search

lazy-actions / gitrivy

GitHub Issue + Trivy Action
MIT License
54 stars 25 forks source link

Security Alert Test #99

Closed github-actions[bot] closed 3 years ago

github-actions[bot] commented 3 years ago

knqyf263/vuln-image (alpine 3.7.1) - Trivy Report - 2021-06-03T21:25:24.416449943Z

alpine
Package Vulnerability ID Severity Installed Version Fixed Version Links
curl CVE-2018-14618 CRITICAL 7.61.0-r0 7.61.1-r0 http://www.securitytracker.com/id/1041605 https://access.redhat.com/errata/RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2019:1880 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618 https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf https://curl.haxx.se/docs/CVE-2018-14618.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618 https://github.com/curl/curl/issues/2756 https://linux.oracle.com/cve/CVE-2018-14618.html https://linux.oracle.com/errata/ELSA-2019-1880.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014 https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3765-1/ https://usn.ubuntu.com/3765-2/ https://usn.ubuntu.com/usn/usn-3765-1 https://usn.ubuntu.com/usn/usn-3765-2 https://www.debian.org/security/2018/dsa-4286
curl CVE-2018-16839 CRITICAL 7.61.0-r0 7.61.1-r1 http://www.securitytracker.com/id/1042012 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839 https://curl.haxx.se/docs/CVE-2018-16839.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839 https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5 https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/usn/usn-3805-1 https://www.debian.org/security/2018/dsa-4331
curl CVE-2018-16840 CRITICAL 7.61.0-r0 7.61.1-r1 http://www.securitytracker.com/id/1042013 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840 https://curl.haxx.se/docs/CVE-2018-16840.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840 https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/usn/usn-3805-1
curl CVE-2018-16842 CRITICAL 7.61.0-r0 7.61.1-r1 http://www.securitytracker.com/id/1042014 https://access.redhat.com/errata/RHSA-2019:2181 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842 https://curl.haxx.se/docs/CVE-2018-16842.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842 https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211 https://linux.oracle.com/cve/CVE-2018-16842.html https://linux.oracle.com/errata/ELSA-2019-2181.html https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/3805-2/ https://usn.ubuntu.com/usn/usn-3805-1 https://usn.ubuntu.com/usn/usn-3805-2 https://www.debian.org/security/2018/dsa-4331 https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
curl CVE-2019-3822 CRITICAL 7.61.0-r0 7.61.1-r2 http://www.securityfocus.com/bid/106950 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822 https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf https://curl.haxx.se/docs/CVE-2019-3822.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822 https://linux.oracle.com/cve/CVE-2019-3822.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.gentoo.org/glsa/201903-03 https://security.netapp.com/advisory/ntap-20190315-0001/ https://security.netapp.com/advisory/ntap-20190719-0004/ https://support.f5.com/csp/article/K84141449 https://support.f5.com/csp/article/K84141449?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
curl CVE-2019-5481 CRITICAL 7.61.0-r0 7.61.1-r3 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html https://curl.haxx.se/docs/CVE-2019-5481.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481 https://linux.oracle.com/cve/CVE-2019-5481.html https://linux.oracle.com/errata/ELSA-2020-1792.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/ https://seclists.org/bugtraq/2020/Feb/36 https://security.gentoo.org/glsa/202003-29 https://security.netapp.com/advisory/ntap-20191004-0003/ https://usn.ubuntu.com/usn/usn-4129-1 https://www.debian.org/security/2020/dsa-4633 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
curl CVE-2019-5482 CRITICAL 7.61.0-r0 7.61.1-r3 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html https://curl.haxx.se/docs/CVE-2019-5482.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482 https://linux.oracle.com/cve/CVE-2019-5482.html https://linux.oracle.com/errata/ELSA-2020-5562.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/ https://seclists.org/bugtraq/2020/Feb/36 https://security.gentoo.org/glsa/202003-29 https://security.netapp.com/advisory/ntap-20191004-0003/ https://security.netapp.com/advisory/ntap-20200416-0003/ https://usn.ubuntu.com/usn/usn-4129-1 https://usn.ubuntu.com/usn/usn-4129-2 https://www.debian.org/security/2020/dsa-4633 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
curl CVE-2018-16890 HIGH 7.61.0-r0 7.61.1-r2 http://www.securityfocus.com/bid/106947 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890 https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf https://curl.haxx.se/docs/CVE-2018-16890.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890 https://linux.oracle.com/cve/CVE-2018-16890.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.netapp.com/advisory/ntap-20190315-0001/ https://support.f5.com/csp/article/K03314397?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
