Closed vinitmasaun closed 2 years ago
Any news? Our security officers also complain due to the high number of CVEs.
I looked into this last December and created this image rock1017/fluentd-hec-27-2:1.2.4
with fixes available at the time. There are some vulnerabilities with not available fix yet. we will be updating our image as they become available. Thanks
@rockb1017 thanks. some programs were upgraded (npm, node, ruby, ..). still there is a massive number of issues in a huge red hat enterprise 8.3 image (by jfrog xrays count unfortunately even more than in the official 1.2.4. image, whyever that might be).
i reckon as kubernetes is prevailing in more traditional, heavily regulated industries, demand to conform to more rigorous (security-)standards will rise. and maybe switching to a lightweigt, more secure base-image will be necessary as well.
i think splunk needs to improve there quite a bit.
We see similar issue. Having splunk with CVE which has fix in production will be really security issue. we have latest 1.4.4 fixed_version | name | package_name | package_version | score | score_v3 | severity |
---|---|---|---|---|---|---|
1:12.18.2-1.module+el8.2.0+7233+61d664c1 | RHSA-2020:2852 | nodejs | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 9.3 | 8.1 | High |
1:12.16.1-2.module+el8.1.0+6117+b25a342c | RHSA-2020:1293 | nodejs | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 6.8 | 8.8 | High |
1:12.19.1-1.module+el8.3.0+8851+b7b41ca0 | RHSA-2020:5499 | nodejs | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 5 | 7.5 | High |
1:12.16.1-1.module+el8.1.0+5811+44509afe | RHSA-2020:0598 | nodejs | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 7.5 | 9.8 | High |
1:12.18.4-2.module+el8.2.0+8361+192e434e | RHSA-2020:4272 | nodejs | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 4.6 | 7.8 | High |
1:12.18.2-1.module+el8.2.0+7233+61d664c1 | RHSA-2020:2852 | nodejs-full-i18n | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 9.3 | 8.1 | High |
1:12.19.1-1.module+el8.3.0+8851+b7b41ca0 | RHSA-2020:5499 | nodejs-full-i18n | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 5 | 7.5 | High |
1:12.18.4-2.module+el8.2.0+8361+192e434e | RHSA-2020:4272 | nodejs-full-i18n | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 4.6 | 7.8 | High |
1:6.14.6-1.12.18.4.2.module+el8.2.0+8361+192e434e | RHSA-2020:4272 | npm | 1:6.14.4-1.10.21.0.3.module+el8.2.0+7071+d2377ea3 | 4.6 | 7.8 | High |
1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1 | RHSA-2020:2852 | npm | 1:6.14.4-1.10.21.0.3.module+el8.2.0+7071+d2377ea3 | 9.3 | 8.1 | High |
1:6.14.8-1.12.19.1.1.module+el8.3.0+8851+b7b41ca0 | RHSA-2020:5499 | npm | 1:6.14.4-1.10.21.0.3.module+el8.2.0+7071+d2377ea3 | 5 | 7.5 | High |
1.16.1-3.module+el8.0.0+3250+4b7d6d43 | RHSA-2019:1972 | rubygem-bundler | 1.16.1-3.module+el8+2671+ebcc7ee0 | 6.8 | 8.8 | High |
>=4.2.1;<5.0.0; OR >=5.1.1 | CVE-2020-8116 | usr/lib/node_modules/npm/node_modules/dot-prop/package.json | 4.2.0 | 7.5 | 7.3 | High |
>=5.2.4.3,5.2; OR >=6.0.3.1 | CVE-2020-8165 | usr/share/gems/specifications/activesupport-5.2.4.3 | 5.2.4.3 | 7.5 | 9.8 | High |
>=1.6.1 | CVE-2020-25613 | usr/share/gems/specifications/default/webrick-1.4.2 | 1.4.2 | 5 | 7.5 | High |
>=2.3.0 | CVE-2020-10663 | usr/share/gems/specifications/json-2.1.0 | 2.1.0 | 5 | 7.5 | High |
>=12.3.3 | CVE-2020-8130 | usr/share/gems/specifications/rake-12.3.0 | 12.3.0 | 9.3 | 8.1 | High |
Hello @niteenkole our latest image has node version 14.15.1 and npm 6.14.8. your table says it has nodejs 10.21.0 and npm 6.14.4?
docker run -it splunk/fluentd-hec:1.2.4 bash
bash-4.4$ node --version
v14.15.1
bash-4.4$ npm --version
6.14.8
Hello @florianzimm Thanks for your comment. Do you have any examples of building fluentd application without vulnerabilities?
@rockb1017
I am sure we have below. NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION splunk-connect-dev splunk 1 2021-01-13 11:16:05.501985101 -0500 EST deployed splunk-connect-for-kubernetes-1.4.4 1.4.4
describe on pod Containers: splunk-fluentd-k8s-logs: Container ID: containerd://80b762040df74119564240afb234d815xxxxxxxxxx Image: docker.io/splunk/fluentd-hec:1.2.4
kubectl exec -it splunk-connect-dev-splunk-kubernetes-logging-8h5qf -n splunk -- sh sh-4.4# node --version v10.21.0 sh-4.4# npm --version 6.14.4
have installed 1.4.4 as below
helm install splunk-connect-dev -f niteen-vaules-07.yaml -n splunk https://github.com/splunk/splunk-connect-for-kubernetes/releases/download/1.4.4/splunk-connect-for-kubernetes-1.4.4.tgz
could you do fresh pull from dockerhub ?
docker pull splunk/fluentd-hec:1.2.4
sure. I can restart pod which should pull latest splunk/fluentd-hec:1.2.4 and scan
you need to check below.
docker run -it splunk/fluentd-hec:1.2.4 bash Unable to find image 'splunk/fluentd-hec:1.2.4' locally Trying to pull repository registry.access.redhat.com/splunk/fluentd-hec ... Pulling repository registry.access.redhat.com/splunk/fluentd-hec Trying to pull repository docker.io/splunk/fluentd-hec ... 1.2.4: Pulling from docker.io/splunk/fluentd-hec d9e72d058dc5: Pull complete cca21acb641a: Pull complete 620696f92fec: Pull complete a108724c930f: Pull complete 743be1bee877: Pull complete 0fd70c8f2a2f: Pull complete 93c7a9ad1e0b: Pull complete b9f59c896a8e: Pull complete da9c9c102637: Pull complete 3b3a1f6705fe: Pull complete 88312b755c95: Pull complete Digest: sha256:9a068dc1c083b612b0fdc4c62fd06f11a0aa45dd17c5b7db2fc9a0c92d8cf927 Status: Downloaded newer image for docker.io/splunk/fluentd-hec:1.2.4 bash-4.4$ node --version v10.21.0 bash-4.4$ npm --version 6.14.4 bash-4.4$
may be you have local image ?
omg. I think that is only possible explanation. lol
could you use rock1017/fluentd-hec-27-2:1.2.4
this image? it is same image under my dockerhub account.
I will work on releasing new image, but it takes time to officially release to splunk account.
Thank you!
Sure ,I will update my deployment to point to rock1017/fluentd-hec-27-2:1.2.4 run scan and update.
Hi,
image is now docker.io/rock1017/fluentd-hec-27-2:1.2.4
Way better :)
fixed_version | name | package_name | package_version | published_timestamp | score | score_v3 | severity |
---|---|---|---|---|---|---|---|
3.6.14-7.el8_3 | RHSA-2020:5483 | gnutls | 3.6.14-6.el8 | 1599232500 | 5 | 7.5 | High |
12.5-1.el8_3 | RHSA-2020:5401 | libpq | 12.4-1.el8_2 | 1605489300 | 6.8 | 8.1 | High |
12.5-1.el8_3 | RHSA-2020:5401 | libpq-devel | 12.4-1.el8_2 | 1605489300 | 6.8 | 8.1 | High |
3.1.11-2.el8_3 | RHSA-2020:5503 | mariadb-connector-c | 3.0.7-1.el8 | 1590002100 | 6.8 | 8.8 | High |
3.1.11-2.el8_3 | RHSA-2020:5503 | mariadb-connector-c-config | 3.0.7-1.el8 | 1590002100 | 6.8 | 8.8 | High |
3.1.11-2.el8_3 | RHSA-2020:5503 | mariadb-connector-c-devel | 3.0.7-1.el8 | 1590002100 | 6.8 | 8.8 | High |
#>=5.2.4.3,5.2; OR >=6.0.3.1# | CVE-2020-8165 | usr/share/gems/specifications/activesupport-5.2.4.3 | 5.2.4.3 | 1592590500 | 7.5 | 9.8 | High |
#>=1.6.1 | CVE-2020-25613 | usr/share/gems/specifications/default/webrick-1.6.0 | 1.6.0 | 1601990100 | 5 | 7.5 | High |
1:1.1.1g-12.el8_3 | RHSA-2020:5476 | openssl-devel | 1:1.1.1g-11.el8 | 1607444100 | 4.3 | 5.9 | Medium |
1:1.1.1g-12.el8_3 | RHSA-2020:5476 | openssl-libs | 1:1.1.1g-11.el8 | 1607444100 | 4.3 | 5.9 | Medium |
we see 1.4.5 released today which still has docker.io/splunk/fluentd-hec:1.2.4 ?
We going to collect security logs from cluster and your image will introduce more CVE in our env with every release splunk don't take care of cve with fix and fix them and then release ?
the new 1.2.4 ist way better, the tag was just not incremented.
