Skip to content

dockerhub.hi.inet evolved 5g validation zortenetnetapp zortenetnetapp grafana

Evolved5G edited this page Sep 26, 2023 · 11 revisions

Scan of image: dockerhub.hi.inet/evolved-5g/validation/zortenetnetapp/zortenetnetapp-grafana


Summary

Severity Number of vulnerabilities
CRITICAL 1
HIGH 27
MEDIUM 178
LOW 97

Vulnerabilities

Severity ID Title PkgName InstalledVersion FixedVersion
CRITICAL CVE-2022-41912 Authentication bypass when processing SAML responses containing multiple Assertion elements github.com/crewjam/saml v0.4.6-0.20201227203850-bca570abb2ce 0.4.9
HIGH CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands libsasl2-2 2.1.27+dfsg-2 2.1.27+dfsg-2ubuntu0.1
HIGH CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands libsasl2-modules 2.1.27+dfsg-2 2.1.27+dfsg-2ubuntu0.1
HIGH CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands libsasl2-modules-db 2.1.27+dfsg-2 2.1.27+dfsg-2ubuntu0.1
HIGH CVE-2022-0778 Infinite loop in BN_mod_sqrt() reachable when parsing certificates libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.12
HIGH CVE-2023-0286 X.400 address type confusion in X.509 GeneralName libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.17
HIGH CVE-2022-0778 Infinite loop in BN_mod_sqrt() reachable when parsing certificates openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.12
HIGH CVE-2023-0286 X.400 address type confusion in X.509 GeneralName openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.17
HIGH CVE-2022-21698 Denial of service using InstrumentHandlerCounter github.com/prometheus/client_golang v1.11.0 1.11.1
HIGH CVE-2021-43565 empty plaintext packet causes panic golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e 0.0.0-20211202192323-5770296d904e
HIGH CVE-2022-27191 crash in a golang.org/x/crypto/ssh server golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e 0.0.0-20220314234659-1baeb1ce4c0b
HIGH CVE-2022-27664 handle server errors after sending GOAWAY golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 0.0.0-20220906165146-f3363e06e74c
HIGH CVE-2022-41723 avoid quadratic complexity in HPACK decoding golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 0.7.0
HIGH CVE-2021-38561 out-of-bounds read in golang.org/x/text/language leads to DoS golang.org/x/text v0.3.6 0.3.7
HIGH CVE-2022-32149 ParseAcceptLanguage takes a long time to parse complex tags golang.org/x/text v0.3.6 0.3.8
HIGH CVE-2022-28948 crash when attempting to deserialize invalid input gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b 3.0.0-20220521103104-8f96da9f5d5e
HIGH CVE-2023-28119 crewjam/saml: Denial Of Service Via Deflate Decompression Bomb github.com/crewjam/saml v0.4.6-0.20201227203850-bca570abb2ce 0.4.13
HIGH CVE-2022-21698 Denial of service using InstrumentHandlerCounter github.com/prometheus/client_golang v1.11.0 1.11.1
HIGH CVE-2020-7711 goxmldsig: sending malformed XML signatures could result in a crash github.com/russellhaering/goxmldsig v1.1.0 1.1.1
HIGH CVE-2020-7731 github.com/russellhaering/gosaml2 is vulnerable to NULL Pointer Dereference github.com/russellhaering/goxmldsig v1.1.0 1.1.1
HIGH GHSA-gq5r-cc4w-g8xf gosaml2 is vulnerable to NULL Pointer Dereference from malformed XML signatures github.com/russellhaering/goxmldsig v1.1.0 1.1.1
HIGH CVE-2021-43565 empty plaintext packet causes panic golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e 0.0.0-20211202192323-5770296d904e
HIGH CVE-2022-27191 crash in a golang.org/x/crypto/ssh server golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e 0.0.0-20220314234659-1baeb1ce4c0b
HIGH CVE-2022-27664 handle server errors after sending GOAWAY golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 0.0.0-20220906165146-f3363e06e74c
HIGH CVE-2022-41723 avoid quadratic complexity in HPACK decoding golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 0.7.0
HIGH CVE-2021-38561 out-of-bounds read in golang.org/x/text/language leads to DoS golang.org/x/text v0.3.6 0.3.7
HIGH CVE-2022-32149 ParseAcceptLanguage takes a long time to parse complex tags golang.org/x/text v0.3.6 0.3.8
HIGH CVE-2022-28948 crash when attempting to deserialize invalid input gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b 3.0.0-20220521103104-8f96da9f5d5e