curl CVE-2019-3823 HIGH 7.61.0-r0 7.61.1-r2 http://www.securityfocus.com/bid/106950 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823 https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf https://curl.haxx.se/docs/CVE-2019-3823.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823 https://linux.oracle.com/cve/CVE-2019-3823.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.gentoo.org/glsa/201903-03 https://security.netapp.com/advisory/ntap-20190315-0001/ https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
expat CVE-2018-20843 HIGH 2.2.5-r0 2.2.7-r0 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843 https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes https://github.com/libexpat/libexpat/issues/186 https://github.com/libexpat/libexpat/pull/262 https://github.com/libexpat/libexpat/pull/262/commits/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6 https://linux.oracle.com/cve/CVE-2018-20843.html https://linux.oracle.com/errata/ELSA-2020-4484.html https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/ https://seclists.org/bugtraq/2019/Jun/39 https://security.gentoo.org/glsa/201911-08 https://security.netapp.com/advisory/ntap-20190703-0001/ https://support.f5.com/csp/article/K51011533 https://usn.ubuntu.com/4040-1/ https://usn.ubuntu.com/4040-2/ https://usn.ubuntu.com/usn/usn-4040-1 https://usn.ubuntu.com/usn/usn-4040-2 https://www.debian.org/security/2019/dsa-4472 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
expat CVE-2019-15903 HIGH 2.2.5-r0 2.2.7-r1 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html http://seclists.org/fulldisclosure/2019/Dec/23 http://seclists.org/fulldisclosure/2019/Dec/26 http://seclists.org/fulldisclosure/2019/Dec/27 http://seclists.org/fulldisclosure/2019/Dec/30 https://access.redhat.com/errata/RHSA-2019:3210 https://access.redhat.com/errata/RHSA-2019:3237 https://access.redhat.com/errata/RHSA-2019:3756 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903 https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43 https://github.com/libexpat/libexpat/issues/317 https://github.com/libexpat/libexpat/issues/342 https://github.com/libexpat/libexpat/pull/318 https://linux.oracle.com/cve/CVE-2019-15903.html https://linux.oracle.com/errata/ELSA-2020-4484.html https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/ https://seclists.org/bugtraq/2019/Dec/17 https://seclists.org/bugtraq/2019/Dec/21 https://seclists.org/bugtraq/2019/Dec/23 https://seclists.org/bugtraq/2019/Nov/1 https://seclists.org/bugtraq/2019/Nov/24 https://seclists.org/bugtraq/2019/Oct/29 https://seclists.org/bugtraq/2019/Sep/30 https://seclists.org/bugtraq/2019/Sep/37 https://security.gentoo.org/glsa/201911-08 https://security.netapp.com/advisory/ntap-20190926-0004/ https://support.apple.com/kb/HT210785 https://support.apple.com/kb/HT210788 https://support.apple.com/kb/HT210789 https://support.apple.com/kb/HT210790 https://support.apple.com/kb/HT210793 https://support.apple.com/kb/HT210794 https://support.apple.com/kb/HT210795 https://usn.ubuntu.com/4132-1/ https://usn.ubuntu.com/4132-2/ https://usn.ubuntu.com/4165-1/ https://usn.ubuntu.com/4202-1/ https://usn.ubuntu.com/4335-1/ https://usn.ubuntu.com/usn/usn-4132-1 https://usn.ubuntu.com/usn/usn-4132-2 https://usn.ubuntu.com/usn/usn-4165-1 https://usn.ubuntu.com/usn/usn-4202-1 https://usn.ubuntu.com/usn/usn-4335-1 https://www.debian.org/security/2019/dsa-4530 https://www.debian.org/security/2019/dsa-4549 https://www.debian.org/security/2019/dsa-4571 https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-15903 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
git CVE-2018-17456 CRITICAL 2.15.2-r0 2.15.3-r0 http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html http://www.securityfocus.com/bid/105523 http://www.securityfocus.com/bid/107511 http://www.securitytracker.com/id/1041811 https://access.redhat.com/errata/RHSA-2018:3408 https://access.redhat.com/errata/RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3541 https://access.redhat.com/errata/RHSA-2020:0316 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456 https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404 https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46 https://linux.oracle.com/cve/CVE-2018-17456.html https://linux.oracle.com/errata/ELSA-2020-0316.html https://marc.info/?l=git&m=153875888916397&w=2 https://public-inbox.org/git/xmqqy3bcuy3l.fsf@gitster-ct.c.googlers.com/ https://seclists.org/bugtraq/2019/Mar/30 https://usn.ubuntu.com/3791-1/ https://usn.ubuntu.com/usn/usn-3791-1 https://www.debian.org/security/2018/dsa-4311 https://www.exploit-db.com/exploits/45548/ https://www.exploit-db.com/exploits/45631/ https://www.openwall.com/lists/oss-security/2018/10/06/3
git CVE-2019-1353 CRITICAL 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353 https://github.com/git/git/security/advisories/GHSA-589j-mmg9-733v https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/T/#u https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1349 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://access.redhat.com/errata/RHSA-2020:0228 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349 https://github.com/git/git/security/advisories/GHSA-4qvh-qvv7-frc7 https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://linux.oracle.com/cve/CVE-2019-1349.html https://linux.oracle.com/errata/ELSA-2019-4356.