pranavbhatia/openvas2
Region: us-east-1
Scan Summary
Critical vulnerabilities
13Malicious files
1Last scan
1 year, 9 months ago
Type of scan
Prevasio CSPMScan duration
7 minutes and 24 secondsImage Details
Image URI
pranavbhatia/openvas2Image tags
latestDigest
—Created
4 years ago
Compressed size
875.83 MBUncompressed size
3.44 GBOS/architecture
linux/amd64OS distribution
centos 7.5.1804Working directory
—ENTRYPOINT
—CMD
/bin/sh-c/run.shUser
—Ports
443/tcpVolumes
—Environment variables
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Filename | File Size | SHA 256 | Threat Name | Report |
---|---|---|---|---|
/usr/bin/pnscan | 22.35 kB | d784ff0b19f40a7961066a31df1495fb18a390dea12406d8eab38b624ebc6b1b | Unix.Tool.Pnscan-8031486-0 | VirusTotal |
Overview
Critical
13High
130Medium
399Low
211Informational
0Vulnerabilities (753)
Severity | Name | Package | Version | Fixed in | Description | Package:version |
---|---|---|---|---|---|---|
Critical | CVE-2021-43527 | nss | 3.36.0-5.el7_5 | 3.67.0-4.el7_9 | nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS) | nss:3.36.0-5.el7_5 |
Critical | CVE-2021-43527 | nss-sysinit | 3.36.0-5.el7_5 | 3.67.0-4.el7_9 | nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS) | nss-sysinit:3.36.0-5.el7_5 |
Critical | CVE-2021-43527 | nss-tools | 3.36.0-5.el7_5 | 3.67.0-4.el7_9 | nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS) | nss-tools:3.36.0-5.el7_5 |
Critical | CVE-2018-1000805 | python-paramiko | 2.1.1-4.el7 | 2.1.1-9.el7 | python-paramiko: Authentication bypass in auth_handler.py | python-paramiko:2.1.1-4.el7 |
Critical | CVE-2020-8165 | activesupport | 4.2.5.1 | ~> 5.2.4, >= 5.2.4.3, >= 6.0.3.1 | rubygem-activesupport: potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore | activesupport:4.2.5.1 |
Critical | CVE-2019-5421 | devise | 3.5.10 | >= 4.6.0 | Plataformatec Devise version 4.5.0 and earlier, using the lockable mod ... | devise:3.5.10 |
Critical | CVE-2020-14001 | kramdown | 1.4.1 | >= 2.3.0 | rubygem-kramdown: processing template options inside documents allows unintended read access or embedded Ruby code execution | kramdown:1.4.1 |
Critical | CVE-2016-4658 | nokogiri | 1.6.8.1 | >= 1.7.1 | libxml2: Use after free via namespace node in XPointer ranges | nokogiri:1.6.8.1 |
Critical | CVE-2019-11068 | nokogiri | 1.6.8.1 | >= 1.10.3 | libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL | nokogiri:1.6.8.1 |
Critical | CVE-2019-5477 | nokogiri | 1.6.8.1 | >= 1.10.4 | A command injection vulnerability in Nokogiri v1.10.3 and earlier allo ... | nokogiri:1.6.8.1 |
Critical | CVE-2022-24790 | puma | 2.14.0 | ~> 4.3.12, >= 5.6.4 | puma-5.6.4: http request smuggling vulnerabilities | puma:2.14.0 |
Critical | CVE-2018-1000544 | rubyzip | 1.2.1 | >= 1.2.2 | rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file | rubyzip:1.2.1 |
Critical | CVE-2019-16676 | simple_form | 3.0.4 | >= 5.0 | simple_form Gem for Ruby Incorrect Access Control for forms based on user input | simple_form:3.0.4 |
High | CVE-2018-5740 | bind-license | 32:9.9.4-61.el7 | 32:9.9.4-61.el7_5.1 | bind: processing of certain records when "deny-answer-aliases" is in use may trigger an assert leading to a denial of service | bind-license:32:9.9.4-61.el7 |
High | CVE-2018-5743 | bind-license | 32:9.9.4-61.el7 | 32:9.9.4-74.el7_6.1 | bind: Limiting simultaneous TCP clients is ineffective | bind-license:32:9.9.4-61.el7 |
High | CVE-2020-8616 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-16.P2.el7_8.6 | bind: BIND does not sufficiently limit the number of fetches performed when processing referrals | bind-license:32:9.9.4-61.el7 |
High | CVE-2020-8617 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-16.P2.el7_8.6 | bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c | bind-license:32:9.9.4-61.el7 |
High | CVE-2020-8625 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-26.P2.el7_9.4 | bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation | bind-license:32:9.9.4-61.el7 |
High | CVE-2021-25215 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-26.P2.el7_9.5 | bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself | bind-license:32:9.9.4-61.el7 |
High | CVE-2022-24407 | cyrus-sasl-lib | 2.1.26-23.el7 | 2.1.26-24.el7_9 | cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands | cyrus-sasl-lib:2.1.26-23.el7 |
High | CVE-2020-12049 | dbus | 1:1.10.24-7.el7 | 1:1.10.24-14.el7_8 | dbus: denial of service via file descriptor leak | dbus:1:1.10.24-7.el7 |
High | CVE-2020-12049 | dbus-libs | 1:1.10.24-7.el7 | 1:1.10.24-14.el7_8 | dbus: denial of service via file descriptor leak | dbus-libs:1:1.10.24-7.el7 |
High | CVE-2022-25235 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution | expat:2.1.0-10.el7_3 |
High | CVE-2022-25236 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution | expat:2.1.0-10.el7_3 |
High | CVE-2022-25315 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Integer overflow in storeRawNames() | expat:2.1.0-10.el7_3 |
High | CVE-2020-15999 | freetype | 2.4.11-15.el7 | 2.8-14.el7_9.1 | freetype: Heap-based buffer overflow due to integer truncation in Load_SBit_Png | freetype:2.4.11-15.el7 |
High | CVE-2018-17456 | git | 1.8.3.1-14.el7_5 | 1.8.3.1-20.el7 | git: arbitrary code execution via .gitmodules | git:1.8.3.1-14.el7_5 |
High | CVE-2019-1387 | git | 1.8.3.1-14.el7_5 | 1.8.3.1-21.el7_7 | git: Remote code execution in recursive clones with nested submodules | git:1.8.3.1-14.el7_5 |
High | CVE-2020-11008 | git | 1.8.3.1-14.el7_5 | 1.8.3.1-23.el7_8 | git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak | git:1.8.3.1-14.el7_5 |
High | CVE-2020-5260 | git | 1.8.3.1-14.el7_5 | 1.8.3.1-22.el7_8 | git: Crafted URL containing new lines can cause credential leak | git:1.8.3.1-14.el7_5 |
High | CVE-2021-27219 | glib2 | 2.54.2-2.el7 | 2.56.1-9.el7_9 | glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits | glib2:2.54.2-2.el7 |
High | CVE-2022-1271 | gzip | 1.5-10.el7 | 1.5-11.el7_9 | gzip: arbitrary-file-write vulnerability | gzip:1.5-10.el7 |
High | CVE-2020-14363 | libX11 | 1.6.5-1.el7 | 1.6.7-3.el7_9 | libX11: integer overflow leads to double free in locale handling | libX11:1.6.5-1.el7 |
High | CVE-2021-31535 | libX11 | 1.6.5-1.el7 | 1.6.7-4.el7_9 | libX11: missing request length checks | libX11:1.6.5-1.el7 |
High | CVE-2020-14363 | libX11-common | 1.6.5-1.el7 | 1.6.7-3.el7_9 | libX11: integer overflow leads to double free in locale handling | libX11-common:1.6.5-1.el7 |
High | CVE-2021-31535 | libX11-common | 1.6.5-1.el7 | 1.6.7-4.el7_9 | libX11: missing request length checks | libX11-common:1.6.5-1.el7 |
High | CVE-2018-10933 | libssh | 0.7.1-3.el7 | 0.7.1-7.el7 | libssh: Authentication Bypass due to improper message callbacks implementation | libssh:0.7.1-3.el7 |
High | CVE-2019-3855 | libssh2 | 1.4.3-10.el7_2.1 | 1.4.3-12.el7_6.2 | libssh2: Integer overflow in transport read resulting in out of bounds write | libssh2:1.4.3-10.el7_2.1 |
High | CVE-2019-3856 | libssh2 | 1.4.3-10.el7_2.1 | 1.4.3-12.el7_6.2 | libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write | libssh2:1.4.3-10.el7_2.1 |
High | CVE-2019-3857 | libssh2 | 1.4.3-10.el7_2.1 | 1.4.3-12.el7_6.2 | libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write | libssh2:1.4.3-10.el7_2.1 |
High | CVE-2019-3863 | libssh2 | 1.4.3-10.el7_2.1 | 1.4.3-12.el7_6.2 | libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes | libssh2:1.4.3-10.el7_2.1 |
High | CVE-2018-25011 | libwebp | 0.3.0-7.el7 | 0.3.0-10.el7_9 | libwebp: heap-based buffer overflow in PutLE16() | libwebp:0.3.0-7.el7 |
High | CVE-2020-36328 | libwebp | 0.3.0-7.el7 | 0.3.0-10.el7_9 | libwebp: heap-based buffer overflow in WebPDecode*Into functions | libwebp:0.3.0-7.el7 |
High | CVE-2020-36329 | libwebp | 0.3.0-7.el7 | 0.3.0-10.el7_9 | libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c | libwebp:0.3.0-7.el7 |
High | CVE-2020-15862 | net-snmp-libs | 1:5.7.2-33.el7_5.2 | 1:5.7.2-49.el7_9.1 | net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution | net-snmp-libs:1:5.7.2-33.el7_5.2 |
High | CVE-2020-15862 | net-snmp-utils | 1:5.7.2-33.el7_5.2 | 1:5.7.2-49.el7_9.1 | net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution | net-snmp-utils:1:5.7.2-33.el7_5.2 |
High | CVE-2021-20305 | nettle | 2.7.1-8.el7 | 2.7.1-9.el7_9 | nettle: Out of bounds memory access in signature verification | nettle:2.7.1-8.el7 |
High | CVE-2019-11745 | nss | 3.36.0-5.el7_5 | 3.44.0-7.el7_7 | nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate | nss:3.36.0-5.el7_5 |
High | CVE-2019-11745 | nss-softokn | 3.36.0-5.el7_5 | 3.44.0-8.el7_7 | nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate | nss-softokn:3.36.0-5.el7_5 |
High | CVE-2019-11745 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.44.0-8.el7_7 | nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate | nss-softokn-freebl:3.36.0-5.el7_5 |
High | CVE-2019-11745 | nss-sysinit | 3.36.0-5.el7_5 | 3.44.0-7.el7_7 | nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate | nss-sysinit:3.36.0-5.el7_5 |
High | CVE-2019-11745 | nss-tools | 3.36.0-5.el7_5 | 3.44.0-7.el7_7 | nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate | nss-tools:3.36.0-5.el7_5 |
High | CVE-2019-11745 | nss-util | 3.36.0-1.el7_5 | 3.44.0-4.el7_7 | nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate | nss-util:3.36.0-1.el7_5 |
High | CVE-2020-1971 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-21.el7_9 | openssl: EDIPARTYNAME NULL pointer de-reference | openssl:1:1.0.2k-12.el7 |
High | CVE-2022-0778 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-25.el7_9 | openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates | openssl:1:1.0.2k-12.el7 |
High | CVE-2020-1971 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-21.el7_9 | openssl: EDIPARTYNAME NULL pointer de-reference | openssl-libs:1:1.0.2k-12.el7 |
High | CVE-2022-0778 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-25.el7_9 | openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates | openssl-libs:1:1.0.2k-12.el7 |
High | CVE-2018-20969 | patch | 2.7.1-10.el7_5 | 2.7.1-12.el7_7 | patch: do_ed_script in pch.c does not block strings beginning with a ! character | patch:2.7.1-10.el7_5 |
High | CVE-2019-13638 | patch | 2.7.1-10.el7_5 | 2.7.1-12.el7_7 | patch: OS shell command injection when processing crafted patch files | patch:2.7.1-10.el7_5 |
High | CVE-2018-18311 | perl | 4:5.16.3-292.el7 | 4:5.16.3-294.el7_6 | perl: Integer overflow leading to buffer overflow in Perl_my_setenv() | perl:4:5.16.3-292.el7 |
High | CVE-2018-17456 | perl-Git | 1.8.3.1-14.el7_5 | 1.8.3.1-20.el7 | git: arbitrary code execution via .gitmodules | perl-Git:1.8.3.1-14.el7_5 |
High | CVE-2019-1387 | perl-Git | 1.8.3.1-14.el7_5 | 1.8.3.1-21.el7_7 | git: Remote code execution in recursive clones with nested submodules | perl-Git:1.8.3.1-14.el7_5 |
High | CVE-2020-11008 | perl-Git | 1.8.3.1-14.el7_5 | 1.8.3.1-23.el7_8 | git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak | perl-Git:1.8.3.1-14.el7_5 |
High | CVE-2020-5260 | perl-Git | 1.8.3.1-14.el7_5 | 1.8.3.1-22.el7_8 | git: Crafted URL containing new lines can cause credential leak | perl-Git:1.8.3.1-14.el7_5 |
High | CVE-2018-18311 | perl-Pod-Escapes | 1:1.04-292.el7 | 1:1.04-294.el7_6 | perl: Integer overflow leading to buffer overflow in Perl_my_setenv() | perl-Pod-Escapes:1:1.04-292.el7 |
High | CVE-2018-18311 | perl-libs | 4:5.16.3-292.el7 | 4:5.16.3-294.el7_6 | perl: Integer overflow leading to buffer overflow in Perl_my_setenv() | perl-libs:4:5.16.3-292.el7 |
High | CVE-2018-18311 | perl-macros | 4:5.16.3-292.el7 | 4:5.16.3-294.el7_6 | perl: Integer overflow leading to buffer overflow in Perl_my_setenv() | perl-macros:4:5.16.3-292.el7 |
High | CVE-2019-10160 | python | 2.7.5-69.el7_5 | 2.7.5-80.el7_6 | python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc | python:2.7.5-69.el7_5 |
High | CVE-2019-9636 | python | 2.7.5-69.el7_5 | 2.7.5-77.el7_6 | python: Information Disclosure due to urlsplit improper NFKC normalization | python:2.7.5-69.el7_5 |
High | CVE-2019-10160 | python-libs | 2.7.5-69.el7_5 | 2.7.5-80.el7_6 | python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc | python-libs:2.7.5-69.el7_5 |
High | CVE-2019-9636 | python-libs | 2.7.5-69.el7_5 | 2.7.5-77.el7_6 | python: Information Disclosure due to urlsplit improper NFKC normalization | python-libs:2.7.5-69.el7_5 |
High | CVE-2020-5312 | python-pillow | 2.0.0-19.gitd1c6db8.el7 | 2.0.0-20.gitd1c6db8.el7_7 | python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c | python-pillow:2.0.0-19.gitd1c6db8.el7 |
High | CVE-2022-22817 | python-pillow | 2.0.0-19.gitd1c6db8.el7 | 2.0.0-23.gitd1c6db8.el7_9 | python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions | python-pillow:2.0.0-19.gitd1c6db8.el7 |
High | CVE-2019-13734 | sqlite | 3.7.17-8.el7 | 3.7.17-8.el7_7.1 | sqlite: fts3: improve shadow table corruption detection | sqlite:3.7.17-8.el7 |
High | CVE-2018-15688 | systemd | 219-57.el7 | 219-62.el7_6.2 | systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling | systemd:219-57.el7 |
High | CVE-2018-16864 | systemd | 219-57.el7 | 219-62.el7_6.2 | systemd: stack overflow when calling syslog from a command with long cmdline | systemd:219-57.el7 |
High | CVE-2018-16865 | systemd | 219-57.el7 | 219-62.el7_6.2 | systemd: stack overflow when receiving many journald entries | systemd:219-57.el7 |
High | CVE-2019-6454 | systemd | 219-57.el7 | 219-62.el7_6.5 | systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash | systemd:219-57.el7 |
High | CVE-2018-15688 | systemd-libs | 219-57.el7 | 219-62.el7_6.2 | systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling | systemd-libs:219-57.el7 |
High | CVE-2018-16864 | systemd-libs | 219-57.el7 | 219-62.el7_6.2 | systemd: stack overflow when calling syslog from a command with long cmdline | systemd-libs:219-57.el7 |
High | CVE-2018-16865 | systemd-libs | 219-57.el7 | 219-62.el7_6.2 | systemd: stack overflow when receiving many journald entries | systemd-libs:219-57.el7 |
High | CVE-2019-6454 | systemd-libs | 219-57.el7 | 219-62.el7_6.5 | systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash | systemd-libs:219-57.el7 |
High | CVE-2020-10772 | unbound-libs | 1.6.6-1.el7 | 1.6.6-5.el7_8 | unbound: incomplete fix for CVE-2020-12662 in RHEL7 | unbound-libs:1.6.6-1.el7 |
High | CVE-2020-12662 | unbound-libs | 1.6.6-1.el7 | 1.6.6-4.el7_8 | unbound: amplification of an incoming query into a large number of queries directed to a target | unbound-libs:1.6.6-1.el7 |
High | CVE-2020-12663 | unbound-libs | 1.6.6-1.el7 | 1.6.6-4.el7_8 | unbound: infinite loop via malformed DNS answers received from upstream servers | unbound-libs:1.6.6-1.el7 |
