issues
search
lazy-actions
/
gitrivy
GitHub Issue + Trivy Action
MIT License
54
stars
25
forks
source link
Security Alert Test
#99
Closed
github-actions[bot]
closed
3 years ago
github-actions[bot]
commented
3 years ago
knqyf263/vuln-image (alpine 3.7.1) - Trivy Report - 2021-06-03T21:25:24.416449943Z
alpine
Package
Vulnerability ID
Severity
Installed Version
Fixed Version
Links
curl
CVE-2018-14618
CRITICAL
7.61.0-r0
7.61.1-r0
http://www.securitytracker.com/id/1041605
https://access.redhat.com/errata/RHSA-2018:3558
https://access.redhat.com/errata/RHSA-2019:1880
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618
https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf
https://curl.haxx.se/docs/CVE-2018-14618.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618
https://github.com/curl/curl/issues/2756
https://linux.oracle.com/cve/CVE-2018-14618.html
https://linux.oracle.com/errata/ELSA-2019-1880.html
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014
https://security.gentoo.org/glsa/201903-03
https://usn.ubuntu.com/3765-1/
https://usn.ubuntu.com/3765-2/
https://usn.ubuntu.com/usn/usn-3765-1
https://usn.ubuntu.com/usn/usn-3765-2
https://www.debian.org/security/2018/dsa-4286
curl
CVE-2018-16839
CRITICAL
7.61.0-r0
7.61.1-r1
http://www.securitytracker.com/id/1042012
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839
https://curl.haxx.se/docs/CVE-2018-16839.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839
https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html
https://security.gentoo.org/glsa/201903-03
https://usn.ubuntu.com/3805-1/
https://usn.ubuntu.com/usn/usn-3805-1
https://www.debian.org/security/2018/dsa-4331
curl
CVE-2018-16840
CRITICAL
7.61.0-r0
7.61.1-r1
http://www.securitytracker.com/id/1042013
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840
https://curl.haxx.se/docs/CVE-2018-16840.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840
https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f
https://security.gentoo.org/glsa/201903-03
https://usn.ubuntu.com/3805-1/
https://usn.ubuntu.com/usn/usn-3805-1
curl
CVE-2018-16842
CRITICAL
7.61.0-r0
7.61.1-r1
http://www.securitytracker.com/id/1042014
https://access.redhat.com/errata/RHSA-2019:2181
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842
https://curl.haxx.se/docs/CVE-2018-16842.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842
https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211
https://linux.oracle.com/cve/CVE-2018-16842.html
https://linux.oracle.com/errata/ELSA-2019-2181.html
https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html
https://security.gentoo.org/glsa/201903-03
https://usn.ubuntu.com/3805-1/
https://usn.ubuntu.com/3805-2/
https://usn.ubuntu.com/usn/usn-3805-1
https://usn.ubuntu.com/usn/usn-3805-2
https://www.debian.org/security/2018/dsa-4331
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
curl
CVE-2019-3822
CRITICAL
7.61.0-r0
7.61.1-r2
http://www.securityfocus.com/bid/106950
https://access.redhat.com/errata/RHSA-2019:3701
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822
https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf
https://curl.haxx.se/docs/CVE-2019-3822.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822
https://linux.oracle.com/cve/CVE-2019-3822.html
https://linux.oracle.com/errata/ELSA-2019-3701.html
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
https://security.gentoo.org/glsa/201903-03
https://security.netapp.com/advisory/ntap-20190315-0001/
https://security.netapp.com/advisory/ntap-20190719-0004/
https://support.f5.com/csp/article/K84141449
https://support.f5.com/csp/article/K84141449?utm_source=f5support&utm_medium=RSS
https://usn.ubuntu.com/3882-1/
https://usn.ubuntu.com/usn/usn-3882-1
https://www.debian.org/security/2019/dsa-4386
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
curl
CVE-2019-5481
CRITICAL
7.61.0-r0
7.61.1-r3
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html
https://curl.haxx.se/docs/CVE-2019-5481.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481
https://linux.oracle.com/cve/CVE-2019-5481.html
https://linux.oracle.com/errata/ELSA-2020-1792.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/
https://seclists.org/bugtraq/2020/Feb/36
https://security.gentoo.org/glsa/202003-29
https://security.netapp.com/advisory/ntap-20191004-0003/
https://usn.ubuntu.com/usn/usn-4129-1
https://www.debian.org/security/2020/dsa-4633
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
curl
CVE-2019-5482
CRITICAL
7.61.0-r0
7.61.1-r3
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html
https://curl.haxx.se/docs/CVE-2019-5482.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482
https://linux.oracle.com/cve/CVE-2019-5482.html
https://linux.oracle.com/errata/ELSA-2020-5562.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/
https://seclists.org/bugtraq/2020/Feb/36
https://security.gentoo.org/glsa/202003-29
https://security.netapp.com/advisory/ntap-20191004-0003/
https://security.netapp.com/advisory/ntap-20200416-0003/
https://usn.ubuntu.com/usn/usn-4129-1
https://usn.ubuntu.com/usn/usn-4129-2
https://www.debian.org/security/2020/dsa-4633
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
curl
CVE-2018-16890
HIGH
7.61.0-r0
7.61.1-r2
http://www.securityfocus.com/bid/106947
https://access.redhat.com/errata/RHSA-2019:3701
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890
https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf
https://curl.haxx.se/docs/CVE-2018-16890.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890
https://linux.oracle.com/cve/CVE-2018-16890.html
https://linux.oracle.com/errata/ELSA-2019-3701.html
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
https://security.netapp.com/advisory/ntap-20190315-0001/
https://support.f5.com/csp/article/K03314397?utm_source=f5support&utm_medium=RSS
