-
Notifications
You must be signed in to change notification settings - Fork 0
dockerhub.hi.inet evolved 5g validation umacsicnetapp umacsicnetapp serene_keller
Evolved5G edited this page Sep 20, 2023
·
3 revisions
| Severity | Number of vulnerabilities |
|---|---|
| CRITICAL | 1 |
| HIGH | 29 |
| MEDIUM | 47 |
| LOW | 96 |
| UNKNOWN | 1 |
| Severity | ID | Title | PkgName | InstalledVersion | FixedVersion |
|---|---|---|---|---|---|
| CRITICAL | CVE-2019-8457 | heap out-of-bound read in function rtreenode() | libdb5.3 | 5.3.28+dfsg1-0.5 | |
| HIGH | CVE-2022-1304 | out-of-bounds read/write via crafted filesystem | e2fsprogs | 1.44.5-1+deb10u3 | |
| HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | gcc-8-base | 8.3.0-6 | |
| HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | gcc-8-base | 8.3.0-6 | |
| HIGH | CVE-2020-1751 | glibc: array overflow in backtrace functions for powerpc | libc-bin | 2.28-10+deb10u2 | |
| HIGH | CVE-2023-4813 | potential use-after-free in gaih_inet() | libc-bin | 2.28-10+deb10u2 | |
| HIGH | CVE-2020-1751 | glibc: array overflow in backtrace functions for powerpc | libc6 | 2.28-10+deb10u2 | |
| HIGH | CVE-2023-4813 | potential use-after-free in gaih_inet() | libc6 | 2.28-10+deb10u2 | |
| HIGH | CVE-2022-1304 | out-of-bounds read/write via crafted filesystem | libcom-err2 | 1.44.5-1+deb10u3 | |
| HIGH | CVE-2022-1304 | out-of-bounds read/write via crafted filesystem | libext2fs2 | 1.44.5-1+deb10u3 | |
| HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libgcc1 | 1:8.3.0-6 | |
| HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libgcc1 | 1:8.3.0-6 | |
| HIGH | CVE-2021-33560 | libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channe | libgcrypt20 | 1.8.4-5+deb10u1 | |
| HIGH | CVE-2019-12290 | GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ... | libidn2-0 | 2.0.5-1+deb10u1 | |
| HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | libncursesw6 | 6.1+20181013-2+deb10u3 | |
| HIGH | CVE-2019-19603 | sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS | libsqlite3-0 | 3.27.2-3+deb10u2 | |
| HIGH | CVE-2021-31239 | denial of service via the appendvfs.c function | libsqlite3-0 | 3.27.2-3+deb10u2 | |
| HIGH | CVE-2022-1304 | out-of-bounds read/write via crafted filesystem | libss2 | 1.44.5-1+deb10u3 | |
| HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libstdc++6 | 8.3.0-6 | |
| HIGH | CVE-2019-15847 | gcc: POWER9 "DARN" RNG intrinsic produces repeated output | libstdc++6 | 8.3.0-6 | |
| HIGH | CVE-2019-3843 | systemd: services with DynamicUser can create SUID/SGID binaries | libsystemd0 | 241-7~deb10u9 | |
| HIGH | CVE-2019-3844 | systemd: services with DynamicUser can get new privileges and create SGID binaries | libsystemd0 | 241-7~deb10u9 | |
| HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | libtinfo6 | 6.1+20181013-2+deb10u3 | |
| HIGH | CVE-2019-3843 | systemd: services with DynamicUser can create SUID/SGID binaries | libudev1 | 241-7~deb10u9 | |
| HIGH | CVE-2019-3844 | systemd: services with DynamicUser can get new privileges and create SGID binaries | libudev1 | 241-7~deb10u9 | |
| HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | ncurses-base | 6.1+20181013-2+deb10u3 | |
| HIGH | CVE-2023-29491 | Local users can trigger security-relevant memory corruption via malformed data | ncurses-bin | 6.1+20181013-2+deb10u3 | |
| HIGH | CVE-2020-16156 | Bypass of verification of signatures in CHECKSUMS files | perl-base | 5.28.1-6+deb10u1 | |
| HIGH | CVE-2023-31484 | CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS | perl-base | 5.28.1-6+deb10u1 | |
| HIGH | CVE-2022-40897 | Regular Expression Denial of Service (ReDoS) in package_index.py | setuptools | 57.5.0 | 65.5.1 |
| MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | gcc-8-base | 8.3.0-6 | |