High | CVE-2019-12735 | vim-minimal | 2:7.4.160-4.el7 | 2:7.4.160-6.el7_6 | vim/neovim: ':source!' command allows arbitrary command execution via modelines | vim-minimal:2:7.4.160-4.el7 |
High | CVE-2019-5953 | wget | 1.14-15.el7_4.1 | 1.14-18.el7_6.1 | wget: do_conversion() heap-based buffer overflow vulnerability | wget:1.14-15.el7_4.1 |
High | CVE-2018-10897 | yum-plugin-fastestmirror | 1.1.31-45.el7 | 1.1.31-46.el7_5 | yum-utils: reposync: improper path validation may lead to directory traversal | yum-plugin-fastestmirror:1.1.31-45.el7 |
High | CVE-2018-10897 | yum-plugin-ovl | 1.1.31-45.el7 | 1.1.31-46.el7_5 | yum-utils: reposync: improper path validation may lead to directory traversal | yum-plugin-ovl:1.1.31-45.el7 |
High | CVE-2018-10897 | yum-utils | 1.1.31-45.el7 | 1.1.31-46.el7_5 | yum-utils: reposync: improper path validation may lead to directory traversal | yum-utils:1.1.31-45.el7 |
High | CVE-2018-25032 | zlib | 1.2.7-17.el7 | 1.2.7-20.el7_9 | zlib: A flaw found in zlib when compressing (not decompressing) certain inputs | zlib:1.2.7-17.el7 |
High | CVE-2021-43818 | lxml | 4.5.0 | 4.6.5 | python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through | lxml:4.5.0 |
High | CVE-2016-2098 | actionpack | 4.2.5.1 | ~> 3.2.22.2, ~> 4.2.5, >= 4.2.5.2, ~> 4.1.14, >= 4.1.14.2 | rubygem-actionview, rubygem-actionpack: code injection vulnerability in Action View | actionpack:4.2.5.1 |
High | CVE-2020-8164 | actionpack | 4.2.5.1 | ~> 5.2.4, >= 5.2.4.3, >= 6.0.3.1 | rubygem-actionpack: possible strong parameters bypass | actionpack:4.2.5.1 |
High | CVE-2021-22885 | actionpack | 4.2.5.1 | ~> 5.2.4.6, ~> 5.2.6, ~> 6.0.3, >= 6.0.3.7, >= 6.1.3.2 | rubygem-actionpack: Possible Information Disclosure / Unintended Method Execution in Action Pack | actionpack:4.2.5.1 |
High | CVE-2021-22904 | actionpack | 4.2.5.1 | ~> 5.2.4.6, ~> 5.2.6, ~> 6.0.3, >= 6.0.3.7, >= 6.1.3.2 | rails: Possible DoS Vulnerability in Action Controller Token Authentication | actionpack:4.2.5.1 |
High | CVE-2019-5418 | actionview | 4.2.5.1 | ~> 4.2.11, >= 4.2.11.1, ~> 5.0.7, >= 5.0.7.2, ~> 5.1.6, >= 5.1.6.2, ~> 5.2.2, >= 5.2.2.1, >= 6.0.0.beta3 | rubygem-actionpack: render file directory traversal in Action View | actionview:4.2.5.1 |
High | CVE-2019-5419 | actionview | 4.2.5.1 | >= 6.0.0.beta3, ~> 5.2.2, >= 5.2.2.1, ~> 5.1.6, >= 5.1.6.2, ~> 5.0.7, >= 5.0.7.2, ~> 4.2.11, >= 4.2.11.1 | rubygem-actionpack: denial of service vulnerability in Action View | actionview:4.2.5.1 |
High | CVE-2020-8163 | actionview | 4.2.5.1 | >= 4.2.11.2 | rubygem-rails: potential remote code execution of user-provided local names | actionview:4.2.5.1 |
High | CVE-2018-16476 | activejob | 4.2.5.1 | ~> 4.2.11, ~> 5.0.7.1, ~> 5.1.6.1, ~> 5.1.7, >= 5.2.1.1 | activejob: Information Exposure through deserialization using GlobalId | activejob:4.2.5.1 |
High | CVE-2016-6317 | activerecord | 4.2.5.1 | >= 4.2.7.1 | rubygem-activerecord: unsafe query generation in Active Record | activerecord:4.2.5.1 |
High | CVE-2021-32740 | addressable | 2.3.6 | >= 2.8.0 | rubygem-addressable: ReDoS in templates | addressable:2.3.6 |
High | CVE-2019-3881 | bundler | 1.14.6 | >= 2.1.0 | rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code | bundler:1.14.6 |
High | CVE-2018-1000201 | ffi | 1.9.18 | >= 1.9.24 | ruby-ffi DDL loading issue on Windows OS | ffi:1.9.18 |
High | CVE-2020-10663 | json | 1.8.1 | >= 2.3.0 | rubygem-json: Unsafe object creation vulnerability in JSON | json:1.8.1 |
High | CVE-2020-10663 | json | 1.8.6 | >= 2.3.0 | rubygem-json: Unsafe object creation vulnerability in JSON | json:1.8.6 |
High | CVE-2017-15412 | nokogiri | 1.6.8.1 | >= 1.8.2 | libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c | nokogiri:1.6.8.1 |
High | CVE-2017-16932 | nokogiri | 1.6.8.1 | >= 1.8.1 | libxml2: Infinite recursion in parameter entities | nokogiri:1.6.8.1 |
High | CVE-2017-5029 | nokogiri | 1.6.8.1 | >= 1.7.2 | chromium-browser: integer overflow in libxslt | nokogiri:1.6.8.1 |
High | CVE-2017-9050 | nokogiri | 1.6.8.1 | >= 1.8.1 | libxml2: Heap-based buffer over-read in function xmlDictAddString | nokogiri:1.6.8.1 |
High | CVE-2018-14404 | nokogiri | 1.6.8.1 | >= 1.8.5 | libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c | nokogiri:1.6.8.1 |
High | CVE-2018-25032 | nokogiri | 1.6.8.1 | >= 1.13.4 | zlib: A flaw found in zlib when compressing (not decompressing) certain inputs | nokogiri:1.6.8.1 |
High | CVE-2019-13117 | nokogiri | 1.6.8.1 | >= 1.10.5 | libxslt: an xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers | nokogiri:1.6.8.1 |
High | CVE-2020-7595 | nokogiri | 1.6.8.1 | >= 1.10.8 | libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations | nokogiri:1.6.8.1 |
High | CVE-2021-30560 | nokogiri | 1.6.8.1 | >= 1.13.2 | Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ... | nokogiri:1.6.8.1 |
High | CVE-2021-41098 | nokogiri | 1.6.8.1 | >= 1.12.5 | rubygem-nokogiri: XEE on JRuby | nokogiri:1.6.8.1 |
High | CVE-2022-24836 | nokogiri | 1.6.8.1 | >= 1.13.4 | nokogiri: ReDoS in HTML encoding detection | nokogiri:1.6.8.1 |
High | CVE-2022-24839 | nokogiri | 1.6.8.1 | >= 1.13.4 | nokogiri: Uncontrolled Resource Consumption in org.cyberneko.html (nokogiri fork) | nokogiri:1.6.8.1 |
High | CVE-2022-29181 | nokogiri | 1.6.8.1 | >= 1.13.6 | rubygem-nokogiri: Improper Handling of Unexpected Data Type in Nokogiri | nokogiri:1.6.8.1 |
High | GHSA-7rrm-v45f-jp64 | nokogiri | 1.6.8.1 | >= 1.11.4 | Update packaged dependency libxml2 from 2.9.10 to 2.9.12 | nokogiri:1.6.8.1 |
High | GHSA-cgx6-hpwq-fhv5 | nokogiri | 1.6.8.1 | >= 1.13.5 | Integer Overflow or Wraparound in libxml2 affects Nokogiri | nokogiri:1.6.8.1 |
High | GHSA-fq42-c5rg-92c2 | nokogiri | 1.6.8.1 | 1.13.2 | Vulnerable dependencies in Nokogiri | nokogiri:1.6.8.1 |
High | GHSA-gx8x-g87m-h5q6 | nokogiri | 1.6.8.1 | 1.13.4 | Denial of Service (DoS) in Nokogiri on JRuby | nokogiri:1.6.8.1 |
High | GHSA-v6gp-9mmm-c6p5 | nokogiri | 1.6.8.1 | 1.13.4 | Out-of-bounds Write in zlib affects Nokogiri | nokogiri:1.6.8.1 |
High | CVE-2017-15928 | ox | 2.4.11 | >= 2.8.1 | In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation ... | ox:2.4.11 |
High | CVE-2019-16770 | puma | 2.14.0 | ~> 3.12.2, >= 4.3.1 | rubygem-puma: keepalive requests from poorly-behaved client leads to denial of service | puma:2.14.0 |
High | CVE-2020-11076 | puma | 2.14.0 | ~> 3.12.5, >= 4.3.4 | rubygem-puma: HTTP Smuggling via an invalid Transfer-Encoding Header | puma:2.14.0 |
High | CVE-2021-29509 | puma | 2.14.0 | ~> 4.3.8, >= 5.3.1 | rubygem-puma: incomplete fix for CVE-2019-16770 allows Denial of Service (DoS) | puma:2.14.0 |
High | CVE-2022-23634 | puma | 2.14.0 | ~> 4.3.11, >= 5.6.2 | rubygem-puma: rubygem-rails: information leak between requests | puma:2.14.0 |
High | CVE-2020-8161 | rack | 1.6.4 | ~> 2.1.3, >= 2.2.0 | rubygem-rack: directory traversal in Rack::Directory | rack:1.6.4 |
High | CVE-2020-8184 | rack | 1.6.4 | ~> 2.1.4, >= 2.2.3 | rubygem-rack: percent-encoded cookies can be used to overwrite existing prefixed cookie names | rack:1.6.4 |
High | CVE-2022-30123 | rack | 1.6.4 | ~> 2.0.9, >= 2.0.9.1, ~> 2.1.4, >= 2.1.4.1, >= 2.2.3.1 | Possible shell escape sequence injection vulnerability in Rack | rack:1.6.4 |
High | CVE-2020-8130 | rake | 10.4.2 | >= 12.3.3 | rake: OS Command Injection via egrep in Rake::FileList | rake:10.4.2 |
High | CVE-2020-8130 | rake | 12.0.0 | >= 12.3.3 | rake: OS Command Injection via egrep in Rake::FileList | rake:12.0.0 |
High | CVE-2021-31799 | rdoc | 4.2.0 | >= 6.3.1 | rubygem-rdoc: Command injection vulnerability in RDoc | rdoc:4.2.0 |
High | CVE-2017-0903 | rubygems-update | 2.6.7 | >= 2.6.14 | rubygems: Unsafe object deserialization through YAML formatted gem specifications | rubygems-update:2.6.7 |
High | CVE-2019-8321 | rubygems-update | 2.6.7 | >= 3.0.3, ~> 2.7.9 | rubygems: Escape sequence injection vulnerability in verbose | rubygems-update:2.6.7 |
High | CVE-2019-8322 | rubygems-update | 2.6.7 | >= 3.0.3, ~> 2.7.9 | rubygems: Escape sequence injection vulnerability in gem owner | rubygems-update:2.6.7 |
High | CVE-2019-8323 | rubygems-update | 2.6.7 | >= 3.0.3, ~> 2.7.9 | rubygems: Escape sequence injection vulnerability in API response handling | rubygems-update:2.6.7 |
High | CVE-2019-8324 | rubygems-update | 2.6.7 | >= 3.0.3, ~> 2.7.9 | rubygems: Installing a malicious gem may lead to arbitrary code execution | rubygems-update:2.6.7 |
High | CVE-2019-8325 | rubygems-update | 2.6.7 | >= 3.0.3, ~> 2.7.9 | rubygems: Escape sequence injection vulnerability in errors | rubygems-update:2.6.7 |
High | CVE-2022-29970 | sinatra | 1.4.6 | >= 2.2.0 | sinatra: path traversal possible outside of public_dir when serving static files | sinatra:1.4.6 |
High | CVE-2018-3760 | sprockets | 2.12.4 | >= 2.12.5, < 3.0.0, >= 3.7.2, < 4.0.0, >= 4.0.0.beta8 | rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary files | sprockets:2.12.4 |
Medium | CVE-2019-9924 | bash | 4.2.46-30.el7 | 4.2.46-34.el7 | bash: BASH_CMD is writable in restricted bash shells | bash:4.2.46-30.el7 |
Medium | CVE-2018-5741 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-9.P2.el7 | bind: Incorrect documentation of krb5-subdomain and ms-subdomain update policies | bind-license:32:9.9.4-61.el7 |
Medium | CVE-2018-5742 | bind-license | 32:9.9.4-61.el7 | 32:9.9.4-73.el7_6 | bind: Crash from assertion error when debug log level is 10 and log entries meet buffer boundary | bind-license:32:9.9.4-61.el7 |
Medium | CVE-2019-6477 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-16.P2.el7 | bind: TCP Pipelining doesn't limit TCP clients on a single connection | bind-license:32:9.9.4-61.el7 |
Medium | CVE-2020-8622 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-26.P2.el7_9.2 | bind: truncated TSIG response can lead to an assertion failure | bind-license:32:9.9.4-61.el7 |
Medium | CVE-2020-8623 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-26.P2.el7_9.2 | bind: remotely triggerable assertion failure in pk11.c | bind-license:32:9.9.4-61.el7 |
Medium | CVE-2020-8624 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-26.P2.el7_9.2 | bind: incorrect enforcement of update-policy rules of type "subdomain" | bind-license:32:9.9.4-61.el7 |
Medium | CVE-2021-25214 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-26.P2.el7_9.7 | bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly | bind-license:32:9.9.4-61.el7 |
Medium | CVE-2018-1000876 | binutils | 2.27-28.base.el7_5.1 | 2.27-41.base.el7 | binutils: integer overflow leads to heap-based buffer overflow in objdump | binutils:2.27-28.base.el7_5.1 |
Medium | CVE-2021-42574 | binutils | 2.27-28.base.el7_5.1 | 2.27-44.base.el7_9.1 | Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks | binutils:2.27-28.base.el7_5.1 |
Medium | CVE-2015-9381 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | cairo:1.14.8-2.el7 |
Medium | CVE-2015-9382 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | cairo:1.14.8-2.el7 |
Medium | CVE-2017-2862 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function | cairo:1.14.8-2.el7 |
Medium | CVE-2018-11712 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | webkitgtk: Improper TLS certificate verification for WebSocket connections | cairo:1.14.8-2.el7 |
Medium | CVE-2018-11713 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | webkitgtk: WebSockets don't use system proxy settings | cairo:1.14.8-2.el7 |
Medium | CVE-2018-12910 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames | cairo:1.14.8-2.el7 |
Medium | CVE-2018-14036 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c | cairo:1.14.8-2.el7 |
Medium | CVE-2018-4121 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | webkitgtk: memory corruption processing maliciously crafted web content | cairo:1.14.8-2.el7 |
Medium | CVE-2018-4200 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | webkitgtk: memory corruption processing maliciously crafted web content | cairo:1.14.8-2.el7 |
Medium | CVE-2018-4204 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | webkitgtk: memory corruption processing maliciously crafted web content | cairo:1.14.8-2.el7 |
Medium | CVE-2019-14866 | cpio | 2.11-27.el7 | 2.11-28.el7 | cpio: improper input validation when writing tar header fields leads to unexpected tar generation | cpio:2.11-27.el7 |
Medium | CVE-2018-1000007 | curl | 7.29.0-46.el7 | 7.29.0-51.el7 | curl: HTTP authentication leak in redirects | curl:7.29.0-46.el7 |
Medium | CVE-2018-1000120 | curl | 7.29.0-46.el7 | 7.29.0-51.el7 | curl: FTP path trickery leads to NIL byte out of bounds write | curl:7.29.0-46.el7 |
Medium | CVE-2018-1000122 | curl | 7.29.0-46.el7 | 7.29.0-51.el7 | curl: RTSP RTP buffer over-read | curl:7.29.0-46.el7 |
Medium | CVE-2018-1000301 | curl | 7.29.0-46.el7 | 7.29.0-51.el7 | curl: Out-of-bounds heap read when missing RTSP headers allows information leak or denial of service | curl:7.29.0-46.el7 |
Medium | CVE-2019-5482 | curl | 7.29.0-46.el7 | 7.29.0-59.el7 | curl: heap buffer overflow in function tftp_receive_packet() | curl:7.29.0-46.el7 |
Medium | CVE-2020-8177 | curl | 7.29.0-46.el7 | 7.29.0-59.el7_9.1 | curl: Incorrect argument check can allow remote servers to overwrite local files | curl:7.29.0-46.el7 |
Medium | CVE-2019-12749 | dbus | 1:1.10.24-7.el7 | 1:1.10.24-15.el7 | dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass | dbus:1:1.10.24-7.el7 |
Medium | CVE-2019-12749 | dbus-libs | 1:1.10.24-7.el7 | 1:1.10.24-15.el7 | dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass | dbus-libs:1:1.10.24-7.el7 |
Medium | CVE-2015-2716 | expat | 2.1.0-10.el7_3 | 2.1.0-11.el7 | expat: Integer overflow leading to buffer overflow in XML_GetBuffer() | expat:2.1.0-10.el7_3 |
Medium | CVE-2018-20843 | expat | 2.1.0-10.el7_3 | 2.1.0-12.el7 | expat: large number of colons in input makes parser consume high amount of resources, leading to DoS | expat:2.1.0-10.el7_3 |
Medium | CVE-2021-45960 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Large number of prefixed XML attributes on a single tag can crash libexpat | expat:2.1.0-10.el7_3 |
Medium | CVE-2021-46143 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Integer overflow in doProlog in xmlparse.c | expat:2.1.0-10.el7_3 |
Medium | CVE-2022-22822 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Integer overflow in addBinding in xmlparse.c | expat:2.1.0-10.el7_3 |
Medium | CVE-2022-22823 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Integer overflow in build_model in xmlparse.c | expat:2.1.0-10.el7_3 |