MEDIUM CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid bsdutils 1:2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-3996 Unauthorized unmount of filesystems in libmount bsdutils 1:2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2022-23491 untrusted root certificates ca-certificates 20210119~20.04.2 20211016ubuntu0.20.04.1
MEDIUM CVE-2022-22576 curl: OAUTH2 bearer bypass in connection re-use curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.10
MEDIUM CVE-2022-27774 curl: credential leak on redirect curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.10
MEDIUM CVE-2022-27782 TLS and SSH connection too eager reuse curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.11
MEDIUM CVE-2022-32206 HTTP compression denial of service curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.12
MEDIUM CVE-2022-32208 FTP-KRB bad message verification curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.12
MEDIUM CVE-2022-32221 POST following PUT confusion curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.14
MEDIUM CVE-2022-43552 Use-after-free triggered by an HTTP proxy deny response curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.15
MEDIUM CVE-2023-23916 HTTP multi-header compression denial of service curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.16
MEDIUM CVE-2023-27535 FTP too eager connection reuse curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.18
MEDIUM CVE-2022-1664 Dpkg::Source::Archive in dpkg, the Debian package management system, b ... dpkg 1.19.7ubuntu3 1.19.7ubuntu3.2
MEDIUM CVE-2022-1304 out-of-bounds read/write via crafted filesystem e2fsprogs 1.45.5-2ubuntu1 1.45.5-2ubuntu1.1
MEDIUM CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid fdisk 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-3996 Unauthorized unmount of filesystems in libmount fdisk 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gpgv 2.2.19-3ubuntu2.1 2.2.19-3ubuntu2.2
MEDIUM CVE-2022-1271 arbitrary-file-write vulnerability gzip 1.10-0ubuntu4 1.10-0ubuntu4.1
MEDIUM CVE-2021-36222 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re krb5-locales 1.17-6ubuntu4.1 1.17-6ubuntu4.3
MEDIUM CVE-2021-37750 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l krb5-locales 1.17-6ubuntu4.1 1.17-6ubuntu4.3
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing krb5-locales 1.17-6ubuntu4.1 1.17-6ubuntu4.2
MEDIUM CVE-2023-36054 Denial of service through freeing uninitialized pointer krb5-locales 1.17-6ubuntu4.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-3116 libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.4
MEDIUM CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid libblkid1 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-3996 Unauthorized unmount of filesystems in libmount libblkid1 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-3999 Off-by-one buffer overflow/underflow in getcwd() libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
MEDIUM CVE-2021-3999 Off-by-one buffer overflow/underflow in getcwd() libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
MEDIUM CVE-2022-1304 out-of-bounds read/write via crafted filesystem libcom-err2 1.45.5-2ubuntu1 1.45.5-2ubuntu1.1
MEDIUM CVE-2022-22576 curl: OAUTH2 bearer bypass in connection re-use libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.10
MEDIUM CVE-2022-27774 curl: credential leak on redirect libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.10
MEDIUM CVE-2022-27782 TLS and SSH connection too eager reuse libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.11
MEDIUM CVE-2022-32206 HTTP compression denial of service libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.12
MEDIUM CVE-2022-32208 FTP-KRB bad message verification libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.12
MEDIUM CVE-2022-32221 POST following PUT confusion libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.14
MEDIUM CVE-2022-43552 Use-after-free triggered by an HTTP proxy deny response libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.15
MEDIUM CVE-2023-23916 HTTP multi-header compression denial of service libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.16