| MEDIUM | CVE-2023-4806 | potential use-after-free in getaddrinfo() | libc-bin | 2.28-10+deb10u2 | |
| MEDIUM | CVE-2023-4806 | potential use-after-free in getaddrinfo() | libc6 | 2.28-10+deb10u2 | |
| MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libgcc1 | 1:8.3.0-6 | |
| MEDIUM | CVE-2019-13627 | ECDSA timing attack allowing private key leak | libgcrypt20 | 1.8.4-5+deb10u1 | |
| MEDIUM | CVE-2020-19185 | 1373 | libncursesw6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19186 | 66 | libncursesw6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19187 | 1100 | libncursesw6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19188 | 1116 | libncursesw6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19189 | 997 | libncursesw6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19190 | 70 | libncursesw6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-14155 | pcre: Integer overflow when parsing callout numeric arguments | libpcre3 | 2:8.39-12 | |
| MEDIUM | CVE-2019-19645 | sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TAB | libsqlite3-0 | 3.27.2-3+deb10u2 | |
| MEDIUM | CVE-2019-19924 | sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rew | libsqlite3-0 | 3.27.2-3+deb10u2 | |
| MEDIUM | CVE-2020-13631 | sqlite: Virtual table can be renamed into the name of one of its shadow tables | libsqlite3-0 | 3.27.2-3+deb10u2 | |
| MEDIUM | CVE-2023-3446 | Excessive time spent checking DH keys and parameters | libssl1.1 | 1.1.1n-0+deb10u5 | 1.1.1n-0+deb10u6 |
| MEDIUM | CVE-2023-3817 | Excessive time spent checking DH q parameter value | libssl1.1 | 1.1.1n-0+deb10u5 | 1.1.1n-0+deb10u6 |
| MEDIUM | CVE-2023-4039 | -fstack-protector fails to guard dynamic stack allocations on ARM64 | libstdc++6 | 8.3.0-6 | |
| MEDIUM | CVE-2021-3997 | Uncontrolled recursion in systemd-tmpfiles when removing files | libsystemd0 | 241-7~deb10u9 | |
| MEDIUM | CVE-2022-3821 | buffer overrun in format_timespan() function | libsystemd0 | 241-7~deb10u9 | 241-7~deb10u10 |
| MEDIUM | CVE-2022-4415 | systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setti | libsystemd0 | 241-7~deb10u9 | |
| MEDIUM | CVE-2020-19185 | 1373 | libtinfo6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19186 | 66 | libtinfo6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19187 | 1100 | libtinfo6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19188 | 1116 | libtinfo6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19189 | 997 | libtinfo6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19190 | 70 | libtinfo6 | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2021-3997 | Uncontrolled recursion in systemd-tmpfiles when removing files | libudev1 | 241-7~deb10u9 | |
| MEDIUM | CVE-2022-3821 | buffer overrun in format_timespan() function | libudev1 | 241-7~deb10u9 | 241-7~deb10u10 |
| MEDIUM | CVE-2022-4415 | systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setti | libudev1 | 241-7~deb10u9 | |
| MEDIUM | CVE-2023-4641 | possible password leak during passwd(1) change | login | 1:4.5-1.1 | |
| MEDIUM | CVE-2020-19185 | 1373 | ncurses-base | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19186 | 66 | ncurses-base | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19187 | 1100 | ncurses-base | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19188 | 1116 | ncurses-base | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19189 | 997 | ncurses-base | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19190 | 70 | ncurses-base | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19185 | 1373 | ncurses-bin | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19186 | 66 | ncurses-bin | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19187 | 1100 | ncurses-bin | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19188 | 1116 | ncurses-bin | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19189 | 997 | ncurses-bin | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2020-19190 | 70 | ncurses-bin | 6.1+20181013-2+deb10u3 | |