Medium | CVE-2022-22824 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Integer overflow in defineAttribute in xmlparse.c | expat:2.1.0-10.el7_3 |
Medium | CVE-2022-22825 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Integer overflow in lookup in xmlparse.c | expat:2.1.0-10.el7_3 |
Medium | CVE-2022-22826 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Integer overflow in nextScaffoldPart in xmlparse.c | expat:2.1.0-10.el7_3 |
Medium | CVE-2022-22827 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Integer overflow in storeAtts in xmlparse.c | expat:2.1.0-10.el7_3 |
Medium | CVE-2022-23852 | expat | 2.1.0-10.el7_3 | 2.1.0-14.el7_9 | expat: Integer overflow in function XML_GetBuffer | expat:2.1.0-10.el7_3 |
Medium | CVE-2015-9381 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | fontconfig:2.10.95-11.el7 |
Medium | CVE-2015-9382 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | fontconfig:2.10.95-11.el7 |
Medium | CVE-2017-2862 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function | fontconfig:2.10.95-11.el7 |
Medium | CVE-2018-11712 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | webkitgtk: Improper TLS certificate verification for WebSocket connections | fontconfig:2.10.95-11.el7 |
Medium | CVE-2018-11713 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | webkitgtk: WebSockets don't use system proxy settings | fontconfig:2.10.95-11.el7 |
Medium | CVE-2018-12910 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames | fontconfig:2.10.95-11.el7 |
Medium | CVE-2018-14036 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c | fontconfig:2.10.95-11.el7 |
Medium | CVE-2018-4121 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | webkitgtk: memory corruption processing maliciously crafted web content | fontconfig:2.10.95-11.el7 |
Medium | CVE-2018-4200 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | webkitgtk: memory corruption processing maliciously crafted web content | fontconfig:2.10.95-11.el7 |
Medium | CVE-2018-4204 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | webkitgtk: memory corruption processing maliciously crafted web content | fontconfig:2.10.95-11.el7 |
Medium | CVE-2015-9381 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | freetype:2.4.11-15.el7 |
Medium | CVE-2015-9382 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | freetype:2.4.11-15.el7 |
Medium | CVE-2017-2862 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function | freetype:2.4.11-15.el7 |
Medium | CVE-2018-11712 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | webkitgtk: Improper TLS certificate verification for WebSocket connections | freetype:2.4.11-15.el7 |
Medium | CVE-2018-11713 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | webkitgtk: WebSockets don't use system proxy settings | freetype:2.4.11-15.el7 |
Medium | CVE-2018-12910 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames | freetype:2.4.11-15.el7 |
Medium | CVE-2018-14036 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c | freetype:2.4.11-15.el7 |
Medium | CVE-2018-4121 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | webkitgtk: memory corruption processing maliciously crafted web content | freetype:2.4.11-15.el7 |
Medium | CVE-2018-4200 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | webkitgtk: memory corruption processing maliciously crafted web content | freetype:2.4.11-15.el7 |
Medium | CVE-2018-4204 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | webkitgtk: memory corruption processing maliciously crafted web content | freetype:2.4.11-15.el7 |
Medium | CVE-2015-9381 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | glib2:2.54.2-2.el7 |
Medium | CVE-2015-9382 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | glib2:2.54.2-2.el7 |
Medium | CVE-2017-2862 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function | glib2:2.54.2-2.el7 |
Medium | CVE-2018-11712 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | webkitgtk: Improper TLS certificate verification for WebSocket connections | glib2:2.54.2-2.el7 |
Medium | CVE-2018-11713 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | webkitgtk: WebSockets don't use system proxy settings | glib2:2.54.2-2.el7 |
Medium | CVE-2018-12910 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames | glib2:2.54.2-2.el7 |
Medium | CVE-2018-14036 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c | glib2:2.54.2-2.el7 |
Medium | CVE-2018-4121 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | webkitgtk: memory corruption processing maliciously crafted web content | glib2:2.54.2-2.el7 |
Medium | CVE-2018-4200 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | webkitgtk: memory corruption processing maliciously crafted web content | glib2:2.54.2-2.el7 |
Medium | CVE-2018-4204 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | webkitgtk: memory corruption processing maliciously crafted web content | glib2:2.54.2-2.el7 |
Medium | CVE-2019-12450 | glib2 | 2.54.2-2.el7 | 2.56.1-7.el7 | glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress | glib2:2.54.2-2.el7 |
Medium | CVE-2019-14822 | glib2 | 2.54.2-2.el7 | 2.56.1-7.el7 | ibus: missing authorization allows local attacker to access the input bus of another user | glib2:2.54.2-2.el7 |
Medium | CVE-2016-10739 | glibc | 2.17-222.el7 | 2.17-292.el7 | glibc: getaddrinfo should reject IP addresses with trailing characters | glibc:2.17-222.el7 |
Medium | CVE-2017-16997 | glibc | 2.17-222.el7 | 2.17-260.el7 | glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries | glibc:2.17-222.el7 |
Medium | CVE-2018-11236 | glibc | 2.17-222.el7 | 2.17-260.el7 | glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow | glibc:2.17-222.el7 |
Medium | CVE-2018-11237 | glibc | 2.17-222.el7 | 2.17-260.el7 | glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper | glibc:2.17-222.el7 |
Medium | CVE-2018-6485 | glibc | 2.17-222.el7 | 2.17-260.el7 | glibc: Integer overflow in posix_memalign in memalign functions | glibc:2.17-222.el7 |
Medium | CVE-2019-25013 | glibc | 2.17-222.el7 | 2.17-322.el7_9 | glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding | glibc:2.17-222.el7 |
Medium | CVE-2020-10029 | glibc | 2.17-222.el7 | 2.17-322.el7_9 | glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions | glibc:2.17-222.el7 |
Medium | CVE-2020-29573 | glibc | 2.17-222.el7 | 2.17-322.el7_9 | glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern | glibc:2.17-222.el7 |
Medium | CVE-2016-10739 | glibc-common | 2.17-222.el7 | 2.17-292.el7 | glibc: getaddrinfo should reject IP addresses with trailing characters | glibc-common:2.17-222.el7 |
Medium | CVE-2017-16997 | glibc-common | 2.17-222.el7 | 2.17-260.el7 | glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries | glibc-common:2.17-222.el7 |
Medium | CVE-2018-11236 | glibc-common | 2.17-222.el7 | 2.17-260.el7 | glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow | glibc-common:2.17-222.el7 |
Medium | CVE-2018-11237 | glibc-common | 2.17-222.el7 | 2.17-260.el7 | glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper | glibc-common:2.17-222.el7 |
Medium | CVE-2018-6485 | glibc-common | 2.17-222.el7 | 2.17-260.el7 | glibc: Integer overflow in posix_memalign in memalign functions | glibc-common:2.17-222.el7 |
Medium | CVE-2019-25013 | glibc-common | 2.17-222.el7 | 2.17-322.el7_9 | glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding | glibc-common:2.17-222.el7 |
Medium | CVE-2020-10029 | glibc-common | 2.17-222.el7 | 2.17-322.el7_9 | glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions | glibc-common:2.17-222.el7 |
Medium | CVE-2020-29573 | glibc-common | 2.17-222.el7 | 2.17-322.el7_9 | glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern | glibc-common:2.17-222.el7 |
Medium | CVE-2018-10844 | gnutls | 3.3.26-9.el7 | 3.3.29-8.el7 | gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls | gnutls:3.3.26-9.el7 |
Medium | CVE-2018-10845 | gnutls | 3.3.26-9.el7 | 3.3.29-8.el7 | gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant | gnutls:3.3.26-9.el7 |
Medium | CVE-2018-10846 | gnutls | 3.3.26-9.el7 | 3.3.29-8.el7 | gnutls: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery | gnutls:3.3.26-9.el7 |
Medium | CVE-2018-10844 | gnutls-dane | 3.3.26-9.el7 | 3.3.29-8.el7 | gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls | gnutls-dane:3.3.26-9.el7 |
Medium | CVE-2018-10845 | gnutls-dane | 3.3.26-9.el7 | 3.3.29-8.el7 | gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant | gnutls-dane:3.3.26-9.el7 |
Medium | CVE-2018-10846 | gnutls-dane | 3.3.26-9.el7 | 3.3.29-8.el7 | gnutls: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery | gnutls-dane:3.3.26-9.el7 |
Medium | CVE-2018-10844 | gnutls-utils | 3.3.26-9.el7 | 3.3.29-8.el7 | gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls | gnutls-utils:3.3.26-9.el7 |
Medium | CVE-2018-10845 | gnutls-utils | 3.3.26-9.el7 | 3.3.29-8.el7 | gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant | gnutls-utils:3.3.26-9.el7 |
Medium | CVE-2018-10846 | gnutls-utils | 3.3.26-9.el7 | 3.3.29-8.el7 | gnutls: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery | gnutls-utils:3.3.26-9.el7 |
Medium | CVE-2015-9381 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | gobject-introspection:1.50.0-1.el7 |
Medium | CVE-2015-9382 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | gobject-introspection:1.50.0-1.el7 |
Medium | CVE-2017-2862 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function | gobject-introspection:1.50.0-1.el7 |
Medium | CVE-2018-11712 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | webkitgtk: Improper TLS certificate verification for WebSocket connections | gobject-introspection:1.50.0-1.el7 |
Medium | CVE-2018-11713 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | webkitgtk: WebSockets don't use system proxy settings | gobject-introspection:1.50.0-1.el7 |
Medium | CVE-2018-12910 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames | gobject-introspection:1.50.0-1.el7 |
Medium | CVE-2018-14036 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c | gobject-introspection:1.50.0-1.el7 |
Medium | CVE-2018-4121 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | webkitgtk: memory corruption processing maliciously crafted web content | gobject-introspection:1.50.0-1.el7 |
Medium | CVE-2018-4200 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | webkitgtk: memory corruption processing maliciously crafted web content | gobject-introspection:1.50.0-1.el7 |
Medium | CVE-2018-4204 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | webkitgtk: memory corruption processing maliciously crafted web content | gobject-introspection:1.50.0-1.el7 |
Medium | CVE-2018-20217 | krb5-libs | 1.15.1-19.el7 | 1.15.1-37.el7_7.2 | krb5: Reachable assertion in the KDC using S4U2Self requests | krb5-libs:1.15.1-19.el7 |
Medium | CVE-2021-37750 | krb5-libs | 1.15.1-19.el7 | 1.15.1-51.el7_9 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field | krb5-libs:1.15.1-19.el7 |
Medium | CVE-2018-14598 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libX11: Crash on invalid reply in XListExtensions in ListExt.c | libX11:1.6.5-1.el7 |
Medium | CVE-2018-14599 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libX11: Off-by-one error in XListExtensions in ListExt.c | libX11:1.6.5-1.el7 |
Medium | CVE-2018-14600 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libX11: Out of Bounds write in XListExtensions in ListExt.c | libX11:1.6.5-1.el7 |
Medium | CVE-2018-15857 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash | libX11:1.6.5-1.el7 |
Medium | CVE-2018-14598 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libX11: Crash on invalid reply in XListExtensions in ListExt.c | libX11-common:1.6.5-1.el7 |
Medium | CVE-2018-14599 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libX11: Off-by-one error in XListExtensions in ListExt.c | libX11-common:1.6.5-1.el7 |
Medium | CVE-2018-14600 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libX11: Out of Bounds write in XListExtensions in ListExt.c | libX11-common:1.6.5-1.el7 |
Medium | CVE-2018-15857 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash | libX11-common:1.6.5-1.el7 |
Medium | CVE-2019-5094 | libcom_err | 1.42.9-12.el7_5 | 1.42.9-19.el7 | e2fsprogs: Crafted ext4 partition leads to out-of-bounds write | libcom_err:1.42.9-12.el7_5 |
Medium | CVE-2019-5188 | libcom_err | 1.42.9-12.el7_5 | 1.42.9-19.el7 | e2fsprogs: Out-of-bounds write in e2fsck/rehash.c | libcom_err:1.42.9-12.el7_5 |
Medium | CVE-2015-9381 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | libcroco:0.6.11-1.el7 |
Medium | CVE-2015-9382 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | libcroco:0.6.11-1.el7 |
Medium | CVE-2017-2862 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function | libcroco:0.6.11-1.el7 |
Medium | CVE-2018-11712 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | webkitgtk: Improper TLS certificate verification for WebSocket connections | libcroco:0.6.11-1.el7 |
Medium | CVE-2018-11713 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | webkitgtk: WebSockets don't use system proxy settings | libcroco:0.6.11-1.el7 |
Medium | CVE-2018-12910 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames | libcroco:0.6.11-1.el7 |
Medium | CVE-2018-14036 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c | libcroco:0.6.11-1.el7 |
Medium | CVE-2018-4121 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libcroco:0.6.11-1.el7 |
Medium | CVE-2018-4200 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libcroco:0.6.11-1.el7 |
Medium | CVE-2018-4204 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libcroco:0.6.11-1.el7 |
Medium | CVE-2020-12825 | libcroco | 0.6.11-1.el7 | 0.6.12-6.el7_9 | libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c | libcroco:0.6.11-1.el7 |
Medium | CVE-2018-1000007 | libcurl | 7.29.0-46.el7 | 7.29.0-51.el7 | curl: HTTP authentication leak in redirects | libcurl:7.29.0-46.el7 |
Medium | CVE-2018-1000120 | libcurl | 7.29.0-46.el7 | 7.29.0-51.el7 | curl: FTP path trickery leads to NIL byte out of bounds write | libcurl:7.29.0-46.el7 |
Medium | CVE-2018-1000122 | libcurl | 7.29.0-46.el7 | 7.29.0-51.el7 | curl: RTSP RTP buffer over-read | libcurl:7.29.0-46.el7 |
Medium | CVE-2018-1000301 | libcurl | 7.29.0-46.el7 | 7.29.0-51.el7 | curl: Out-of-bounds heap read when missing RTSP headers allows information leak or denial of service | libcurl:7.29.0-46.el7 |
Medium | CVE-2019-5482 | libcurl | 7.29.0-46.el7 | 7.29.0-59.el7 | curl: heap buffer overflow in function tftp_receive_packet() | libcurl:7.29.0-46.el7 |