@florianzimm I don't think so, I see below same as 1.4.4
fixed_version | name | package_name | package_version | score | score_v3 | severity |
---|---|---|---|---|---|---|
1:12.18.2-1.module+el8.2.0+7233+61d664c1 | RHSA-2020:2852 | nodejs | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 9.3 | 8.1 | High |
1:12.16.1-1.module+el8.1.0+5811+44509afe | RHSA-2020:0598 | nodejs | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 7.5 | 9.8 | High |
1:12.19.1-1.module+el8.3.0+8851+b7b41ca0 | RHSA-2020:5499 | nodejs | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 5 | 7.5 | High |
1:12.16.1-2.module+el8.1.0+6117+b25a342c | RHSA-2020:1293 | nodejs | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 6.8 | 8.8 | High |
1:12.18.4-2.module+el8.2.0+8361+192e434e | RHSA-2020:4272 | nodejs | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 4.6 | 7.8 | High |
1:12.19.1-1.module+el8.3.0+8851+b7b41ca0 | RHSA-2020:5499 | nodejs-full-i18n | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 5 | 7.5 | High |
1:12.18.2-1.module+el8.2.0+7233+61d664c1 | RHSA-2020:2852 | nodejs-full-i18n | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 9.3 | 8.1 | High |
1:12.18.4-2.module+el8.2.0+8361+192e434e | RHSA-2020:4272 | nodejs-full-i18n | 1:10.21.0-3.module+el8.2.0+7071+d2377ea3 | 4.6 | 7.8 | High |
1:6.14.6-1.12.18.4.2.module+el8.2.0+8361+192e434e | RHSA-2020:4272 | npm | 1:6.14.4-1.10.21.0.3.module+el8.2.0+7071+d2377ea3 | 4.6 | 7.8 | High |
1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1 | RHSA-2020:2852 | npm | 1:6.14.4-1.10.21.0.3.module+el8.2.0+7071+d2377ea3 | 9.3 | 8.1 | High |
1:6.14.8-1.12.19.1.1.module+el8.3.0+8851+b7b41ca0 | RHSA-2020:5499 | npm | 1:6.14.4-1.10.21.0.3.module+el8.2.0+7071+d2377ea3 | 5 | 7.5 | High |
1.16.1-3.module+el8.0.0+3250+4b7d6d43 | RHSA-2019:1972 | rubygem-bundler | 1.16.1-3.module+el8+2671+ebcc7ee0 | 6.8 | 8.8 | High |
#>=4.2.1;<5.0.0; OR >=5.1.1 | CVE-2020-8116 | usr/lib/node_modules/npm/node_modules/dot-prop/package.json | 4.2.0 | 7.5 | 7.3 | High |
#>=5.2.4.3,5.2; OR >=6.0.3.1 | CVE-2020-8165 | usr/share/gems/specifications/activesupport-5.2.4.3 | 5.2.4.3 | 7.5 | 9.8 | High |
#>=1.6.1 | CVE-2020-25613 | usr/share/gems/specifications/default/webrick-1.4.2 | 1.4.2 | 5 | 7.5 | High |
#>=2.3.0 | CVE-2020-10663 | usr/share/gems/specifications/json-2.1.0 | 2.1.0 | 5 | 7.5 | High |
#>=12.3.3 | CVE-2020-8130 | usr/share/gems/specifications/rake-12.3.0 | 12.3.0 | 9.3 | 8.1 | High |
Hello, @niteenkole
Releases with updates to 3rd party dependents have to go through another process within Splunk. So it takes more time. Hopefully I can release update soon.
@rockb1017 thanks.
We trying to understand the image/security upgrade process from splunk so that we can define correct security policy from our side.
Can you help us understand with say release like 1.4.5 you still working on 3rd party dependents and need some time.
With 3rd part dependents ready to release it will be like 1.4.6 ?
A new image was added but tag is still the same
I can release patches that are about just helm chart modification or source code change. but when it involves upgrading 3rd party component, we will have to go through more review processes. I had simple patches released and a release with upgraded component will be out with 1.4.7. Thank you.
recognizable efforts were made to reduce the number of vulnerabilites in your base-images. thanks.
on december 2nd the fluentd-image (scanned with XRay) had 525 vulnerabilities, 45 with HIGH severity. as of today (16th march) the image is down to 183, 11 HIGH.
i'd like to emphasize the importance of ongoing focus on this issue. furthermore it'd would be great if you could make use of a more lightweight container-os to run splunk-connect in. this would additionaly alleviate (security)distress on the containers. AND be beneficial for performance/resource usage as well.
thanks. florian.
Hello, @florianzimm If you have a reference for building image for fluentd that is lighter and more secure, please share it. I will review and see if we can improve. Thank you!
Can you share your new scan results? I somehow doubt that all your found vulns are actually vulns. Red Hat backports fixes to older packages. Then silly scanners detect vulnerabilities that just don't exist.
but nevertheless, having a more minimal base image might be worth a try. the image currently uses registry.access.redhat.com/ubi8/ruby-27.
maybe build on the ubi-minimal base image? downside is that microdnf doesnt support the yum modules. Ruby without modules is version 2.5 .
Can you share your new scan results? I somehow doubt that all your found vulns are actually vulns. Red Hat backports fixes to older packages. Then silly scanners detect vulnerabilities that just don't exist.
the world according to xray
Summary | CVEs | Severity | Type | Provider | Component | Infected Version | Fix Version |
---|---|---|---|---|---|---|---|
RHSA-2019:1972: ruby:2.5 security update (Important) | CVE-2019-8324 | High | 8:rubygem-bundler | < 0:1.16.1-3.module+el8.0.0+3250+4b7d6d43 | ≥ 0:1.16.1-3.module+el8.0.0+3250+4b7d6d43 | ||
RHSA-2020:2847: nodejs:12 security update (Important) | "CVE-2020-11080 CVE-2020-7598 CVE-2020-8172 CVE-2020-8174" | High | 8:nodejs-full-i18n | < 1:12.18.2-1.module+el8.1.0+7232+f8b5ede5 | ≥ 1:12.18.2-1.module+el8.1.0+7232+f8b5ede5 | ||
RHSA-2020:2847: nodejs:12 security update (Important) | "CVE-2020-11080 CVE-2020-7598 CVE-2020-8172 CVE-2020-8174" | High | 8:nodejs | < 1:12.18.2-1.module+el8.1.0+7232+f8b5ede5 | ≥ 1:12.18.2-1.module+el8.1.0+7232+f8b5ede5 | ||
RHSA-2021:0740: nodejs:12 security update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:nodejs-full-i18n | < 1:12.21.0-1.module+el8.2.0+10192+8959c43b | ≥ 1:12.21.0-1.module+el8.2.0+10192+8959c43b | ||
RHSA-2021:0740: nodejs:12 security update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:nodejs | < 1:12.21.0-1.module+el8.2.0+10192+8959c43b | ≥ 1:12.21.0-1.module+el8.2.0+10192+8959c43b | ||
RHSA-2021:0740: nodejs:12 security update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:npm | < 1:6.14.11-1.12.21.0.1.module+el8.2.0+10192+8959c43b | ≥ 1:6.14.11-1.12.21.0.1.module+el8.2.0+10192+8959c43b | ||
RHSA-2021:0734: nodejs:12 security update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:nodejs-full-i18n | < 1:12.21.0-1.module+el8.3.0+10191+34fb5a07 | ≥ 1:12.21.0-1.module+el8.3.0+10191+34fb5a07 | ||
RHSA-2021:0734: nodejs:12 security update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:nodejs | < 1:12.21.0-1.module+el8.3.0+10191+34fb5a07 | ≥ 1:12.21.0-1.module+el8.3.0+10191+34fb5a07 | ||
RHSA-2021:0734: nodejs:12 security update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:npm | < 1:6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07 | ≥ 1:6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07 | ||
RHSA-2021:0744: nodejs:14 security and bug fix update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:nodejs-full-i18n | < 1:14.16.0-2.module+el8.3.0+10180+b92e1eb6 | ≥ 1:14.16.0-2.module+el8.3.0+10180+b92e1eb6 | ||
RHSA-2021:0744: nodejs:14 security and bug fix update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:nodejs | < 1:14.16.0-2.module+el8.3.0+10180+b92e1eb6 | ≥ 1:14.16.0-2.module+el8.3.0+10180+b92e1eb6 | ||
RHSA-2021:0744: nodejs:14 security and bug fix update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:npm | < 1:6.14.11-1.14.16.0.2.module+el8.3.0+10180+b92e1eb6 | ≥ 1:6.14.11-1.14.16.0.2.module+el8.3.0+10180+b92e1eb6 | ||
RHSA-2021:0739: nodejs:12 security update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:nodejs-full-i18n | < 1:12.21.0-1.module+el8.1.0+10194+d5e49c90 | ≥ 1:12.21.0-1.module+el8.1.0+10194+d5e49c90 | ||
RHSA-2021:0739: nodejs:12 security update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:nodejs | < 1:12.21.0-1.module+el8.1.0+10194+d5e49c90 | ≥ 1:12.21.0-1.module+el8.1.0+10194+d5e49c90 | ||
RHSA-2021:0739: nodejs:12 security update (Important) | "CVE-2021-22883 CVE-2021-22884" | High | 8:npm | < 1:6.14.11-1.12.21.0.1.module+el8.1.0+10194+d5e49c90 | ≥ 1:6.14.11-1.12.21.0.1.module+el8.1.0+10194+d5e49c90 | ||
CVE-2020-14363 libX11: integer overflow leads to double free in locale handling (important) | CVE-2020-14363 | High | 8:libX11 | All Versions | |||
CVE-2020-14363 libX11: integer overflow leads to double free in locale handling (important) | CVE-2020-14363 | High | 8:libX11-common | All Versions | |||
CVE-2020-14363 libX11: integer overflow leads to double free in locale handling (important) | CVE-2020-14363 | High | 8:libX11-xcb | All Versions | |||
RHSA-2020:0598: nodejs:12 security update (Important) | "CVE-2019-15604 CVE-2019-15605 CVE-2019-15606" | High | 8:nodejs | < 1:12.16.1-1.module+el8.1.0+5811+44509afe | ≥ 1:12.16.1-1.module+el8.1.0+5811+44509afe | ||
RHSA-2020:1293: nodejs:12 security update (Important) | CVE-2020-10531 | High | 8:nodejs | < 1:12.16.1-2.module+el8.1.0+6117+b25a342c | ≥ 1:12.16.1-2.module+el8.1.0+6117+b25a342c | ||
RHSA-2020:2852: nodejs:12 security update (Important) | "CVE-2020-11080 CVE-2020-7598 CVE-2020-8172 CVE-2020-8174" | High | 8:nodejs-full-i18n | < 1:12.18.2-1.module+el8.2.0+7233+61d664c1 | ≥ 1:12.18.2-1.module+el8.2.0+7233+61d664c1 | ||