| MEDIUM | CVE-2023-3446 | Excessive time spent checking DH keys and parameters | openssl | 1.1.1n-0+deb10u5 | 1.1.1n-0+deb10u6 |
| MEDIUM | CVE-2023-3817 | Excessive time spent checking DH q parameter value | openssl | 1.1.1n-0+deb10u5 | 1.1.1n-0+deb10u6 |
| MEDIUM | CVE-2023-4641 | possible password leak during passwd(1) change | passwd | 1:4.5-1.1 | |
| MEDIUM | CVE-2021-31879 | authorization header disclosure on redirect | wget | 1.20.1-1.1 | |
| LOW | CVE-2011-3374 | It was found that apt-key in apt, all versions, do not correctly valid ... | apt | 1.8.2.3 | |
| LOW | CVE-2019-18276 | bash: when effective UID is not equal to its real UID the saved UID is not dropped | bash | 5.0-4 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | bsdutils | 1:2.33.1-0.1 | |
| LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | bsdutils | 1:2.33.1-0.1 | |
| LOW | CVE-2016-2781 | coreutils: Non-privileged session can escape to the parent session in chroot | coreutils | 8.30-3 | |
| LOW | CVE-2017-18018 | coreutils: race condition vulnerability in chown and chgrp | coreutils | 8.30-3 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | fdisk | 2.33.1-0.1 | |
| LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | fdisk | 2.33.1-0.1 | |
| LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gpgv | 2.2.12-1+deb10u2 | |
| LOW | CVE-2022-3219 | denial of service issue (resource consumption) using compressed packets | gpgv | 2.2.12-1+deb10u2 | |
| LOW | CVE-2011-3374 | It was found that apt-key in apt, all versions, do not correctly valid ... | libapt-pkg5.0 | 1.8.2.3 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libblkid1 | 2.33.1-0.1 | |
| LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | libblkid1 | 2.33.1-0.1 | |
| LOW | CVE-2010-4756 | glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres | libc-bin | 2.28-10+deb10u2 | |
| LOW | CVE-2018-20796 | glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c | libc-bin | 2.28-10+deb10u2 | |
| LOW | CVE-2019-1010022 | glibc: stack guard protection bypass | libc-bin | 2.28-10+deb10u2 | |
| LOW | CVE-2019-1010023 | glibc: running ldd on malicious ELF leads to code execution because of wrong size computation | libc-bin | 2.28-10+deb10u2 | |
| LOW | CVE-2019-1010024 | glibc: ASLR bypass using cache of thread stack and heap | libc-bin | 2.28-10+deb10u2 | |
| LOW | CVE-2019-1010025 | glibc: information disclosure of heap addresses of pthread_created thread | libc-bin | 2.28-10+deb10u2 | |
| LOW | CVE-2019-9192 | glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c | libc-bin | 2.28-10+deb10u2 | |
| LOW | CVE-2010-4756 | glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expres | libc6 | 2.28-10+deb10u2 | |
| LOW | CVE-2018-20796 | glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c | libc6 | 2.28-10+deb10u2 | |
| LOW | CVE-2019-1010022 | glibc: stack guard protection bypass | libc6 | 2.28-10+deb10u2 | |
| LOW | CVE-2019-1010023 | glibc: running ldd on malicious ELF leads to code execution because of wrong size computation | libc6 | 2.28-10+deb10u2 | |
| LOW | CVE-2019-1010024 | glibc: ASLR bypass using cache of thread stack and heap | libc6 | 2.28-10+deb10u2 | |
| LOW | CVE-2019-1010025 | glibc: information disclosure of heap addresses of pthread_created thread | libc6 | 2.28-10+deb10u2 | |
| LOW | CVE-2019-9192 | glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c | libc6 | 2.28-10+deb10u2 | |
| LOW | CVE-2013-0340 | expat: internal entity expansion | libexpat1 | 2.2.6-2+deb10u6 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libfdisk1 | 2.33.1-0.1 | |
| LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | libfdisk1 | 2.33.1-0.1 | |