Medium | CVE-2020-8177 | libcurl | 7.29.0-46.el7 | 7.29.0-59.el7_9.1 | curl: Incorrect argument check can allow remote servers to overwrite local files | libcurl:7.29.0-46.el7 |
Medium | CVE-2015-9381 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2015-9382 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2016-3616 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-8.el7 | libjpeg: null pointer dereference in cjpeg | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2017-2862 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2018-11712 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | webkitgtk: Improper TLS certificate verification for WebSocket connections | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2018-11713 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | webkitgtk: WebSockets don't use system proxy settings | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2018-12910 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2018-14036 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2018-14498 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-8.el7 | libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2018-4121 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2018-4200 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2018-4204 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libjpeg-turbo:1.2.90-5.el7 |
Medium | CVE-2019-17498 | libssh2 | 1.4.3-10.el7_2.1 | 1.8.0-4.el7 | libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c | libssh2:1.4.3-10.el7_2.1 |
Medium | CVE-2019-3858 | libssh2 | 1.4.3-10.el7_2.1 | 1.8.0-3.el7 | libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read | libssh2:1.4.3-10.el7_2.1 |
Medium | CVE-2019-3861 | libssh2 | 1.4.3-10.el7_2.1 | 1.8.0-3.el7 | libssh2: Out-of-bounds reads with specially crafted SSH packets | libssh2:1.4.3-10.el7_2.1 |
Medium | CVE-2019-3862 | libssh2 | 1.4.3-10.el7_2.1 | 1.4.3-12.el7_6.3 | libssh2: Out-of-bounds memory comparison with specially crafted message channel request | libssh2:1.4.3-10.el7_2.1 |
Medium | CVE-2016-3186 | libtiff | 4.0.3-27.el7_3 | 4.0.3-32.el7 | libtiff: buffer overflow in gif2tiff | libtiff:4.0.3-27.el7_3 |
Medium | CVE-2018-12900 | libtiff | 4.0.3-27.el7_3 | 4.0.3-32.el7 | libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution | libtiff:4.0.3-27.el7_3 |
Medium | CVE-2018-18557 | libtiff | 4.0.3-27.el7_3 | 4.0.3-32.el7 | libtiff: Out-of-bounds write in tif_jbig.c | libtiff:4.0.3-27.el7_3 |
Medium | CVE-2019-14973 | libtiff | 4.0.3-27.el7_3 | 4.0.3-35.el7 | libtiff: integer overflow in _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c | libtiff:4.0.3-27.el7_3 |
Medium | CVE-2019-17546 | libtiff | 4.0.3-27.el7_3 | 4.0.3-35.el7 | libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c | libtiff:4.0.3-27.el7_3 |
Medium | CVE-2015-9381 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | libwayland-client:1.14.0-2.el7 |
Medium | CVE-2015-9382 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | libwayland-client:1.14.0-2.el7 |
Medium | CVE-2017-2862 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function | libwayland-client:1.14.0-2.el7 |
Medium | CVE-2018-11712 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | webkitgtk: Improper TLS certificate verification for WebSocket connections | libwayland-client:1.14.0-2.el7 |
Medium | CVE-2018-11713 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | webkitgtk: WebSockets don't use system proxy settings | libwayland-client:1.14.0-2.el7 |
Medium | CVE-2018-12910 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames | libwayland-client:1.14.0-2.el7 |
Medium | CVE-2018-14036 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c | libwayland-client:1.14.0-2.el7 |
Medium | CVE-2018-4121 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libwayland-client:1.14.0-2.el7 |
Medium | CVE-2018-4200 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libwayland-client:1.14.0-2.el7 |
Medium | CVE-2018-4204 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libwayland-client:1.14.0-2.el7 |
Medium | CVE-2015-9381 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | libwayland-server:1.14.0-2.el7 |
Medium | CVE-2015-9382 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | libwayland-server:1.14.0-2.el7 |
Medium | CVE-2017-2862 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function | libwayland-server:1.14.0-2.el7 |
Medium | CVE-2018-11712 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | webkitgtk: Improper TLS certificate verification for WebSocket connections | libwayland-server:1.14.0-2.el7 |
Medium | CVE-2018-11713 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | webkitgtk: WebSockets don't use system proxy settings | libwayland-server:1.14.0-2.el7 |
Medium | CVE-2018-12910 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames | libwayland-server:1.14.0-2.el7 |
Medium | CVE-2018-14036 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c | libwayland-server:1.14.0-2.el7 |
Medium | CVE-2018-4121 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libwayland-server:1.14.0-2.el7 |
Medium | CVE-2018-4200 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libwayland-server:1.14.0-2.el7 |
Medium | CVE-2018-4204 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | webkitgtk: memory corruption processing maliciously crafted web content | libwayland-server:1.14.0-2.el7 |
Medium | CVE-2015-8035 | libxml2 | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: DoS caused by incorrect error detection during XZ decompression | libxml2:2.9.1-6.el7_2.3 |
Medium | CVE-2016-4658 | libxml2 | 2.9.1-6.el7_2.3 | 2.9.1-6.el7_9.6 | libxml2: Use after free via namespace node in XPointer ranges | libxml2:2.9.1-6.el7_2.3 |
Medium | CVE-2016-5131 | libxml2 | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: Use after free triggered by XPointer paths beginning with range-to | libxml2:2.9.1-6.el7_2.3 |
Medium | CVE-2017-15412 | libxml2 | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c | libxml2:2.9.1-6.el7_2.3 |
Medium | CVE-2018-14404 | libxml2 | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c | libxml2:2.9.1-6.el7_2.3 |
Medium | CVE-2019-19956 | libxml2 | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.5 | libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c | libxml2:2.9.1-6.el7_2.3 |
Medium | CVE-2019-20388 | libxml2 | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.5 | libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c | libxml2:2.9.1-6.el7_2.3 |
Medium | CVE-2020-7595 | libxml2 | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.5 | libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations | libxml2:2.9.1-6.el7_2.3 |
Medium | CVE-2015-8035 | libxml2-python | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: DoS caused by incorrect error detection during XZ decompression | libxml2-python:2.9.1-6.el7_2.3 |
Medium | CVE-2016-4658 | libxml2-python | 2.9.1-6.el7_2.3 | 2.9.1-6.el7_9.6 | libxml2: Use after free via namespace node in XPointer ranges | libxml2-python:2.9.1-6.el7_2.3 |
Medium | CVE-2016-5131 | libxml2-python | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: Use after free triggered by XPointer paths beginning with range-to | libxml2-python:2.9.1-6.el7_2.3 |
Medium | CVE-2017-15412 | libxml2-python | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c | libxml2-python:2.9.1-6.el7_2.3 |
Medium | CVE-2018-14404 | libxml2-python | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c | libxml2-python:2.9.1-6.el7_2.3 |
Medium | CVE-2019-19956 | libxml2-python | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.5 | libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c | libxml2-python:2.9.1-6.el7_2.3 |
Medium | CVE-2019-20388 | libxml2-python | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.5 | libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c | libxml2-python:2.9.1-6.el7_2.3 |
Medium | CVE-2020-7595 | libxml2-python | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.5 | libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations | libxml2-python:2.9.1-6.el7_2.3 |
Medium | CVE-2019-11068 | libxslt | 1.1.28-5.el7 | 1.1.28-6.el7 | libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL | libxslt:1.1.28-5.el7 |
Medium | CVE-2019-18197 | libxslt | 1.1.28-5.el7 | 1.1.28-6.el7 | libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure | libxslt:1.1.28-5.el7 |
Medium | CVE-2018-18066 | net-snmp-libs | 1:5.7.2-33.el7_5.2 | 1:5.7.2-47.el7 | net-snmp: NULL pointer exception in snmp_oid_compare in snmplib/snmp_api.c resulting in a denial of service | net-snmp-libs:1:5.7.2-33.el7_5.2 |
Medium | CVE-2018-18066 | net-snmp-utils | 1:5.7.2-33.el7_5.2 | 1:5.7.2-47.el7 | net-snmp: NULL pointer exception in snmp_oid_compare in snmplib/snmp_api.c resulting in a denial of service | net-snmp-utils:1:5.7.2-33.el7_5.2 |
Medium | CVE-2018-0495 | nspr | 4.19.0-1.el7_5 | 4.21.0-1.el7 | ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries | nspr:4.19.0-1.el7_5 |
Medium | CVE-2018-12404 | nspr | 4.19.0-1.el7_5 | 4.21.0-1.el7 | nss: Cache side-channel variant of the Bleichenbacher attack | nspr:4.19.0-1.el7_5 |
Medium | CVE-2019-11719 | nspr | 4.19.0-1.el7_5 | 4.25.0-2.el7_9 | nss: Out-of-bounds read when importing curve25519 private key | nspr:4.19.0-1.el7_5 |
Medium | CVE-2019-11756 | nspr | 4.19.0-1.el7_5 | 4.25.0-2.el7_9 | nss: Use-after-free in sftk_FreeSession due to improper refcounting | nspr:4.19.0-1.el7_5 |
Medium | CVE-2019-17006 | nspr | 4.19.0-1.el7_5 | 4.25.0-2.el7_9 | nss: Check length of inputs for cryptographic primitives | nspr:4.19.0-1.el7_5 |
Medium | CVE-2019-17007 | nspr | 4.19.0-1.el7_5 | 4.21.0-1.el7 | nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS | nspr:4.19.0-1.el7_5 |
Medium | CVE-2020-12400 | nspr | 4.19.0-1.el7_5 | 4.25.0-2.el7_9 | nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function | nspr:4.19.0-1.el7_5 |
Medium | CVE-2020-12401 | nspr | 4.19.0-1.el7_5 | 4.25.0-2.el7_9 | nss: ECDSA timing attack mitigation bypass | nspr:4.19.0-1.el7_5 |
Medium | CVE-2020-12402 | nspr | 4.19.0-1.el7_5 | 4.25.0-2.el7_9 | nss: Side channel vulnerabilities during RSA key generation | nspr:4.19.0-1.el7_5 |
Medium | CVE-2020-12403 | nspr | 4.19.0-1.el7_5 | 4.25.0-2.el7_9 | nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read | nspr:4.19.0-1.el7_5 |
Medium | CVE-2020-6829 | nspr | 4.19.0-1.el7_5 | 4.25.0-2.el7_9 | nss: Side channel attack on ECDSA signature generation | nspr:4.19.0-1.el7_5 |
Medium | CVE-2018-0495 | nss | 3.36.0-5.el7_5 | 3.44.0-4.el7 | ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries | nss:3.36.0-5.el7_5 |
Medium | CVE-2018-12384 | nss | 3.36.0-5.el7_5 | 3.36.0-7.el7_5 | nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello | nss:3.36.0-5.el7_5 |
Medium | CVE-2018-12404 | nss | 3.36.0-5.el7_5 | 3.44.0-4.el7 | nss: Cache side-channel variant of the Bleichenbacher attack | nss:3.36.0-5.el7_5 |
Medium | CVE-2019-11719 | nss | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Out-of-bounds read when importing curve25519 private key | nss:3.36.0-5.el7_5 |
Medium | CVE-2019-11729 | nss | 3.36.0-5.el7_5 | 3.44.0-7.el7_7 | nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault | nss:3.36.0-5.el7_5 |
Medium | CVE-2019-11756 | nss | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Use-after-free in sftk_FreeSession due to improper refcounting | nss:3.36.0-5.el7_5 |
Medium | CVE-2019-17006 | nss | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Check length of inputs for cryptographic primitives | nss:3.36.0-5.el7_5 |
Medium | CVE-2019-17007 | nss | 3.36.0-5.el7_5 | 3.44.0-4.el7 | nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS | nss:3.36.0-5.el7_5 |
Medium | CVE-2020-12400 | nss | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function | nss:3.36.0-5.el7_5 |
Medium | CVE-2020-12401 | nss | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: ECDSA timing attack mitigation bypass | nss:3.36.0-5.el7_5 |
Medium | CVE-2020-12402 | nss | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Side channel vulnerabilities during RSA key generation | nss:3.36.0-5.el7_5 |
Medium | CVE-2020-12403 | nss | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read | nss:3.36.0-5.el7_5 |
Medium | CVE-2020-25648 | nss | 3.36.0-5.el7_5 | 3.53.1-7.el7_9 | nss: TLS 1.3 CCS flood remote DoS Attack | nss:3.36.0-5.el7_5 |
Medium | CVE-2020-6829 | nss | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Side channel attack on ECDSA signature generation | nss:3.36.0-5.el7_5 |
Medium | CVE-2018-1000007 | nss-pem | 1.0.3-4.el7 | 1.0.3-5.el7 | curl: HTTP authentication leak in redirects | nss-pem:1.0.3-4.el7 |
Medium | CVE-2018-1000120 | nss-pem | 1.0.3-4.el7 | 1.0.3-5.el7 | curl: FTP path trickery leads to NIL byte out of bounds write | nss-pem:1.0.3-4.el7 |
Medium | CVE-2018-1000122 | nss-pem | 1.0.3-4.el7 | 1.0.3-5.el7 | curl: RTSP RTP buffer over-read | nss-pem:1.0.3-4.el7 |
Medium | CVE-2018-1000301 | nss-pem | 1.0.3-4.el7 | 1.0.3-5.el7 | curl: Out-of-bounds heap read when missing RTSP headers allows information leak or denial of service | nss-pem:1.0.3-4.el7 |
Medium | CVE-2018-0495 | nss-softokn | 3.36.0-5.el7_5 | 3.44.0-5.el7 | ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2018-12404 | nss-softokn | 3.36.0-5.el7_5 | 3.44.0-5.el7 | nss: Cache side-channel variant of the Bleichenbacher attack | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2019-11719 | nss-softokn | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: Out-of-bounds read when importing curve25519 private key | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2019-11729 | nss-softokn | 3.36.0-5.el7_5 | 3.44.0-8.el7_7 | nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2019-11756 | nss-softokn | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: Use-after-free in sftk_FreeSession due to improper refcounting | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2019-17006 | nss-softokn | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: Check length of inputs for cryptographic primitives | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2019-17007 | nss-softokn | 3.36.0-5.el7_5 | 3.44.0-5.el7 | nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2020-12400 | nss-softokn | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2020-12401 | nss-softokn | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: ECDSA timing attack mitigation bypass | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2020-12402 | nss-softokn | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: Side channel vulnerabilities during RSA key generation | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2020-12403 | nss-softokn | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2020-6829 | nss-softokn | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: Side channel attack on ECDSA signature generation | nss-softokn:3.36.0-5.el7_5 |