MEDIUM CVE-2023-27535 FTP too eager connection reuse libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.18
MEDIUM CVE-2022-1304 out-of-bounds read/write via crafted filesystem libext2fs2 1.45.5-2ubuntu1 1.45.5-2ubuntu1.1
MEDIUM CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid libfdisk1 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-3996 Unauthorized unmount of filesystems in libmount libfdisk1 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2022-2509 Double free during gnutls_pkcs7_verify libgnutls30 3.6.13-2ubuntu1.6 3.6.13-2ubuntu1.7
MEDIUM CVE-2023-0361 timing side-channel in the TLS RSA key exchange code libgnutls30 3.6.13-2ubuntu1.6 3.6.13-2ubuntu1.8
MEDIUM CVE-2021-36222 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re libgssapi-krb5-2 1.17-6ubuntu4.1 1.17-6ubuntu4.3
MEDIUM CVE-2021-37750 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l libgssapi-krb5-2 1.17-6ubuntu4.1 1.17-6ubuntu4.3
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libgssapi-krb5-2 1.17-6ubuntu4.1 1.17-6ubuntu4.2
MEDIUM CVE-2023-36054 Denial of service through freeing uninitialized pointer libgssapi-krb5-2 1.17-6ubuntu4.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-3116 libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.4
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-3116 libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.4
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-3116 libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.4
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-3116 libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.4
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-3116 libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.4
MEDIUM CVE-2021-36222 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re libk5crypto3 1.17-6ubuntu4.1 1.17-6ubuntu4.3
MEDIUM CVE-2021-37750 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l libk5crypto3 1.17-6ubuntu4.1 1.17-6ubuntu4.3
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libk5crypto3 1.17-6ubuntu4.1 1.17-6ubuntu4.2
MEDIUM CVE-2023-36054 Denial of service through freeing uninitialized pointer libk5crypto3 1.17-6ubuntu4.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-3116 libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.4
MEDIUM CVE-2021-36222 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re libkrb5-3 1.17-6ubuntu4.1 1.17-6ubuntu4.3
MEDIUM CVE-2021-37750 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l libkrb5-3 1.17-6ubuntu4.1 1.17-6ubuntu4.3
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libkrb5-3 1.17-6ubuntu4.1 1.17-6ubuntu4.2
MEDIUM CVE-2023-36054 Denial of service through freeing uninitialized pointer libkrb5-3 1.17-6ubuntu4.1
MEDIUM CVE-2021-36222 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re libkrb5support0 1.17-6ubuntu4.1 1.17-6ubuntu4.3
MEDIUM CVE-2021-37750 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l libkrb5support0 1.17-6ubuntu4.1 1.17-6ubuntu4.3
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libkrb5support0 1.17-6ubuntu4.1 1.17-6ubuntu4.2
MEDIUM CVE-2023-36054 Denial of service through freeing uninitialized pointer libkrb5support0 1.17-6ubuntu4.1
MEDIUM CVE-2022-29155 OpenLDAP SQL injection libldap-2.4-2 2.4.49+dfsg-2ubuntu1.8 2.4.49+dfsg-2ubuntu1.9
MEDIUM CVE-2022-29155 OpenLDAP SQL injection libldap-common 2.4.49+dfsg-2ubuntu1.8 2.4.49+dfsg-2ubuntu1.9
MEDIUM CVE-2020-22916 Denial of service via decompression of crafted file liblzma5 5.2.4-1ubuntu1
MEDIUM CVE-2022-1271 arbitrary-file-write vulnerability liblzma5 5.2.4-1ubuntu1 5.2.4-1ubuntu1.1
MEDIUM CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid libmount1 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-3996 Unauthorized unmount of filesystems in libmount libmount1 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2023-29491 Local users can trigger security-relevant memory corruption via malformed data libncurses6 6.2-0ubuntu2 6.2-0ubuntu2.1
MEDIUM CVE-2023-29491 Local users can trigger security-relevant memory corruption via malformed data libncursesw6 6.2-0ubuntu2 6.2-0ubuntu2.1