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1349 https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1350 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1350 https://github.com/git/git/security/advisories/GHSA-44fr-r2hj-3f4x https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1350 https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://security.gentoo.org/glsa/202003-42 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1351 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1351 https://github.com/git/git/security/advisories/GHSA-39hj-fvvf-mq4f https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1351 https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1352 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://access.redhat.com/errata/RHSA-2020:0228 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352 https://github.com/git/git/security/advisories/GHSA-5wph-8frv-58vj https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://linux.oracle.com/cve/CVE-2019-1352.html https://linux.oracle.com/errata/ELSA-2019-4356.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1352 https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1354 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1354 https://github.com/git/git/security/advisories/GHSA-xjx4-8694-q2fq https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1354 https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://usn.ubuntu.com/usn/usn-4220-1
git CVE-2019-1387 HIGH 2.15.2-r0 2.15.4-r0 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://access.redhat.com/errata/RHSA-2019:4356 https://access.redhat.com/errata/RHSA-2020:0002 https://access.redhat.com/errata/RHSA-2020:0124 https://access.redhat.com/errata/RHSA-2020:0228 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387 https://github.com/git/git/security/advisories/GHSA-4wfr-gwrh-8mj2 https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4 https://linux.oracle.com/cve/CVE-2019-1387.html https://linux.oracle.com/errata/ELSA-2020-0124.html https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/ https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/T/#u https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/ https://security.gentoo.org/glsa/202003-30 https://security.gentoo.org/glsa/202003-42 https://usn.ubuntu.com/usn/usn-4220-1
libbz2 CVE-2019-12900 CRITICAL 1.0.6-r6 1.0.6-r7 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900 https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html https://seclists.org/bugtraq/2019/Aug/4 https://seclists.org/bugtraq/2019/Jul/22 https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/4038-1/ https://usn.ubuntu.com/4038-2/ https://usn.ubuntu.com/4146-1/ https://usn.ubuntu.com/4146-2/ https://usn.ubuntu.com/usn/usn-4038-1 https://usn.ubuntu.com/usn/usn-4038-2 https://usn.ubuntu.com/usn/usn-4038-3 https://usn.ubuntu.com/usn/usn-4038-4 https://usn.ubuntu.com/usn/usn-4146-1 https://usn.ubuntu.com/usn/usn-4146-2 https://www.oracle.com/security-alerts/cpuoct2020.html
libcurl CVE-2018-16839 CRITICAL 7.61.1-r0 7.61.1-r1 http://www.securitytracker.com/id/1042012 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839 https://curl.haxx.se/docs/CVE-2018-16839.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839 https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5 https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/usn/usn-3805-1 https://www.debian.org/security/2018/dsa-4331
libcurl CVE-2018-16840 CRITICAL 7.61.1-r0 7.61.1-r1 http://www.securitytracker.com/id/1042013 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840 https://curl.haxx.se/docs/CVE-2018-16840.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840 https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/usn/usn-3805-1
libcurl CVE-2018-16842 CRITICAL 7.61.1-r0 7.61.1-r1 http://www.securitytracker.com/id/1042014 https://access.redhat.com/errata/RHSA-2019:2181 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842 https://curl.haxx.se/docs/CVE-2018-16842.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842 https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211 https://linux.oracle.com/cve/CVE-2018-16842.html https://linux.oracle.com/errata/ELSA-2019-2181.html https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html https://security.gentoo.org/glsa/201903-03 https://usn.ubuntu.com/3805-1/ https://usn.ubuntu.com/3805-2/ https://usn.ubuntu.com/usn/usn-3805-1 https://usn.ubuntu.com/usn/usn-3805-2 https://www.debian.org/security/2018/dsa-4331 https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
libcurl CVE-2019-3822 CRITICAL 7.61.1-r0 7.61.1-r2 http://www.securityfocus.com/bid/106950 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822 https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf https://curl.haxx.se/docs/CVE-2019-3822.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822 https://linux.oracle.com/cve/CVE-2019-3822.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.gentoo.org/glsa/201903-03 https://security.netapp.com/advisory/ntap-20190315-0001/ https://security.netapp.com/advisory/ntap-20190719-0004/ https://support.f5.com/csp/article/K84141449 https://support.f5.com/csp/article/K84141449?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
libcurl CVE-2019-5481 CRITICAL 7.61.1-r0 7.61.1-r3 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html https://curl.haxx.se/docs/CVE-2019-5481.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481 https://linux.oracle.com/cve/CVE-2019-5481.html https://linux.oracle.com/errata/ELSA-2020-1792.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/ https://seclists.org/bugtraq/2020/Feb/36 https://security.gentoo.org/glsa/202003-29 https://security.netapp.com/advisory/ntap-20191004-0003/ https://usn.ubuntu.com/usn/usn-4129-1 https://www.debian.org/security/2020/dsa-4633 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