| LOW | CVE-2018-6829 | libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintex | libgcrypt20 | 1.8.4-5+deb10u1 | |
| LOW | CVE-2011-3389 | HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) | libgnutls30 | 3.6.7-4+deb10u10 | |
| LOW | CVE-2019-17543 | lz4: heap-based buffer overflow in LZ4_write32 | liblz4-1 | 1.8.3-1+deb10u1 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libmount1 | 2.33.1-0.1 | |
| LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | libmount1 | 2.33.1-0.1 | |
| LOW | CVE-2021-39537 | heap-based buffer overflow in _nc_captoinfo() in captoinfo.c | libncursesw6 | 6.1+20181013-2+deb10u3 | |
| LOW | CVE-2022-41409 | Integer overflow vulnerability in pcre2test before 10.41 allows attack ... | libpcre2-8-0 | 10.32-5+deb10u1 | |
| LOW | CVE-2017-11164 | OP_KETRMAX feature in the match function in pcre_exec.c | libpcre3 | 2:8.39-12 | |
| LOW | CVE-2017-16231 | pcre: self-recursive call in match() in pcre_exec.c leads to denial of service | libpcre3 | 2:8.39-12 | |
| LOW | CVE-2017-7245 | stack-based buffer overflow write in pcre32_copy_substring | libpcre3 | 2:8.39-12 | |
| LOW | CVE-2017-7246 | stack-based buffer overflow write in pcre32_copy_substring | libpcre3 | 2:8.39-12 | |
| LOW | CVE-2019-20838 | pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 | libpcre3 | 2:8.39-12 | |
| LOW | CVE-2019-9893 | libseccomp: incorrect generation of syscall filters in libseccomp | libseccomp2 | 2.3.3-4 | |
| LOW | CVE-2021-36084 | libsepol: use-after-free in __cil_verify_classperms() | libsepol1 | 2.8-1 | |
| LOW | CVE-2021-36085 | libsepol: use-after-free in __cil_verify_classperms() | libsepol1 | 2.8-1 | |
| LOW | CVE-2021-36086 | use-after-free in cil_reset_classpermission() | libsepol1 | 2.8-1 | |
| LOW | CVE-2021-36087 | libsepol: heap-based buffer overflow in ebitmap_match_any() | libsepol1 | 2.8-1 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libsmartcols1 | 2.33.1-0.1 | |
| LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | libsmartcols1 | 2.33.1-0.1 | |
| LOW | CVE-2019-19244 | sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain | libsqlite3-0 | 3.27.2-3+deb10u2 | |
| LOW | CVE-2020-11656 | sqlite: use-after-free in the ALTER TABLE implementation | libsqlite3-0 | 3.27.2-3+deb10u2 | |
| LOW | CVE-2021-36690 | A segmentation fault can occur in the sqlite3.exe command-line compone ... | libsqlite3-0 | 3.27.2-3+deb10u2 | |
| LOW | CVE-2021-45346 | sqlite: crafted SQL query allows a malicious user to obtain sensitive information | libsqlite3-0 | 3.27.2-3+deb10u2 | |
| LOW | CVE-2022-35737 | an array-bounds overflow if billions of bytes are used in a string argument to a C API | libsqlite3-0 | 3.27.2-3+deb10u2 | |
| LOW | CVE-2007-6755 | Dual_EC_DRBG: weak pseudo random number generator | libssl1.1 | 1.1.1n-0+deb10u5 | |
| LOW | CVE-2010-0928 | openssl: RSA authentication weakness | libssl1.1 | 1.1.1n-0+deb10u5 | |
| LOW | CVE-2013-4392 | TOCTOU race condition when updating file permissions and SELinux security contexts | libsystemd0 | 241-7~deb10u9 | |
| LOW | CVE-2019-20386 | systemd: memory leak in button_open() in login/logind-button.c when udev events are received | libsystemd0 | 241-7~deb10u9 | |
| LOW | CVE-2020-13529 | systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t | libsystemd0 | 241-7~deb10u9 | |
| LOW | CVE-2023-31437 | An issue was discovered in systemd 253. An attacker can modify a seale ... | libsystemd0 | 241-7~deb10u9 | |
| LOW | CVE-2023-31438 | An issue was discovered in systemd 253. An attacker can truncate a sea ... | libsystemd0 | 241-7~deb10u9 | |
| LOW | CVE-2023-31439 | An issue was discovered in systemd 253. An attacker can modify the con ... | libsystemd0 | 241-7~deb10u9 | |
| LOW | CVE-2018-1000654 | libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion | libtasn1-6 | 4.13-3+deb10u1 | |