https://usn.ubuntu.com/3882-1/
https://usn.ubuntu.com/usn/usn-3882-1
https://www.debian.org/security/2019/dsa-4386
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
curl
CVE-2019-3823
HIGH
7.61.0-r0
7.61.1-r2
http://www.securityfocus.com/bid/106950
https://access.redhat.com/errata/RHSA-2019:3701
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823
https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf
https://curl.haxx.se/docs/CVE-2019-3823.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823
https://linux.oracle.com/cve/CVE-2019-3823.html
https://linux.oracle.com/errata/ELSA-2019-3701.html
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
https://security.gentoo.org/glsa/201903-03
https://security.netapp.com/advisory/ntap-20190315-0001/
https://usn.ubuntu.com/3882-1/
https://usn.ubuntu.com/usn/usn-3882-1
https://www.debian.org/security/2019/dsa-4386
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
expat
CVE-2018-20843
HIGH
2.2.5-r0
2.2.7-r0
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes
https://github.com/libexpat/libexpat/issues/186
https://github.com/libexpat/libexpat/pull/262
https://github.com/libexpat/libexpat/pull/262/commits/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
https://linux.oracle.com/cve/CVE-2018-20843.html
https://linux.oracle.com/errata/ELSA-2020-4484.html
https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/
https://seclists.org/bugtraq/2019/Jun/39
https://security.gentoo.org/glsa/201911-08
https://security.netapp.com/advisory/ntap-20190703-0001/
https://support.f5.com/csp/article/K51011533
https://usn.ubuntu.com/4040-1/
https://usn.ubuntu.com/4040-2/
https://usn.ubuntu.com/usn/usn-4040-1
https://usn.ubuntu.com/usn/usn-4040-2
https://www.debian.org/security/2019/dsa-4472
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
expat
CVE-2019-15903
HIGH
2.2.5-r0
2.2.7-r1
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
http://seclists.org/fulldisclosure/2019/Dec/23
http://seclists.org/fulldisclosure/2019/Dec/26
http://seclists.org/fulldisclosure/2019/Dec/27
http://seclists.org/fulldisclosure/2019/Dec/30
https://access.redhat.com/errata/RHSA-2019:3210
https://access.redhat.com/errata/RHSA-2019:3237
https://access.redhat.com/errata/RHSA-2019:3756
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
https://github.com/libexpat/libexpat/issues/317
https://github.com/libexpat/libexpat/issues/342
https://github.com/libexpat/libexpat/pull/318
https://linux.oracle.com/cve/CVE-2019-15903.html
https://linux.oracle.com/errata/ELSA-2020-4484.html
https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
https://seclists.org/bugtraq/2019/Dec/17
https://seclists.org/bugtraq/2019/Dec/21
https://seclists.org/bugtraq/2019/Dec/23
https://seclists.org/bugtraq/2019/Nov/1
https://seclists.org/bugtraq/2019/Nov/24
https://seclists.org/bugtraq/2019/Oct/29
https://seclists.org/bugtraq/2019/Sep/30
https://seclists.org/bugtraq/2019/Sep/37
https://security.gentoo.org/glsa/201911-08
https://security.netapp.com/advisory/ntap-20190926-0004/
https://support.apple.com/kb/HT210785
https://support.apple.com/kb/HT210788
https://support.apple.com/kb/HT210789
https://support.apple.com/kb/HT210790
https://support.apple.com/kb/HT210793
https://support.apple.com/kb/HT210794
https://support.apple.com/kb/HT210795
https://usn.ubuntu.com/4132-1/
https://usn.ubuntu.com/4132-2/
https://usn.ubuntu.com/4165-1/
https://usn.ubuntu.com/4202-1/
https://usn.ubuntu.com/4335-1/
https://usn.ubuntu.com/usn/usn-4132-1
https://usn.ubuntu.com/usn/usn-4132-2
https://usn.ubuntu.com/usn/usn-4165-1
https://usn.ubuntu.com/usn/usn-4202-1
https://usn.ubuntu.com/usn/usn-4335-1
https://www.debian.org/security/2019/dsa-4530
https://www.debian.org/security/2019/dsa-4549
https://www.debian.org/security/2019/dsa-4571
https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-15903
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
git
CVE-2018-17456
CRITICAL
2.15.2-r0
2.15.3-r0
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html
http://www.securityfocus.com/bid/105523
http://www.securityfocus.com/bid/107511
http://www.securitytracker.com/id/1041811
https://access.redhat.com/errata/RHSA-2018:3408
https://access.redhat.com/errata/RHSA-2018:3505
https://access.redhat.com/errata/RHSA-2018:3541
https://access.redhat.com/errata/RHSA-2020:0316
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456
https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404
https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46
https://linux.oracle.com/cve/CVE-2018-17456.html
https://linux.oracle.com/errata/ELSA-2020-0316.html
https://marc.info/?l=git&m=153875888916397&w=2
https://public-inbox.org/git/xmqqy3bcuy3l.fsf@gitster-ct.c.googlers.com/
https://seclists.org/bugtraq/2019/Mar/30
https://usn.ubuntu.com/3791-1/
https://usn.ubuntu.com/usn/usn-3791-1
https://www.debian.org/security/2018/dsa-4311
https://www.exploit-db.com/exploits/45548/
https://www.exploit-db.com/exploits/45631/
https://www.openwall.com/lists/oss-security/2018/10/06/3
git
CVE-2019-1353
CRITICAL
2.15.2-r0
2.15.4-r0
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
https://github.com/git/git/security/advisories/GHSA-589j-mmg9-733v
https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4
https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/T/#u
https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
https://security.gentoo.org/glsa/202003-30
https://usn.ubuntu.com/usn/usn-4220-1
git
CVE-2019-1349
HIGH
2.15.2-r0
2.15.4-r0
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
https://access.redhat.com/errata/RHSA-2020:0228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
https://github.com/git/git/security/advisories/GHSA-4qvh-qvv7-frc7
https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4