Medium | CVE-2018-0495 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.44.0-5.el7 | ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2018-12404 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.44.0-5.el7 | nss: Cache side-channel variant of the Bleichenbacher attack | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2019-11719 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: Out-of-bounds read when importing curve25519 private key | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2019-11729 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.44.0-8.el7_7 | nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2019-11756 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: Use-after-free in sftk_FreeSession due to improper refcounting | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2019-17006 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: Check length of inputs for cryptographic primitives | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2019-17007 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.44.0-5.el7 | nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2020-12400 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2020-12401 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: ECDSA timing attack mitigation bypass | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2020-12402 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: Side channel vulnerabilities during RSA key generation | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2020-12403 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2020-6829 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: Side channel attack on ECDSA signature generation | nss-softokn-freebl:3.36.0-5.el7_5 |
Medium | CVE-2018-0495 | nss-sysinit | 3.36.0-5.el7_5 | 3.44.0-4.el7 | ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2018-12384 | nss-sysinit | 3.36.0-5.el7_5 | 3.36.0-7.el7_5 | nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2018-12404 | nss-sysinit | 3.36.0-5.el7_5 | 3.44.0-4.el7 | nss: Cache side-channel variant of the Bleichenbacher attack | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2019-11719 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Out-of-bounds read when importing curve25519 private key | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2019-11729 | nss-sysinit | 3.36.0-5.el7_5 | 3.44.0-7.el7_7 | nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2019-11756 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Use-after-free in sftk_FreeSession due to improper refcounting | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2019-17006 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Check length of inputs for cryptographic primitives | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2019-17007 | nss-sysinit | 3.36.0-5.el7_5 | 3.44.0-4.el7 | nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2020-12400 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2020-12401 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: ECDSA timing attack mitigation bypass | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2020-12402 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Side channel vulnerabilities during RSA key generation | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2020-12403 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2020-25648 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-7.el7_9 | nss: TLS 1.3 CCS flood remote DoS Attack | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2020-6829 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Side channel attack on ECDSA signature generation | nss-sysinit:3.36.0-5.el7_5 |
Medium | CVE-2018-0495 | nss-tools | 3.36.0-5.el7_5 | 3.44.0-4.el7 | ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2018-12384 | nss-tools | 3.36.0-5.el7_5 | 3.36.0-7.el7_5 | nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2018-12404 | nss-tools | 3.36.0-5.el7_5 | 3.44.0-4.el7 | nss: Cache side-channel variant of the Bleichenbacher attack | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2019-11719 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Out-of-bounds read when importing curve25519 private key | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2019-11729 | nss-tools | 3.36.0-5.el7_5 | 3.44.0-7.el7_7 | nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2019-11756 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Use-after-free in sftk_FreeSession due to improper refcounting | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2019-17006 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Check length of inputs for cryptographic primitives | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2019-17007 | nss-tools | 3.36.0-5.el7_5 | 3.44.0-4.el7 | nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2020-12400 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2020-12401 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: ECDSA timing attack mitigation bypass | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2020-12402 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Side channel vulnerabilities during RSA key generation | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2020-12403 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2020-25648 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-7.el7_9 | nss: TLS 1.3 CCS flood remote DoS Attack | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2020-6829 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: Side channel attack on ECDSA signature generation | nss-tools:3.36.0-5.el7_5 |
Medium | CVE-2018-0495 | nss-util | 3.36.0-1.el7_5 | 3.44.0-3.el7 | ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2018-12404 | nss-util | 3.36.0-1.el7_5 | 3.44.0-3.el7 | nss: Cache side-channel variant of the Bleichenbacher attack | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2019-11719 | nss-util | 3.36.0-1.el7_5 | 3.53.1-1.el7_9 | nss: Out-of-bounds read when importing curve25519 private key | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2019-11729 | nss-util | 3.36.0-1.el7_5 | 3.44.0-4.el7_7 | nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2019-11756 | nss-util | 3.36.0-1.el7_5 | 3.53.1-1.el7_9 | nss: Use-after-free in sftk_FreeSession due to improper refcounting | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2019-17006 | nss-util | 3.36.0-1.el7_5 | 3.53.1-1.el7_9 | nss: Check length of inputs for cryptographic primitives | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2019-17007 | nss-util | 3.36.0-1.el7_5 | 3.44.0-3.el7 | nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2020-12400 | nss-util | 3.36.0-1.el7_5 | 3.53.1-1.el7_9 | nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2020-12401 | nss-util | 3.36.0-1.el7_5 | 3.53.1-1.el7_9 | nss: ECDSA timing attack mitigation bypass | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2020-12402 | nss-util | 3.36.0-1.el7_5 | 3.53.1-1.el7_9 | nss: Side channel vulnerabilities during RSA key generation | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2020-12403 | nss-util | 3.36.0-1.el7_5 | 3.53.1-1.el7_9 | nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2020-6829 | nss-util | 3.36.0-1.el7_5 | 3.53.1-1.el7_9 | nss: Side channel attack on ECDSA signature generation | nss-util:3.36.0-1.el7_5 |
Medium | CVE-2020-12243 | openldap | 2.4.44-15.el7_5 | 2.4.44-22.el7 | openldap: denial of service via nested boolean expressions in LDAP search filters | openldap:2.4.44-15.el7_5 |
Medium | CVE-2020-25692 | openldap | 2.4.44-15.el7_5 | 2.4.44-23.el7_9 | openldap: NULL pointer dereference for unauthenticated packet in slapd | openldap:2.4.44-15.el7_5 |
Medium | CVE-2020-25709 | openldap | 2.4.44-15.el7_5 | 2.4.44-25.el7_9 | openldap: assertion failure in Certificate List syntax validation | openldap:2.4.44-15.el7_5 |
Medium | CVE-2020-25710 | openldap | 2.4.44-15.el7_5 | 2.4.44-25.el7_9 | openldap: assertion failure in CSN normalization with invalid input | openldap:2.4.44-15.el7_5 |
Medium | CVE-2020-12243 | openldap-clients | 2.4.44-15.el7_5 | 2.4.44-22.el7 | openldap: denial of service via nested boolean expressions in LDAP search filters | openldap-clients:2.4.44-15.el7_5 |
Medium | CVE-2020-25692 | openldap-clients | 2.4.44-15.el7_5 | 2.4.44-23.el7_9 | openldap: NULL pointer dereference for unauthenticated packet in slapd | openldap-clients:2.4.44-15.el7_5 |
Medium | CVE-2020-25709 | openldap-clients | 2.4.44-15.el7_5 | 2.4.44-25.el7_9 | openldap: assertion failure in Certificate List syntax validation | openldap-clients:2.4.44-15.el7_5 |
Medium | CVE-2020-25710 | openldap-clients | 2.4.44-15.el7_5 | 2.4.44-25.el7_9 | openldap: assertion failure in CSN normalization with invalid input | openldap-clients:2.4.44-15.el7_5 |
Medium | CVE-2021-41617 | openssh | 7.4p1-16.el7 | 7.4p1-22.el7_9 | openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured | openssh:7.4p1-16.el7 |
Medium | CVE-2021-41617 | openssh-clients | 7.4p1-16.el7 | 7.4p1-22.el7_9 | openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured | openssh-clients:7.4p1-16.el7 |
Medium | CVE-2018-0495 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7 | ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries | openssl:1:1.0.2k-12.el7 |
Medium | CVE-2018-0732 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7 | openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang | openssl:1:1.0.2k-12.el7 |
Medium | CVE-2018-0739 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7 | openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service | openssl:1:1.0.2k-12.el7 |
Medium | CVE-2018-5407 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7_6.1 | openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) | openssl:1:1.0.2k-12.el7 |
Medium | CVE-2019-1559 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-19.el7 | openssl: 0-byte record padding oracle | openssl:1:1.0.2k-12.el7 |
Medium | CVE-2021-23840 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-22.el7_9 | openssl: integer overflow in CipherUpdate | openssl:1:1.0.2k-12.el7 |
Medium | CVE-2021-23841 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-22.el7_9 | openssl: NULL pointer dereference in X509_issuer_and_serial_hash() | openssl:1:1.0.2k-12.el7 |
Medium | CVE-2021-3712 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-23.el7_9 | openssl: Read buffer overruns processing ASN.1 strings | openssl:1:1.0.2k-12.el7 |
Medium | CVE-2018-0495 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7 | ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries | openssl-libs:1:1.0.2k-12.el7 |
Medium | CVE-2018-0732 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7 | openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang | openssl-libs:1:1.0.2k-12.el7 |
Medium | CVE-2018-0739 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7 | openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service | openssl-libs:1:1.0.2k-12.el7 |
Medium | CVE-2018-5407 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7_6.1 | openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) | openssl-libs:1:1.0.2k-12.el7 |
Medium | CVE-2019-1559 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-19.el7 | openssl: 0-byte record padding oracle | openssl-libs:1:1.0.2k-12.el7 |
Medium | CVE-2021-23840 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-22.el7_9 | openssl: integer overflow in CipherUpdate | openssl-libs:1:1.0.2k-12.el7 |
Medium | CVE-2021-23841 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-22.el7_9 | openssl: NULL pointer dereference in X509_issuer_and_serial_hash() | openssl-libs:1:1.0.2k-12.el7 |
Medium | CVE-2021-3712 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-23.el7_9 | openssl: Read buffer overruns processing ASN.1 strings | openssl-libs:1:1.0.2k-12.el7 |
Medium | CVE-2020-10543 | perl | 4:5.16.3-292.el7 | 4:5.16.3-299.el7_9 | perl: heap-based buffer overflow in regular expression compiler leads to DoS | perl:4:5.16.3-292.el7 |
Medium | CVE-2020-10878 | perl | 4:5.16.3-292.el7 | 4:5.16.3-299.el7_9 | perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS | perl:4:5.16.3-292.el7 |
Medium | CVE-2020-12723 | perl | 4:5.16.3-292.el7 | 4:5.16.3-299.el7_9 | perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS | perl:4:5.16.3-292.el7 |
Medium | CVE-2020-10543 | perl-Pod-Escapes | 1:1.04-292.el7 | 1:1.04-299.el7_9 | perl: heap-based buffer overflow in regular expression compiler leads to DoS | perl-Pod-Escapes:1:1.04-292.el7 |
Medium | CVE-2020-10878 | perl-Pod-Escapes | 1:1.04-292.el7 | 1:1.04-299.el7_9 | perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS | perl-Pod-Escapes:1:1.04-292.el7 |
Medium | CVE-2020-12723 | perl-Pod-Escapes | 1:1.04-292.el7 | 1:1.04-299.el7_9 | perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS | perl-Pod-Escapes:1:1.04-292.el7 |
Medium | CVE-2020-10543 | perl-libs | 4:5.16.3-292.el7 | 4:5.16.3-299.el7_9 | perl: heap-based buffer overflow in regular expression compiler leads to DoS | perl-libs:4:5.16.3-292.el7 |
Medium | CVE-2020-10878 | perl-libs | 4:5.16.3-292.el7 | 4:5.16.3-299.el7_9 | perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS | perl-libs:4:5.16.3-292.el7 |
Medium | CVE-2020-12723 | perl-libs | 4:5.16.3-292.el7 | 4:5.16.3-299.el7_9 | perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS | perl-libs:4:5.16.3-292.el7 |
Medium | CVE-2020-10543 | perl-macros | 4:5.16.3-292.el7 | 4:5.16.3-299.el7_9 | perl: heap-based buffer overflow in regular expression compiler leads to DoS | perl-macros:4:5.16.3-292.el7 |
Medium | CVE-2020-10878 | perl-macros | 4:5.16.3-292.el7 | 4:5.16.3-299.el7_9 | perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS | perl-macros:4:5.16.3-292.el7 |
Medium | CVE-2020-12723 | perl-macros | 4:5.16.3-292.el7 | 4:5.16.3-299.el7_9 | perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS | perl-macros:4:5.16.3-292.el7 |
Medium | CVE-2018-1122 | procps-ng | 3.3.10-17.el7_5.2 | 3.3.10-26.el7 | procps-ng, procps: Local privilege escalation in top | procps-ng:3.3.10-17.el7_5.2 |
Medium | CVE-2018-1061 | python | 2.7.5-69.el7_5 | 2.7.5-76.el7 | python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib | python:2.7.5-69.el7_5 |
Medium | CVE-2018-14647 | python | 2.7.5-69.el7_5 | 2.7.5-86.el7 | python: Missing salt initialization in _elementtree.c module | python:2.7.5-69.el7_5 |
