fixed in: 6.2+20201114-2+deb11u2

✗ High severity vulnerability found in gnutls28/libgnutls30 Description: Improper Verification of Cryptographic Signature Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GNUTLS28-6159417 Introduced through: gnutls28/libgnutls30@3.7.1-5+deb11u3, apt@2.2.4 From: gnutls28/libgnutls30@3.7.1-5+deb11u3 From: apt@2.2.4 > gnutls28/libgnutls30@3.7.1-5+deb11u3 Fixed in: 3.7.1-5+deb11u5

✗ High severity vulnerability found in gnutls28/libgnutls30 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GNUTLS28-6159419 Introduced through: gnutls28/libgnutls30@3.7.1-5+deb11u3, apt@2.2.4 From: gnutls28/libgnutls30@3.7.1-5+deb11u3 From: apt@2.2.4 > gnutls28/libgnutls30@3.7.1-5+deb11u3 Fixed in: 3.7.1-5+deb11u5

✗ High severity vulnerability found in glibc/libc-bin Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133 Introduced through: glibc/libc-bin@2.31-13+deb11u6, glibc/libc6@2.31-13+deb11u6 From: glibc/libc-bin@2.31-13+deb11u6 From: glibc/libc6@2.31-13+deb11u6 Fixed in: 2.31-13+deb11u7

✗ Critical severity vulnerability found in zlib/zlib1g Description: Integer Overflow or Wraparound Info: https://security.snyk.io/vuln/SNYK-DEBIAN11-ZLIB-6008961 Introduced through: zlib/zlib1g@1:1.2.11.dfsg-2+deb11u2 From: zlib/zlib1g@1:1.2.11.dfsg-2+deb11u2

------------ Detected 9 vulnerabilities for node@19.9.0 ------------

✗ Low severity vulnerability found in node Description: Permissive Cross-domain Policy with Untrusted Domains Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252338 Introduced through: node@19.9.0 From: node@19.9.0 Fixed in: 20.11.1

✗ Low severity vulnerability found in node Description: Authorization Bypass Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430907 Introduced through: node@19.9.0 From: node@19.9.0 Fixed in: 20.15.1, 22.4.1

✗ Low severity vulnerability found in node Description: Authorization Bypass Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430909 Introduced through: node@19.9.0 From: node@19.9.0 Fixed in: 20.15.1, 22.4.1

✗ Low severity vulnerability found in node Description: Improper Handling of Values Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430912 Introduced through: node@19.9.0 From: node@19.9.0 Fixed in: 20.15.1, 22.4.1

✗ Medium severity vulnerability found in node Description: Inconsistency Between Implementation and Documented Design Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741796 Introduced through: node@19.9.0 From: node@19.9.0 Fixed in: 20.3.1

✗ Medium severity vulnerability found in node Description: Observable Timing Discrepancy Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252330 Introduced through: node@19.9.0 From: node@19.9.0 Fixed in: 20.11.1

✗ Medium severity vulnerability found in node Description: HTTP Request Smuggling Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6564550 Introduced through: node@19.9.0 From: node@19.9.0 Fixed in: 20.12.1

✗ High severity vulnerability found in node Description: Allocation of Resources Without Limits or Throttling Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252328 Introduced through: node@19.9.0 From: node@19.9.0 Fixed in: 20.11.1

✗ High severity vulnerability found in node Description: Code Injection Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252332 Introduced through: node@19.9.0 From: node@19.9.0 Fixed in: 20.11.1