MEDIUM CVE-2020-11080 nghttp2: overly large SETTINGS frames can lead to DoS libnghttp2-14 1.40.0-1build1 1.40.0-1ubuntu0.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libroken18-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-3116 libroken18-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libroken18-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libroken18-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libroken18-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libroken18-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libroken18-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.4
MEDIUM CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid libsmartcols1 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-3996 Unauthorized unmount of filesystems in libmount libsmartcols1 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2020-35525 Null pointer derreference in src/select.c libsqlite3-0 3.31.1-4ubuntu0.2 3.31.1-4ubuntu0.4
MEDIUM CVE-2020-35527 Out of bounds access during table rename libsqlite3-0 3.31.1-4ubuntu0.2 3.31.1-4ubuntu0.4
MEDIUM CVE-2022-35737 an array-bounds overflow if billions of bytes are used in a string argument to a C API libsqlite3-0 3.31.1-4ubuntu0.2 3.31.1-4ubuntu0.5
MEDIUM CVE-2022-1304 out-of-bounds read/write via crafted filesystem libss2 1.45.5-2ubuntu1 1.45.5-2ubuntu1.1
MEDIUM CVE-2023-1667 NULL pointer dereference during rekeying with algorithm guessing libssh-4 0.9.3-2ubuntu2.2 0.9.3-2ubuntu2.3
MEDIUM CVE-2023-2283 authorization bypass in pki_verify_data_signature libssh-4 0.9.3-2ubuntu2.2 0.9.3-2ubuntu2.3
MEDIUM CVE-2022-1292 c_rehash script allows command injection libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.13
MEDIUM CVE-2022-2068 the c_rehash script allows command injection libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.15
MEDIUM CVE-2022-2097 AES OCB fails to encrypt some bytes libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.16
MEDIUM CVE-2022-4304 timing attack in RSA Decryption implementation libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.17
MEDIUM CVE-2022-4450 double free after calling PEM_read_bio_ex libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.17
MEDIUM CVE-2023-0215 use-after-free following BIO_new_NDEF libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.17
MEDIUM CVE-2023-2650 Possible DoS translating ASN.1 object identifiers libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.19
MEDIUM CVE-2021-3997 Uncontrolled recursion in systemd-tmpfiles when removing files libsystemd0 245.4-4ubuntu3.13 245.4-4ubuntu3.15
MEDIUM CVE-2022-3821 buffer overrun in format_timespan() function libsystemd0 245.4-4ubuntu3.13 245.4-4ubuntu3.20
MEDIUM CVE-2022-4415 local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting libsystemd0 245.4-4ubuntu3.13 245.4-4ubuntu3.20
MEDIUM CVE-2023-29491 Local users can trigger security-relevant memory corruption via malformed data libtinfo6 6.2-0ubuntu2 6.2-0ubuntu2.1
MEDIUM CVE-2021-3997 Uncontrolled recursion in systemd-tmpfiles when removing files libudev1 245.4-4ubuntu3.13 245.4-4ubuntu3.15
MEDIUM CVE-2022-3821 buffer overrun in format_timespan() function libudev1 245.4-4ubuntu3.13 245.4-4ubuntu3.20
MEDIUM CVE-2022-4415 local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting libudev1 245.4-4ubuntu3.13 245.4-4ubuntu3.20
MEDIUM CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid libuuid1 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-3996 Unauthorized unmount of filesystems in libmount libuuid1 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libwind0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-3116 libwind0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libwind0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libwind0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libwind0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libwind0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libwind0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.4
MEDIUM CVE-2022-1304 out-of-bounds read/write via crafted filesystem logsave 1.45.5-2ubuntu1 1.45.5-2ubuntu1.1
MEDIUM CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid mount 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-3996 Unauthorized unmount of filesystems in libmount mount 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2023-29491 Local users can trigger security-relevant memory corruption via malformed data ncurses-base 6.2-0ubuntu2 6.2-0ubuntu2.1