libcurl CVE-2019-5482 CRITICAL 7.61.1-r0 7.61.1-r3 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html https://curl.haxx.se/docs/CVE-2019-5482.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482 https://linux.oracle.com/cve/CVE-2019-5482.html https://linux.oracle.com/errata/ELSA-2020-5562.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/ https://seclists.org/bugtraq/2020/Feb/36 https://security.gentoo.org/glsa/202003-29 https://security.netapp.com/advisory/ntap-20191004-0003/ https://security.netapp.com/advisory/ntap-20200416-0003/ https://usn.ubuntu.com/usn/usn-4129-1 https://usn.ubuntu.com/usn/usn-4129-2 https://www.debian.org/security/2020/dsa-4633 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpuoct2020.html
libcurl CVE-2018-16890 HIGH 7.61.1-r0 7.61.1-r2 http://www.securityfocus.com/bid/106947 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890 https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf https://curl.haxx.se/docs/CVE-2018-16890.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890 https://linux.oracle.com/cve/CVE-2018-16890.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.netapp.com/advisory/ntap-20190315-0001/ https://support.f5.com/csp/article/K03314397?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
libcurl CVE-2019-3823 HIGH 7.61.1-r0 7.61.1-r2 http://www.securityfocus.com/bid/106950 https://access.redhat.com/errata/RHSA-2019:3701 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823 https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf https://curl.haxx.se/docs/CVE-2019-3823.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823 https://linux.oracle.com/cve/CVE-2019-3823.html https://linux.oracle.com/errata/ELSA-2019-3701.html https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E https://security.gentoo.org/glsa/201903-03 https://security.netapp.com/advisory/ntap-20190315-0001/ https://usn.ubuntu.com/3882-1/ https://usn.ubuntu.com/usn/usn-3882-1 https://www.debian.org/security/2019/dsa-4386 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
libxml2 CVE-2018-14404 HIGH 2.9.7-r0 2.9.8-r1 https://access.redhat.com/errata/RHSA-2019:1543 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817 https://bugzilla.redhat.com/show_bug.cgi?id=1595985 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404 https://github.com/advisories/GHSA-6qvp-r6r3-9p7h https://github.com/sparklemotion/nokogiri/issues/1785 https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74 https://gitlab.gnome.org/GNOME/libxml2/commit/a436374994c47b12d5de1b8b1d191a098fa23594 https://gitlab.gnome.org/GNOME/libxml2/issues/10 https://groups.google.com/forum/#!msg/ruby-security-ann/uVrmO2HjqQw/Fw3ocLI0BQAJ https://linux.oracle.com/cve/CVE-2018-14404.html https://linux.oracle.com/errata/ELSA-2020-1827.html https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html https://nvd.nist.gov/vuln/detail/CVE-2018-14404 https://security.netapp.com/advisory/ntap-20190719-0002/ https://usn.ubuntu.com/3739-1/ https://usn.ubuntu.com/3739-2/ https://usn.ubuntu.com/usn/usn-3739-1 https://usn.ubuntu.com/usn/usn-3739-2
musl CVE-2019-14697 CRITICAL 1.1.18-r3 1.1.18-r4 http://www.openwall.com/lists/oss-security/2019/08/06/4 https://security.gentoo.org/glsa/202003-13 https://www.openwall.com/lists/musl/2019/08/06/1
musl-utils CVE-2019-14697 CRITICAL 1.1.18-r3 1.1.18-r4 http://www.openwall.com/lists/oss-security/2019/08/06/4 https://security.gentoo.org/glsa/202003-13 https://www.openwall.com/lists/musl/2019/08/06/1
patch CVE-2018-1000156 HIGH 2.7.5-r2 2.7.6-r0 http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html http://rachelbythebay.com/w/2018/04/05/bangpatch/ https://access.redhat.com/errata/RHSA-2018:1199 https://access.redhat.com/errata/RHSA-2018:1200 https://access.redhat.com/errata/RHSA-2018:2091 https://access.redhat.com/errata/RHSA-2018:2092 https://access.redhat.com/errata/RHSA-2018:2093 https://access.redhat.com/errata/RHSA-2018:2094 https://access.redhat.com/errata/RHSA-2018:2095 https://access.redhat.com/errata/RHSA-2018:2096 https://access.redhat.com/errata/RHSA-2018:2097 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894667#19 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000156 https://linux.oracle.com/cve/CVE-2018-1000156.html https://linux.oracle.com/errata/ELSA-2018-1200.html https://lists.debian.org/debian-lts-announce/2018/04/msg00013.html https://rachelbythebay.com/w/2018/04/05/bangpatch/ https://savannah.gnu.org/bugs/index.php?53566 https://seclists.org/bugtraq/2019/Aug/29 https://seclists.org/bugtraq/2019/Jul/54 https://security.gentoo.org/glsa/201904-17 https://twitter.com/kurtseifried/status/982028968877436928 https://usn.ubuntu.com/3624-1/ https://usn.ubuntu.com/3624-2/ https://usn.ubuntu.com/usn/usn-3624-1 https://usn.ubuntu.com/usn/usn-3624-2
patch CVE-2018-6952 HIGH 2.7.5-r2 2.7.6-r0 http://www.securityfocus.com/bid/103047 https://access.redhat.com/errata/RHSA-2019:2033 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952 https://linux.oracle.com/cve/CVE-2018-6952.html https://linux.oracle.com/errata/ELSA-2019-2033.html https://savannah.gnu.org/bugs/index.php?53133 https://security.gentoo.org/glsa/201904-17