RHSA-2020:2852: nodejs:12 security update (Important) | "CVE-2020-11080 CVE-2020-7598 CVE-2020-8172 CVE-2020-8174" | High | 8:nodejs | < 1:12.18.2-1.module+el8.2.0+7233+61d664c1 | ≥ 1:12.18.2-1.module+el8.2.0+7233+61d664c1 | ||
RHSA-2021:0165: libpq security update (Important) | "CVE-2020-25694 CVE-2020-25696" | High | 8:libpq | < 0:12.5-2.el8_1 | ≥ 0:12.5-2.el8_1 | ||
CVE-2016-4607 libxslt: allows remote attacker to cause denial of service (moderate) | CVE-2016-4607 | Medium | 8:libxslt | All Versions | |||
CVE-2018-1000858 gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service (moderate) | CVE-2018-1000858 | Medium | 8:gnupg2 | All Versions | |||
CVE-2018-20623 binutils: Use-after-free in the error function (moderate) | CVE-2018-20623 | Medium | 8:binutils | All Versions | |||
Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. | CVE-2019-9674 | Medium | 8:python3-libs | All Versions | |||
CVE-2019-19242 sqlite: SQL injection in sqlite3ExprCodeTarget in expr.c | CVE-2019-19242 | Medium | 8:sqlite | All Versions | |||
CVE-2020-15945 lua: segmentation fault in changedline in ldebug.c (moderate) | CVE-2020-15945 | Medium | 8:lua-libs | All Versions | |||
CVE-2018-20839 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker (moderate) | CVE-2018-20839 | Medium | 8:systemd | All Versions | |||
CVE-2018-20839 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker (moderate) | CVE-2018-20839 | Medium | 8:systemd-libs | All Versions | |||
CVE-2018-20839 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker (moderate) | CVE-2018-20839 | Medium | 8:systemd-pam | All Versions | |||
CVE-2020-12762 json-c: integer overflow and out-of-bounds write via a large JSON file (moderate) | CVE-2020-12762 | Medium | 8:json-c | All Versions | |||
CVE-2020-12243 openldap: denial of service via nested boolean expressions in LDAP search filters (moderate) | CVE-2020-12243 | Medium | 8:openldap | ||||
CVE-2020-14344 libX11: Heap overflow in the X input method client (moderate) | CVE-2020-14344 | Medium | 8:libX11 | All Versions | |||
CVE-2020-14344 libX11: Heap overflow in the X input method client (moderate) | CVE-2020-14344 | Medium | 8:libX11-common | All Versions | |||
CVE-2020-14344 libX11: Heap overflow in the X input method client (moderate) | CVE-2020-14344 | Medium | 8:libX11-xcb | All Versions | |||
CVE-2021-23840 openssl: integer overflow in CipherUpdate | CVE-2021-23840 | Medium | 8:openssl | All Versions | |||
CVE-2020-13790 libjpeg-turbo: heap-based buffer over-read in get_rgb_row() in rdppm.c | CVE-2020-13790 | Medium | 8:libjpeg-turbo | All Versions | |||
CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate) | CVE-2020-10878 | Medium | 8:perl-Errno | All Versions | |||
CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate) | CVE-2020-10878 | Medium | 8:perl-IO | All Versions | |||
CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate) | CVE-2020-10878 | Medium | 8:perl-interpreter | All Versions | |||
CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate) | CVE-2020-10878 | Medium | 8:perl-libs | All Versions | |||
CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate) | CVE-2020-10878 | Medium | 8:perl-macros | All Versions | |||
CVE-2020-15778 openssh: scp allows command injection when using backtick characters in the destination argument (moderate) | CVE-2020-15778 | Medium | 8:openssh-clients | All Versions | |||
CVE-2020-15778 openssh: scp allows command injection when using backtick characters in the destination argument (moderate) | CVE-2020-15778 | Medium | 8:openssh | All Versions | |||
CVE-2019-19603 sqlite: mishandles certain SELECT statements with a nonexistent VIEW, leading to DoS | CVE-2019-19603 | Medium | 8:sqlite | All Versions | |||
The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py. | CVE-2019-20916 | Medium | pip | 6.0 ≤ Version < 19.2 | 19.2 | ||
CVE-2019-19645 sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements | CVE-2019-19645 | Medium | 8:sqlite | All Versions | |||
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116. | CVE-2020-26137 | Medium | urllib3 | 1.8 ≤ Version < 1.25.9 | 1.25.9 | ||
CVE-2020-28196 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS (moderate) | CVE-2020-28196 | Medium | 8:krb5-libs | All Versions | |||
CVE-2020-28196 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS (moderate) | CVE-2020-28196 | Medium | 8:libkadm5 | All Versions | |||
CVE-2020-8285 curl: malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used (moderate) | CVE-2020-8285 | Medium | 8:curl | All Versions | |||
CVE-2020-8285 curl: malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used (moderate) | CVE-2020-8285 | Medium | 8:libcurl | All Versions | |||
CVE-2020-24977 libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal() in entities.c | CVE-2020-24977 | Medium | 8:libxml2 | All Versions | |||
CVE-2021-3326 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters | CVE-2021-3326 | Medium | 8:glibc | All Versions | |||
CVE-2019-1010022 glibc: stack guard protection bypass (moderate) | CVE-2019-1010022 | Medium | 8:glibc | All Versions | |||
CVE-2019-1010022 glibc: stack guard protection bypass (moderate) | CVE-2019-1010022 | Medium | 8:glibc-common | All Versions | |||
CVE-2019-1010022 glibc: stack guard protection bypass (moderate) | CVE-2019-1010022 | Medium | 8:glibc-minimal-langpack | All Versions | |||
CVE-2019-1010022 glibc: stack guard protection bypass (moderate) | CVE-2019-1010022 | Medium | 8:glibc-locale-source | All Versions | |||
CVE-2019-1010022 glibc: stack guard protection bypass (moderate) | CVE-2019-1010022 | Medium | 8:glibc-langpack-en | All Versions | |||
CVE-2019-13057 openldap: Information disclosure issue in slapd component (moderate) | CVE-2019-13057 | Medium | 8:openldap | ||||
CVE-2017-14502 libarchive: Off-by-one error in the read_header function (moderate) | CVE-2017-14502 | Medium | 8:libarchive | All Versions | |||
CVE-2017-14502 libarchive: Off-by-one error in the read_header function (moderate) | CVE-2017-14502 | Medium | 8:bsdtar | All Versions | |||
CVE-2018-1000021 git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands (moderate) | CVE-2018-1000021 | Medium | 8:git | All Versions | |||
CVE-2018-1000021 git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands (moderate) | CVE-2018-1000021 | Medium | 8:git-core | All Versions | |||
CVE-2018-1000021 git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands (moderate) | CVE-2018-1000021 | Medium | 8:perl-Git | All Versions | |||
CVE-2018-1000876 binutils: integer overflow leads to heap-based buffer overflow in objdump (moderate) | CVE-2018-1000876 | Medium | 8:binutils | All Versions | |||
CVE-2021-20231 gnutls: Use after free in client key_share extension (moderate) | CVE-2021-20231 | Medium | 8:gnutls | All Versions | |||
CVE-2017-17095 libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service (moderate) | CVE-2017-17095 | Medium | 8:libtiff | All Versions | |||
CVE-2018-16335 libtiff: Heap-based buffer overflow in ChopUpSingleUncompressedStrip in tif_dirread.c (moderate) | CVE-2018-16335 | Medium | 8:libtiff | All Versions | |||
CVE-2017-18018 coreutils: race condition vulnerability in chown and chgrp (moderate) | CVE-2017-18018 | Medium | 8:coreutils-single | All Versions | |||
CVE-2019-13751 sqlite: fts3: improve detection of corrupted records | CVE-2019-13751 | Medium | 8:sqlite | All Versions | |||
CVE-2019-19880 sqlite: invalid pointer dereference in exprListAppendList in window.c | CVE-2019-19880 | Medium | 8:sqlite | All Versions | |||
An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number). | CVE-2018-20225 | Medium | pip | 1.3 ≤ Version < 20.3 | 20.3 | ||
CVE-2019-12904 Libgcrypt: physical addresses being available to other processes leads to a flush-and-reload side-channel attack (moderate) | CVE-2019-12904 | Medium | 8:libgcrypt | All Versions | |||
CVE-2019-17595 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c (moderate) | CVE-2019-17595 | Medium | 8:ncurses-base | All Versions | |||
CVE-2019-17595 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c (moderate) | CVE-2019-17595 | Medium | 8:ncurses-libs | All Versions | |||
CVE-2019-17595 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c (moderate) | CVE-2019-17595 | Medium | 8:ncurses | All Versions | |||
RHSA-2020:4903: nodejs:12 security and bug fix update (Moderate) | "CVE-2020-15095 CVE-2020-8116 CVE-2020-8201 CVE-2020-8252" | Medium | 8:nodejs-full-i18n | < 1:12.18.4-2.module+el8.1.0+8360+14141500 | ≥ 1:12.18.4-2.module+el8.1.0+8360+14141500 | ||
RHSA-2020:4903: nodejs:12 security and bug fix update (Moderate) | "CVE-2020-15095 CVE-2020-8116 CVE-2020-8201 CVE-2020-8252" | Medium | 8:nodejs | < 1:12.18.4-2.module+el8.1.0+8360+14141500 | ≥ 1:12.18.4-2.module+el8.1.0+8360+14141500 | ||
CVE-2019-9074 binutils: out-of-bound read in function bfd_getl32 in libbfd.c (moderate) | CVE-2019-9074 | Medium | 8:binutils | All Versions | |||
RHSA-2020:4272: nodejs:12 security and bug fix update (Moderate) | "CVE-2020-15095 CVE-2020-8116 CVE-2020-8201 CVE-2020-8252" | Medium | 8:nodejs-full-i18n | < 1:12.18.4-2.module+el8.2.0+8361+192e434e | ≥ 1:12.18.4-2.module+el8.2.0+8361+192e434e | ||