Medium | CVE-2018-20852 | python | 2.7.5-69.el7_5 | 2.7.5-88.el7 | python: Cookie domain check returns incorrect results | python:2.7.5-69.el7_5 |
Medium | CVE-2019-16056 | python | 2.7.5-69.el7_5 | 2.7.5-88.el7 | python: email.utils.parseaddr wrongly parses email addresses | python:2.7.5-69.el7_5 |
Medium | CVE-2019-16935 | python | 2.7.5-69.el7_5 | 2.7.5-89.el7 | python: XSS vulnerability in the documentation XML-RPC server in server_title field | python:2.7.5-69.el7_5 |
Medium | CVE-2019-20907 | python | 2.7.5-69.el7_5 | 2.7.5-90.el7 | python: infinite loop in the tarfile module via crafted TAR archive | python:2.7.5-69.el7_5 |
Medium | CVE-2019-5010 | python | 2.7.5-69.el7_5 | 2.7.5-86.el7 | python: NULL pointer dereference using a specially crafted X509 certificate | python:2.7.5-69.el7_5 |
Medium | CVE-2019-9740 | python | 2.7.5-69.el7_5 | 2.7.5-86.el7 | python: CRLF injection via the query part of the url passed to urlopen() | python:2.7.5-69.el7_5 |
Medium | CVE-2019-9947 | python | 2.7.5-69.el7_5 | 2.7.5-86.el7 | python: CRLF injection via the path part of the url passed to urlopen() | python:2.7.5-69.el7_5 |
Medium | CVE-2019-9948 | python | 2.7.5-69.el7_5 | 2.7.5-86.el7 | python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms | python:2.7.5-69.el7_5 |
Medium | CVE-2018-1061 | python-libs | 2.7.5-69.el7_5 | 2.7.5-76.el7 | python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib | python-libs:2.7.5-69.el7_5 |
Medium | CVE-2018-14647 | python-libs | 2.7.5-69.el7_5 | 2.7.5-86.el7 | python: Missing salt initialization in _elementtree.c module | python-libs:2.7.5-69.el7_5 |
Medium | CVE-2018-20852 | python-libs | 2.7.5-69.el7_5 | 2.7.5-88.el7 | python: Cookie domain check returns incorrect results | python-libs:2.7.5-69.el7_5 |
Medium | CVE-2019-16056 | python-libs | 2.7.5-69.el7_5 | 2.7.5-88.el7 | python: email.utils.parseaddr wrongly parses email addresses | python-libs:2.7.5-69.el7_5 |
Medium | CVE-2019-16935 | python-libs | 2.7.5-69.el7_5 | 2.7.5-89.el7 | python: XSS vulnerability in the documentation XML-RPC server in server_title field | python-libs:2.7.5-69.el7_5 |
Medium | CVE-2019-20907 | python-libs | 2.7.5-69.el7_5 | 2.7.5-90.el7 | python: infinite loop in the tarfile module via crafted TAR archive | python-libs:2.7.5-69.el7_5 |
Medium | CVE-2019-5010 | python-libs | 2.7.5-69.el7_5 | 2.7.5-86.el7 | python: NULL pointer dereference using a specially crafted X509 certificate | python-libs:2.7.5-69.el7_5 |
Medium | CVE-2019-9740 | python-libs | 2.7.5-69.el7_5 | 2.7.5-86.el7 | python: CRLF injection via the query part of the url passed to urlopen() | python-libs:2.7.5-69.el7_5 |
Medium | CVE-2019-9947 | python-libs | 2.7.5-69.el7_5 | 2.7.5-86.el7 | python: CRLF injection via the path part of the url passed to urlopen() | python-libs:2.7.5-69.el7_5 |
Medium | CVE-2019-9948 | python-libs | 2.7.5-69.el7_5 | 2.7.5-86.el7 | python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms | python-libs:2.7.5-69.el7_5 |
Medium | CVE-2019-16865 | python-pillow | 2.0.0-19.gitd1c6db8.el7 | 2.0.0-20.gitd1c6db8.el7_7 | python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service | python-pillow:2.0.0-19.gitd1c6db8.el7 |
Medium | CVE-2020-5313 | python-pillow | 2.0.0-19.gitd1c6db8.el7 | 2.0.0-21.gitd1c6db8.el7 | python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images | python-pillow:2.0.0-19.gitd1c6db8.el7 |
Medium | CVE-2022-22816 | python-pillow | 2.0.0-19.gitd1c6db8.el7 | 2.0.0-23.gitd1c6db8.el7_9 | python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c | python-pillow:2.0.0-19.gitd1c6db8.el7 |
Medium | CVE-2021-20271 | rpm | 4.11.3-32.el7 | 4.11.3-48.el7_9 | rpm: Signature checks bypass via corrupted rpm package | rpm:4.11.3-32.el7 |
Medium | CVE-2021-20271 | rpm-build | 4.11.3-32.el7 | 4.11.3-48.el7_9 | rpm: Signature checks bypass via corrupted rpm package | rpm-build:4.11.3-32.el7 |
Medium | CVE-2021-20271 | rpm-build-libs | 4.11.3-32.el7 | 4.11.3-48.el7_9 | rpm: Signature checks bypass via corrupted rpm package | rpm-build-libs:4.11.3-32.el7 |
Medium | CVE-2021-20271 | rpm-libs | 4.11.3-32.el7 | 4.11.3-48.el7_9 | rpm: Signature checks bypass via corrupted rpm package | rpm-libs:4.11.3-32.el7 |
Medium | CVE-2021-20271 | rpm-python | 4.11.3-32.el7 | 4.11.3-48.el7_9 | rpm: Signature checks bypass via corrupted rpm package | rpm-python:4.11.3-32.el7 |
Medium | CVE-2019-3820 | shared-mime-info | 1.8-4.el7 | 1.8-5.el7 | gnome-shell: partial lock screen bypass | shared-mime-info:1.8-4.el7 |
Medium | CVE-2018-15686 | systemd | 219-57.el7 | 219-67.el7 | systemd: line splitting via fgets() allows for state injection during daemon-reexec | systemd:219-57.el7 |
Medium | CVE-2018-16866 | systemd | 219-57.el7 | 219-67.el7 | systemd: out-of-bounds read when parsing a crafted syslog message | systemd:219-57.el7 |
Medium | CVE-2018-15686 | systemd-libs | 219-57.el7 | 219-67.el7 | systemd: line splitting via fgets() allows for state injection during daemon-reexec | systemd-libs:219-57.el7 |
Medium | CVE-2018-16866 | systemd-libs | 219-57.el7 | 219-67.el7 | systemd: out-of-bounds read when parsing a crafted syslog message | systemd-libs:219-57.el7 |
Medium | CVE-2018-0494 | wget | 1.14-15.el7_4.1 | 1.14-18.el7 | wget: Cookie injection allows malicious website to write arbitrary cookie entries into cookie jar | wget:1.14-15.el7_4.1 |
Medium | CVE-2018-17828 | zziplib | 0.13.62-5.el7 | 0.13.62-12.el7 | zziplib: directory traversal in unzzip_cat in the bins/unzzipcat-mem.c | zziplib:0.13.62-5.el7 |
Medium | CVE-2020-27783 | lxml | 4.5.0 | 4.6.2 | python-lxml: mXSS due to the use of improper parser | lxml:4.5.0 |
Medium | CVE-2021-28957 | lxml | 4.5.0 | 4.6.3 | python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS | lxml:4.5.0 |
Medium | CVE-2020-8166 | actionpack | 4.2.5.1 | ~> 5.2.4, >= 5.2.4.3, >= 6.0.3.1 | rubygem-actionpack: ability to forge per-form CSRF tokens given a global CSRF token | actionpack:4.2.5.1 |
Medium | CVE-2016-6316 | actionview | 4.2.5.1 | ~> 4.2.7.1, ~> 4.2.8, >= 5.0.0.1 | rubygem-actionview: cross-site scripting flaw in Action View | actionview:4.2.5.1 |
Medium | CVE-2020-15169 | actionview | 4.2.5.1 | ~> 5.2.4, >= 5.2.4.4, >= 6.0.3.3 | rubygem-activeview: Cross-site scripting in translation helpers | actionview:4.2.5.1 |
Medium | CVE-2020-5267 | actionview | 4.2.5.1 | ~> 5.2.4, >= 5.2.4.2, >= 6.0.2.2 | rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks | actionview:4.2.5.1 |
Medium | CVE-2020-8167 | actionview | 4.2.5.1 | ~> 5.2.4, >= 5.2.4.3, >= 6.0.3.1 | rubygem-actionview: CSRF vulnerability in rails-ujs | actionview:4.2.5.1 |
Medium | CVE-2022-27777 | actionview | 4.2.5.1 | ~> 5.2.7, >= 5.2.7.1, ~> 6.0.4, >= 6.0.4.8, ~> 6.1.5, >= 6.1.5.1, >= 7.0.2.4 | tfm-rubygem-actionview: Possible cross-site scripting vulnerability in Action View tag helpers | actionview:4.2.5.1 |
Medium | CVE-2021-22880 | activerecord | 4.2.5.1 | ~> 5.2.4, >= 5.2.4.5, ~> 6.0.3, >= 6.0.3.5, >= 6.1.2.1 | rubygem-activerecord: crafted input may cause a regular expression DoS | activerecord:4.2.5.1 |
Medium | CVE-2016-10735 | bootstrap-sass | 2.3.1.0 | >= 3.4.0 | bootstrap: XSS in the data-target attribute | bootstrap-sass:2.3.1.0 |
Medium | CVE-2019-8331 | bootstrap-sass | 2.3.1.0 | >= 3.4.1 | bootstrap: XSS in the tooltip or popover data-template attribute | bootstrap-sass:2.3.1.0 |
Medium | CVE-2021-43809 | bundler | 1.14.6 | >= 2.2.33 | rubygem-bundler: unexpected code execution in Gemfiles | bundler:1.14.6 |
Medium | CVE-2019-16109 | devise | 3.5.10 | >= 4.7.1 | Devise Gem for Ruby confirmation token validation with a blank string | devise:3.5.10 |
Medium | CVE-2015-1840 | jquery-rails | 2.1.4 | >= 4.0.4, ~> 3.1.3 | rubygem-jquery-rails: CSRF Vulnerability in jquery-ujs and jquery-rails | jquery-rails:2.1.4 |
Medium | CVE-2019-11358 | jquery-rails | 2.1.4 | >= 4.3.4 | jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection | jquery-rails:2.1.4 |
Medium | CVE-2020-11023 | jquery-rails | 2.1.4 | >= 4.4.0 | jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods | jquery-rails:2.1.4 |
Medium | CVE-2020-11082 | kaminari | 1.0.1 | >= 1.2.1 | In Kaminari before 1.2.1, there is a vulnerability that would allow an ... | kaminari:1.0.1 |
Medium | CVE-2018-16468 | loofah | 2.0.3 | >= 2.2.3 | rubygem-loofah: XXS when a crafted SVG element is republished | loofah:2.0.3 |
Medium | CVE-2018-8048 | loofah | 2.0.3 | >= 2.2.1 | rubygem-loofah: XSS vulnerability due to unescaped comments within attributes by libxml2 | loofah:2.0.3 |
Medium | CVE-2019-15587 | loofah | 2.0.3 | >= 2.3.1 | rubygem-loofah: XXS when a crafted SVG element is republished | loofah:2.0.3 |
Medium | CVE-2017-18258 | nokogiri | 1.6.8.1 | 1.8.2 | libxml2: Unrestricted memory usage in xz_head() function in xzlib.c | nokogiri:1.6.8.1 |
Medium | CVE-2018-8048 | nokogiri | 1.6.8.1 | >= 1.8.3 | rubygem-loofah: XSS vulnerability due to unescaped comments within attributes by libxml2 | nokogiri:1.6.8.1 |
Medium | CVE-2022-23437 | nokogiri | 1.6.8.1 | >= 1.13.4 | xerces-j2: infinite loop when handling specially crafted XML document payloads | nokogiri:1.6.8.1 |
Medium | GHSA-xxx9-3xcr-gjj3 | nokogiri | 1.6.8.1 | 1.13.4 | XML Injection in Xerces Java affects Nokogiri | nokogiri:1.6.8.1 |
Medium | CVE-2017-16229 | ox | 2.4.11 | >= 2.8.2 | In the Ox gem 2.8.1 for Ruby, the process crashes with a stack-based b ... | ox:2.4.11 |
Medium | CVE-2020-11077 | puma | 2.14.0 | ~> 3.12.6, >= 4.3.5 | rubygem-puma: HTTP Smuggling through a proxy via Transfer-Encoding Header | puma:2.14.0 |
Medium | CVE-2020-5247 | puma | 2.14.0 | ~> 3.12.4, >= 4.3.3 | rubygem-puma: attacker is able to use newline characters to insert malicious content (HTTP Response Splitting), this could lead to XSS | puma:2.14.0 |
Medium | CVE-2020-5249 | puma | 2.14.0 | ~> 3.12.4, >= 4.3.3 | rubygem-puma: attacker is able to use carriage return character to insert malicious content (HTTP Response Splitting), this could lead to XSS | puma:2.14.0 |
Medium | CVE-2018-16471 | rack | 1.6.4 | ~> 1.6.11, >= 2.0.6 | rubygem-rack: Cross-site scripting (XSS) via `scheme` method on `Rack::Request` | rack:1.6.4 |
Medium | CVE-2019-16782 | rack | 1.6.4 | ~> 1.6.12, >= 2.0.8 | rubygem-rack: hijack sessions by using timing attacks targeting the session id | rack:1.6.4 |
Medium | CVE-2022-30122 | rack | 1.6.4 | ~> 2.0.9, >= 2.0.9.1, ~> 2.1.4, >= 2.1.4.1, >= 2.2.3.1 | Denial of Service Vulnerability in Rack Multipart Parsing | rack:1.6.4 |
Medium | CVE-2018-1000119 | rack-protection | 1.5.3 | ~> 1.5.5, >= 2.0.0 | rack-protection: Timing attack in authenticity_token.rb | rack-protection:1.5.3 |
Medium | CVE-2018-7212 | rack-protection | 1.5.3 | >= 2.0.1, ~> 1.5.4 | rubygem-sinatra: path traversal via backslash characters | rack-protection:1.5.3 |
Medium | CVE-2018-3741 | rails-html-sanitizer | 1.0.3 | >= 1.0.4 | rubygem-rails-html-sanitizer: non-whitelisted attributes are present in sanitized output when input with specially-crafted HTML fragments leading to XSS vulnerability | rails-html-sanitizer:1.0.3 |
Medium | CVE-2019-16892 | rubyzip | 1.2.1 | >= 1.3.0 | cfme: rubygem-rubyzip denial of service via crafted ZIP file | rubyzip:1.2.1 |
Low | CVE-2018-5745 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-16.P2.el7 | bind: An assertion failure if a trust anchor rolls over to an unsupported key algorithm when using managed-keys | bind-license:32:9.9.4-61.el7 |
Low | CVE-2019-6465 | bind-license | 32:9.9.4-61.el7 | 32:9.11.4-16.P2.el7 | bind: Controls for zone transfers may not be properly applied to DLZs if the zones are writable | bind-license:32:9.9.4-61.el7 |
Low | CVE-2018-10372 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: Heap-base buffer over-read in dwarf.c:process_cu_tu_index() allows for denial of service via crafted file | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-10373 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: NULL pointer dereference in dwarf2.c:concat_filename() allows for denial of service via crafted file | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-10534 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: out of bounds memory write in peXXigen.c files | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-10535 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: NULL pointer dereference in elf.c | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-12641 | binutils | 2.27-28.base.el7_5.1 | 2.27-41.base.el7 | binutils: Stack Exhaustion in the demangling functions provided by libiberty | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-12697 | binutils | 2.27-28.base.el7_5.1 | 2.27-41.base.el7 | binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-13033 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: Uncontrolled Resource Consumption in execution of nm | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-7208 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: Improper bounds check in coffgen.c:coff_pointerize_aux() allows for denial of service when parsing a crafted COFF file | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-7568 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: integer overflow via an ELF file with corrupt dwarf1 debug information in libbfd library | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-7569 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: integer underflow or overflow via an ELF file with a corrupt DWARF FORM block in libbfd library | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-7642 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: NULL pointer dereference in swap_std_reloc_in function in aoutx.h resulting in crash | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-7643 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: Integer overflow in the display_debug_ranges function resulting in crash | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2018-8945 | binutils | 2.27-28.base.el7_5.1 | 2.27-34.base.el7 | binutils: Crash in elf.c:bfd_section_from_shdr() with crafted executable | binutils:2.27-28.base.el7_5.1 |
Low | CVE-2017-18267 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service | cairo:1.14.8-2.el7 |
Low | CVE-2018-10733 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c | cairo:1.14.8-2.el7 |
Low | CVE-2018-10767 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c | cairo:1.14.8-2.el7 |
Low | CVE-2018-10768 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF | cairo:1.14.8-2.el7 |
Low | CVE-2018-13988 | cairo | 1.14.8-2.el7 | 1.15.12-3.el7 | poppler: out of bounds read in pdfunite | cairo:1.14.8-2.el7 |