https://linux.oracle.com/cve/CVE-2019-1349.html
https://linux.oracle.com/errata/ELSA-2019-4356.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1349
https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
https://security.gentoo.org/glsa/202003-30
https://usn.ubuntu.com/usn/usn-4220-1
git
CVE-2019-1350
HIGH
2.15.2-r0
2.15.4-r0
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1350
https://github.com/git/git/security/advisories/GHSA-44fr-r2hj-3f4x
https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1350
https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
https://security.gentoo.org/glsa/202003-30
https://security.gentoo.org/glsa/202003-42
https://usn.ubuntu.com/usn/usn-4220-1
git
CVE-2019-1351
HIGH
2.15.2-r0
2.15.4-r0
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1351
https://github.com/git/git/security/advisories/GHSA-39hj-fvvf-mq4f
https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1351
https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
https://security.gentoo.org/glsa/202003-30
https://usn.ubuntu.com/usn/usn-4220-1
git
CVE-2019-1352
HIGH
2.15.2-r0
2.15.4-r0
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
https://access.redhat.com/errata/RHSA-2020:0228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
https://github.com/git/git/security/advisories/GHSA-5wph-8frv-58vj
https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4
https://linux.oracle.com/cve/CVE-2019-1352.html
https://linux.oracle.com/errata/ELSA-2019-4356.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1352
https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
https://security.gentoo.org/glsa/202003-30
https://usn.ubuntu.com/usn/usn-4220-1
git
CVE-2019-1354
HIGH
2.15.2-r0
2.15.4-r0
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1354
https://github.com/git/git/security/advisories/GHSA-xjx4-8694-q2fq
https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1354
https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
https://security.gentoo.org/glsa/202003-30
https://usn.ubuntu.com/usn/usn-4220-1
git
CVE-2019-1387
HIGH
2.15.2-r0
2.15.4-r0
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
https://access.redhat.com/errata/RHSA-2019:4356
https://access.redhat.com/errata/RHSA-2020:0002
https://access.redhat.com/errata/RHSA-2020:0124
https://access.redhat.com/errata/RHSA-2020:0228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
https://github.com/git/git/security/advisories/GHSA-4wfr-gwrh-8mj2
https://groups.google.com/forum/?fromgroups#!topic/git-packagers/AWRBO_5gqa4
https://linux.oracle.com/cve/CVE-2019-1387.html
https://linux.oracle.com/errata/ELSA-2020-0124.html
https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/
https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/T/#u
https://public-inbox.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/
https://security.gentoo.org/glsa/202003-30
https://security.gentoo.org/glsa/202003-42
https://usn.ubuntu.com/usn/usn-4220-1
libbz2
CVE-2019-12900
CRITICAL
1.0.6-r6
1.0.6-r7
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html
http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900
https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html
https://seclists.org/bugtraq/2019/Aug/4
https://seclists.org/bugtraq/2019/Jul/22
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc
https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS
https://usn.ubuntu.com/4038-1/
https://usn.ubuntu.com/4038-2/
https://usn.ubuntu.com/4146-1/
https://usn.ubuntu.com/4146-2/
https://usn.ubuntu.com/usn/usn-4038-1
https://usn.ubuntu.com/usn/usn-4038-2
https://usn.ubuntu.com/usn/usn-4038-3
https://usn.ubuntu.com/usn/usn-4038-4
https://usn.ubuntu.com/usn/usn-4146-1
https://usn.ubuntu.com/usn/usn-4146-2
https://www.oracle.com/security-alerts/cpuoct2020.html
libcurl
CVE-2018-16839
CRITICAL
7.61.1-r0
7.61.1-r1
http://www.securitytracker.com/id/1042012
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16839
https://curl.haxx.se/docs/CVE-2018-16839.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16839
https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html
https://security.gentoo.org/glsa/201903-03
https://usn.ubuntu.com/3805-1/
https://usn.ubuntu.com/usn/usn-3805-1
https://www.debian.org/security/2018/dsa-4331
libcurl
CVE-2018-16840
CRITICAL
7.61.1-r0
7.61.1-r1
http://www.securitytracker.com/id/1042013
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840
https://curl.haxx.se/docs/CVE-2018-16840.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16840
https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f
https://security.gentoo.org/glsa/201903-03
https://usn.ubuntu.com/3805-1/
https://usn.ubuntu.com/usn/usn-3805-1
libcurl
CVE-2018-16842
CRITICAL
7.61.1-r0
7.61.1-r1
http://www.securitytracker.com/id/1042014
https://access.redhat.com/errata/RHSA-2019:2181
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16842
https://curl.haxx.se/docs/CVE-2018-16842.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16842
https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211
https://linux.oracle.com/cve/CVE-2018-16842.html
https://linux.oracle.com/errata/ELSA-2019-2181.html
https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html
https://security.gentoo.org/glsa/201903-03
https://usn.ubuntu.com/3805-1/
https://usn.ubuntu.com/3805-2/
https://usn.ubuntu.com/usn/usn-3805-1
https://usn.ubuntu.com/usn/usn-3805-2
https://www.debian.org/security/2018/dsa-4331
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
libcurl
CVE-2019-3822
CRITICAL
7.61.1-r0
7.61.1-r2
http://www.securityfocus.com/bid/106950
https://access.redhat.com/errata/RHSA-2019:3701
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822
https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf
https://curl.haxx.se/docs/CVE-2019-3822.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822