RHSA-2020:4272: nodejs:12 security and bug fix update (Moderate) | "CVE-2020-15095 CVE-2020-8116 CVE-2020-8201 CVE-2020-8252" | Medium | 8:nodejs | < 1:12.18.4-2.module+el8.2.0+8361+192e434e | ≥ 1:12.18.4-2.module+el8.2.0+8361+192e434e | ||
CVE-2019-5188 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c (moderate) | CVE-2019-5188 | Medium | 8:libcom_err | All Versions | |||
CVE-2019-9633 glib: g_socket_client_connected_callback in gio/gsocketclient.c allows to cause denial of service (moderate) | CVE-2019-9633 | Medium | 8:glib2 | All Versions | |||
CVE-2019-3842 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" (moderate) | CVE-2019-3842 | Medium | 8:systemd | All Versions | |||
CVE-2019-3842 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" (moderate) | CVE-2019-3842 | Medium | 8:systemd-libs | All Versions | |||
CVE-2019-3842 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" (moderate) | CVE-2019-3842 | Medium | 8:systemd-pam | All Versions | |||
CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate) | CVE-2020-10543 | Medium | 8:perl-Errno | All Versions | |||
CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate) | CVE-2020-10543 | Medium | 8:perl-IO | All Versions | |||
CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate) | CVE-2020-10543 | Medium | 8:perl-interpreter | All Versions | |||
CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate) | CVE-2020-10543 | Medium | 8:perl-libs | All Versions | |||
CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate) | CVE-2020-10543 | Medium | 8:perl-macros | All Versions | |||
CVE-2019-9169 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read (moderate) | CVE-2019-9169 | Medium | 8:glibc | All Versions | |||
CVE-2019-9169 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read (moderate) | CVE-2019-9169 | Medium | 8:glibc-common | All Versions | |||
CVE-2019-9169 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read (moderate) | CVE-2019-9169 | Medium | 8:glibc-minimal-langpack | All Versions | |||
CVE-2019-9169 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read (moderate) | CVE-2019-9169 | Medium | 8:glibc-locale-source | All Versions | |||
CVE-2019-9169 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read (moderate) | CVE-2019-9169 | Medium | 8:glibc-langpack-en | All Versions | |||
CVE-2020-26137 python-urllib3: CRLF injection via HTTP request method (moderate) | CVE-2020-26137 | Medium | 8:python3-urllib3 | All Versions | |||
CVE-2020-8284 curl: dangerous nature of PASV command could be used to make curl extract information otherwise private (moderate) | CVE-2020-8284 | Medium | 8:curl | All Versions | |||
CVE-2020-8284 curl: dangerous nature of PASV command could be used to make curl extract information otherwise private (moderate) | CVE-2020-8284 | Medium | 8:libcurl | All Versions | |||
CVE-2020-13776 systemd: mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits (moderate) | CVE-2020-13776 | Medium | 8:systemd | All Versions | |||
CVE-2020-13776 systemd: mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits (moderate) | CVE-2020-13776 | Medium | 8:systemd-libs | All Versions | |||
CVE-2020-13776 systemd: mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits (moderate) | CVE-2020-13776 | Medium | 8:systemd-pam | All Versions | |||
CVE-2019-13750 sqlite: dropping of shadow tables not restricted in defensive mode (moderate) | CVE-2019-13750 | Medium | 8:sqlite-libs | All Versions | |||
CVE-2019-13750 sqlite: dropping of shadow tables not restricted in defensive mode (moderate) | CVE-2019-13750 | Medium | 8:sqlite | All Versions | |||
CVE-2019-18224 libidn2: heap-based buffer overflow in idn2_to_ascii_4i in lib/lookup.c (moderate) | CVE-2019-18224 | Medium | 8:libidn2 | All Versions | |||
CVE-2019-9075 binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c (moderate) | CVE-2019-9075 | Medium | 8:binutils | All Versions | |||
CVE-2019-17543 lz4: heap-based buffer overflow in LZ4_write32 (moderate) | CVE-2019-17543 | Medium | 8:lz4-libs | All Versions | |||
CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite (moderate) | CVE-2019-5827 | Medium | 8:sqlite-libs | All Versions | |||
CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite (moderate) | CVE-2019-5827 | Medium | 8:sqlite | All Versions | |||
CVE-2020-8286 curl: inferior OCSP verification (moderate) | CVE-2020-8286 | Medium | 8:curl | All Versions | |||
CVE-2020-8286 curl: inferior OCSP verification (moderate) | CVE-2020-8286 | Medium | 8:libcurl | All Versions | |||
CVE-2020-15358 sqlite: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization in select.c (moderate) | CVE-2020-15358 | Medium | 8:sqlite-libs | All Versions | |||
CVE-2020-15358 sqlite: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization in select.c (moderate) | CVE-2020-15358 | Medium | 8:sqlite | All Versions | |||
CVE-2018-20671 binutils: Integer overflow in load_specific_debug_section function (moderate) | CVE-2018-20671 | Medium | 8:binutils | All Versions | |||
CVE-2019-3881 rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code (moderate) | CVE-2019-3881 | Medium | 8:rubygem-bundler | All Versions | |||
CVE-2019-25013 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (moderate) | CVE-2019-25013 | Medium | 8:glibc | All Versions | |||
CVE-2019-25013 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (moderate) | CVE-2019-25013 | Medium | 8:glibc-common | All Versions | |||
CVE-2019-25013 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (moderate) | CVE-2019-25013 | Medium | 8:glibc-minimal-langpack | All Versions | |||
CVE-2019-25013 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (moderate) | CVE-2019-25013 | Medium | 8:glibc-locale-source | All Versions | |||
CVE-2019-25013 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (moderate) | CVE-2019-25013 | Medium | 8:glibc-langpack-en | All Versions | |||
CVE-2021-3326 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters (moderate) | CVE-2021-3326 | Medium | 8:glibc-common | All Versions | |||
CVE-2021-3326 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters (moderate) | CVE-2021-3326 | Medium | 8:glibc | All Versions | |||
CVE-2021-3326 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters (moderate) | CVE-2021-3326 | Medium | 8:glibc-minimal-langpack | All Versions | |||
CVE-2021-3326 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters (moderate) | CVE-2021-3326 | Medium | 8:glibc-locale-source | All Versions | |||
CVE-2021-3326 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters (moderate) | CVE-2021-3326 | Medium | 8:glibc-langpack-en | All Versions | |||
CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (moderate) | CVE-2021-23841 | Medium | 8:openssl-libs | All Versions | |||
CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (moderate) | CVE-2021-23841 | Medium | 8:openssl | All Versions | |||
CVE-2021-23840 openssl: integer overflow in CipherUpdate (moderate) | CVE-2021-23840 | Medium | 8:openssl-libs | All Versions | |||
CVE-2021-23840 openssl: integer overflow in CipherUpdate (moderate) | CVE-2021-23840 | Medium | 8:openssl | All Versions | |||
CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve (moderate) | CVE-2021-3114 | Medium | 8:libgcc | All Versions | |||
CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve (moderate) | CVE-2021-3114 | Medium | 8:libstdc++ | All Versions | |||
CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve (moderate) | CVE-2021-3114 | Medium | 8:libgomp | All Versions | |||
CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve (moderate) | CVE-2021-3114 | Medium | 8:gcc | All Versions | |||
CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve (moderate) | CVE-2021-3114 | Medium | 8:gcc-c++ | All Versions | |||
CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve (moderate) | CVE-2021-3114 | Medium | 8:cpp | All Versions | |||
CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve (moderate) | CVE-2021-3114 | Medium | 8:gcc-gdb-plugin | All Versions | |||
CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (moderate) | CVE-2020-12723 | Medium | 8:perl-parent | All Versions | |||
CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (moderate) | CVE-2020-12723 | Medium | 8:perl-Pod-Simple | All Versions | |||
CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (moderate) | CVE-2020-12723 | Medium | 8:perl-Pod-Escapes | All Versions | |||
CVE-2021-3421 rpm: unsigned signature header leads to string injection into an rpm database | CVE-2021-3421 | Medium | 8:rpm | All Versions | |||
CVE-2020-29361 p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers | CVE-2020-29361 | Medium | 8:p11-kit | All Versions | |||
RHSA-2021:0549: nodejs:12 security update (Moderate) | "CVE-2019-10746 CVE-2019-10747 CVE-2020-7754 CVE-2020-7788 CVE-2020-8265 CVE-2020-8287" | Medium | 8:nodejs-full-i18n | < 1:12.20.1-1.module+el8.3.0+9503+19cb079c | ≥ 1:12.20.1-1.module+el8.3.0+9503+19cb079c | ||
RHSA-2021:0549: nodejs:12 security update (Moderate) | "CVE-2019-10746 CVE-2019-10747 CVE-2020-7754 CVE-2020-7788 CVE-2020-8265 CVE-2020-8287" | Medium | 8:nodejs | < 1:12.20.1-1.module+el8.3.0+9503+19cb079c | ≥ 1:12.20.1-1.module+el8.3.0+9503+19cb079c | ||