| LOW | CVE-2021-39537 | heap-based buffer overflow in _nc_captoinfo() in captoinfo.c | libtinfo6 | 6.1+20181013-2+deb10u3 | |
| LOW | CVE-2013-4392 | TOCTOU race condition when updating file permissions and SELinux security contexts | libudev1 | 241-7~deb10u9 | |
| LOW | CVE-2019-20386 | systemd: memory leak in button_open() in login/logind-button.c when udev events are received | libudev1 | 241-7~deb10u9 | |
| LOW | CVE-2020-13529 | systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t | libudev1 | 241-7~deb10u9 | |
| LOW | CVE-2023-31437 | An issue was discovered in systemd 253. An attacker can modify a seale ... | libudev1 | 241-7~deb10u9 | |
| LOW | CVE-2023-31438 | An issue was discovered in systemd 253. An attacker can truncate a sea ... | libudev1 | 241-7~deb10u9 | |
| LOW | CVE-2023-31439 | An issue was discovered in systemd 253. An attacker can modify the con ... | libudev1 | 241-7~deb10u9 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libuuid1 | 2.33.1-0.1 | |
| LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | libuuid1 | 2.33.1-0.1 | |
| LOW | CVE-2007-5686 | initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... | login | 1:4.5-1.1 | |
| LOW | CVE-2013-4235 | shadow-utils: TOCTOU race conditions by copying and removing directory trees | login | 1:4.5-1.1 | |
| LOW | CVE-2018-7169 | shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p | login | 1:4.5-1.1 | |
| LOW | CVE-2019-19882 | shadow-utils: local users can obtain root access because setuid programs are misconfigured | login | 1:4.5-1.1 | |
| LOW | CVE-2023-29383 | Improper input validation in shadow-utils package utility chfn | login | 1:4.5-1.1 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | mount | 2.33.1-0.1 | |
| LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | mount | 2.33.1-0.1 | |
| LOW | CVE-2021-39537 | heap-based buffer overflow in _nc_captoinfo() in captoinfo.c | ncurses-base | 6.1+20181013-2+deb10u3 | |
| LOW | CVE-2021-39537 | heap-based buffer overflow in _nc_captoinfo() in captoinfo.c | ncurses-bin | 6.1+20181013-2+deb10u3 | |
| LOW | CVE-2007-6755 | Dual_EC_DRBG: weak pseudo random number generator | openssl | 1.1.1n-0+deb10u5 | |
| LOW | CVE-2010-0928 | openssl: RSA authentication weakness | openssl | 1.1.1n-0+deb10u5 | |
| LOW | CVE-2007-5686 | initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... | passwd | 1:4.5-1.1 | |
| LOW | CVE-2013-4235 | shadow-utils: TOCTOU race conditions by copying and removing directory trees | passwd | 1:4.5-1.1 | |
| LOW | CVE-2018-7169 | shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p | passwd | 1:4.5-1.1 | |
| LOW | CVE-2019-19882 | shadow-utils: local users can obtain root access because setuid programs are misconfigured | passwd | 1:4.5-1.1 | |
| LOW | CVE-2023-29383 | Improper input validation in shadow-utils package utility chfn | passwd | 1:4.5-1.1 | |
| LOW | CVE-2011-4116 | perl: File::Temp insecure temporary file handling | perl-base | 5.28.1-6+deb10u1 | |
| LOW | CVE-2023-31486 | insecure TLS cert default | perl-base | 5.28.1-6+deb10u1 | |
| LOW | CVE-2005-2541 | tar: does not properly warn the user when extracting setuid or setgid files | tar | 1.30+dfsg-6 | |
| LOW | CVE-2019-9923 | tar: null-pointer dereference in pax_decode_header in sparse.c | tar | 1.30+dfsg-6 | |
| LOW | CVE-2021-20193 | tar: Memory leak in read_header() in list.c | tar | 1.30+dfsg-6 | |
| LOW | CVE-2022-48303 | heap buffer overflow at from_header() in list.c via specially crafted checksum | tar | 1.30+dfsg-6 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | util-linux | 2.33.1-0.1 | |
| LOW | CVE-2022-0563 | partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline | util-linux | 2.33.1-0.1 | |
| UNKNOWN | DLA-3482-1 | debian-archive-keyring - security update | debian-archive-keyring | 2019.1+deb10u1 | 2019.1+deb10u2 |
Date: 2023-09-20