https://linux.oracle.com/cve/CVE-2019-3822.html
https://linux.oracle.com/errata/ELSA-2019-3701.html
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
https://security.gentoo.org/glsa/201903-03
https://security.netapp.com/advisory/ntap-20190315-0001/
https://security.netapp.com/advisory/ntap-20190719-0004/
https://support.f5.com/csp/article/K84141449
https://support.f5.com/csp/article/K84141449?utm_source=f5support&utm_medium=RSS
https://usn.ubuntu.com/3882-1/
https://usn.ubuntu.com/usn/usn-3882-1
https://www.debian.org/security/2019/dsa-4386
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
libcurl
CVE-2019-5481
CRITICAL
7.61.1-r0
7.61.1-r3
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html
https://curl.haxx.se/docs/CVE-2019-5481.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481
https://linux.oracle.com/cve/CVE-2019-5481.html
https://linux.oracle.com/errata/ELSA-2020-1792.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/
https://seclists.org/bugtraq/2020/Feb/36
https://security.gentoo.org/glsa/202003-29
https://security.netapp.com/advisory/ntap-20191004-0003/
https://usn.ubuntu.com/usn/usn-4129-1
https://www.debian.org/security/2020/dsa-4633
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
libcurl
CVE-2019-5482
CRITICAL
7.61.1-r0
7.61.1-r3
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html
https://curl.haxx.se/docs/CVE-2019-5482.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482
https://linux.oracle.com/cve/CVE-2019-5482.html
https://linux.oracle.com/errata/ELSA-2020-5562.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/
https://seclists.org/bugtraq/2020/Feb/36
https://security.gentoo.org/glsa/202003-29
https://security.netapp.com/advisory/ntap-20191004-0003/
https://security.netapp.com/advisory/ntap-20200416-0003/
https://usn.ubuntu.com/usn/usn-4129-1
https://usn.ubuntu.com/usn/usn-4129-2
https://www.debian.org/security/2020/dsa-4633
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
libcurl
CVE-2018-16890
HIGH
7.61.1-r0
7.61.1-r2
http://www.securityfocus.com/bid/106947
https://access.redhat.com/errata/RHSA-2019:3701
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16890
https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf
https://curl.haxx.se/docs/CVE-2018-16890.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890
https://linux.oracle.com/cve/CVE-2018-16890.html
https://linux.oracle.com/errata/ELSA-2019-3701.html
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
https://security.netapp.com/advisory/ntap-20190315-0001/
https://support.f5.com/csp/article/K03314397?utm_source=f5support&utm_medium=RSS
https://usn.ubuntu.com/3882-1/
https://usn.ubuntu.com/usn/usn-3882-1
https://www.debian.org/security/2019/dsa-4386
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
libcurl
CVE-2019-3823
HIGH
7.61.1-r0
7.61.1-r2
http://www.securityfocus.com/bid/106950
https://access.redhat.com/errata/RHSA-2019:3701
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823
https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf
https://curl.haxx.se/docs/CVE-2019-3823.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823
https://linux.oracle.com/cve/CVE-2019-3823.html
https://linux.oracle.com/errata/ELSA-2019-3701.html
https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
https://security.gentoo.org/glsa/201903-03
https://security.netapp.com/advisory/ntap-20190315-0001/
https://usn.ubuntu.com/3882-1/
https://usn.ubuntu.com/usn/usn-3882-1
https://www.debian.org/security/2019/dsa-4386
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
libxml2
CVE-2018-14404
HIGH
2.9.7-r0
2.9.8-r1
https://access.redhat.com/errata/RHSA-2019:1543
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817
https://bugzilla.redhat.com/show_bug.cgi?id=1595985
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404
https://github.com/advisories/GHSA-6qvp-r6r3-9p7h
https://github.com/sparklemotion/nokogiri/issues/1785
https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74
https://gitlab.gnome.org/GNOME/libxml2/commit/a436374994c47b12d5de1b8b1d191a098fa23594
https://gitlab.gnome.org/GNOME/libxml2/issues/10
https://groups.google.com/forum/#!msg/ruby-security-ann/uVrmO2HjqQw/Fw3ocLI0BQAJ
https://linux.oracle.com/cve/CVE-2018-14404.html
https://linux.oracle.com/errata/ELSA-2020-1827.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html
https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
https://nvd.nist.gov/vuln/detail/CVE-2018-14404
https://security.netapp.com/advisory/ntap-20190719-0002/
https://usn.ubuntu.com/3739-1/
https://usn.ubuntu.com/3739-2/
https://usn.ubuntu.com/usn/usn-3739-1
https://usn.ubuntu.com/usn/usn-3739-2
musl
CVE-2019-14697
CRITICAL
1.1.18-r3
1.1.18-r4
http://www.openwall.com/lists/oss-security/2019/08/06/4
https://security.gentoo.org/glsa/202003-13
https://www.openwall.com/lists/musl/2019/08/06/1
musl-utils
CVE-2019-14697
CRITICAL
1.1.18-r3
1.1.18-r4
http://www.openwall.com/lists/oss-security/2019/08/06/4
https://security.gentoo.org/glsa/202003-13
https://www.openwall.com/lists/musl/2019/08/06/1
patch
CVE-2018-1000156
HIGH
2.7.5-r2
2.7.6-r0
http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html
http://rachelbythebay.com/w/2018/04/05/bangpatch/
https://access.redhat.com/errata/RHSA-2018:1199
https://access.redhat.com/errata/RHSA-2018:1200
https://access.redhat.com/errata/RHSA-2018:2091
https://access.redhat.com/errata/RHSA-2018:2092
https://access.redhat.com/errata/RHSA-2018:2093
https://access.redhat.com/errata/RHSA-2018:2094
https://access.redhat.com/errata/RHSA-2018:2095
https://access.redhat.com/errata/RHSA-2018:2096
https://access.redhat.com/errata/RHSA-2018:2097
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894667#19
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000156
https://linux.oracle.com/cve/CVE-2018-1000156.html