RHSA-2021:0551: nodejs:14 security and bug fix update (Moderate) | "CVE-2020-15366 CVE-2020-7754 CVE-2020-7774 CVE-2020-7788 CVE-2020-8265 CVE-2020-8277 CVE-2020-8287" | Medium | 8:nodejs-full-i18n | < 1:14.15.4-2.module+el8.3.0+9635+ffdf8381 | ≥ 1:14.15.4-2.module+el8.3.0+9635+ffdf8381 | ||
RHSA-2021:0551: nodejs:14 security and bug fix update (Moderate) | "CVE-2020-15366 CVE-2020-7754 CVE-2020-7774 CVE-2020-7788 CVE-2020-8265 CVE-2020-8277 CVE-2020-8287" | Medium | 8:nodejs | < 1:14.15.4-2.module+el8.3.0+9635+ffdf8381 | ≥ 1:14.15.4-2.module+el8.3.0+9635+ffdf8381 | ||
CVE-2020-29363 p11-kit: out-of-bounds write in p11_rpc_buffer_get_byte_array_value function in rpc-message.c | CVE-2020-29363 | Medium | 8:p11-kit | All Versions | |||
CVE-2020-8927 brotli: buffer overflow when input chunk is larger than 2GiB (moderate) | CVE-2020-8927 | Medium | 8:brotli | All Versions | |||
CVE-2021-20197 binutils: race window allows users to own arbitrary files | CVE-2021-20197 | Medium | 8:binutils | All Versions | |||
CVE-2021-23336 python: Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (moderate) | CVE-2021-23336 | Medium | 8:platform-python | All Versions | |||
CVE-2021-23336 python: Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (moderate) | CVE-2021-23336 | Medium | 8:python3-libs | All Versions | |||
CVE-2021-21300 git: remote code execution during clone operation on case-insensitive filesystems (moderate) | CVE-2021-21300 | Medium | 8:git | All Versions | |||
CVE-2021-21300 git: remote code execution during clone operation on case-insensitive filesystems (moderate) | CVE-2021-21300 | Medium | 8:git-core | All Versions | |||
CVE-2021-21300 git: remote code execution during clone operation on case-insensitive filesystems (moderate) | CVE-2021-21300 | Medium | 8:perl-Git | All Versions | |||
CVE-2021-20232 gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c (moderate) | CVE-2021-20232 | Medium | 8:gnutls | All Versions | |||
RHSA-2020:5499: nodejs:12 security and bug fix update (Moderate) | "CVE-2020-15366 CVE-2020-7608 CVE-2020-7774 CVE-2020-8277" | Medium | 8:nodejs-full-i18n | < 1:12.19.1-1.module+el8.3.0+8851+b7b41ca0 | ≥ 1:12.19.1-1.module+el8.3.0+8851+b7b41ca0 | ||
RHSA-2020:5499: nodejs:12 security and bug fix update (Moderate) | "CVE-2020-15366 CVE-2020-7608 CVE-2020-7774 CVE-2020-8277" | Medium | 8:nodejs | < 1:12.19.1-1.module+el8.3.0+8851+b7b41ca0 | ≥ 1:12.19.1-1.module+el8.3.0+8851+b7b41ca0 | ||
CVE-2020-13249 mariadb-connector-c: Improper validation of content in a OK packet received from server (moderate) | CVE-2020-13249 | Medium | 8:mariadb-connector-c | All Versions | |||
CVE-2020-13249 mariadb-connector-c: Improper validation of content in a OK packet received from server (moderate) | CVE-2020-13249 | Medium | 8:mariadb-connector-c-devel | All Versions | |||
CVE-2020-29362 p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c | CVE-2020-29362 | Medium | 8:p11-kit | All Versions | |||
CVE-2019-17594 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c (moderate) | CVE-2019-17594 | Medium | 8:ncurses-base | All Versions | |||
CVE-2019-17594 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c (moderate) | CVE-2019-17594 | Medium | 8:ncurses-libs | All Versions | |||
CVE-2019-17594 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c (moderate) | CVE-2019-17594 | Medium | 8:ncurses | All Versions | |||
CVE-2019-9077 binutils: heap-based buffer overflow in function process_mips_specific in readelf.c (moderate) | CVE-2019-9077 | Medium | 8:binutils | All Versions | |||
CVE-2019-2201 libjpeg-turbo: several integer overflows and subsequent segfaults when attempting to compress/decompress gigapixel images (moderate) | CVE-2019-2201 | Medium | 8:libjpeg-turbo | All Versions | |||
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVE-2019-11236 | Medium | urllib3 | 1.24.1 ≤ Version ≤ 1.24.2 | 1.24.3] | [1.25 | |
CVE-2020-13435 sqlite: NULL pointer dereference leads to segmentation fault in sqlite3ExprCodeTarget in expr.c | CVE-2020-13435 | Medium | 8:sqlite | All Versions | |||
CVE-2020-25211 kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (moderate) | CVE-2020-25211 | Medium | 8:kernel-headers | All Versions | |||
CVE-2020-13434 sqlite: integer overflow in sqlite3_str_vappendf function in printf.c | CVE-2020-13434 | Medium | 8:sqlite | All Versions | |||
CVE-2018-20673 libiberty: Integer overflow in demangle_template() function (moderate) | CVE-2018-20673 | Medium | 8:libgcc | All Versions | |||
CVE-2018-20673 libiberty: Integer overflow in demangle_template() function (moderate) | CVE-2018-20673 | Medium | 8:libstdc++ | All Versions | |||
CVE-2018-20673 libiberty: Integer overflow in demangle_template() function (moderate) | CVE-2018-20673 | Medium | 8:libgomp | All Versions | |||
CVE-2018-20673 libiberty: Integer overflow in demangle_template() function (moderate) | CVE-2018-20673 | Medium | 8:binutils | All Versions | |||
CVE-2018-20673 libiberty: Integer overflow in demangle_template() function (moderate) | CVE-2018-20673 | Medium | 8:gcc | All Versions | |||
CVE-2018-20673 libiberty: Integer overflow in demangle_template() function (moderate) | CVE-2018-20673 | Medium | 8:gcc-c++ | All Versions | |||
CVE-2018-20673 libiberty: Integer overflow in demangle_template() function (moderate) | CVE-2018-20673 | Medium | 8:cpp | All Versions | |||
CVE-2018-20673 libiberty: Integer overflow in demangle_template() function (moderate) | CVE-2018-20673 | Medium | 8:gcc-gdb-plugin | All Versions | |||
CVE-2019-18218 file: heap-based buffer overflow in cdf_read_property_info in cdf.c (moderate) | CVE-2019-18218 | Medium | 8:file-libs | All Versions | |||
CVE-2019-18218 file: heap-based buffer overflow in cdf_read_property_info in cdf.c (moderate) | CVE-2019-18218 | Medium | 8:file | All Versions | |||
CVE-2018-15209 libtiff: Heap-based buffer overflow in ChopUpSingleUncompressedStrip in tif_dirread.c (moderate) | CVE-2018-15209 | Medium | 8:libtiff | All Versions | |||
CVE-2018-20225 python-pip: when --extra-index-url option is used and package does not already exist in the public index, the installation of malicious package with arbitrary version number is possible. (low) | CVE-2018-20225 | Low | 8:python3-pip-wheel | All Versions | |||
CVE-2021-20271 rpm: Signature checks bypass via corrupted rpm package | CVE-2021-20271 | Low | 8:rpm | All Versions | |||
CVE-2018-20657 libiberty: Memory leak in demangle_template function resulting in a denial of service | CVE-2018-20657 | Low | 8:binutils | All Versions | |||
CVE-2018-20657 libiberty: Memory leak in demangle_template function resulting in a denial of service | CVE-2018-20657 | Low | 8:gcc | All Versions | |||
CVE-2021-20266 rpm: missing length checks in hdrblobInit() | CVE-2021-20266 | Low | 8:rpm | All Versions | |||
CVE-2019-19244 sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain ORDER BY usage | CVE-2019-19244 | Low | 8:sqlite | All Versions | |||
CVE-2019-12972 binutils: out-of-bounds read in setup_group in bfd/elf.c | CVE-2019-12972 | Low | 8:binutils | All Versions | |||
CVE-2020-16598 binutils: Null Pointer Dereference in debug_get_real_type could result in DoS | CVE-2020-16598 | Low | 8:binutils | All Versions | |||
CVE-2021-27645 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c | CVE-2021-27645 | Low | 8:glibc | All Versions | |||
CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option | CVE-2016-10228 | Low | 8:glibc | All Versions | |||
CVE-2019-7317 libpng: use-after-free in png_image_free in png.c | CVE-2019-7317 | Low | 8:libpng | All Versions | |||
CVE-2018-17101 libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c (low) | CVE-2018-17101 | Low | 8:libtiff | All Versions | |||
CVE-2018-18605 binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c (low) | CVE-2018-18605 | Low | 8:binutils | All Versions | |||
CVE-2017-12652 libpng: does not check length of chunks against user limit (low) | CVE-2017-12652 | Low | 8:libpng | All Versions | |||
CVE-2019-6110 openssh: Acceptance and display of arbitrary stderr allows for spoofing of scp client output (low) | CVE-2019-6110 | Low | 8:openssh-clients | All Versions | |||
CVE-2019-6110 openssh: Acceptance and display of arbitrary stderr allows for spoofing of scp client output (low) | CVE-2019-6110 | Low | 8:openssh | All Versions | |||
CVE-2020-14145 openssh: Observable Discrepancy leading to an information leak in the algorithm negotiation (low) | CVE-2020-14145 | Low | 8:openssh-clients | All Versions | |||
CVE-2020-14145 openssh: Observable Discrepancy leading to an information leak in the algorithm negotiation (low) | CVE-2020-14145 | Low | 8:openssh | All Versions | |||
CVE-2019-1010023 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation (low) | CVE-2019-1010023 | Low | 8:glibc | All Versions | |||
CVE-2019-1010023 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation (low) | CVE-2019-1010023 | Low | 8:glibc-common | All Versions | |||
CVE-2019-1010023 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation (low) | CVE-2019-1010023 | Low | 8:glibc-minimal-langpack | All Versions | |||
CVE-2019-1010023 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation (low) | CVE-2019-1010023 | Low | 8:glibc-locale-source | All Versions | |||