MEDIUM CVE-2023-29491 Local users can trigger security-relevant memory corruption via malformed data ncurses-bin 6.2-0ubuntu2 6.2-0ubuntu2.1
MEDIUM CVE-2022-1292 c_rehash script allows command injection openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.13
MEDIUM CVE-2022-2068 the c_rehash script allows command injection openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.15
MEDIUM CVE-2022-2097 AES OCB fails to encrypt some bytes openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.16
MEDIUM CVE-2022-4304 timing attack in RSA Decryption implementation openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.17
MEDIUM CVE-2022-4450 double free after calling PEM_read_bio_ex openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.17
MEDIUM CVE-2023-0215 use-after-free following BIO_new_NDEF openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.17
MEDIUM CVE-2023-2650 Possible DoS translating ASN.1 object identifiers openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.19
MEDIUM CVE-2020-16156 Bypass of verification of signatures in CHECKSUMS files perl-base 5.30.0-9ubuntu0.2 5.30.0-9ubuntu0.3
MEDIUM CVE-2023-31484 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS perl-base 5.30.0-9ubuntu0.2 5.30.0-9ubuntu0.4
MEDIUM CVE-2022-48303 heap buffer overflow at from_header() in list.c via specially crafted checksum tar 1.30+dfsg-7ubuntu0.20.04.1 1.30+dfsg-7ubuntu0.20.04.3
MEDIUM CVE-2021-3995 util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid util-linux 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2021-3996 Unauthorized unmount of filesystems in libmount util-linux 2.34-0.1ubuntu9.1 2.34-0.1ubuntu9.3
MEDIUM CVE-2018-25032 A flaw found in zlib when compressing (not decompressing) certain inputs zlib1g 1:1.2.11.dfsg-2ubuntu1.2 1:1.2.11.dfsg-2ubuntu1.3
MEDIUM CVE-2022-37434 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra fie zlib1g 1:1.2.11.dfsg-2ubuntu1.2 1:1.2.11.dfsg-2ubuntu1.5
MEDIUM CVE-2022-46146 authentication bypass via cache poisoning github.com/prometheus/exporter-toolkit v0.6.1 0.7.3, 0.8.2
MEDIUM CVE-2022-29526 faccessat checks wrong group golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069 0.0.0-20220412211240-33da011f77ad
MEDIUM CVE-2021-36157 Grafana Cortex directory traversal github.com/cortexproject/cortex v1.8.2-0.20210428155238-d382e1d80eaf
MEDIUM CVE-2021-36156 Path traversal in Grafana Loki github.com/grafana/loki v1.6.2-0.20210520072447-15d417efe103 2.3.0
MEDIUM CVE-2022-46146 authentication bypass via cache poisoning github.com/prometheus/exporter-toolkit v0.6.1 0.7.3, 0.8.2
MEDIUM CVE-2022-29526 faccessat checks wrong group golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069 0.0.0-20220412211240-33da011f77ad
LOW CVE-2019-18276 bash: when effective UID is not equal to its real UID the saved UID is not dropped bash 5.0-6ubuntu1.1 5.0-6ubuntu1.2
LOW CVE-2016-2781 coreutils: Non-privileged session can escape to the parent session in chroot coreutils 8.30-3ubuntu2
LOW CVE-2022-27775 curl: bad local IPv6 connection reuse curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.10
LOW CVE-2022-27776 curl: auth/cookie leak on redirect curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.10
LOW CVE-2022-27781 CERTINFO never-ending busy-loop curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.11
LOW CVE-2022-35252 Incorrect handling of control code characters in cookies curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.13
LOW CVE-2023-27533 TELNET option IAC injection curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.18
LOW CVE-2023-27534 SFTP path ~ resolving discrepancy curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.18
LOW CVE-2023-27536 GSS delegation too eager connection re-use curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.18
LOW CVE-2023-27538 SSH connection too eager reuse still curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.18
LOW CVE-2023-28321 IDN wildcard match may lead to Improper Cerificate Validation curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.19