https://linux.oracle.com/errata/ELSA-2018-1200.html
https://lists.debian.org/debian-lts-announce/2018/04/msg00013.html
https://rachelbythebay.com/w/2018/04/05/bangpatch/
https://savannah.gnu.org/bugs/index.php?53566
https://seclists.org/bugtraq/2019/Aug/29
https://seclists.org/bugtraq/2019/Jul/54
https://security.gentoo.org/glsa/201904-17
https://twitter.com/kurtseifried/status/982028968877436928
https://usn.ubuntu.com/3624-1/
https://usn.ubuntu.com/3624-2/
https://usn.ubuntu.com/usn/usn-3624-1
https://usn.ubuntu.com/usn/usn-3624-2
patch
CVE-2018-6952
HIGH
2.7.5-r2
2.7.6-r0
http://www.securityfocus.com/bid/103047
https://access.redhat.com/errata/RHSA-2019:2033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952
https://linux.oracle.com/cve/CVE-2018-6952.html
https://linux.oracle.com/errata/ELSA-2019-2033.html
https://savannah.gnu.org/bugs/index.php?53133
https://security.gentoo.org/glsa/201904-17
patch
CVE-2019-13638
HIGH
2.7.5-r2
2.7.6-r0
http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html
https://access.redhat.com/errata/RHSA-2019:2798
https://access.redhat.com/errata/RHSA-2019:2964
https://access.redhat.com/errata/RHSA-2019:3757
https://access.redhat.com/errata/RHSA-2019:3758
https://access.redhat.com/errata/RHSA-2019:4061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13638
https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0
https://github.com/irsl/gnu-patch-vulnerabilities
https://linux.oracle.com/cve/CVE-2019-13638.html
https://linux.oracle.com/errata/ELSA-2019-2964.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWWGISFWACROJJPVJJL4UBLVZ7LPOLT/
https://seclists.org/bugtraq/2019/Aug/29
https://seclists.org/bugtraq/2019/Jul/54
https://security-tracker.debian.org/tracker/CVE-2019-13638
https://security.gentoo.org/glsa/201908-22
https://security.netapp.com/advisory/ntap-20190828-0001/
https://usn.ubuntu.com/usn/usn-4071-1
https://usn.ubuntu.com/usn/usn-4071-2
https://www.debian.org/security/2019/dsa-4489
sqlite-libs
CVE-2019-8457
CRITICAL
3.21.0-r1
3.25.3-r1
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457
https://linux.oracle.com/cve/CVE-2019-8457.html
https://linux.oracle.com/errata/ELSA-2020-1810.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/
https://security.netapp.com/advisory/ntap-20190606-0002/
https://usn.ubuntu.com/4004-1/
https://usn.ubuntu.com/4004-2/
https://usn.ubuntu.com/4019-1/
https://usn.ubuntu.com/4019-2/
https://usn.ubuntu.com/usn/usn-4004-1
https://usn.ubuntu.com/usn/usn-4004-2
https://usn.ubuntu.com/usn/usn-4019-1
https://usn.ubuntu.com/usn/usn-4019-2
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.sqlite.org/releaselog/3_28_0.html
https://www.sqlite.org/src/info/90acdbfce9c08858
sqlite-libs
CVE-2018-20346
HIGH
3.21.0-r1
3.25.3-r0
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html
http://www.securityfocus.com/bid/106323
https://access.redhat.com/articles/3758321
https://blade.tencent.com/magellan/index_en.html
https://bugzilla.redhat.com/show_bug.cgi?id=1659379
https://bugzilla.redhat.com/show_bug.cgi?id=1659677
https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html
https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e
https://crbug.com/900910
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20346
https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html
https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/
https://news.ycombinator.com/item?id=18685296
https://security.gentoo.org/glsa/201904-21
https://sqlite.org/src/info/940f2adc8541a838
https://sqlite.org/src/info/d44318f59044162e
https://support.apple.com/HT209443
https://support.apple.com/HT209446
https://support.apple.com/HT209447
https://support.apple.com/HT209448
https://support.apple.com/HT209450
https://support.apple.com/HT209451
https://usn.ubuntu.com/4019-1/
https://usn.ubuntu.com/4019-2/
https://usn.ubuntu.com/usn/usn-4019-1
https://usn.ubuntu.com/usn/usn-4019-2
https://worthdoingbadly.com/sqlitebug/
https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.sqlite.org/releaselog/3_25_3.html
https://www.synology.com/security/advisory/Synology_SA_18_61
subversion
CVE-2019-0203
HIGH
1.9.7-r0
1.9.12-r0
http://subversion.apache.org/security/CVE-2019-0203-advisory.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0203
https://linux.oracle.com/cve/CVE-2019-0203.html
https://linux.oracle.com/errata/ELSA-2019-2512.html
https://subversion.apache.org/security/CVE-2019-0203-advisory.txt
https://usn.ubuntu.com/usn/usn-4082-1
https://usn.ubuntu.com/usn/usn-4082-2
subversion-libs
CVE-2019-0203
HIGH
1.9.7-r0
1.9.12-r0
http://subversion.apache.org/security/CVE-2019-0203-advisory.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0203
https://linux.oracle.com/cve/CVE-2019-0203.html
https://linux.oracle.com/errata/ELSA-2019-2512.html
https://subversion.apache.org/security/CVE-2019-0203-advisory.txt
https://usn.ubuntu.com/usn/usn-4082-1
https://usn.ubuntu.com/usn/usn-4082-2
npm
Package
Vulnerability ID
Severity
Installed Version
Fixed Version
Links
lodash
CVE-2019-10744
CRITICAL
4.17.4
4.17.12
https://access.redhat.com/errata/RHSA-2019:3024
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10744
https://github.com/advisories/GHSA-jf85-cpcp-j695
https://nvd.nist.gov/vuln/detail/CVE-2019-10744
https://security.netapp.com/advisory/ntap-20191004-0005/
https://snyk.io/vuln/SNYK-JS-LODASH-450202
https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
lodash
CVE-2018-16487
HIGH
4.17.4
4.17.11
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487
https://github.com/advisories/GHSA-4xc9-xhrj-v574
https://hackerone.com/reports/380873
https://nvd.nist.gov/vuln/detail/CVE-2018-16487
https://security.netapp.com/advisory/ntap-20190919-0004/
lodash
CVE-2020-8203
HIGH
4.17.4
4.17.19
https://github.com/advisories/GHSA-p6mc-m468-83gw