CVE-2019-1010023 glibc: running ldd on malicious ELF leads to code execution because of wrong size computation (low) | CVE-2019-1010023 | Low | 8:glibc-langpack-en | All Versions | |||
CVE-2017-14166 libarchive: Heap-based buffer over-read in the atol8 function (low) | CVE-2017-14166 | Low | 8:libarchive | All Versions | |||
CVE-2017-14166 libarchive: Heap-based buffer over-read in the atol8 function (low) | CVE-2017-14166 | Low | 8:bsdtar | All Versions | |||
CVE-2020-21674 libarchive: heap-based buffer overflow in archive_string_append_from_wcs function in archive_string.c (low) | CVE-2020-21674 | Low | 8:libarchive | All Versions | |||
CVE-2020-21674 libarchive: heap-based buffer overflow in archive_string_append_from_wcs function in archive_string.c (low) | CVE-2020-21674 | Low | 8:bsdtar | All Versions | |||
CVE-2017-14501 libarchive: Out-of-bounds read in parse_file_info (low) | CVE-2017-14501 | Low | 8:libarchive | All Versions | |||
CVE-2017-14501 libarchive: Out-of-bounds read in parse_file_info (low) | CVE-2017-14501 | Low | 8:bsdtar | All Versions | |||
CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option (low) | CVE-2016-10228 | Low | 8:glibc-minimal-langpack | All Versions | |||
CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option (low) | CVE-2016-10228 | Low | 8:glibc-common | All Versions | |||
CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option (low) | CVE-2016-10228 | Low | 8:glibc | All Versions | |||
CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option (low) | CVE-2016-10228 | Low | 8:glibc-locale-source | All Versions | |||
CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option (low) | CVE-2016-10228 | Low | 8:glibc-langpack-en | All Versions | |||
CVE-2018-16429 glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c (low) | CVE-2018-16429 | Low | 8:glib2 | All Versions | |||
CVE-2018-18607 binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c (low) | CVE-2018-18607 | Low | 8:binutils | All Versions | |||
CVE-2019-11038 gd: Information disclosure in gdImageCreateFromXbm() (low) | CVE-2019-11038 | Low | 8:gd | All Versions | |||
CVE-2021-20193 tar: Memory leak in read_header() in list.c (low) | CVE-2021-20193 | Low | 8:tar | All Versions | |||
CVE-2018-12934 binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c (low) | CVE-2018-12934 | Low | 8:binutils | All Versions | |||
CVE-2018-1121 procps-ng, procps: process hiding through race condition enumerating /proc (low) | CVE-2018-1121 | Low | 8:procps-ng | All Versions | |||
CVE-2017-15897 nodejs: Unitialized buffer due to incorrect encoding (low) | CVE-2017-15897 | Low | 8:nodejs-full-i18n | All Versions | |||
CVE-2017-15897 nodejs: Unitialized buffer due to incorrect encoding (low) | CVE-2017-15897 | Low | 8:nodejs | All Versions | |||
CVE-2017-15897 nodejs: Unitialized buffer due to incorrect encoding (low) | CVE-2017-15897 | Low | 8:npm | All Versions | |||
CVE-2018-1000654 libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion (low) | CVE-2018-1000654 | Low | 8:libtasn1 | All Versions | |||
CVE-2020-35493 binutils: heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF file | CVE-2020-35493 | Low | 8:binutils | All Versions | |||
CVE-2018-12698 binutils: excessive memory consumption in demangle_template in cplus-dem.c (low) | CVE-2018-12698 | Low | 8:binutils | All Versions | |||
CVE-2018-10801 libtiff: memory leak in bmp2tiff tool (low) | CVE-2018-10801 | Low | 8:libtiff | All Versions | |||
CVE-2018-12700 binutils: Stack Exhaustion in debug_write_type in debug.c (low) | CVE-2018-12700 | Low | 8:binutils | All Versions | |||
CVE-2018-12699 binutils: heap-based buffer overflow in finish_stab in stabs.c (low) | CVE-2018-12699 | Low | 8:binutils | All Versions | |||
CVE-2018-17360 binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c (low) | CVE-2018-17360 | Low | 8:binutils | All Versions | |||
CVE-2018-12641 binutils: Stack Exhaustion in the demangling functions provided by libiberty (low) | CVE-2018-12641 | Low | 8:binutils | All Versions | |||
CVE-2018-18701 binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c (low) | CVE-2018-18701 | Low | 8:binutils | All Versions | |||
CVE-2018-16428 glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c (low) | CVE-2018-16428 | Low | 8:glib2 | All Versions | |||
CVE-2018-17985 binutils: Stack consumption problem caused by the cplus_demangle_type (low) | CVE-2018-17985 | Low | 8:binutils | All Versions | |||
CVE-2018-18700 binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c (low) | CVE-2018-18700 | Low | 8:binutils | All Versions | |||
CVE-2018-18483 binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service (low) | CVE-2018-18483 | Low | 8:binutils | All Versions | |||
CVE-2018-18484 binutils: Stack exhaustion in cp-demangle.c allows for denial of service (low) | CVE-2018-18484 | Low | 8:binutils | All Versions | |||
CVE-2018-19211 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c (low) | CVE-2018-19211 | Low | 8:ncurses-base | All Versions | |||
CVE-2018-19211 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c (low) | CVE-2018-19211 | Low | 8:ncurses-libs | All Versions | |||
CVE-2018-19211 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c (low) | CVE-2018-19211 | Low | 8:ncurses | All Versions | |||
CVE-2019-13117 libxslt: an xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers (low) | CVE-2019-13117 | Low | 8:libxslt | All Versions | |||
CVE-2020-35507 binutils: NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c | CVE-2020-35507 | Low | 8:binutils | All Versions | |||
CVE-2020-35495 binutils: NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c | CVE-2020-35495 | Low | 8:binutils | All Versions | |||
CVE-2019-8906 file: out-of-bounds read in do_core_note in readelf.c (low) | CVE-2019-8906 | Low | 8:file-libs | All Versions | |||
CVE-2019-8906 file: out-of-bounds read in do_core_note in readelf.c (low) | CVE-2019-8906 | Low | 8:file | All Versions | |||
CVE-2019-9071 binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c (low) | CVE-2019-9071 | Low | 8:binutils | All Versions | |||
CVE-2018-1000879 libarchive: NULL pointer dereference in ACL parser resulting in a denial of service (low) | CVE-2018-1000879 | Low | 8:libarchive | All Versions | |||
CVE-2018-1000879 libarchive: NULL pointer dereference in ACL parser resulting in a denial of service (low) | CVE-2018-1000879 | Low | 8:bsdtar | All Versions | |||
CVE-2020-24370 lua: segmentation fault in getlocal and setlocal functions in ldebug.c (low) | CVE-2020-24370 | Low | 8:lua-libs | All Versions | |||
CVE-2019-9936 sqlite: heap-based buffer over-read in function fts5HashEntrySort in sqlite3.c (low) | CVE-2019-9936 | Low | 8:sqlite-libs | All Versions | |||
CVE-2019-9936 sqlite: heap-based buffer over-read in function fts5HashEntrySort in sqlite3.c (low) | CVE-2019-9936 | Low | 8:sqlite | All Versions | |||
CVE-2018-1000880 libarchive: Improper input validation in WARC parser resulting in a denial of service (low) | CVE-2018-1000880 | Low | 8:libarchive | All Versions | |||
CVE-2018-1000880 libarchive: Improper input validation in WARC parser resulting in a denial of service (low) | CVE-2018-1000880 | Low | 8:bsdtar | All Versions | |||
CVE-2019-8905 file: stack-based buffer over-read in do_core_note in readelf.c (low) | CVE-2019-8905 | Low | 8:file-libs | All Versions | |||
CVE-2019-8905 file: stack-based buffer over-read in do_core_note in readelf.c (low) | CVE-2019-8905 | Low | 8:file | All Versions | |||
CVE-2018-18309 binutils: invalid memory address dereference in read_reloc in reloc.c (low) | CVE-2018-18309 | Low | 8:binutils | All Versions | |||
CVE-2018-20651 binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service (low) | CVE-2018-20651 | Low | 8:binutils | All Versions | |||
CVE-2019-20838 pcre: buffer over-read in JIT when UTF is disabled (low) | CVE-2019-20838 | Low | 8:pcre | All Versions | |||
CVE-2019-9937 sqlite: null-pointer dereference in function fts5ChunkIterate in sqlite3.c (low) | CVE-2019-9937 | Low | 8:sqlite-libs | All Versions | |||
CVE-2019-9937 sqlite: null-pointer dereference in function fts5ChunkIterate in sqlite3.c (low) | CVE-2019-9937 | Low | 8:sqlite | All Versions | |||
CVE-2018-19932 binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service (low) | CVE-2018-19932 | Low | 8:binutils | All Versions | |||
CVE-2018-19217 ncurses: Null pointer dereference at function _nc_name_match (low) | CVE-2018-19217 | Low | 8:ncurses-base | All Versions | |||
CVE-2018-19217 ncurses: Null pointer dereference at function _nc_name_match (low) | CVE-2018-19217 | Low | 8:ncurses-libs | All Versions | |||
CVE-2018-19217 ncurses: Null pointer dereference at function _nc_name_match (low) | CVE-2018-19217 | Low | 8:ncurses | All Versions | |||
CVE-2018-5360 LibTIFF: heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c (low) | CVE-2018-5360 | Low | 8:libtiff | All Versions | |||
CVE-2018-6872 binutils: out of bounds read in elf_parse_notes function in elf.c file in libbfd library (low) | CVE-2018-6872 | Low | 8:binutils | All Versions | |||
CVE-2021-27645 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c (low) | CVE-2021-27645 | Low | 8:glibc | All Versions | |||
CVE-2021-27645 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c (low) | CVE-2021-27645 | Low | 8:glibc-common | All Versions | |||