patch CVE-2019-13638 HIGH 2.7.5-r2 2.7.6-r0 http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html https://access.redhat.com/errata/RHSA-2019:2798 https://access.redhat.com/errata/RHSA-2019:2964 https://access.redhat.com/errata/RHSA-2019:3757 https://access.redhat.com/errata/RHSA-2019:3758 https://access.redhat.com/errata/RHSA-2019:4061 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638 https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0 https://github.com/irsl/gnu-patch-vulnerabilities https://linux.oracle.com/cve/CVE-2019-13638.html https://linux.oracle.com/errata/ELSA-2019-2964.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/ https://seclists.org/bugtraq/2019/Aug/29 https://seclists.org/bugtraq/2019/Jul/54 https://security-tracker.debian.org/tracker/CVE-2019-13638 https://security.gentoo.org/glsa/201908-22 https://security.netapp.com/advisory/ntap-20190828-0001/ https://usn.ubuntu.com/usn/usn-4071-1 https://usn.ubuntu.com/usn/usn-4071-2 https://www.debian.org/security/2019/dsa-4489
sqlite-libs CVE-2019-8457 CRITICAL 3.21.0-r1 3.25.3-r1 http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457 https://linux.oracle.com/cve/CVE-2019-8457.html https://linux.oracle.com/errata/ELSA-2020-1810.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/ https://security.netapp.com/advisory/ntap-20190606-0002/ https://usn.ubuntu.com/4004-1/ https://usn.ubuntu.com/4004-2/ https://usn.ubuntu.com/4019-1/ https://usn.ubuntu.com/4019-2/ https://usn.ubuntu.com/usn/usn-4004-1 https://usn.ubuntu.com/usn/usn-4004-2 https://usn.ubuntu.com/usn/usn-4019-1 https://usn.ubuntu.com/usn/usn-4019-2 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://www.sqlite.org/releaselog/3_28_0.html https://www.sqlite.org/src/info/90acdbfce9c08858
sqlite-libs CVE-2018-20346 HIGH 3.21.0-r1 3.25.3-r0 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html http://www.securityfocus.com/bid/106323 https://access.redhat.com/articles/3758321 https://blade.tencent.com/magellan/index_en.html https://bugzilla.redhat.com/show_bug.cgi?id=1659379 https://bugzilla.redhat.com/show_bug.cgi?id=1659677 https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e https://crbug.com/900910 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20346 https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/ https://news.ycombinator.com/item?id=18685296 https://security.gentoo.org/glsa/201904-21 https://sqlite.org/src/info/940f2adc8541a838 https://sqlite.org/src/info/d44318f59044162e https://support.apple.com/HT209443 https://support.apple.com/HT209446 https://support.apple.com/HT209447 https://support.apple.com/HT209448 https://support.apple.com/HT209450 https://support.apple.com/HT209451 https://usn.ubuntu.com/4019-1/ https://usn.ubuntu.com/4019-2/ https://usn.ubuntu.com/usn/usn-4019-1 https://usn.ubuntu.com/usn/usn-4019-2 https://worthdoingbadly.com/sqlitebug/ https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html https://www.oracle.com/security-alerts/cpuapr2020.html https://www.sqlite.org/releaselog/3_25_3.html https://www.synology.com/security/advisory/Synology_SA_18_61
subversion CVE-2019-0203 HIGH 1.9.7-r0 1.9.12-r0 http://subversion.apache.org/security/CVE-2019-0203-advisory.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0203 https://linux.oracle.com/cve/CVE-2019-0203.html https://linux.oracle.com/errata/ELSA-2019-2512.html https://subversion.apache.org/security/CVE-2019-0203-advisory.txt https://usn.ubuntu.com/usn/usn-4082-1 https://usn.ubuntu.com/usn/usn-4082-2
subversion-libs CVE-2019-0203 HIGH 1.9.7-r0 1.9.12-r0 http://subversion.apache.org/security/CVE-2019-0203-advisory.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0203 https://linux.oracle.com/cve/CVE-2019-0203.html https://linux.oracle.com/errata/ELSA-2019-2512.html https://subversion.apache.org/security/CVE-2019-0203-advisory.txt https://usn.ubuntu.com/usn/usn-4082-1 https://usn.ubuntu.com/usn/usn-4082-2
npm
Package Vulnerability ID Severity Installed Version Fixed Version Links
lodash CVE-2019-10744 CRITICAL 4.17.4 4.17.12 https://access.redhat.com/errata/RHSA-2019:3024 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10744 https://github.com/advisories/GHSA-jf85-cpcp-j695 https://nvd.nist.gov/vuln/detail/CVE-2019-10744 https://security.netapp.com/advisory/ntap-20191004-0005/ https://snyk.io/vuln/SNYK-JS-LODASH-450202 https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpuoct2020.html
lodash CVE-2018-16487 HIGH 4.17.4 4.17.11 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487 https://github.com/advisories/GHSA-4xc9-xhrj-v574 https://hackerone.com/reports/380873 https://nvd.nist.gov/vuln/detail/CVE-2018-16487 https://security.netapp.com/advisory/ntap-20190919-0004/
lodash CVE-2020-8203 HIGH 4.17.4 4.17.19 https://github.com/advisories/GHSA-p6mc-m468-83gw https://github.com/lodash/lodash/issues/4874 https://hackerone.com/reports/712065 https://nvd.nist.gov/vuln/detail/CVE-2020-8203 https://security.netapp.com/advisory/ntap-20200724-0006/ https://www.npmjs.com/advisories/1523
lodash CVE-2021-23337 HIGH 4.17.4 4.17.21 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337 https://github.com/advisories/GHSA-35jh-r3h4-6jhm https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851 https://nvd.nist.gov/vuln/detail/CVE-2021-23337 https://security.netapp.com/advisory/ntap-20210312-0006/ https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929 https://snyk.io/vuln/SNYK-JS-LODASH-1040724
composer
Package Vulnerability ID Severity Installed Version Fixed Version Links