https://github.com/lodash/lodash/issues/4874
https://hackerone.com/reports/712065
https://nvd.nist.gov/vuln/detail/CVE-2020-8203
https://security.netapp.com/advisory/ntap-20200724-0006/
https://www.npmjs.com/advisories/1523
lodash
CVE-2021-23337
HIGH
4.17.4
4.17.21
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337
https://github.com/advisories/GHSA-35jh-r3h4-6jhm
https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851
https://nvd.nist.gov/vuln/detail/CVE-2021-23337
https://security.netapp.com/advisory/ntap-20210312-0006/
https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929
https://snyk.io/vuln/SNYK-JS-LODASH-1040724
composer
Package
Vulnerability ID
Severity
Installed Version
Fixed Version
Links
guzzlehttp/guzzle
CVE-2016-5385
HIGH
6.2.0
4.2.4, 5.3.1, 6.2.1
http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html
http://php.net/ChangeLog-7.php#7.0.9
http://rhn.redhat.com/errata/RHSA-2016-1609.html
http://rhn.redhat.com/errata/RHSA-2016-1610.html
http://rhn.redhat.com/errata/RHSA-2016-1611.html
http://rhn.redhat.com/errata/RHSA-2016-1612.html
http://rhn.redhat.com/errata/RHSA-2016-1613.html
http://www.debian.org/security/2016/dsa-3631
http://www.kb.cert.org/vuls/id/797896
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91821
http://www.securitytracker.com/id/1036335
https://bugzilla.redhat.com/show_bug.cgi?id=1353794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385
https://github.com/guzzle/guzzle/releases/tag/6.2.1
https://github.com/humbug/file_get_contents/releases/tag/1.1.2
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
https://httpoxy.org/
https://linux.oracle.com/cve/CVE-2016-5385.html
https://linux.oracle.com/errata/ELSA-2016-1613.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/
https://security.gentoo.org/glsa/201611-22
https://usn.ubuntu.com/usn/usn-3045-1
https://www.drupal.org/SA-CORE-2016-003
pipenv
Package
Vulnerability ID
Severity
Installed Version
Fixed Version
Links
django
CVE-2019-19844
CRITICAL
2.0.9
3.0.1, 2.2.9, 1.11.27
http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844
https://docs.djangoproject.com/en/dev/releases/security/
https://github.com/advisories/GHSA-vfq6-hq5r-27r6
https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
https://nvd.nist.gov/vuln/detail/CVE-2019-19844
https://seclists.org/bugtraq/2020/Jan/9
https://security.gentoo.org/glsa/202004-17
https://security.netapp.com/advisory/ntap-20200110-0003/
https://usn.ubuntu.com/4224-1/
https://usn.ubuntu.com/usn/usn-4224-1
https://www.debian.org/security/2020/dsa-4598
https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
django
CVE-2020-7471
CRITICAL
2.0.9
3.0.3, 2.2.10, 1.11.28
http://www.openwall.com/lists/oss-security/2020/02/03/1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7471
https://docs.djangoproject.com/en/3.0/releases/security/
https://github.com/advisories/GHSA-hmr4-m2h5-33qx
https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
https://nvd.nist.gov/vuln/detail/CVE-2020-7471
https://seclists.org/bugtraq/2020/Feb/30
https://security.gentoo.org/glsa/202004-17
https://security.netapp.com/advisory/ntap-20200221-0006/
https://usn.ubuntu.com/4264-1/
https://usn.ubuntu.com/usn/usn-4264-1
https://www.debian.org/security/2020/dsa-4629
https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
https://www.openwall.com/lists/oss-security/2020/02/03/1
django
CVE-2019-6975
HIGH
2.0.9
2.1.6, 2.0.11, 1.11.19
http://www.securityfocus.com/bid/106964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6975
https://docs.djangoproject.com/en/dev/releases/security/
https://github.com/advisories/GHSA-wh4h-v3f2-r2pp
https://groups.google.com/forum/#!topic/django-announce/WTwEAprR0IQ
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/
https://nvd.nist.gov/vuln/detail/CVE-2019-6975
https://seclists.org/bugtraq/2019/Jul/10
https://usn.ubuntu.com/3890-1/
https://usn.ubuntu.com/usn/usn-3890-1
https://www.debian.org/security/2019/dsa-4476
https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
https://www.openwall.com/lists/oss-security/2019/02/11/1
django
CVE-2020-9402
HIGH
2.0.9
3.0.4, 2.2.11, 1.11.29
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9402
https://docs.djangoproject.com/en/3.0/releases/security/
https://github.com/advisories/GHSA-3gh2-xw74-jmcw
https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
https://nvd.nist.gov/vuln/detail/CVE-2020-9402
https://security.gentoo.org/glsa/202004-17
https://security.netapp.com/advisory/ntap-20200327-0004/
https://usn.ubuntu.com/4296-1/
https://usn.ubuntu.com/usn/usn-4296-1
https://www.debian.org/security/2020/dsa-4705
https://www.djangoproject.com/weblog/2020/mar/04/security-releases/
httplib2
CVE-2021-21240
HIGH
0.12.1
0.19.0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21240
https://github.com/advisories/GHSA-93xj-8mrv-444m
https://github.com/httplib2/httplib2/commit/bd9ee252c8f099608019709e22c0d705e98d26bc
https://github.com/httplib2/httplib2/pull/182
https://github.com/httplib2/httplib2/security/advisories/GHSA-93xj-8mrv-444m
https://nvd.nist.gov/vuln/detail/CVE-2021-21240
https://pypi.org/project/httplib2
py
CVE-2020-29651
HIGH
1.8.0
1.10.0
https://github.com/advisories/GHSA-hj5v-574p-mj7c
https://github.com/pytest-dev/py/issues/256
https://github.com/pytest-dev/py/pull/257
https://github.com/pytest-dev/py/pull/257/commits/4a9017dc6199d2a564b6e4b0aa39d6d8870e4144
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYWNYEV3FGDHPIHX4DDUDMFZ6NLCQRC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHDTINIBJZ67T3W74QTBIY5LPKAXEOGR/
https://nvd.nist.gov/vuln/detail/CVE-2020-29651
pygments
CVE-2021-20270
HIGH
2.3.1
2.7.4
https://bugzilla.redhat.com/show_bug.cgi?id=1922136
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270
https://github.com/advisories/GHSA-9w8r-397f-prfh
https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html