CVE-2021-27645 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c (low) | CVE-2021-27645 | Low | 8:glibc-minimal-langpack | All Versions | |||
CVE-2021-27645 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c (low) | CVE-2021-27645 | Low | 8:glibc-langpack-en | All Versions | |||
CVE-2021-27645 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c (low) | CVE-2021-27645 | Low | 8:glibc-locale-source | All Versions | |||
CVE-2019-18276 bash: when effective UID is not equal to its real UID the saved UID is not dropped (low) | CVE-2019-18276 | Low | 8:bash | All Versions | |||
CVE-2018-20786 libvterm: NULL pointer dereference in vterm_screen_set_callbacks (low) | CVE-2018-20786 | Low | 8:vim-minimal | All Versions | |||
CVE-2019-12900 bzip2: out-of-bounds write in function BZ2_decompress (low) | CVE-2019-12900 | Low | 8:bzip2-libs | All Versions | |||
CVE-2019-12900 bzip2: out-of-bounds write in function BZ2_decompress (low) | CVE-2019-12900 | Low | 8:bzip2 | All Versions | |||
CVE-2019-2708 libdb: Denial of service in the Data Store component (low) | CVE-2019-2708 | Low | 8:libdb | All Versions | |||
CVE-2019-2708 libdb: Denial of service in the Data Store component (low) | CVE-2019-2708 | Low | 8:libdb-utils | All Versions | |||
CVE-2019-13118 libxslt: read of uninitialized stack data due to too narrow xsl:number instruction and an invalid character (low) | CVE-2019-13118 | Low | 8:libxslt | All Versions | |||
CVE-2018-10779 libtiff: heap-based buffer over-read in TIFFWriteScanline function in tif_write.c (low) | CVE-2018-10779 | Low | 8:libtiff | All Versions | |||
CVE-2018-12697 binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. (low) | CVE-2018-12697 | Low | 8:binutils | All Versions | |||
CVE-2018-17794 binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input (low) | CVE-2018-17794 | Low | 8:binutils | All Versions | |||
CVE-2018-18606 binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c (low) | CVE-2018-18606 | Low | 8:binutils | All Versions | |||
CVE-2018-19210 libtiff: NULL pointer dereference in TIFFWriteDirectorySec function in tif_dirwrite.c (low) | CVE-2018-19210 | Low | 8:libtiff | All Versions | |||
CVE-2018-20002 binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c (low) | CVE-2018-20002 | Low | 8:binutils | All Versions | |||
CVE-2018-5711 gd: Infinite loop in gdImageCreateFromGifCtx() in gd_gif_in.c (low) | CVE-2018-5711 | Low | 8:gd | All Versions | |||
CVE-2019-14250 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow (low) | CVE-2019-14250 | Low | 8:libgcc | All Versions | |||
CVE-2019-14250 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow (low) | CVE-2019-14250 | Low | 8:libstdc++ | All Versions | |||
CVE-2019-14250 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow (low) | CVE-2019-14250 | Low | 8:libgomp | All Versions | |||
CVE-2019-14250 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow (low) | CVE-2019-14250 | Low | 8:binutils | All Versions | |||
CVE-2019-14250 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow (low) | CVE-2019-14250 | Low | 8:gcc | All Versions | |||
CVE-2019-14250 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow (low) | CVE-2019-14250 | Low | 8:gcc-c++ | All Versions | |||
CVE-2019-14250 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow (low) | CVE-2019-14250 | Low | 8:cpp | All Versions | |||
CVE-2019-14250 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow (low) | CVE-2019-14250 | Low | 8:gcc-gdb-plugin | All Versions | |||
CVE-2019-6128 libtiff: memory leak in TIFFFdOpen function in tif_unix.c when using pal2rgb (low) | CVE-2019-6128 | Low | 8:libtiff | All Versions | |||
CVE-2019-13012 glib2: insecure permissions for files and directories (low) | CVE-2019-13012 | Low | 8:glib2 | All Versions | |||
CVE-2019-20633 patch: double free in another_hunk function in pch.c (low) | CVE-2019-20633 | Low | 8:patch | All Versions | |||
CVE-2019-9923 tar: null-pointer dereference in pax_decode_header in sparse.c (low) | CVE-2019-9923 | Low | 8:tar | All Versions | |||
CVE-2020-14155 pcre: integer overflow in libpcre (low) | CVE-2020-14155 | Low | 8:pcre | All Versions | |||
CVE-2020-16135 libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL (low) | CVE-2020-16135 | Low | 8:libssh | All Versions | |||
CVE-2020-16135 libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL (low) | CVE-2020-16135 | Low | 8:libssh-config | All Versions | |||
CVE-2018-15919 openssh: User enumeration via malformed packets in authentication requests (low) | CVE-2018-15919 | Low | 8:openssh-clients | All Versions | |||
CVE-2018-15919 openssh: User enumeration via malformed packets in authentication requests (low) | CVE-2018-15919 | Low | 8:openssh | All Versions | |||
CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop (low) | CVE-2020-27618 | Low | 8:glibc | All Versions | |||
CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop (low) | CVE-2020-27618 | Low | 8:glibc-common | All Versions | |||
CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop (low) | CVE-2020-27618 | Low | 8:glibc-minimal-langpack | All Versions | |||
CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop (low) | CVE-2020-27618 | Low | 8:glibc-locale-source | All Versions | |||
CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop (low) | CVE-2020-27618 | Low | 8:glibc-langpack-en | All Versions | |||
CVE-2020-8231 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set (low) |
CVE-2020-8231 | Low | 8:curl | All Versions | |||
CVE-2020-8231 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set (low) |
CVE-2020-8231 | Low | 8:libcurl | All Versions | |||
CVE-2020-35512 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour (low) | CVE-2020-35512 | Low | 8:dbus | All Versions | |||
CVE-2020-35512 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour (low) | CVE-2020-35512 | Low | 8:dbus-common | All Versions | |||
CVE-2020-35512 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour (low) | CVE-2020-35512 | Low | 8:dbus-daemon | All Versions | |||
CVE-2020-35512 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour (low) | CVE-2020-35512 | Low | 8:dbus-libs | All Versions | |||
CVE-2020-35512 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour (low) | CVE-2020-35512 | Low | 8:dbus-tools | All Versions | |||
CVE-2020-35521 libtiff: Memory allocation failure in tiff2rgba (low) | CVE-2020-35521 | Low | 8:libtiff | All Versions | |||
CVE-2020-35494 binutils: usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c | CVE-2020-35494 | Low | 8:binutils | All Versions | |||
CVE-2020-35496 binutils: NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c | CVE-2020-35496 | Low | 8:binutils | All Versions |
I see that version 1.2.5 was released, but there are still medium and high CVEs (List from Twsitlock Scanner)
Repository | Tag | CVE ID | Severity | Packages | Package Version | Fix Status | Description |
---|---|---|---|---|---|---|---|
splunk/fluentd-hec | 1.2.5 | CVE-2020-7774 | high | y18n | 4.0.0 | fixed in 5.0.5, 4.0.1, 3.2.2 | This affects the package y18n before 3.2.2, 4.0.1 and 5.0.5. PoC by po6ix: const y18n = require(\'y18n\')(); y18n.setLocale(\'proto\'); y18n.updateLocale({polluted: true}); console.log(polluted); // true |
splunk/fluentd-hec | 1.2.5 | CVE-2021-23362 | medium | hosted-git-info | 2.8.8 | fixed in 3.0.8 | The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity. |
splunk/fluentd-hec | 1.2.5 | CVE-2020-7754 | high | npm-user-validate | 1.0.0 | fixed in 1.0.1 | This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters. |
splunk/fluentd-hec | 1.2.5 | CVE-2021-27290 | high | ssri | 6.0.1 | fixed in 8.0.1 | ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option. |
splunk/fluentd-hec | 1.2.5 | CVE-2020-8287 | medium | node | 14.15.1 | fixed in 10.23.1 | Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. |
splunk/fluentd-hec | 1.2.5 | CVE-2020-8265 | high | node | 14.15.1 | fixed in 10.23.1 | Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits. |
splunk/fluentd-hec | 1.2.5 | CVE-2021-22883 | high | node | 14.15.1 | fixed in 10.24.0 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an \'unknownProtocol\' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory. |
splunk/fluentd-hec | 1.2.5 | CVE-2021-22884 | high | node | 14.15.1 | fixed in 10.24.0 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim\'s DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160. |
splunk/fluentd-hec | 1.2.5 | CVE-2020-8287 | medium | node | 14.15.1 | fixed in 10.23.1 | Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. |
splunk/fluentd-hec | 1.2.5 | CVE-2020-8265 | high | node | 14.15.1 | fixed in 10.23.1 | Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits. |
splunk/fluentd-hec | 1.2.5 | CVE-2021-22883 | high | node | 14.15.1 | fixed in 10.24.0 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an \'unknownProtocol\' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory. |
splunk/fluentd-hec | 1.2.5 | CVE-2021-22884 | high | node | 14.15.1 | fixed in 10.24.0 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim\'s DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160. |
we now on 1.47,looks way better.Listing below which only has fix.