LOW CVE-2023-28322 more POST-after-PUT confusion curl 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.19
LOW CVE-2022-3219 denial of service issue (resource consumption) using compressed packets gpgv 2.2.19-3ubuntu2.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
LOW CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2016-20013 libc-bin 2.31-0ubuntu9.2
LOW CVE-2019-25013 buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2020-29562 glibc: assertion failure in iconv when converting invalid UCS4 libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2020-6096 glibc: signed comparison vulnerability in the ARMv7 memcpy function libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2021-27645 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2021-3326 Assertion failure in ISO-2022-JP-3 gconv module related to combining characters libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2021-35942 Arbitrary read in wordexp() libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2022-23218 Stack-based buffer overflow in svcunix_create via long pathnames libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2022-23219 Stack-based buffer overflow in sunrpc clnt_create via a long pathname libc-bin 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2016-20013 libc6 2.31-0ubuntu9.2
LOW CVE-2019-25013 buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2020-29562 glibc: assertion failure in iconv when converting invalid UCS4 libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2020-6096 glibc: signed comparison vulnerability in the ARMv7 memcpy function libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2021-27645 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2021-3326 Assertion failure in ISO-2022-JP-3 gconv module related to combining characters libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2021-35942 Arbitrary read in wordexp() libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2022-23218 Stack-based buffer overflow in svcunix_create via long pathnames libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2022-23219 Stack-based buffer overflow in sunrpc clnt_create via a long pathname libc6 2.31-0ubuntu9.2 2.31-0ubuntu9.7
LOW CVE-2022-27775 curl: bad local IPv6 connection reuse libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.10
LOW CVE-2022-27776 curl: auth/cookie leak on redirect libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.10
LOW CVE-2022-27781 CERTINFO never-ending busy-loop libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.11
LOW CVE-2022-35252 Incorrect handling of control code characters in cookies libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.13
LOW CVE-2023-27533 TELNET option IAC injection libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.18
LOW CVE-2023-27534 SFTP path ~ resolving discrepancy libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.18
LOW CVE-2023-27536 GSS delegation too eager connection re-use libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.18
LOW CVE-2023-27538 SSH connection too eager reuse still libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.18
LOW CVE-2023-28321 IDN wildcard match may lead to Improper Cerificate Validation libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.19
LOW CVE-2023-28322 more POST-after-PUT confusion libcurl4 7.68.0-1ubuntu2.7 7.68.0-1ubuntu2.19
LOW CVE-2021-43618 Integer overflow and resultant buffer overflow via crafted input libgmp10 2:6.2.0+dfsg-4 2:6.2.0+dfsg-4ubuntu0.1
LOW CVE-2021-4209 Null pointer dereference in MD_UPDATE libgnutls30 3.6.13-2ubuntu1.6 3.6.13-2ubuntu1.7
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
LOW CVE-2023-2953 null pointer dereference in ber_memalloc_x function libldap-2.4-2 2.4.49+dfsg-2ubuntu1.8
LOW CVE-2023-2953 null pointer dereference in ber_memalloc_x function libldap-common 2.4.49+dfsg-2ubuntu1.8
LOW CVE-2021-39537 heap-based buffer overflow in _nc_captoinfo() in captoinfo.c libncurses6 6.2-0ubuntu2 6.2-0ubuntu2.1
LOW CVE-2022-29458 segfaulting OOB read libncurses6 6.2-0ubuntu2 6.2-0ubuntu2.1
LOW CVE-2021-39537 heap-based buffer overflow in _nc_captoinfo() in captoinfo.c libncursesw6 6.2-0ubuntu2 6.2-0ubuntu2.1