https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html
https://nvd.nist.gov/vuln/detail/CVE-2021-20270
https://usn.ubuntu.com/usn/usn-4885-1
https://www.debian.org/security/2021/dsa-4889
pygments
CVE-2021-27291
HIGH
2.3.1
2.7.4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291
https://gist.github.com/b-c-ds/b1a2cc0c68a35c57188575eb496de5ce
https://github.com/advisories/GHSA-pq64-v7f5-gqh8
https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14
https://lists.debian.org/debian-lts-announce/2021/03/msg00024.html
https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html
https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSJRFHALQ7E3UV4FFMFU2YQ6LUDHAI55/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSLD67LFGXOX2K5YNESSWAS4AGZIJTUQ/
https://nvd.nist.gov/vuln/detail/CVE-2021-27291
https://usn.ubuntu.com/usn/usn-4897-1
https://www.debian.org/security/2021/dsa-4878
https://www.debian.org/security/2021/dsa-4889
pyyaml
CVE-2019-20477
CRITICAL
5.1
5.2
https://github.com/advisories/GHSA-3pqx-4fqf-j49f
https://github.com/yaml/pyyaml/blob/master/CHANGES
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33VBUY73AA6CTTYL3LRWHNFDULV7PFPN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/52N5XS73Z5S4ZN7I7R56ICCPCTKCUV4H/
https://nvd.nist.gov/vuln/detail/CVE-2019-20477
https://www.exploit-db.com/download/47655
pyyaml
CVE-2020-14343
CRITICAL
5.1
5.4
https://bugzilla.redhat.com/show_bug.cgi?id=1860466
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14343
https://github.com/advisories/GHSA-8q59-q68h-6hv4
https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation
https://nvd.nist.gov/vuln/detail/CVE-2020-14343
https://usn.ubuntu.com/usn/usn-4940-1
pyyaml
CVE-2020-1747
CRITICAL
5.1
5.3.1
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747
https://github.com/advisories/GHSA-6757-jp84-gxfx
https://github.com/yaml/pyyaml/pull/386
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PPAS6C4SZRDQLR7C22A5U3QOLXY33JX/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMQXSZXNJT6ERABJZAAICI3DQSQLCP3D/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/
https://nvd.nist.gov/vuln/detail/CVE-2020-1747
urllib3
CVE-2019-11324
HIGH
1.24.1
1.24.2
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
http://www.openwall.com/lists/oss-security/2019/04/19/1
https://access.redhat.com/errata/RHSA-2019:3335
https://access.redhat.com/errata/RHSA-2019:3590
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11324
https://github.com/advisories/GHSA-mh33-7rrq-662w
https://github.com/urllib3/urllib3/compare/a6ec68a...1efadf4
https://linux.oracle.com/cve/CVE-2019-11324.html
https://linux.oracle.com/errata/ELSA-2020-2068.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
https://nvd.nist.gov/vuln/detail/CVE-2019-11324
https://usn.ubuntu.com/3990-1/
https://usn.ubuntu.com/usn/usn-3990-1
https://www.openwall.com/lists/oss-security/2019/04/17/3
bundler
Package
Vulnerability ID
Severity
Installed Version
Fixed Version
Links
actionpack
CVE-2020-8164
HIGH
5.2.3
6.0.3.1, 5.2.4.3
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00089.html
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00093.html
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00107.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8164
https://github.com/advisories/GHSA-8727-m6gj-mc37
https://groups.google.com/forum/#!topic/rubyonrails-security/f6ioe4sdpbY
https://groups.google.com/g/rubyonrails-security/c/f6ioe4sdpbY
https://hackerone.com/reports/292797
https://lists.debian.org/debian-lts-announce/2020/06/msg00022.html
https://lists.debian.org/debian-lts-announce/2020/07/msg00013.html
https://nvd.nist.gov/vuln/detail/CVE-2020-8164
https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released
https://www.debian.org/security/2020/dsa-4766
actionpack
CVE-2021-22885
HIGH
5.2.3
5.2.4.6, 5.2.6, 6.1.3.2, 6.0.3.7
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22885
https://github.com/advisories/GHSA-hjg4-8q5f-x6fm
https://groups.google.com/g/rubyonrails-security/c/NiQl-48cXYI
https://hackerone.com/reports/1106652
https://nvd.nist.gov/vuln/detail/CVE-2021-22885
activestorage
CVE-2020-8162
HIGH
5.2.3
6.0.3.1, 5.2.4.3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8162
https://github.com/advisories/GHSA-m42x-37p3-fv5w
https://groups.google.com/forum/#!msg/rubyonrails-security/PjU3946mreQ/Dn-6uLbAAQAJ
https://groups.google.com/forum/#!topic/rubyonrails-security/PjU3946mreQ
https://groups.google.com/g/rubyonrails-security/c/PjU3946mreQ
https://hackerone.com/reports/789579
https://nvd.nist.gov/vuln/detail/CVE-2020-8162
https://www.debian.org/security/2020/dsa-4766
activesupport
CVE-2020-8165
CRITICAL
5.2.3
6.0.3.1, 5.2.4.3
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00034.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8165
https://github.com/advisories/GHSA-2p68-f74v-9wc6
https://groups.google.com/forum/#!msg/rubyonrails-security/bv6fW4S0Y1c/KnkEqM7AAQAJ
https://groups.google.com/forum/#!topic/rubyonrails-security/bv6fW4S0Y1c
https://groups.google.com/g/rubyonrails-security/c/bv6fW4S0Y1c
https://hackerone.com/reports/413388
https://lists.debian.org/debian-lts-announce/2020/06/msg00022.html
https://lists.debian.org/debian-lts-announce/2020/07/msg00013.html
https://nvd.nist.gov/vuln/detail/CVE-2020-8165
https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released/
https://www.debian.org/security/2020/dsa-4766
json
CVE-2020-10663
HIGH
2.2.0
2.3.0
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00004.html
http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10663
https://github.com/advisories/GHSA-jphg-qwrw-7w9g
https://groups.google.com/forum/#!topic/ruby-security-ann/ermX1eQqqKA
https://hackerone.com/reports/706934
https://linux.oracle.com/cve/CVE-2020-10663.html