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns="http://www.w3.org/TR/REC-html40">
cves | description | feed_rating | fixed_version | link | package_name | package_version | score | score_v3 | severity -- | -- | -- | -- | -- | -- | -- | -- | -- | -- CVE-2020-25694,CVE-2020-25696 | The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. The following packages have been upgraded to a later upstream version: libpq (12.5). (BZ#1898226, BZ#1901561) Security Fix(es): * postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) * postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. | Important | 12.5-2.el8_1 | https://access.redhat.com/errata/RHSA-2021:0165 | libpq | 12.5-1.el8_3 | 6.8 | 8.1 | High CVE-2020-25694,CVE-2020-25696 | The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. The following packages have been upgraded to a later upstream version: libpq (12.5). (BZ#1898226, BZ#1901561) Security Fix(es): * postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) * postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. | Important | 12.5-2.el8_1 | https://access.redhat.com/errata/RHSA-2021:0165 | libpq-devel | 12.5-1.el8_3 | 6.8 | 8.1 | High CVE-2020-7774 | Prototype Pollution `y18n` before versions 3.2.2, 4.0.1, and 5.0.5 is vulnerable to prototype pollution. ## POC ``` const y18n = require('y18n')(); y18n.setLocale('__proto__'); y18n.updateLocale({polluted: true}); console.log(polluted); // true ``` recommendation: Upgrade to version 3.2.2, 4.0.1, 5.0.5 or latercwe=(CWE-1321) | | >=5.0.5; OR >=4.0.1;<5.0.0; OR >=3.2.2;<4.0.0 | https://www.npmjs.com/advisories/1654 | usr/local/lib/node_modules/npm/node_modules/y18n/package.json | 4.0.0 | 7.5 | 7.3 | High CVE-2020-7774 | Prototype Pollution `y18n` before versions 3.2.2, 4.0.1, and 5.0.5 is vulnerable to prototype pollution. ## POC ``` const y18n = require('y18n')(); y18n.setLocale('__proto__'); y18n.updateLocale({polluted: true}); console.log(polluted); // true ``` recommendation: Upgrade to version 3.2.2, 4.0.1, 5.0.5 or latercwe=(CWE-1321) | | >=5.0.5; OR >=4.0.1;<5.0.0; OR >=3.2.2;<4.0.0 | https://www.npmjs.com/advisories/1654 | usr/local/n/versions/node/14.15.1/lib/node_modules/npm/node_modules/y18n/package.json | 4.0.0 | 7.5 | 7.3 | High CVE-2020-8165 | Potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore/nThere is potentially unexpected behaviour in the MemCacheStore and RedisCacheStore where, when untrusted user input is written to the cache store using the `raw: true` parameter, re-reading the result from the cache can evaluate the user input as a Marshalled object instead of plain text. Vulnerable code looks like: ``` data = cache.fetch('demo', raw: true) { untrusted_string } ``` Versions Affected: rails < 5.2.5, rails < 6.0.4 Not affected: Applications not using MemCacheStore or RedisCacheStore. Applications that do not use the `raw` option when storing untrusted user input. Fixed Versions: rails >= 5.2.4.3, rails >= 6.0.3.1 Impact ------ Unmarshalling of untrusted user input can have impact up to and including RCE. At a minimum, this vulnerability allows an attacker to inject untrusted Ruby objects into a web application. In addition to upgrading to the latest versions of Rails, developers should ensure that whenever they are calling `Rails.cache.fetch` they are using consistent values of the `raw` parameter for both reading and writing, especially in the case of the RedisCacheStore which does not, prior to these changes, detect if data was serialized using the raw option upon deserialization. Workarounds ----------- It is recommended that application developers apply the suggested patch or upgrade to the latest release as soon as possible. If this is not possible, we recommend ensuring that all user-provided strings cached using the `raw` argument should be double-checked to ensure that they conform to the expected format. | | >=5.2.4.3,5.2; OR >=6.0.3.1 | https://groups.google.com/forum/#!topic/rubyonrails-security/bv6fW4S0Y1c | usr/share/gems/specifications/activesupport-5.2.4.5 | 5.2.4.5 | 7.5 | 9.8 | High CVE-2021-28965 | Red Hat's versions of the associated software have been determined to NOT be affected by CVE-2021-28965. | | >=3.2.5 | https://access.redhat.com/security/cve/CVE-2021-28965 | usr/share/gems/specifications/default/rexml-3.2.3 | 3.2.3 | 5 | 7.5 | High CVE-2020-25613 | An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. | >=1.6.1 | https://access.redhat.com/security/cve/CVE-2020-25613 | usr/share/gems/specifications/default/webrick-1.6.0 | 1.6.0 | 5 | 7.5 | High CVE-2019-3866 | DOCUMENTATION: An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information. STATEMENT: In Red Hat OpenStack Platform 10/13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP10/13 openstack-mistral package. MITIGATION: Plain text information can be masked by ensuring that all mistral log files are not world readable. | Moderate | 1:2.8.0-1.el8ost | https://access.redhat.com/security/cve/CVE-2019-3866 | python3-dateutil | 1:2.6.1-6.el8 | 2.1 | 5.5 | Medium CVE-2019-3866 | DOCUMENTATION: An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information. STATEMENT: In Red Hat OpenStack Platform 10/13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP10/13 openstack-mistral package. MITIGATION: Plain text information can be masked by ensuring that all mistral log files are not world readable. | Moderate | 1.12.0-1.el8ost | https://access.redhat.com/security/cve/CVE-2019-3866 | python3-six | 1.11.0-8.el8 | 2.1 | 5.5 | Medium | Denial of Service Versions of `protobufjs` before 5.0.3 and 6.8.6 are vulnerable to denial of service when parsing crafted invalid *.proto files. recommendation: Update to version 5.0.3, 6.8.6 or later.cwe=(CWE-400) | | >=6.0.2;<7.0.0; OR >=8.0.1 | https://www.npmjs.com/advisories/605 | usr/local/lib/node_modules/npm/node_modules/ssri/package.json | 6.0.1 | 0 | 0 | Medium | Denial of Service Versions of `protobufjs` before 5.0.3 and 6.8.6 are vulnerable to denial of service when parsing crafted invalid *.proto files. recommendation: Update to version 5.0.3, 6.8.6 or later.cwe=(CWE-400) | | >=6.0.2;<7.0.0; OR >=8.0.1 | https://www.npmjs.com/advisories/605 | usr/local/n/versions/node/14.15.1/lib/node_modules/npm/node_modules/ssri/package.json | 6.0.1 | 0 | 0 | Medium CVE-2021-31799 | RDoc OS command injection vulnerability/nRDoc used to call `Kernel#open` to open a local file. If a Ruby project has a file whose name starts with `\|` and ends with `tags`, the command following the pipe character is executed. A malicious Ruby project could exploit it to run an arbitrary command execution against a user who attempts to run `rdoc` command. | | >=6.3.1 | https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/ | usr/share/gems/specifications/rdoc-6.2.1 | 6.2.1 | 5 | 5 | Medium
Hello,
We have deployed v1.4.3 in our environment and our security scan through twistlock has identified lots of high and important security vulnerabilities in splunk connect for K8s. Following are the CVE ids for the vulnerabilities. Are these going to be addressed? If so, what is the timeline?
CVE-2018-1000500 CVE-2020-14363 CVE-2020-8252 CVE-2020-25613 CVE-2020-10663 CVE-2020-8116 CVE-2020-15999