LOW CVE-2022-29458 segfaulting OOB read libncursesw6 6.2-0ubuntu2 6.2-0ubuntu2.1
LOW CVE-2022-28321 pam: authentication bypass for SSH logins libpam-modules 1.3.1-5ubuntu4.3 1.3.1-5ubuntu4.4
LOW CVE-2022-28321 pam: authentication bypass for SSH logins libpam-modules-bin 1.3.1-5ubuntu4.3 1.3.1-5ubuntu4.4
LOW CVE-2022-28321 pam: authentication bypass for SSH logins libpam-runtime 1.3.1-5ubuntu4.3 1.3.1-5ubuntu4.4
LOW CVE-2022-28321 pam: authentication bypass for SSH logins libpam0g 1.3.1-5ubuntu4.3 1.3.1-5ubuntu4.4
LOW CVE-2022-1586 Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c libpcre2-8-0 10.34-7 10.34-7ubuntu0.1
LOW CVE-2022-1587 Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c libpcre2-8-0 10.34-7 10.34-7ubuntu0.1
LOW CVE-2017-11164 OP_KETRMAX feature in the match function in pcre_exec.c libpcre3 2:8.39-12build1
LOW CVE-2019-20838 pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 libpcre3 2:8.39-12build1 2:8.39-12ubuntu0.1
LOW CVE-2020-14155 pcre: Integer overflow when parsing callout numeric arguments libpcre3 2:8.39-12build1 2:8.39-12ubuntu0.1
LOW CVE-2023-4016 ps buffer overflow libprocps8 2:3.3.16-1ubuntu2.3
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libroken18-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
LOW CVE-2021-36084 libsepol: use-after-free in __cil_verify_classperms() libsepol1 3.0-1 3.0-1ubuntu0.1
LOW CVE-2021-36085 libsepol: use-after-free in __cil_verify_classperms() libsepol1 3.0-1 3.0-1ubuntu0.1
LOW CVE-2021-36086 use-after-free in cil_reset_classpermission() libsepol1 3.0-1 3.0-1ubuntu0.1
LOW CVE-2021-36087 libsepol: heap-based buffer overflow in ebitmap_match_any() libsepol1 3.0-1 3.0-1ubuntu0.1
LOW CVE-2021-36690 A segmentation fault can occur in the sqlite3.exe command-line compone ... libsqlite3-0 3.31.1-4ubuntu0.2 3.31.1-4ubuntu0.3
LOW CVE-2023-0464 Denial of service by excessive resource usage in verifying X509 policy constraints libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.18
LOW CVE-2023-0465 Invalid certificate policies in leaf certificates are silently ignored libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.18
LOW CVE-2023-0466 Certificate policy check not enabled libssl1.1 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.18
LOW CVE-2023-26604 privilege escalation via the less pager libsystemd0 245.4-4ubuntu3.13
LOW CVE-2021-39537 heap-based buffer overflow in _nc_captoinfo() in captoinfo.c libtinfo6 6.2-0ubuntu2 6.2-0ubuntu2.1
LOW CVE-2022-29458 segfaulting OOB read libtinfo6 6.2-0ubuntu2 6.2-0ubuntu2.1
LOW CVE-2023-26604 privilege escalation via the less pager libudev1 245.4-4ubuntu3.13
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libwind0-heimdal 7.7.0+dfsg-1ubuntu1 7.7.0+dfsg-1ubuntu1.1
LOW CVE-2013-4235 shadow-utils: TOCTOU race conditions by copying and removing directory trees login 1:4.8.1-1ubuntu5.20.04.1
LOW CVE-2023-29383 Improper input validation in shadow-utils package utility chfn login 1:4.8.1-1ubuntu5.20.04.1
LOW CVE-2021-39537 heap-based buffer overflow in _nc_captoinfo() in captoinfo.c ncurses-base 6.2-0ubuntu2 6.2-0ubuntu2.1
LOW CVE-2022-29458 segfaulting OOB read ncurses-base 6.2-0ubuntu2 6.2-0ubuntu2.1
LOW CVE-2021-39537 heap-based buffer overflow in _nc_captoinfo() in captoinfo.c ncurses-bin 6.2-0ubuntu2 6.2-0ubuntu2.1
LOW CVE-2022-29458 segfaulting OOB read ncurses-bin 6.2-0ubuntu2 6.2-0ubuntu2.1
LOW CVE-2023-0464 Denial of service by excessive resource usage in verifying X509 policy constraints openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.18
LOW CVE-2023-0465 Invalid certificate policies in leaf certificates are silently ignored openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.18
LOW CVE-2023-0466 Certificate policy check not enabled openssl 1.1.1f-1ubuntu2.8 1.1.1f-1ubuntu2.18
LOW CVE-2013-4235 shadow-utils: TOCTOU race conditions by copying and removing directory trees passwd 1:4.8.1-1ubuntu5.20.04.1
LOW CVE-2023-29383 Improper input validation in shadow-utils package utility chfn passwd 1:4.8.1-1ubuntu5.20.04.1
LOW CVE-2023-4016 ps buffer overflow procps 2:3.3.16-1ubuntu2.3
LOW CVE-2021-20193 tar: Memory leak in read_header() in list.c tar 1.30+dfsg-7ubuntu0.20.04.1 1.30+dfsg-7ubuntu0.20.04.2

Date: 2023-09-26