guzzlehttp/guzzle CVE-2016-5385 HIGH 6.2.0 4.2.4, 5.3.1, 6.2.1 http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html http://php.net/ChangeLog-7.php#7.0.9 http://rhn.redhat.com/errata/RHSA-2016-1609.html http://rhn.redhat.com/errata/RHSA-2016-1610.html http://rhn.redhat.com/errata/RHSA-2016-1611.html http://rhn.redhat.com/errata/RHSA-2016-1612.html http://rhn.redhat.com/errata/RHSA-2016-1613.html http://www.debian.org/security/2016/dsa-3631 http://www.kb.cert.org/vuls/id/797896 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91821 http://www.securitytracker.com/id/1036335 https://bugzilla.redhat.com/show_bug.cgi?id=1353794 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385 https://github.com/guzzle/guzzle/releases/tag/6.2.1 https://github.com/humbug/file_get_contents/releases/tag/1.1.2 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 https://httpoxy.org/ https://linux.oracle.com/cve/CVE-2016-5385.html https://linux.oracle.com/errata/ELSA-2016-1613.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/ https://security.gentoo.org/glsa/201611-22 https://usn.ubuntu.com/usn/usn-3045-1 https://www.drupal.org/SA-CORE-2016-003
pipenv
Package Vulnerability ID Severity Installed Version Fixed Version Links
django CVE-2019-19844 CRITICAL 2.0.9 3.0.1, 2.2.9, 1.11.27 http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844 https://docs.djangoproject.com/en/dev/releases/security/ https://github.com/advisories/GHSA-vfq6-hq5r-27r6 https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/ https://nvd.nist.gov/vuln/detail/CVE-2019-19844 https://seclists.org/bugtraq/2020/Jan/9 https://security.gentoo.org/glsa/202004-17 https://security.netapp.com/advisory/ntap-20200110-0003/ https://usn.ubuntu.com/4224-1/ https://usn.ubuntu.com/usn/usn-4224-1 https://www.debian.org/security/2020/dsa-4598 https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
django CVE-2020-7471 CRITICAL 2.0.9 3.0.3, 2.2.10, 1.11.28 http://www.openwall.com/lists/oss-security/2020/02/03/1 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7471 https://docs.djangoproject.com/en/3.0/releases/security/ https://github.com/advisories/GHSA-hmr4-m2h5-33qx https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136 https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/ https://nvd.nist.gov/vuln/detail/CVE-2020-7471 https://seclists.org/bugtraq/2020/Feb/30 https://security.gentoo.org/glsa/202004-17 https://security.netapp.com/advisory/ntap-20200221-0006/ https://usn.ubuntu.com/4264-1/ https://usn.ubuntu.com/usn/usn-4264-1 https://www.debian.org/security/2020/dsa-4629 https://www.djangoproject.com/weblog/2020/feb/03/security-releases/ https://www.openwall.com/lists/oss-security/2020/02/03/1
django CVE-2019-6975 HIGH 2.0.9 2.1.6, 2.0.11, 1.11.19 http://www.securityfocus.com/bid/106964 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6975 https://docs.djangoproject.com/en/dev/releases/security/ https://github.com/advisories/GHSA-wh4h-v3f2-r2pp https://groups.google.com/forum/#!topic/django-announce/WTwEAprR0IQ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/ https://nvd.nist.gov/vuln/detail/CVE-2019-6975 https://seclists.org/bugtraq/2019/Jul/10 https://usn.ubuntu.com/3890-1/ https://usn.ubuntu.com/usn/usn-3890-1 https://www.debian.org/security/2019/dsa-4476 https://www.djangoproject.com/weblog/2019/feb/11/security-releases/ https://www.openwall.com/lists/oss-security/2019/02/11/1
django CVE-2020-9402 HIGH 2.0.9 3.0.4, 2.2.11, 1.11.29 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9402 https://docs.djangoproject.com/en/3.0/releases/security/ https://github.com/advisories/GHSA-3gh2-xw74-jmcw https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/ https://nvd.nist.gov/vuln/detail/CVE-2020-9402 https://security.gentoo.org/glsa/202004-17 https://security.netapp.com/advisory/ntap-20200327-0004/ https://usn.ubuntu.com/4296-1/ https://usn.ubuntu.com/usn/usn-4296-1 https://www.debian.org/security/2020/dsa-4705 https://www.djangoproject.com/weblog/2020/mar/04/security-releases/
httplib2 CVE-2021-21240 HIGH 0.12.1 0.19.0 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21240 https://github.com/advisories/GHSA-93xj-8mrv-444m https://github.com/httplib2/httplib2/commit/bd9ee252c8f099608019709e22c0d705e98d26bc https://github.com/httplib2/httplib2/pull/182 https://github.com/httplib2/httplib2/security/advisories/GHSA-93xj-8mrv-444m https://nvd.nist.gov/vuln/detail/CVE-2021-21240 https://pypi.org/project/httplib2
py CVE-2020-29651 HIGH 1.8.0 1.10.0 https://github.com/advisories/GHSA-hj5v-574p-mj7c https://github.com/pytest-dev/py/issues/256 https://github.com/pytest-dev/py/pull/257 https://github.com/pytest-dev/py/pull/257/commits/4a9017dc6199d2a564b6e4b0aa39d6d8870e4144 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYWNYEV3FGDHPIHX4DDUDMFZ6NLCQRC4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHDTINIBJZ67T3W74QTBIY5LPKAXEOGR/ https://nvd.nist.gov/vuln/detail/CVE-2020-29651
pygments CVE-2021-20270 HIGH 2.3.1 2.7.4 https://bugzilla.redhat.com/show_bug.cgi?id=1922136 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270 https://github.com/advisories/GHSA-9w8r-397f-prfh https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html https://nvd.nist.gov/vuln/detail/CVE-2021-20270 https://usn.ubuntu.com/usn/usn-4885-1 https://www.debian.org/security/2021/dsa-4889