https://linux.oracle.com/errata/ELSA-2020-5724.html
https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c@%3Cissues.zookeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QL6MJD2BO4IRJ5CJFNMCDYMQQFT24BJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NK2PBXWMFRUD7U7Q7LHV4KYLYID77RI4/
https://nvd.nist.gov/vuln/detail/CVE-2020-10663
https://security.netapp.com/advisory/ntap-20210129-0003/
https://support.apple.com/kb/HT211931
https://usn.ubuntu.com/usn/usn-4882-1
https://www.debian.org/security/2020/dsa-4721
https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663
https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
nokogiri
CVE-2019-5477
CRITICAL
1.10.3
1.10.4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5477
https://github.com/advisories/GHSA-cr5j-953j-xw5p
https://github.com/sparklemotion/nokogiri/issues/1915
https://github.com/tenderlove/rexical/blob/master/CHANGELOG.rdoc
https://github.com/tenderlove/rexical/blob/master/CHANGELOG.rdoc#107--2019-08-06
https://github.com/tenderlove/rexical/commit/a652474dbc66be350055db3e8f9b3a7b3fd75926
https://groups.google.com/forum/#!msg/ruby-security-ann/YMnKFsASOAE/Fw3ocLI0BQAJ
https://hackerone.com/reports/650835
https://lists.debian.org/debian-lts-announce/2019/09/msg00027.html
https://nvd.nist.gov/vuln/detail/CVE-2019-5477
https://security.gentoo.org/glsa/202006-05
https://usn.ubuntu.com/4175-1/
https://usn.ubuntu.com/usn/usn-4175-1
nokogiri
CVE-2019-13117
HIGH
1.10.3
>= 1.10.5
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html
http://www.openwall.com/lists/oss-security/2019/11/17/2
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117
https://github.com/sparklemotion/nokogiri/issues/1943
https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285
https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b
https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1
https://groups.google.com/d/msg/ruby-security-ann/-Wq4aouIA3Q/yc76ZHemBgAJ
https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/
https://oss-fuzz.com/testcase-detail/5631739747106816
https://security.netapp.com/advisory/ntap-20190806-0004/
https://security.netapp.com/advisory/ntap-20200122-0003/
https://usn.ubuntu.com/4164-1/
https://usn.ubuntu.com/usn/usn-4164-1
https://www.oracle.com/security-alerts/cpujan2020.html
nokogiri
CVE-2020-7595
HIGH
1.10.3
1.10.8
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html
https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595
https://github.com/advisories/GHSA-7553-jr98-vx47
https://github.com/sparklemotion/nokogiri/issues/1992
https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076
https://linux.oracle.com/cve/CVE-2020-7595.html
https://linux.oracle.com/errata/ELSA-2020-4479.html
https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
https://nvd.nist.gov/vuln/detail/CVE-2020-7595
https://security.gentoo.org/glsa/202010-04
https://security.netapp.com/advisory/ntap-20200702-0005/
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08
https://usn.ubuntu.com/4274-1/
https://usn.ubuntu.com/usn/usn-4274-1
https://www.oracle.com/security-alerts/cpujul2020.html
nokogiri
GHSA-7rrm-v45f-jp64
HIGH
1.10.3
1.11.4
https://github.com/advisories/GHSA-7rrm-v45f-jp64
https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-7rrm-v45f-jp64
rack
CVE-2020-8161
HIGH
2.0.7
2.1.3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8161
https://github.com/advisories/GHSA-5f9h-9pjv-v6j7
https://github.com/rack/rack/commit/dddb7ad18ed79ca6ab06ccc417a169fde451246e
https://groups.google.com/forum/#!msg/rubyonrails-security/IOO1vNZTzPA/Ylzi1UYLAAAJ
https://groups.google.com/forum/#!topic/ruby-security-ann/T4ZIsfRf2eA
https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA
https://hackerone.com/reports/434404
https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html
https://nvd.nist.gov/vuln/detail/CVE-2020-8161
https://usn.ubuntu.com/4561-1/
https://usn.ubuntu.com/usn/usn-4561-1
https://usn.ubuntu.com/usn/usn-4561-2
rack
CVE-2020-8184
HIGH
2.0.7
2.2.3, 2.1.4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8184
https://github.com/advisories/GHSA-j6w9-fv6q-3q52
https://groups.google.com/forum/#!msg/rubyonrails-security/OWtmozPH9Ak/4m00yHPCBAAJ
https://groups.google.com/g/rubyonrails-security/c/OWtmozPH9Ak
https://hackerone.com/reports/895727
https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html
https://nvd.nist.gov/vuln/detail/CVE-2020-8184
https://usn.ubuntu.com/4561-1/
https://usn.ubuntu.com/usn/usn-4561-1
https://usn.ubuntu.com/usn/usn-4561-2
rake
CVE-2020-8130
HIGH
12.3.2
12.3.3
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8130
https://github.com/advisories/GHSA-jppv-gw3r-w3q8
https://hackerone.com/reports/651518
https://lists.debian.org/debian-lts-announce/2020/02/msg00026.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/523CLQ62VRN3VVC52KMPTROCCKY4Z36B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXMX4ARNX2JLRJMSH4N3J3UBMUT5CI44/
https://nvd.nist.gov/vuln/detail/CVE-2020-8130
https://usn.ubuntu.com/4295-1/
https://usn.ubuntu.com/usn/usn-4295-1
websocket-extensions
CVE-2020-7663
HIGH
0.1.3
0.1.5
https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions
https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7663
https://github.com/advisories/GHSA-g6wq-qcwm-j5g2
https://github.com/faye/websocket-extensions-ruby/commit/aa156a439da681361ed6f53f1a8131892418838b
https://github.com/faye/websocket-extensions-ruby/security/advisories/GHSA-g6wq-qcwm-j5g2
https://lists.debian.org/debian-lts-announce/2020/08/msg00031.html
https://nvd.nist.gov/vuln/detail/CVE-2020-7663
https://snyk.io/vuln/SNYK-RUBY-WEBSOCKETEXTENSIONS-570830
https://usn.ubuntu.com/4502-1/
https://usn.ubuntu.com/usn/usn-4502-1
cargo
No Vulnerabilities found
knqyf263/vuln-image (alpine 3.7.1) - Trivy Report - 2021-06-03T21:25:24.416449943Z