Low | CVE-2018-5818 | cairo | 1.14.8-2.el7 | 1.15.12-4.el7 | LibRaw: DoS in parse_rollei function in internal/dcraw_common.cpp | cairo:1.14.8-2.el7 |
Low | CVE-2018-5819 | cairo | 1.14.8-2.el7 | 1.15.12-4.el7 | LibRaw: DoS in parse_sinar_ia function in internal/dcraw_common.cpp | cairo:1.14.8-2.el7 |
Low | CVE-2018-1000121 | curl | 7.29.0-46.el7 | 7.29.0-51.el7 | curl: LDAP NULL pointer dereference | curl:7.29.0-46.el7 |
Low | CVE-2018-14618 | curl | 7.29.0-46.el7 | 7.29.0-51.el7_6.3 | curl: NTLM password overflow via integer overflow | curl:7.29.0-46.el7 |
Low | CVE-2018-16842 | curl | 7.29.0-46.el7 | 7.29.0-54.el7 | curl: Heap-based buffer over-read in the curl tool warning formatting | curl:7.29.0-46.el7 |
Low | CVE-2019-5436 | curl | 7.29.0-46.el7 | 7.29.0-57.el7 | curl: TFTP receive heap buffer overflow in tftp_receive_packet() function | curl:7.29.0-46.el7 |
Low | CVE-2016-10245 | doxygen | 1:1.8.5-3.el7 | 1:1.8.5-4.el7 | doxygen: cross-site scripting in templates/html/search_opensearch.php | doxygen:1:1.8.5-3.el7 |
Low | CVE-2018-16062 | elfutils | 0.170-4.el7 | 0.176-2.el7 | elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file | elfutils:0.170-4.el7 |
Low | CVE-2018-16402 | elfutils | 0.170-4.el7 | 0.176-2.el7 | elfutils: Double-free due to double decompression of sections in crafted ELF causes crash | elfutils:0.170-4.el7 |
Low | CVE-2018-16403 | elfutils | 0.170-4.el7 | 0.176-2.el7 | elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash | elfutils:0.170-4.el7 |
Low | CVE-2018-18310 | elfutils | 0.170-4.el7 | 0.176-2.el7 | elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl | elfutils:0.170-4.el7 |
Low | CVE-2018-18520 | elfutils | 0.170-4.el7 | 0.176-2.el7 | elfutils: eu-size cannot handle recursive ar files | elfutils:0.170-4.el7 |
Low | CVE-2018-18521 | elfutils | 0.170-4.el7 | 0.176-2.el7 | elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c | elfutils:0.170-4.el7 |
Low | CVE-2019-7149 | elfutils | 0.170-4.el7 | 0.176-2.el7 | elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw | elfutils:0.170-4.el7 |
Low | CVE-2019-7150 | elfutils | 0.170-4.el7 | 0.176-2.el7 | elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c | elfutils:0.170-4.el7 |
Low | CVE-2019-7664 | elfutils | 0.170-4.el7 | 0.176-2.el7 | elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h | elfutils:0.170-4.el7 |
Low | CVE-2019-7665 | elfutils | 0.170-4.el7 | 0.176-2.el7 | elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c | elfutils:0.170-4.el7 |
Low | CVE-2018-16062 | elfutils-default-yama-scope | 0.170-4.el7 | 0.176-2.el7 | elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file | elfutils-default-yama-scope:0.170-4.el7 |
Low | CVE-2018-16402 | elfutils-default-yama-scope | 0.170-4.el7 | 0.176-2.el7 | elfutils: Double-free due to double decompression of sections in crafted ELF causes crash | elfutils-default-yama-scope:0.170-4.el7 |
Low | CVE-2018-16403 | elfutils-default-yama-scope | 0.170-4.el7 | 0.176-2.el7 | elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash | elfutils-default-yama-scope:0.170-4.el7 |
Low | CVE-2018-18310 | elfutils-default-yama-scope | 0.170-4.el7 | 0.176-2.el7 | elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl | elfutils-default-yama-scope:0.170-4.el7 |
Low | CVE-2018-18520 | elfutils-default-yama-scope | 0.170-4.el7 | 0.176-2.el7 | elfutils: eu-size cannot handle recursive ar files | elfutils-default-yama-scope:0.170-4.el7 |
Low | CVE-2018-18521 | elfutils-default-yama-scope | 0.170-4.el7 | 0.176-2.el7 | elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c | elfutils-default-yama-scope:0.170-4.el7 |
Low | CVE-2019-7149 | elfutils-default-yama-scope | 0.170-4.el7 | 0.176-2.el7 | elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw | elfutils-default-yama-scope:0.170-4.el7 |
Low | CVE-2019-7150 | elfutils-default-yama-scope | 0.170-4.el7 | 0.176-2.el7 | elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c | elfutils-default-yama-scope:0.170-4.el7 |
Low | CVE-2019-7664 | elfutils-default-yama-scope | 0.170-4.el7 | 0.176-2.el7 | elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h | elfutils-default-yama-scope:0.170-4.el7 |
Low | CVE-2019-7665 | elfutils-default-yama-scope | 0.170-4.el7 | 0.176-2.el7 | elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c | elfutils-default-yama-scope:0.170-4.el7 |
Low | CVE-2018-16062 | elfutils-libelf | 0.170-4.el7 | 0.176-2.el7 | elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file | elfutils-libelf:0.170-4.el7 |
Low | CVE-2018-16402 | elfutils-libelf | 0.170-4.el7 | 0.176-2.el7 | elfutils: Double-free due to double decompression of sections in crafted ELF causes crash | elfutils-libelf:0.170-4.el7 |
Low | CVE-2018-16403 | elfutils-libelf | 0.170-4.el7 | 0.176-2.el7 | elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash | elfutils-libelf:0.170-4.el7 |
Low | CVE-2018-18310 | elfutils-libelf | 0.170-4.el7 | 0.176-2.el7 | elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl | elfutils-libelf:0.170-4.el7 |
Low | CVE-2018-18520 | elfutils-libelf | 0.170-4.el7 | 0.176-2.el7 | elfutils: eu-size cannot handle recursive ar files | elfutils-libelf:0.170-4.el7 |
Low | CVE-2018-18521 | elfutils-libelf | 0.170-4.el7 | 0.176-2.el7 | elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c | elfutils-libelf:0.170-4.el7 |
Low | CVE-2019-7149 | elfutils-libelf | 0.170-4.el7 | 0.176-2.el7 | elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw | elfutils-libelf:0.170-4.el7 |
Low | CVE-2019-7150 | elfutils-libelf | 0.170-4.el7 | 0.176-2.el7 | elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c | elfutils-libelf:0.170-4.el7 |
Low | CVE-2019-7664 | elfutils-libelf | 0.170-4.el7 | 0.176-2.el7 | elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h | elfutils-libelf:0.170-4.el7 |
Low | CVE-2019-7665 | elfutils-libelf | 0.170-4.el7 | 0.176-2.el7 | elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c | elfutils-libelf:0.170-4.el7 |
Low | CVE-2018-16062 | elfutils-libs | 0.170-4.el7 | 0.176-2.el7 | elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file | elfutils-libs:0.170-4.el7 |
Low | CVE-2018-16402 | elfutils-libs | 0.170-4.el7 | 0.176-2.el7 | elfutils: Double-free due to double decompression of sections in crafted ELF causes crash | elfutils-libs:0.170-4.el7 |
Low | CVE-2018-16403 | elfutils-libs | 0.170-4.el7 | 0.176-2.el7 | elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash | elfutils-libs:0.170-4.el7 |
Low | CVE-2018-18310 | elfutils-libs | 0.170-4.el7 | 0.176-2.el7 | elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl | elfutils-libs:0.170-4.el7 |
Low | CVE-2018-18520 | elfutils-libs | 0.170-4.el7 | 0.176-2.el7 | elfutils: eu-size cannot handle recursive ar files | elfutils-libs:0.170-4.el7 |
Low | CVE-2018-18521 | elfutils-libs | 0.170-4.el7 | 0.176-2.el7 | elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c | elfutils-libs:0.170-4.el7 |
Low | CVE-2019-7149 | elfutils-libs | 0.170-4.el7 | 0.176-2.el7 | elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw | elfutils-libs:0.170-4.el7 |
Low | CVE-2019-7150 | elfutils-libs | 0.170-4.el7 | 0.176-2.el7 | elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c | elfutils-libs:0.170-4.el7 |
Low | CVE-2019-7664 | elfutils-libs | 0.170-4.el7 | 0.176-2.el7 | elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h | elfutils-libs:0.170-4.el7 |
Low | CVE-2019-7665 | elfutils-libs | 0.170-4.el7 | 0.176-2.el7 | elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c | elfutils-libs:0.170-4.el7 |
Low | CVE-2019-15903 | expat | 2.1.0-10.el7_3 | 2.1.0-12.el7 | expat: heap-based buffer over-read via crafted XML input | expat:2.1.0-10.el7_3 |
Low | CVE-2018-10360 | file | 5.11-33.el7 | 5.11-36.el7 | file: out-of-bounds read via a crafted ELF file | file:5.11-33.el7 |
Low | CVE-2018-10360 | file-libs | 5.11-33.el7 | 5.11-36.el7 | file: out-of-bounds read via a crafted ELF file | file-libs:5.11-33.el7 |
Low | CVE-2017-18267 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service | fontconfig:2.10.95-11.el7 |
Low | CVE-2018-10733 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c | fontconfig:2.10.95-11.el7 |
Low | CVE-2018-10767 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c | fontconfig:2.10.95-11.el7 |
Low | CVE-2018-10768 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF | fontconfig:2.10.95-11.el7 |
Low | CVE-2018-13988 | fontconfig | 2.10.95-11.el7 | 2.13.0-4.3.el7 | poppler: out of bounds read in pdfunite | fontconfig:2.10.95-11.el7 |
Low | CVE-2017-18267 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service | freetype:2.4.11-15.el7 |
Low | CVE-2018-10733 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c | freetype:2.4.11-15.el7 |
Low | CVE-2018-10767 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c | freetype:2.4.11-15.el7 |
Low | CVE-2018-10768 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF | freetype:2.4.11-15.el7 |
Low | CVE-2018-13988 | freetype | 2.4.11-15.el7 | 2.8-12.el7 | poppler: out of bounds read in pdfunite | freetype:2.4.11-15.el7 |
Low | CVE-2018-18751 | gettext | 0.19.8.1-2.el7 | 0.19.8.1-3.el7 | gettext: double free in default_add_message in read-catalog.c | gettext:0.19.8.1-2.el7 |
Low | CVE-2018-18751 | gettext-common-devel | 0.19.8.1-2.el7 | 0.19.8.1-3.el7 | gettext: double free in default_add_message in read-catalog.c | gettext-common-devel:0.19.8.1-2.el7 |
Low | CVE-2018-18751 | gettext-devel | 0.19.8.1-2.el7 | 0.19.8.1-3.el7 | gettext: double free in default_add_message in read-catalog.c | gettext-devel:0.19.8.1-2.el7 |
Low | CVE-2018-18751 | gettext-libs | 0.19.8.1-2.el7 | 0.19.8.1-3.el7 | gettext: double free in default_add_message in read-catalog.c | gettext-libs:0.19.8.1-2.el7 |
Low | CVE-2017-18267 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service | glib2:2.54.2-2.el7 |
Low | CVE-2018-10733 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c | glib2:2.54.2-2.el7 |
Low | CVE-2018-10767 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c | glib2:2.54.2-2.el7 |
Low | CVE-2018-10768 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF | glib2:2.54.2-2.el7 |
Low | CVE-2018-13988 | glib2 | 2.54.2-2.el7 | 2.56.1-2.el7 | poppler: out of bounds read in pdfunite | glib2:2.54.2-2.el7 |
Low | CVE-2018-5818 | glib2 | 2.54.2-2.el7 | 2.56.1-5.el7 | LibRaw: DoS in parse_rollei function in internal/dcraw_common.cpp | glib2:2.54.2-2.el7 |
Low | CVE-2018-5819 | glib2 | 2.54.2-2.el7 | 2.56.1-5.el7 | LibRaw: DoS in parse_sinar_ia function in internal/dcraw_common.cpp | glib2:2.54.2-2.el7 |
Low | CVE-2019-19126 | glibc | 2.17-222.el7 | 2.17-317.el7 | glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries | glibc:2.17-222.el7 |
Low | CVE-2019-19126 | glibc-common | 2.17-222.el7 | 2.17-317.el7 | glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries | glibc-common:2.17-222.el7 |
Low | CVE-2017-18267 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service | gobject-introspection:1.50.0-1.el7 |
Low | CVE-2018-10733 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c | gobject-introspection:1.50.0-1.el7 |
Low | CVE-2018-10767 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c | gobject-introspection:1.50.0-1.el7 |
Low | CVE-2018-10768 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF | gobject-introspection:1.50.0-1.el7 |
Low | CVE-2018-13988 | gobject-introspection | 1.50.0-1.el7 | 1.56.1-1.el7 | poppler: out of bounds read in pdfunite | gobject-introspection:1.50.0-1.el7 |
Low | CVE-2018-5729 | krb5-libs | 1.15.1-19.el7 | 1.15.1-34.el7 | krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data | krb5-libs:1.15.1-19.el7 |
Low | CVE-2018-5730 | krb5-libs | 1.15.1-19.el7 | 1.15.1-34.el7 | krb5: DN container check bypass by supplying special crafted data | krb5-libs:1.15.1-19.el7 |
Low | CVE-2015-9262 | libX11 | 1.6.5-1.el7 | 1.6.5-2.el7 | libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c | libX11:1.6.5-1.el7 |
Low | CVE-2018-15853 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash | libX11:1.6.5-1.el7 |
Low | CVE-2018-15854 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference resulting in a crash | libX11:1.6.5-1.el7 |
Low | CVE-2018-15855 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference when handling xkb_geometry | libX11:1.6.5-1.el7 |
Low | CVE-2018-15856 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash | libX11:1.6.5-1.el7 |
Low | CVE-2018-15859 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash | libX11:1.6.5-1.el7 |
Low | CVE-2018-15861 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash | libX11:1.6.5-1.el7 |
Low | CVE-2018-15862 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash | libX11:1.6.5-1.el7 |
Low | CVE-2018-15863 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash | libX11:1.6.5-1.el7 |
Low | CVE-2018-15864 | libX11 | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash | libX11:1.6.5-1.el7 |
Low | CVE-2015-9262 | libX11-common | 1.6.5-1.el7 | 1.6.5-2.el7 | libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c | libX11-common:1.6.5-1.el7 |
Low | CVE-2018-15853 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash | libX11-common:1.6.5-1.el7 |
Low | CVE-2018-15854 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference resulting in a crash | libX11-common:1.6.5-1.el7 |
Low | CVE-2018-15855 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference when handling xkb_geometry | libX11-common:1.6.5-1.el7 |
Low | CVE-2018-15856 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash | libX11-common:1.6.5-1.el7 |
Low | CVE-2018-15859 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash | libX11-common:1.6.5-1.el7 |
Low | CVE-2018-15861 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash | libX11-common:1.6.5-1.el7 |
Low | CVE-2018-15862 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash | libX11-common:1.6.5-1.el7 |
Low | CVE-2018-15863 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash | libX11-common:1.6.5-1.el7 |
Low | CVE-2018-15864 | libX11-common | 1.6.5-1.el7 | 1.6.7-2.el7 | libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash | libX11-common:1.6.5-1.el7 |
Low | CVE-2017-18267 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service | libcroco:0.6.11-1.el7 |
Low | CVE-2018-10733 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c | libcroco:0.6.11-1.el7 |
Low | CVE-2018-10767 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c | libcroco:0.6.11-1.el7 |
Low | CVE-2018-10768 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF | libcroco:0.6.11-1.el7 |
Low | CVE-2018-13988 | libcroco | 0.6.11-1.el7 | 0.6.12-4.el7 | poppler: out of bounds read in pdfunite | libcroco:0.6.11-1.el7 |