pygments CVE-2021-27291 HIGH 2.3.1 2.7.4 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291 https://gist.github.com/b-c-ds/b1a2cc0c68a35c57188575eb496de5ce https://github.com/advisories/GHSA-pq64-v7f5-gqh8 https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14 https://lists.debian.org/debian-lts-announce/2021/03/msg00024.html https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ/ https://nvd.nist.gov/vuln/detail/CVE-2021-27291 https://usn.ubuntu.com/usn/usn-4897-1 https://www.debian.org/security/2021/dsa-4878 https://www.debian.org/security/2021/dsa-4889
pyyaml CVE-2019-20477 CRITICAL 5.1 5.2 https://github.com/advisories/GHSA-3pqx-4fqf-j49f https://github.com/yaml/pyyaml/blob/master/CHANGES https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33VBUY73AA6CTTYL3LRWHNFDULV7PFPN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/52N5XS73Z5S4ZN7I7R56ICCPCTKCUV4H/ https://nvd.nist.gov/vuln/detail/CVE-2019-20477 https://www.exploit-db.com/download/47655
pyyaml CVE-2020-14343 CRITICAL 5.1 5.4 https://bugzilla.redhat.com/show_bug.cgi?id=1860466 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14343 https://github.com/advisories/GHSA-8q59-q68h-6hv4 https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation https://nvd.nist.gov/vuln/detail/CVE-2020-14343 https://usn.ubuntu.com/usn/usn-4940-1
pyyaml CVE-2020-1747 CRITICAL 5.1 5.3.1 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747 https://github.com/advisories/GHSA-6757-jp84-gxfx https://github.com/yaml/pyyaml/pull/386 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PPAS6C4SZRDQLR7C22A5U3QOLXY33JX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMQXSZXNJT6ERABJZAAICI3DQSQLCP3D/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/ https://nvd.nist.gov/vuln/detail/CVE-2020-1747
urllib3 CVE-2019-11324 HIGH 1.24.1 1.24.2 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html http://www.openwall.com/lists/oss-security/2019/04/19/1 https://access.redhat.com/errata/RHSA-2019:3335 https://access.redhat.com/errata/RHSA-2019:3590 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11324 https://github.com/advisories/GHSA-mh33-7rrq-662w https://github.com/urllib3/urllib3/compare/a6ec68a...1efadf4 https://linux.oracle.com/cve/CVE-2019-11324.html https://linux.oracle.com/errata/ELSA-2020-2068.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/ https://nvd.nist.gov/vuln/detail/CVE-2019-11324 https://usn.ubuntu.com/3990-1/ https://usn.ubuntu.com/usn/usn-3990-1 https://www.openwall.com/lists/oss-security/2019/04/17/3
bundler
Package Vulnerability ID Severity Installed Version Fixed Version Links
actionpack CVE-2020-8164 HIGH 5.2.3 6.0.3.1, 5.2.4.3 http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00089.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00093.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00107.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8164 https://github.com/advisories/GHSA-8727-m6gj-mc37 https://groups.google.com/forum/#!topic/rubyonrails-security/f6ioe4sdpbY https://groups.google.com/g/rubyonrails-security/c/f6ioe4sdpbY https://hackerone.com/reports/292797 https://lists.debian.org/debian-lts-announce/2020/06/msg00022.html https://lists.debian.org/debian-lts-announce/2020/07/msg00013.html https://nvd.nist.gov/vuln/detail/CVE-2020-8164 https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released https://www.debian.org/security/2020/dsa-4766
actionpack CVE-2021-22885 HIGH 5.2.3 5.2.4.6, 5.2.6, 6.1.3.2, 6.0.3.7 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22885 https://github.com/advisories/GHSA-hjg4-8q5f-x6fm https://groups.google.com/g/rubyonrails-security/c/NiQl-48cXYI https://hackerone.com/reports/1106652 https://nvd.nist.gov/vuln/detail/CVE-2021-22885
activestorage CVE-2020-8162 HIGH 5.2.3 6.0.3.1, 5.2.4.3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8162 https://github.com/advisories/GHSA-m42x-37p3-fv5w https://groups.google.com/forum/#!msg/rubyonrails-security/PjU3946mreQ/Dn-6uLbAAQAJ https://groups.google.com/forum/#!topic/rubyonrails-security/PjU3946mreQ https://groups.google.com/g/rubyonrails-security/c/PjU3946mreQ https://hackerone.com/reports/789579 https://nvd.nist.gov/vuln/detail/CVE-2020-8162 https://www.debian.org/security/2020/dsa-4766
activesupport CVE-2020-8165 CRITICAL 5.2.3 6.0.3.1, 5.2.4.3 http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00034.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8165 https://github.com/advisories/GHSA-2p68-f74v-9wc6 https://groups.google.com/forum/#!msg/rubyonrails-security/bv6fW4S0Y1c/KnkEqM7AAQAJ https://groups.google.com/forum/#!topic/rubyonrails-security/bv6fW4S0Y1c https://groups.google.com/g/rubyonrails-security/c/bv6fW4S0Y1c https://hackerone.com/reports/413388 https://lists.debian.org/debian-lts-announce/2020/06/msg00022.html https://lists.debian.org/debian-lts-announce/2020/07/msg00013.html https://nvd.nist.gov/vuln/detail/CVE-2020-8165 https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released/ https://www.debian.org/security/2020/dsa-4766
json CVE-2020-10663 HIGH 2.2.0 2.3.0 http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00004.html http://seclists.org/fulldisclosure/2020/Dec/32 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10663 https://github.com/advisories/GHSA-jphg-qwrw-7w9g https://groups.google.com/forum/#!topic/ruby-security-ann/ermX1eQqqKA https://hackerone.com/reports/706934 https://linux.oracle.com/cve/CVE-2020-10663.html https://linux.oracle.com/errata/ELSA-2020-5724.html https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c@%3Cissues.zookeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QL6MJD2BO4IRJ5CJFNMCDYMQQFT24BJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NK2PBXWMFRUD7U7Q7LHV4KYLYID77RI4/ https://nvd.nist.gov/vuln/detail/CVE-2020-10663 https://security.netapp.com/advisory/ntap-20210129-0003/ https://support.apple.com/kb/HT211931 https://usn.ubuntu.com/usn/usn-4882-1 https://www.debian.org/security/2020/dsa-4721 https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663 https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
nokogiri CVE-2019-5477 CRITICAL 1.10.3 1.10.4 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5477 https://github.com/advisories/GHSA-cr5j-953j-xw5p https://github.com/sparklemotion/nokogiri/issues/1915 https://github.com/tenderlove/rexical/blob/master/CHANGELOG.rdoc https://github.com/tenderlove/rexical/blob/master/CHANGELOG.rdoc#107--2019-08-06 https://github.com/tenderlove/rexical/commit/a652474dbc66be350055db3e8f9b3a7b3fd75926 https://groups.google.com/forum/#!msg/ruby-security-ann/YMnKFsASOAE/Fw3ocLI0BQAJ https://hackerone.com/reports/650835 https://lists.debian.org/debian-lts-announce/2019/09/msg00027.html https://nvd.nist.gov/vuln/detail/CVE-2019-5477 https://security.gentoo.org/glsa/202006-05 https://usn.ubuntu.com/4175-1/ https://usn.ubuntu.com/usn/usn-4175-1
nokogiri CVE-2019-13117 HIGH 1.10.3 >= 1.10.5 http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html http://www.openwall.com/lists/oss-security/2019/11/17/2 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117 https://github.com/sparklemotion/nokogiri/issues/1943 https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285 https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1 https://groups.google.com/d/msg/ruby-security-ann/-Wq4aouIA3Q/yc76ZHemBgAJ https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/ https://oss-fuzz.com/testcase-detail/5631739747106816 https://security.netapp.com/advisory/ntap-20190806-0004/ https://security.netapp.com/advisory/ntap-20200122-0003/ https://usn.ubuntu.com/4164-1/ https://usn.ubuntu.com/usn/usn-4164-1 https://www.oracle.com/security-alerts/cpujan2020.html
nokogiri CVE-2020-7595 HIGH 1.10.3 1.10.8 http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595 https://github.com/advisories/GHSA-7553-jr98-vx47 https://github.com/sparklemotion/nokogiri/issues/1992 https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076 https://linux.oracle.com/cve/CVE-2020-7595.html https://linux.oracle.com/errata/ELSA-2020-4479.html https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/ https://nvd.nist.gov/vuln/detail/CVE-2020-7595 https://security.gentoo.org/glsa/202010-04 https://security.netapp.com/advisory/ntap-20200702-0005/ https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08 https://usn.ubuntu.com/4274-1/ https://usn.ubuntu.com/usn/usn-4274-1 https://www.oracle.com/security-alerts/cpujul2020.html
nokogiri GHSA-7rrm-v45f-jp64 HIGH 1.10.3 1.11.4 https://github.com/advisories/GHSA-7rrm-v45f-jp64 https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-7rrm-v45f-jp64
rack CVE-2020-8161 HIGH 2.0.7 2.1.3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8161 https://github.com/advisories/GHSA-5f9h-9pjv-v6j7 https://github.com/rack/rack/commit/dddb7ad18ed79ca6ab06ccc417a169fde451246e https://groups.google.com/forum/#!msg/rubyonrails-security/IOO1vNZTzPA/Ylzi1UYLAAAJ https://groups.google.com/forum/#!topic/ruby-security-ann/T4ZIsfRf2eA https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA https://hackerone.com/reports/434404 https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html https://nvd.nist.gov/vuln/detail/CVE-2020-8161 https://usn.ubuntu.com/4561-1/ https://usn.ubuntu.com/usn/usn-4561-1 https://usn.ubuntu.com/usn/usn-4561-2
rack CVE-2020-8184 HIGH 2.0.7 2.2.3, 2.1.4 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8184 https://github.com/advisories/GHSA-j6w9-fv6q-3q52 https://groups.google.com/forum/#!msg/rubyonrails-security/OWtmozPH9Ak/4m00yHPCBAAJ https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak https://hackerone.com/reports/895727 https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html https://nvd.nist.gov/vuln/detail/CVE-2020-8184 https://usn.ubuntu.com/4561-1/ https://usn.ubuntu.com/usn/usn-4561-1 https://usn.ubuntu.com/usn/usn-4561-2
rake CVE-2020-8130 HIGH 12.3.2 12.3.3 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8130 https://github.com/advisories/GHSA-jppv-gw3r-w3q8 https://hackerone.com/reports/651518 https://lists.debian.org/debian-lts-announce/2020/02/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/523CLQ62VRN3VVC52KMPTROCCKY4Z36B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXMX4ARNX2JLRJMSH4N3J3UBMUT5CI44/ https://nvd.nist.gov/vuln/detail/CVE-2020-8130 https://usn.ubuntu.com/4295-1/ https://usn.ubuntu.com/usn/usn-4295-1
websocket-extensions CVE-2020-7663 HIGH 0.1.3 0.1.5 https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7663 https://github.com/advisories/GHSA-g6wq-qcwm-j5g2 https://github.com/faye/websocket-extensions-ruby/commit/aa156a439da681361ed6f53f1a8131892418838b https://github.com/faye/websocket-extensions-ruby/security/advisories/GHSA-g6wq-qcwm-j5g2 https://lists.debian.org/debian-lts-announce/2020/08/msg00031.html https://nvd.nist.gov/vuln/detail/CVE-2020-7663 https://snyk.io/vuln/SNYK-RUBY-WEBSOCKETEXTENSIONS-570830 https://usn.ubuntu.com/4502-1/ https://usn.ubuntu.com/usn/usn-4502-1
cargo
No Vulnerabilities found