Low | CVE-2018-1000121 | libcurl | 7.29.0-46.el7 | 7.29.0-51.el7 | curl: LDAP NULL pointer dereference | libcurl:7.29.0-46.el7 |
Low | CVE-2018-14618 | libcurl | 7.29.0-46.el7 | 7.29.0-51.el7_6.3 | curl: NTLM password overflow via integer overflow | libcurl:7.29.0-46.el7 |
Low | CVE-2018-16842 | libcurl | 7.29.0-46.el7 | 7.29.0-54.el7 | curl: Heap-based buffer over-read in the curl tool warning formatting | libcurl:7.29.0-46.el7 |
Low | CVE-2019-5436 | libcurl | 7.29.0-46.el7 | 7.29.0-57.el7 | curl: TFTP receive heap buffer overflow in tftp_receive_packet() function | libcurl:7.29.0-46.el7 |
Low | CVE-2015-9262 | libdrm | 2.4.83-2.el7 | 2.4.91-3.el7 | libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c | libdrm:2.4.83-2.el7 |
Low | CVE-2017-18267 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service | libjpeg-turbo:1.2.90-5.el7 |
Low | CVE-2018-10733 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c | libjpeg-turbo:1.2.90-5.el7 |
Low | CVE-2018-10767 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c | libjpeg-turbo:1.2.90-5.el7 |
Low | CVE-2018-10768 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF | libjpeg-turbo:1.2.90-5.el7 |
Low | CVE-2018-11212 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-8.el7 | libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c | libjpeg-turbo:1.2.90-5.el7 |
Low | CVE-2018-11213 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-8.el7 | libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c | libjpeg-turbo:1.2.90-5.el7 |
Low | CVE-2018-11214 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-8.el7 | libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c | libjpeg-turbo:1.2.90-5.el7 |
Low | CVE-2018-11813 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-8.el7 | libjpeg: "cjpeg" utility large loop because read_pixel in rdtarga.c mishandles EOF | libjpeg-turbo:1.2.90-5.el7 |
Low | CVE-2018-13988 | libjpeg-turbo | 1.2.90-5.el7 | 1.2.90-6.el7 | poppler: out of bounds read in pdfunite | libjpeg-turbo:1.2.90-5.el7 |
Low | CVE-2017-12652 | libpng | 2:1.5.13-7.el7_2 | 2:1.5.13-8.el7 | libpng: does not check length of chunks against user limit | libpng:2:1.5.13-7.el7_2 |
Low | CVE-2018-10779 | libtiff | 4.0.3-27.el7_3 | 4.0.3-32.el7 | libtiff: heap-based buffer over-read in TIFFWriteScanline function in tif_write.c | libtiff:4.0.3-27.el7_3 |
Low | CVE-2018-10963 | libtiff | 4.0.3-27.el7_3 | 4.0.3-32.el7 | libtiff: reachable assertion in TIFFWriteDirectorySec function in tif_dirwrite.c | libtiff:4.0.3-27.el7_3 |
Low | CVE-2018-17100 | libtiff | 4.0.3-27.el7_3 | 4.0.3-32.el7 | libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c | libtiff:4.0.3-27.el7_3 |
Low | CVE-2018-17101 | libtiff | 4.0.3-27.el7_3 | 4.0.3-32.el7 | libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c | libtiff:4.0.3-27.el7_3 |
Low | CVE-2018-18661 | libtiff | 4.0.3-27.el7_3 | 4.0.3-32.el7 | libtiff: tiff2bw tool failed memory allocation leads to crash | libtiff:4.0.3-27.el7_3 |
Low | CVE-2018-7456 | libtiff | 4.0.3-27.el7_3 | 4.0.3-32.el7 | libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service | libtiff:4.0.3-27.el7_3 |
Low | CVE-2018-8905 | libtiff | 4.0.3-27.el7_3 | 4.0.3-32.el7 | libtiff: heap-based buffer overflow in tif_lzw.c:LZWDecodeCompat() allows for denial of service | libtiff:4.0.3-27.el7_3 |
Low | CVE-2017-18267 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service | libwayland-client:1.14.0-2.el7 |
Low | CVE-2018-10733 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c | libwayland-client:1.14.0-2.el7 |
Low | CVE-2018-10767 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c | libwayland-client:1.14.0-2.el7 |
Low | CVE-2018-10768 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF | libwayland-client:1.14.0-2.el7 |
Low | CVE-2018-13988 | libwayland-client | 1.14.0-2.el7 | 1.15.0-1.el7 | poppler: out of bounds read in pdfunite | libwayland-client:1.14.0-2.el7 |
Low | CVE-2017-18267 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service | libwayland-server:1.14.0-2.el7 |
Low | CVE-2018-10733 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c | libwayland-server:1.14.0-2.el7 |
Low | CVE-2018-10767 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c | libwayland-server:1.14.0-2.el7 |
Low | CVE-2018-10768 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF | libwayland-server:1.14.0-2.el7 |
Low | CVE-2018-13988 | libwayland-server | 1.14.0-2.el7 | 1.15.0-1.el7 | poppler: out of bounds read in pdfunite | libwayland-server:1.14.0-2.el7 |
Low | CVE-2015-9262 | libxcb | 1.12-1.el7 | 1.13-1.el7 | libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c | libxcb:1.12-1.el7 |
Low | CVE-2017-18258 | libxml2 | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: Unrestricted memory usage in xz_head() function in xzlib.c | libxml2:2.9.1-6.el7_2.3 |
Low | CVE-2018-14567 | libxml2 | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: Infinite loop caused by incorrect error detection during LZMA decompression | libxml2:2.9.1-6.el7_2.3 |
Low | CVE-2017-18258 | libxml2-python | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: Unrestricted memory usage in xz_head() function in xzlib.c | libxml2-python:2.9.1-6.el7_2.3 |
Low | CVE-2018-14567 | libxml2-python | 2.9.1-6.el7_2.3 | 2.9.1-6.el7.4 | libxml2: Infinite loop caused by incorrect error detection during LZMA decompression | libxml2-python:2.9.1-6.el7_2.3 |
Low | CVE-2015-9262 | mesa-libEGL | 17.2.3-8.20171019.el7 | 18.0.5-3.el7 | libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c | mesa-libEGL:17.2.3-8.20171019.el7 |
Low | CVE-2015-9262 | mesa-libGL | 17.2.3-8.20171019.el7 | 18.0.5-3.el7 | libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c | mesa-libGL:17.2.3-8.20171019.el7 |
Low | CVE-2015-9262 | mesa-libgbm | 17.2.3-8.20171019.el7 | 18.0.5-3.el7 | libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c | mesa-libgbm:17.2.3-8.20171019.el7 |
Low | CVE-2015-9262 | mesa-libglapi | 17.2.3-8.20171019.el7 | 18.0.5-3.el7 | libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c | mesa-libglapi:17.2.3-8.20171019.el7 |
Low | CVE-2019-11727 | nspr | 4.19.0-1.el7_5 | 4.25.0-2.el7_9 | nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 | nspr:4.19.0-1.el7_5 |
Low | CVE-2019-17023 | nspr | 4.19.0-1.el7_5 | 4.25.0-2.el7_9 | nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state | nspr:4.19.0-1.el7_5 |
Low | CVE-2019-11727 | nss | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 | nss:3.36.0-5.el7_5 |
Low | CVE-2019-17023 | nss | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state | nss:3.36.0-5.el7_5 |
Low | CVE-2018-1000121 | nss-pem | 1.0.3-4.el7 | 1.0.3-5.el7 | curl: LDAP NULL pointer dereference | nss-pem:1.0.3-4.el7 |
Low | CVE-2019-11727 | nss-softokn | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 | nss-softokn:3.36.0-5.el7_5 |
Low | CVE-2019-17023 | nss-softokn | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state | nss-softokn:3.36.0-5.el7_5 |
Low | CVE-2019-11727 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 | nss-softokn-freebl:3.36.0-5.el7_5 |
Low | CVE-2019-17023 | nss-softokn-freebl | 3.36.0-5.el7_5 | 3.53.1-6.el7_9 | nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state | nss-softokn-freebl:3.36.0-5.el7_5 |
Low | CVE-2019-11727 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 | nss-sysinit:3.36.0-5.el7_5 |
Low | CVE-2019-17023 | nss-sysinit | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state | nss-sysinit:3.36.0-5.el7_5 |
Low | CVE-2019-11727 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 | nss-tools:3.36.0-5.el7_5 |
Low | CVE-2019-17023 | nss-tools | 3.36.0-5.el7_5 | 3.53.1-3.el7_9 | nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state | nss-tools:3.36.0-5.el7_5 |
Low | CVE-2019-11727 | nss-util | 3.36.0-1.el7_5 | 3.53.1-1.el7_9 | nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 | nss-util:3.36.0-1.el7_5 |
Low | CVE-2019-17023 | nss-util | 3.36.0-1.el7_5 | 3.53.1-1.el7_9 | nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state | nss-util:3.36.0-1.el7_5 |
Low | CVE-2018-15473 | openssh | 7.4p1-16.el7 | 7.4p1-21.el7 | openssh: User enumeration via malformed packets in authentication requests | openssh:7.4p1-16.el7 |
Low | CVE-2018-15473 | openssh-clients | 7.4p1-16.el7 | 7.4p1-21.el7 | openssh: User enumeration via malformed packets in authentication requests | openssh-clients:7.4p1-16.el7 |
Low | CVE-2017-3735 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7 | openssl: Malformed X.509 IPAdressFamily could cause OOB read | openssl:1:1.0.2k-12.el7 |
Low | CVE-2018-0734 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-19.el7 | openssl: timing side channel attack in the DSA signature algorithm | openssl:1:1.0.2k-12.el7 |
Low | CVE-2018-0735 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7_6.1 | openssl: timing side channel attack in the ECDSA signature generation | openssl:1:1.0.2k-12.el7 |
Low | CVE-2018-0737 | openssl | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7 | openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys | openssl:1:1.0.2k-12.el7 |
Low | CVE-2017-3735 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7 | openssl: Malformed X.509 IPAdressFamily could cause OOB read | openssl-libs:1:1.0.2k-12.el7 |
Low | CVE-2018-0734 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-19.el7 | openssl: timing side channel attack in the DSA signature algorithm | openssl-libs:1:1.0.2k-12.el7 |
Low | CVE-2018-0735 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7_6.1 | openssl: timing side channel attack in the ECDSA signature generation | openssl-libs:1:1.0.2k-12.el7 |
Low | CVE-2018-0737 | openssl-libs | 1:1.0.2k-12.el7 | 1:1.0.2k-16.el7 | openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys | openssl-libs:1:1.0.2k-12.el7 |
Low | CVE-2016-10713 | patch | 2.7.1-10.el7_5 | 2.7.1-11.el7 | patch: Out-of-bounds access in pch_write_line function in pch.c | patch:2.7.1-10.el7_5 |
Low | CVE-2018-6952 | patch | 2.7.1-10.el7_5 | 2.7.1-11.el7 | patch: Double free of memory in pch.c:another_hunk() causes a crash | patch:2.7.1-10.el7_5 |
Low | CVE-2018-1060 | python | 2.7.5-69.el7_5 | 2.7.5-76.el7 | python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib | python:2.7.5-69.el7_5 |
Low | CVE-2018-1060 | python-libs | 2.7.5-69.el7_5 | 2.7.5-76.el7 | python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib | python-libs:2.7.5-69.el7_5 |
Low | CVE-2018-1113 | setup | 2.8.71-9.el7 | 2.8.71-10.el7 | setup: nologin listed in /etc/shells violates security expectations | setup:2.8.71-9.el7 |
Low | CVE-2018-16888 | systemd | 219-57.el7 | 219-67.el7 | systemd: kills privileged process if unprivileged PIDFile was tampered | systemd:219-57.el7 |
Low | CVE-2019-20386 | systemd | 219-57.el7 | 219-78.el7 | systemd: memory leak in button_open() in login/logind-button.c when udev events are received | systemd:219-57.el7 |
Low | CVE-2019-3815 | systemd | 219-57.el7 | 219-62.el7_6.3 | systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 | systemd:219-57.el7 |
Low | CVE-2018-16888 | systemd-libs | 219-57.el7 | 219-67.el7 | systemd: kills privileged process if unprivileged PIDFile was tampered | systemd-libs:219-57.el7 |
Low | CVE-2019-20386 | systemd-libs | 219-57.el7 | 219-78.el7 | systemd: memory leak in button_open() in login/logind-button.c when udev events are received | systemd-libs:219-57.el7 |
Low | CVE-2019-3815 | systemd-libs | 219-57.el7 | 219-62.el7_6.3 | systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 | systemd-libs:219-57.el7 |
Low | CVE-2018-18384 | unzip | 6.0-19.el7 | 6.0-20.el7 | unzip: Buffer overflow in list.c resulting in a denial of service | unzip:6.0-19.el7 |
Low | CVE-2019-13232 | unzip | 6.0-19.el7 | 6.0-21.el7 | unzip: overlapping of files in ZIP container leads to denial of service | unzip:6.0-19.el7 |
Low | CVE-2018-16548 | zziplib | 0.13.62-5.el7 | 0.13.62-11.el7 | zziplib: Memory leak triggered in the function __zzip_parse_root_directory in zip.c | zziplib:0.13.62-5.el7 |
Low | CVE-2018-6541 | zziplib | 0.13.62-5.el7 | 0.13.62-11.el7 | zziplib: Bus error caused by loading of a misaligned address inzzip/zip.c | zziplib:0.13.62-5.el7 |
Low | CVE-2018-7725 | zziplib | 0.13.62-5.el7 | 0.13.62-9.el7 | zziplib: out of bound read in mmapped.c:zzip_disk_fread() causes crash | zziplib:0.13.62-5.el7 |
Low | CVE-2018-7726 | zziplib | 0.13.62-5.el7 | 0.13.62-9.el7 | zziplib: Bus error in zip.c:__zzip_parse_root_directory() cause crash via crafted zip file | zziplib:0.13.62-5.el7 |
Low | CVE-2018-7727 | zziplib | 0.13.62-5.el7 | 0.13.62-9.el7 | zziplib: Memory leak in memdisk.c:zzip_mem_disk_new() can lead to denial of service via crafted zip | zziplib:0.13.62-5.el7 |
Low | CVE-2020-26247 | nokogiri | 1.6.8.1 | >= 1.11.0.rc4 | rubygem-nokogiri: XML external entity injection via Nokogiri::XML::Schema | nokogiri:1.6.8.1 |
Low | CVE-2021-41136 | puma | 2.14.0 | ~> 4.3.9, >= 5.5.1 | rubygem-puma: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in puma | puma:2.14.0 |
Command
ADD file:8f4b3be0c1427b158f7c30bad27af0d1bded0af60935cf8f0789286439ebdde9 in /
Vulnerable packages, installed in this layer 5 years ago
Command
LABEL org.label-schema.schema-version== 1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20180531
Command
CMD ["/bin/bash"]
Command
MAINTAINER Support <support@atomicorp.com>
Command
ADD file:dba319a507743ecffd949976c9f0e559fb18a35d156e5436232d143b63bfd19a in /run.sh
Command
ADD file:52f995a1a099f2b9bcafc097eb0ca1a3b0eb9c750e028e12f25cbc95451369bd in /openvas-docker-setup.sh
Command
ADD file:c727ba8f3a090c8c9e4f2d03413e9a676f2b197f4536b33d89d13692f188273b in /etc/redis.conf
Command
ADD file:29b40c24ac182055438d0b3a217d7e93e2b4ecf47216175575be124276c50fc7 in /etc/yum.repos.d/texlive.repo
Command
RUN |2 HTTP_PROXY=http://172.17.0.1:3128 http_proxy=http://172.17.0.1:3128 /bin/sh -c /openvas-docker-setup.sh &&
rm -f /openvas-docker-setup.sh
Vulnerable packages, installed in this layer 5 years ago
Command
CMD ["/bin/sh" "-c" "/run.sh"]
Command
EXPOSE 443/tcp
Command
ADD file:4857465c079efa0d165ee341d2b16119ab4282aec3ab0d84105e7c5ff82d4a66 in /openvas/run_scan.py
Command
RUN chmod +x /openvas/run_scan.py
Command
RUN yum -y --enablerepo=extras install epel-release
Command
RUN yum -y install python-pip
Command
RUN pip install lxml
Vulnerable package, installed in this layer 4 years ago
Dynamic Analysis Results
The following graph outlines the most important system events generated by the container:
The container starts a service that renders the following contents over port 80:
The container produces the following text output: