{ "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.5", "serialNumber": "urn:uuid:ec96eace-0406-4636-9536-53dd34f825cd", "version": 1, "metadata": { "timestamp": "2023-10-17T04:46:51+00:00", "tools": [ { "vendor": "aquasecurity", "name": "trivy", "version": "0.45.1" } ], "component": { "bom-ref": "76956f98-30e0-44d0-9f58-4586e68fd3b2", "type": "container", "name": "mydev.azurecr.io/modules/server/web", "properties": [ { "name": "aquasecurity:trivy:DiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3,sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950,sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4,sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693,sha256:28c8a76aa34e3b62cc5a49a8bc59404da547a1dc9504ff77a0919bad4e4838a0,sha256:8e604e2708eb25f60894acccdccd3af9b96dde5e73f7a91ae1178d37e3f70f1a,sha256:1e11638efc186b80d4307705dfa04f602eb78736d0ee9ad64848772b8ed185ae,sha256:eed1aea7d7f0c480e1ba360962a8008d1b4768f66a4e78ce6c0240f48ba86213,sha256:17aa65ce3e0fcd02a151c235fcd67337da94a2a9ae5e64e6838a10ea8a269234,sha256:95d163982c2c9a35d137238c1c84959aa096244eb8cdd211e030d07f8b253302,sha256:07d1944790f71d2c15c3d089136d8ea04c0e2e11a3bfaa00d8612257d2e20383,sha256:9a0c64b0fd3a8dc992e6e43103ba4ec50e5d963f6d61ebe6b6a344537f774f2f,sha256:95d163982c2c9a35d137238c1c84959aa096244eb8cdd211e030d07f8b253302,sha256:840fcce3c63a46c49058e983741ea2b218c694bf1c18b42376b7fe70bac56354,sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef,sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:ImageID", "value": "sha256:f90f16f14b697011550faf12aa12817e64fc772dadc0f5560ea1e2345a5945b1" }, { "name": "aquasecurity:trivy:RepoTag", "value": "mydev.azurecr.io/modules/server/web:latest" }, { "name": "aquasecurity:trivy:SchemaVersion", "value": "2" } ] } }, "components": [ { "bom-ref": "5f3a4355-930d-4969-b731-c88b83f2437d", "type": "operating-system", "name": "ubuntu", "version": "20.04", "properties": [ { "name": "aquasecurity:trivy:Class", "value": "os-pkgs" }, { "name": "aquasecurity:trivy:Type", "value": "ubuntu" } ] }, { "bom-ref": "a254e903-4df0-4005-8bae-5fc4a9928945", "type": "application", "name": "usr/share/dotnet/shared/Microsoft.AspNetCore.App/3.1.28/Microsoft.AspNetCore.App.deps.json", "properties": [ { "name": "aquasecurity:trivy:Class", "value": "lang-pkgs" }, { "name": "aquasecurity:trivy:Type", "value": "dotnet-core" } ] }, { "bom-ref": "cc0d9f1b-c33c-4c2c-86d3-41fa40322487", "type": "application", "name": "usr/share/dotnet/shared/Microsoft.NETCore.App/3.1.28/Microsoft.NETCore.App.deps.json", "properties": [ { "name": "aquasecurity:trivy:Class", "value": "lang-pkgs" }, { "name": "aquasecurity:trivy:Type", "value": "dotnet-core" } ] }, { "bom-ref": "f73012a0-4253-41ff-ac27-faa347b62fb2", "type": "application", "name": "app/My.IdentityServer.Web.deps.json", "properties": [ { "name": "aquasecurity:trivy:Class", "value": "lang-pkgs" }, { "name": "aquasecurity:trivy:Type", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:deb/ubuntu/adduser@3.118ubuntu2?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Core Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "adduser", "version": "3.118ubuntu2", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/adduser@3.118ubuntu2?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "adduser@3.118ubuntu2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "adduser" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.118ubuntu2" } ] }, { "bom-ref": "pkg:deb/ubuntu/apt@2.0.9?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "apt", "version": "2.0.9", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/apt@2.0.9?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "apt@2.0.9" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "apt" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.0.9" } ] }, { "bom-ref": "pkg:deb/ubuntu/base-files@11ubuntu5.6?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "base-files", "version": "11ubuntu5.6", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/base-files@11ubuntu5.6?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "base-files@11ubuntu5.6" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "base-files" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "11ubuntu5.6" } ] }, { "bom-ref": "pkg:deb/ubuntu/base-passwd@3.5.47?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Colin Watson \u003ccjwatson@debian.org\u003e" }, "name": "base-passwd", "version": "3.5.47", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "PD" } } ], "purl": "pkg:deb/ubuntu/base-passwd@3.5.47?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "base-passwd@3.5.47" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "base-passwd" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.5.47" } ] }, { "bom-ref": "pkg:deb/ubuntu/bash@5.0-6ubuntu1.2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "bash", "version": "5.0-6ubuntu1.2", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/bash@5.0-6ubuntu1.2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "bash@5.0-6ubuntu1.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "bash" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "6ubuntu1.2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "5.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/bsdutils@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "bsdutils", "version": "2.34-0.1ubuntu9.3", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "MIT" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "LGPL-3.0" } } ], "purl": "pkg:deb/ubuntu/bsdutils@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "bsdutils@1:2.34-0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "util-linux" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.34" } ] }, { "bom-ref": "pkg:deb/ubuntu/bzip2@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "bzip2", "version": "1.0.8-2", "licenses": [ { "license": { "name": "BSD-variant" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/bzip2@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "bzip2@1.0.8-2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "bzip2" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.0.8" } ] }, { "bom-ref": "pkg:deb/ubuntu/ca-certificates@20211016~20.04.1?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "ca-certificates", "version": "20211016~20.04.1", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "MPL-2.0" } } ], "purl": "pkg:deb/ubuntu/ca-certificates@20211016~20.04.1?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "ca-certificates@20211016~20.04.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "ca-certificates" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "20211016~20.04.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/coreutils@8.30-3ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "coreutils", "version": "8.30-3ubuntu2", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/coreutils@8.30-3ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "coreutils@8.30-3ubuntu2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "coreutils" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "3ubuntu2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "8.30" } ] }, { "bom-ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "curl", "version": "7.68.0-1ubuntu2.13", "licenses": [ { "license": { "name": "curl" } }, { "license": { "name": "ISC" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "other" } } ], "purl": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "curl@7.68.0-1ubuntu2.13" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "curl" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu2.13" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.68.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/dash@0.5.10.2-6?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "dash", "version": "0.5.10.2-6", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/dash@0.5.10.2-6?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "dash@0.5.10.2-6" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "dash" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "6" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "0.5.10.2" } ] }, { "bom-ref": "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "debconf", "version": "1.5.73", "licenses": [ { "license": { "name": "BSD-2-Clause" } } ], "purl": "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "debconf@1.5.73" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "debconf" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.5.73" } ] }, { "bom-ref": "pkg:deb/ubuntu/debianutils@4.9.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "debianutils", "version": "4.9.1", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/debianutils@4.9.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "debianutils@4.9.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "debianutils" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "4.9.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/diffutils@3.7-3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "diffutils", "version": "3.7-3", "licenses": [ { "license": { "name": "GPL-3.0" } }, { "license": { "name": "GFDL" } } ], "purl": "pkg:deb/ubuntu/diffutils@3.7-3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "diffutils@1:3.7-3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "1" }, { "name": "aquasecurity:trivy:SrcName", "value": "diffutils" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.7" } ] }, { "bom-ref": "pkg:deb/ubuntu/dpkg@1.19.7ubuntu3.2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "dpkg", "version": "1.19.7ubuntu3.2", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "public-domain-s-s-d" } }, { "license": { "name": "public-domain-md5" } } ], "purl": "pkg:deb/ubuntu/dpkg@1.19.7ubuntu3.2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "dpkg@1.19.7ubuntu3.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "dpkg" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.19.7ubuntu3.2" } ] }, { "bom-ref": "pkg:deb/ubuntu/e2fsprogs@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "e2fsprogs", "version": "1.45.5-2ubuntu1.1", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.0" } } ], "purl": "pkg:deb/ubuntu/e2fsprogs@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "e2fsprogs@1.45.5-2ubuntu1.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "e2fsprogs" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu1.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.45.5" } ] }, { "bom-ref": "pkg:deb/ubuntu/fdisk@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "fdisk", "version": "2.34-0.1ubuntu9.3", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "MIT" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "LGPL-3.0" } } ], "purl": "pkg:deb/ubuntu/fdisk@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "fdisk@2.34-0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "util-linux" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.34" } ] }, { "bom-ref": "pkg:deb/ubuntu/findutils@4.7.0-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "findutils", "version": "4.7.0-1ubuntu1", "licenses": [ { "license": { "name": "GPL-3.0" } }, { "license": { "name": "GFDL-1.3" } } ], "purl": "pkg:deb/ubuntu/findutils@4.7.0-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "findutils@4.7.0-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "findutils" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "4.7.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/gcc-10-base@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Core developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "gcc-10-base", "version": "10.3.0-1ubuntu1~20.04", "licenses": [ { "license": { "name": "GPL-3.0" } }, { "license": { "name": "GFDL-1.2" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "Artistic" } }, { "license": { "name": "LGPL-3.0" } } ], "purl": "pkg:deb/ubuntu/gcc-10-base@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "gcc-10-base@10.3.0-1ubuntu1~20.04" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "gcc-10" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1~20.04" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "10.3.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/gpgv@2.2.19-3ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "gpgv", "version": "2.2.19-3ubuntu2.2", "licenses": [ { "license": { "name": "GPL-3.0" } }, { "license": { "name": "permissive" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "Expat" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "RFC-Reference" } }, { "license": { "name": "TinySCHEME" } }, { "license": { "name": "CC0-1.0" } } ], "purl": "pkg:deb/ubuntu/gpgv@2.2.19-3ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "gpgv@2.2.19-3ubuntu2.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "gnupg2" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "3ubuntu2.2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.2.19" } ] }, { "bom-ref": "pkg:deb/ubuntu/grep@3.4-1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "grep", "version": "3.4-1", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/grep@3.4-1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "grep@3.4-1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "grep" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.4" } ] }, { "bom-ref": "pkg:deb/ubuntu/gzip@1.10-0ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "gzip", "version": "1.10-0ubuntu4.1", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/gzip@1.10-0ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "gzip@1.10-0ubuntu4.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "gzip" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0ubuntu4.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.10" } ] }, { "bom-ref": "pkg:deb/ubuntu/hostname@3.23?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "hostname", "version": "3.23", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/hostname@3.23?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "hostname@3.23" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "hostname" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.23" } ] }, { "bom-ref": "pkg:deb/ubuntu/init-system-helpers@1.57?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "init-system-helpers", "version": "1.57", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/init-system-helpers@1.57?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "init-system-helpers@1.57" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "init-system-helpers" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.57" } ] }, { "bom-ref": "pkg:deb/ubuntu/libacl1@2.2.53-6?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libacl1", "version": "2.2.53-6", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } } ], "purl": "pkg:deb/ubuntu/libacl1@2.2.53-6?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libacl1@2.2.53-6" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "acl" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "6" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.2.53" } ] }, { "bom-ref": "pkg:deb/ubuntu/libapt-pkg6.0@2.0.9?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libapt-pkg6.0", "version": "2.0.9", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libapt-pkg6.0@2.0.9?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libapt-pkg6.0@2.0.9" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "apt" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.0.9" } ] }, { "bom-ref": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libasn1-8-heimdal", "version": "7.7.0+dfsg-1ubuntu1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "none" } }, { "license": { "name": "custom" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libasn1-8-heimdal@7.7.0+dfsg-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "heimdal" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.7.0+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libattr1@2.4.48-5?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libattr1", "version": "2.4.48-5", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } } ], "purl": "pkg:deb/ubuntu/libattr1@2.4.48-5?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libattr1@1:2.4.48-5" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "1" }, { "name": "aquasecurity:trivy:SrcName", "value": "attr" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "5" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.4.48" } ] }, { "bom-ref": "pkg:deb/ubuntu/libaudit-common@2.8.5-2ubuntu6?arch=all\u0026distro=ubuntu-20.04\u0026epoch=1", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libaudit-common", "version": "2.8.5-2ubuntu6", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-1.0" } } ], "purl": "pkg:deb/ubuntu/libaudit-common@2.8.5-2ubuntu6?arch=all\u0026distro=ubuntu-20.04\u0026epoch=1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libaudit-common@1:2.8.5-2ubuntu6" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "1" }, { "name": "aquasecurity:trivy:SrcName", "value": "audit" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu6" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.8.5" } ] }, { "bom-ref": "pkg:deb/ubuntu/libaudit1@2.8.5-2ubuntu6?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libaudit1", "version": "2.8.5-2ubuntu6", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-1.0" } } ], "purl": "pkg:deb/ubuntu/libaudit1@2.8.5-2ubuntu6?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libaudit1@1:2.8.5-2ubuntu6" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "1" }, { "name": "aquasecurity:trivy:SrcName", "value": "audit" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu6" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.8.5" } ] }, { "bom-ref": "pkg:deb/ubuntu/libblkid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libblkid1", "version": "2.34-0.1ubuntu9.3", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "MIT" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "LGPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libblkid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libblkid1@2.34-0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "util-linux" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.34" } ] }, { "bom-ref": "pkg:deb/ubuntu/libbrotli1@1.0.7-6ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libbrotli1", "version": "1.0.7-6ubuntu0.1", "licenses": [ { "license": { "name": "MIT" } } ], "purl": "pkg:deb/ubuntu/libbrotli1@1.0.7-6ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libbrotli1@1.0.7-6ubuntu0.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "brotli" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "6ubuntu0.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.0.7" } ] }, { "bom-ref": "pkg:deb/ubuntu/libbz2-1.0@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libbz2-1.0", "version": "1.0.8-2", "licenses": [ { "license": { "name": "BSD-variant" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libbz2-1.0@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libbz2-1.0@1.0.8-2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "bzip2" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.0.8" } ] }, { "bom-ref": "pkg:deb/ubuntu/libc-bin@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libc-bin", "version": "2.31-0ubuntu9.9", "licenses": [ { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libc-bin@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libc-bin@2.31-0ubuntu9.9" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "glibc" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0ubuntu9.9" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.31" } ] }, { "bom-ref": "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libc6", "version": "2.31-0ubuntu9.9", "licenses": [ { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libc6@2.31-0ubuntu9.9" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "glibc" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0ubuntu9.9" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.31" } ] }, { "bom-ref": "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.1build1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libcap-ng0", "version": "0.7.9-2.1build1", "licenses": [ { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.1build1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libcap-ng0@0.7.9-2.1build1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libcap-ng" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2.1build1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "0.7.9" } ] }, { "bom-ref": "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libcom-err2", "version": "1.45.5-2ubuntu1.1", "purl": "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libcom-err2@1.45.5-2ubuntu1.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "e2fsprogs" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu1.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.45.5" } ] }, { "bom-ref": "pkg:deb/ubuntu/libcrypt1@4.4.10-10ubuntu4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libcrypt1", "version": "4.4.10-10ubuntu4", "purl": "pkg:deb/ubuntu/libcrypt1@4.4.10-10ubuntu4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libcrypt1@1:4.4.10-10ubuntu4" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "1" }, { "name": "aquasecurity:trivy:SrcName", "value": "libxcrypt" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "10ubuntu4" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "4.4.10" } ] }, { "bom-ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libcurl4", "version": "7.68.0-1ubuntu2.13", "licenses": [ { "license": { "name": "curl" } }, { "license": { "name": "ISC" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "other" } } ], "purl": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libcurl4@7.68.0-1ubuntu2.13" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "curl" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu2.13" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.68.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libdb5.3@5.3.28%2Bdfsg1-0.6ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libdb5.3", "version": "5.3.28+dfsg1-0.6ubuntu2", "purl": "pkg:deb/ubuntu/libdb5.3@5.3.28%2Bdfsg1-0.6ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libdb5.3@5.3.28+dfsg1-0.6ubuntu2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "db5.3" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0.6ubuntu2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "5.3.28+dfsg1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libdebconfclient0@0.251ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libdebconfclient0", "version": "0.251ubuntu1", "purl": "pkg:deb/ubuntu/libdebconfclient0@0.251ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libdebconfclient0@0.251ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "cdebconf" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "0.251ubuntu1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libext2fs2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libext2fs2", "version": "1.45.5-2ubuntu1.1", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libext2fs2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libext2fs2@1.45.5-2ubuntu1.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "e2fsprogs" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu1.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.45.5" } ] }, { "bom-ref": "pkg:deb/ubuntu/libfdisk1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libfdisk1", "version": "2.34-0.1ubuntu9.3", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "MIT" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "LGPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libfdisk1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libfdisk1@2.34-0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "util-linux" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.34" } ] }, { "bom-ref": "pkg:deb/ubuntu/libffi7@3.3-4?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libffi7", "version": "3.3-4", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libffi7@3.3-4?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libffi7@3.3-4" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libffi" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "4" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.3" } ] }, { "bom-ref": "pkg:deb/ubuntu/libgcc-s1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Core developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libgcc-s1", "version": "10.3.0-1ubuntu1~20.04", "purl": "pkg:deb/ubuntu/libgcc-s1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libgcc-s1@10.3.0-1ubuntu1~20.04" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "gcc-10" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1~20.04" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "10.3.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libgcc1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "type": "library", "supplier": { "name": "Ubuntu Core developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libgcc1", "version": "10.3.0-1ubuntu1~20.04", "purl": "pkg:deb/ubuntu/libgcc1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "libgcc1@1:10.3.0-1ubuntu1~20.04" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "gcc-10" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1~20.04" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "10.3.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libgcrypt20@1.8.5-5ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libgcrypt20", "version": "1.8.5-5ubuntu1.1", "licenses": [ { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libgcrypt20@1.8.5-5ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libgcrypt20@1.8.5-5ubuntu1.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libgcrypt20" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "5ubuntu1.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.8.5" } ] }, { "bom-ref": "pkg:deb/ubuntu/libgmp10@6.2.0%2Bdfsg-4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libgmp10", "version": "6.2.0+dfsg-4", "licenses": [ { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libgmp10@6.2.0%2Bdfsg-4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libgmp10@2:6.2.0+dfsg-4" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "2" }, { "name": "aquasecurity:trivy:SrcName", "value": "gmp" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "4" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "6.2.0+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libgnutls30@3.6.13-2ubuntu1.7?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libgnutls30", "version": "3.6.13-2ubuntu1.7", "licenses": [ { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "GFDL-1.3" } }, { "license": { "name": "CC0" } }, { "license": { "name": "Expat" } }, { "license": { "name": "Apache-2.0" } }, { "license": { "name": "LGPLv3+" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "BSD-3-Clause" } } ], "purl": "pkg:deb/ubuntu/libgnutls30@3.6.13-2ubuntu1.7?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libgnutls30@3.6.13-2ubuntu1.7" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "gnutls28" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu1.7" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.6.13" } ] }, { "bom-ref": "pkg:deb/ubuntu/libgpg-error0@1.37-1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libgpg-error0", "version": "1.37-1", "licenses": [ { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "g10-permissive" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libgpg-error0@1.37-1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libgpg-error0@1.37-1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libgpg-error" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.37" } ] }, { "bom-ref": "pkg:deb/ubuntu/libgssapi-krb5-2@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libgssapi-krb5-2", "version": "1.17-6ubuntu4.1", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libgssapi-krb5-2@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "libgssapi-krb5-2@1.17-6ubuntu4.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "krb5" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "6ubuntu4.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.17" } ] }, { "bom-ref": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libgssapi3-heimdal", "version": "7.7.0+dfsg-1ubuntu1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "none" } }, { "license": { "name": "custom" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libgssapi3-heimdal@7.7.0+dfsg-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "heimdal" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.7.0+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libhcrypto4-heimdal", "version": "7.7.0+dfsg-1ubuntu1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "none" } }, { "license": { "name": "custom" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libhcrypto4-heimdal@7.7.0+dfsg-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "heimdal" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.7.0+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libheimbase1-heimdal", "version": "7.7.0+dfsg-1ubuntu1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "none" } }, { "license": { "name": "custom" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libheimbase1-heimdal@7.7.0+dfsg-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "heimdal" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.7.0+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libheimntlm0-heimdal", "version": "7.7.0+dfsg-1ubuntu1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "none" } }, { "license": { "name": "custom" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libheimntlm0-heimdal@7.7.0+dfsg-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "heimdal" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.7.0+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libhogweed5@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libhogweed5", "version": "3.5.1+really3.5.1-2ubuntu0.2", "purl": "pkg:deb/ubuntu/libhogweed5@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libhogweed5@3.5.1+really3.5.1-2ubuntu0.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "nettle" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu0.2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.5.1+really3.5.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libhx509-5-heimdal", "version": "7.7.0+dfsg-1ubuntu1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "none" } }, { "license": { "name": "custom" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libhx509-5-heimdal@7.7.0+dfsg-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "heimdal" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.7.0+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libicu66@66.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libicu66", "version": "66.1-2ubuntu2.1", "purl": "pkg:deb/ubuntu/libicu66@66.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "libicu66@66.1-2ubuntu2.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "icu" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu2.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "66.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libidn2-0@2.2.0-2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libidn2-0", "version": "2.2.0-2", "licenses": [ { "license": { "name": "GPL-3.0" } }, { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "Unicode" } } ], "purl": "pkg:deb/ubuntu/libidn2-0@2.2.0-2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libidn2-0@2.2.0-2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libidn2" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.2.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libk5crypto3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libk5crypto3", "version": "1.17-6ubuntu4.1", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libk5crypto3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "libk5crypto3@1.17-6ubuntu4.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "krb5" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "6ubuntu4.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.17" } ] }, { "bom-ref": "pkg:deb/ubuntu/libkeyutils1@1.6-6ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libkeyutils1", "version": "1.6-6ubuntu1.1", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libkeyutils1@1.6-6ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "libkeyutils1@1.6-6ubuntu1.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "keyutils" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "6ubuntu1.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.6" } ] }, { "bom-ref": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libkrb5-26-heimdal", "version": "7.7.0+dfsg-1ubuntu1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "none" } }, { "license": { "name": "custom" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libkrb5-26-heimdal@7.7.0+dfsg-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "heimdal" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.7.0+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libkrb5-3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libkrb5-3", "version": "1.17-6ubuntu4.1", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libkrb5-3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "libkrb5-3@1.17-6ubuntu4.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "krb5" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "6ubuntu4.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.17" } ] }, { "bom-ref": "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libkrb5support0", "version": "1.17-6ubuntu4.1", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "libkrb5support0@1.17-6ubuntu4.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "krb5" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "6ubuntu4.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.17" } ] }, { "bom-ref": "pkg:deb/ubuntu/libldap-2.4-2@2.4.49%2Bdfsg-2ubuntu1.9?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libldap-2.4-2", "version": "2.4.49+dfsg-2ubuntu1.9", "purl": "pkg:deb/ubuntu/libldap-2.4-2@2.4.49%2Bdfsg-2ubuntu1.9?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libldap-2.4-2@2.4.49+dfsg-2ubuntu1.9" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "openldap" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu1.9" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.4.49+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libldap-common@2.4.49%2Bdfsg-2ubuntu1.9?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libldap-common", "version": "2.4.49+dfsg-2ubuntu1.9", "purl": "pkg:deb/ubuntu/libldap-common@2.4.49%2Bdfsg-2ubuntu1.9?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libldap-common@2.4.49+dfsg-2ubuntu1.9" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "openldap" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu1.9" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.4.49+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/liblz4-1@1.9.2-2ubuntu0.20.04.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "liblz4-1", "version": "1.9.2-2ubuntu0.20.04.1", "licenses": [ { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/liblz4-1@1.9.2-2ubuntu0.20.04.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "liblz4-1@1.9.2-2ubuntu0.20.04.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "lz4" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu0.20.04.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.9.2" } ] }, { "bom-ref": "pkg:deb/ubuntu/liblzma5@5.2.4-1ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "liblzma5", "version": "5.2.4-1ubuntu1.1", "licenses": [ { "license": { "name": "PD" } }, { "license": { "name": "probably-PD" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "permissive-fsf" } }, { "license": { "name": "Autoconf" } }, { "license": { "name": "permissive-nowarranty" } }, { "license": { "name": "none" } }, { "license": { "name": "config-h" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "noderivs" } }, { "license": { "name": "PD-debian" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/liblzma5@5.2.4-1ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "liblzma5@5.2.4-1ubuntu1.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "xz-utils" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "5.2.4" } ] }, { "bom-ref": "pkg:deb/ubuntu/libmount1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libmount1", "version": "2.34-0.1ubuntu9.3", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "MIT" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "LGPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libmount1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libmount1@2.34-0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "util-linux" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.34" } ] }, { "bom-ref": "pkg:deb/ubuntu/libncurses6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libncurses6", "version": "6.2-0ubuntu2", "purl": "pkg:deb/ubuntu/libncurses6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libncurses6@6.2-0ubuntu2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "ncurses" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0ubuntu2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "6.2" } ] }, { "bom-ref": "pkg:deb/ubuntu/libncursesw6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libncursesw6", "version": "6.2-0ubuntu2", "purl": "pkg:deb/ubuntu/libncursesw6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libncursesw6@6.2-0ubuntu2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "ncurses" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0ubuntu2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "6.2" } ] }, { "bom-ref": "pkg:deb/ubuntu/libnettle7@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libnettle7", "version": "3.5.1+really3.5.1-2ubuntu0.2", "licenses": [ { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "other" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "GPL-2.0-with-autoconf-exception" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "GAP" } }, { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libnettle7@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libnettle7@3.5.1+really3.5.1-2ubuntu0.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "nettle" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu0.2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.5.1+really3.5.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libnghttp2-14@1.40.0-1build1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libnghttp2-14", "version": "1.40.0-1build1", "licenses": [ { "license": { "name": "Expat" } }, { "license": { "name": "MIT" } }, { "license": { "name": "all-permissive" } }, { "license": { "name": "GPL-3.0-with-autoconf-exception" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "SIL-OFL-1.1" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libnghttp2-14@1.40.0-1build1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libnghttp2-14@1.40.0-1build1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "nghttp2" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1build1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.40.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libp11-kit0@0.23.20-1ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libp11-kit0", "version": "0.23.20-1ubuntu0.1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "permissive-like-automake-output" } }, { "license": { "name": "ISC" } }, { "license": { "name": "ISC+IBM" } }, { "license": { "name": "same-as-rest-of-p11kit" } } ], "purl": "pkg:deb/ubuntu/libp11-kit0@0.23.20-1ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libp11-kit0@0.23.20-1ubuntu0.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "p11-kit" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu0.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "0.23.20" } ] }, { "bom-ref": "pkg:deb/ubuntu/libpam-modules-bin@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libpam-modules-bin", "version": "1.3.1-5ubuntu4.3", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libpam-modules-bin@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libpam-modules-bin@1.3.1-5ubuntu4.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "pam" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "5ubuntu4.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.3.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libpam-modules@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libpam-modules", "version": "1.3.1-5ubuntu4.3", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libpam-modules@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libpam-modules@1.3.1-5ubuntu4.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "pam" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "5ubuntu4.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.3.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libpam-runtime@1.3.1-5ubuntu4.3?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libpam-runtime", "version": "1.3.1-5ubuntu4.3", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libpam-runtime@1.3.1-5ubuntu4.3?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libpam-runtime@1.3.1-5ubuntu4.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "pam" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "5ubuntu4.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.3.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libpam0g@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libpam0g", "version": "1.3.1-5ubuntu4.3", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libpam0g@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libpam0g@1.3.1-5ubuntu4.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "pam" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "5ubuntu4.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.3.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libpcre2-8-0@10.34-7?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libpcre2-8-0", "version": "10.34-7", "purl": "pkg:deb/ubuntu/libpcre2-8-0@10.34-7?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libpcre2-8-0@10.34-7" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "pcre2" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "7" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "10.34" } ] }, { "bom-ref": "pkg:deb/ubuntu/libpcre3@8.39-12ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libpcre3", "version": "8.39-12ubuntu0.1", "purl": "pkg:deb/ubuntu/libpcre3@8.39-12ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libpcre3@2:8.39-12ubuntu0.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "2" }, { "name": "aquasecurity:trivy:SrcName", "value": "pcre3" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "12ubuntu0.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "8.39" } ] }, { "bom-ref": "pkg:deb/ubuntu/libprocps8@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libprocps8", "version": "3.3.16-1ubuntu2.3", "licenses": [ { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libprocps8@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libprocps8@2:3.3.16-1ubuntu2.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "2" }, { "name": "aquasecurity:trivy:SrcName", "value": "procps" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu2.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.3.16" } ] }, { "bom-ref": "pkg:deb/ubuntu/libpsl5@0.21.0-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libpsl5", "version": "0.21.0-1ubuntu1", "licenses": [ { "license": { "name": "MIT" } }, { "license": { "name": "Chromium" } } ], "purl": "pkg:deb/ubuntu/libpsl5@0.21.0-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libpsl5@0.21.0-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libpsl" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "0.21.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libroken18-heimdal", "version": "7.7.0+dfsg-1ubuntu1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "none" } }, { "license": { "name": "custom" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libroken18-heimdal@7.7.0+dfsg-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "heimdal" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.7.0+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/librtmp1@2.4%2B20151223.gitfa8646d.1-2build1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "librtmp1", "version": "2.4+20151223.gitfa8646d.1-2build1", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.1" } } ], "purl": "pkg:deb/ubuntu/librtmp1@2.4%2B20151223.gitfa8646d.1-2build1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "librtmp1@2.4+20151223.gitfa8646d.1-2build1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "rtmpdump" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2build1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.4+20151223.gitfa8646d.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libsasl2-2@2.1.27%2Bdfsg-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libsasl2-2", "version": "2.1.27+dfsg-2ubuntu0.1", "licenses": [ { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libsasl2-2@2.1.27%2Bdfsg-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libsasl2-2@2.1.27+dfsg-2ubuntu0.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "cyrus-sasl2" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu0.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.1.27+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libsasl2-modules-db@2.1.27%2Bdfsg-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libsasl2-modules-db", "version": "2.1.27+dfsg-2ubuntu0.1", "licenses": [ { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libsasl2-modules-db@2.1.27%2Bdfsg-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libsasl2-modules-db@2.1.27+dfsg-2ubuntu0.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "cyrus-sasl2" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu0.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.1.27+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libseccomp2@2.5.1-1ubuntu1~20.04.2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libseccomp2", "version": "2.5.1-1ubuntu1~20.04.2", "licenses": [ { "license": { "name": "LGPL-2.1" } } ], "purl": "pkg:deb/ubuntu/libseccomp2@2.5.1-1ubuntu1~20.04.2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libseccomp2@2.5.1-1ubuntu1~20.04.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libseccomp" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1~20.04.2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.5.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libselinux1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libselinux1", "version": "3.0-1build2", "licenses": [ { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libselinux1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libselinux1@3.0-1build2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libselinux" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1build2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libsemanage-common@3.0-1build2?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libsemanage-common", "version": "3.0-1build2", "licenses": [ { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libsemanage-common@3.0-1build2?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libsemanage-common@3.0-1build2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libsemanage" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1build2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libsemanage1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libsemanage1", "version": "3.0-1build2", "licenses": [ { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libsemanage1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libsemanage1@3.0-1build2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libsemanage" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1build2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libsepol1@3.0-1ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libsepol1", "version": "3.0-1ubuntu0.1", "licenses": [ { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libsepol1@3.0-1ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libsepol1@3.0-1ubuntu0.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libsepol" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu0.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libsmartcols1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libsmartcols1", "version": "2.34-0.1ubuntu9.3", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "MIT" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "LGPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libsmartcols1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libsmartcols1@2.34-0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "util-linux" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.34" } ] }, { "bom-ref": "pkg:deb/ubuntu/libsqlite3-0@3.31.1-4ubuntu0.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libsqlite3-0", "version": "3.31.1-4ubuntu0.3", "licenses": [ { "license": { "name": "public-domain" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libsqlite3-0@3.31.1-4ubuntu0.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libsqlite3-0@3.31.1-4ubuntu0.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "sqlite3" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "4ubuntu0.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.31.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/libss2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libss2", "version": "1.45.5-2ubuntu1.1", "purl": "pkg:deb/ubuntu/libss2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libss2@1.45.5-2ubuntu1.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "e2fsprogs" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu1.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.45.5" } ] }, { "bom-ref": "pkg:deb/ubuntu/libssh-4@0.9.3-2ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libssh-4", "version": "0.9.3-2ubuntu2.2", "licenses": [ { "license": { "name": "LGPL-2.1+~OpenSSL" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "BSD-3-Clause" } } ], "purl": "pkg:deb/ubuntu/libssh-4@0.9.3-2ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libssh-4@0.9.3-2ubuntu2.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libssh" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu2.2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "0.9.3" } ] }, { "bom-ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libssl1.1", "version": "1.1.1f-1ubuntu2.16", "purl": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "libssl1.1@1.1.1f-1ubuntu2.16" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "openssl" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu2.16" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.1.1f" } ] }, { "bom-ref": "pkg:deb/ubuntu/libstdc%2B%2B6@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Core developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libstdc++6", "version": "10.3.0-1ubuntu1~20.04", "purl": "pkg:deb/ubuntu/libstdc%2B%2B6@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libstdc++6@10.3.0-1ubuntu1~20.04" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "gcc-10" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1~20.04" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "10.3.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libsystemd0@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libsystemd0", "version": "245.4-4ubuntu3.17", "licenses": [ { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "CC0-1.0" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "GPL-2 with Linux-syscall-note exception" } }, { "license": { "name": "Expat" } }, { "license": { "name": "public-domain" } } ], "purl": "pkg:deb/ubuntu/libsystemd0@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libsystemd0@245.4-4ubuntu3.17" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "systemd" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "4ubuntu3.17" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "245.4" } ] }, { "bom-ref": "pkg:deb/ubuntu/libtasn1-6@4.16.0-2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libtasn1-6", "version": "4.16.0-2", "licenses": [ { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "GFDL-1.3" } } ], "purl": "pkg:deb/ubuntu/libtasn1-6@4.16.0-2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libtasn1-6@4.16.0-2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libtasn1-6" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "4.16.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libtinfo6", "version": "6.2-0ubuntu2", "purl": "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libtinfo6@6.2-0ubuntu2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "ncurses" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0ubuntu2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "6.2" } ] }, { "bom-ref": "pkg:deb/ubuntu/libudev1@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libudev1", "version": "245.4-4ubuntu3.17", "licenses": [ { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "CC0-1.0" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "GPL-2 with Linux-syscall-note exception" } }, { "license": { "name": "Expat" } }, { "license": { "name": "public-domain" } } ], "purl": "pkg:deb/ubuntu/libudev1@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libudev1@245.4-4ubuntu3.17" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "systemd" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "4ubuntu3.17" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "245.4" } ] }, { "bom-ref": "pkg:deb/ubuntu/libunistring2@0.9.10-2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libunistring2", "version": "0.9.10-2", "licenses": [ { "license": { "name": "LGPL-3.0" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "FreeSoftware" } }, { "license": { "name": "GPL-2+ with distribution exception" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "GFDL-1.2+" } }, { "license": { "name": "MIT" } }, { "license": { "name": "GFDL-1.2" } } ], "purl": "pkg:deb/ubuntu/libunistring2@0.9.10-2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libunistring2@0.9.10-2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libunistring" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "0.9.10" } ] }, { "bom-ref": "pkg:deb/ubuntu/libuuid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libuuid1", "version": "2.34-0.1ubuntu9.3", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "MIT" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "LGPL-3.0" } } ], "purl": "pkg:deb/ubuntu/libuuid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libuuid1@2.34-0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "util-linux" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.34" } ] }, { "bom-ref": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libwind0-heimdal", "version": "7.7.0+dfsg-1ubuntu1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "none" } }, { "license": { "name": "custom" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:4451fd1ff06bccae2f69f1fab17346dfdbf8b5bff8452a0bad138313972fb8b4" }, { "name": "aquasecurity:trivy:PkgID", "value": "libwind0-heimdal@7.7.0+dfsg-1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "heimdal" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "7.7.0+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/libzstd1@1.4.4%2Bdfsg-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "libzstd1", "version": "1.4.4+dfsg-3ubuntu0.1", "licenses": [ { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "Zlib" } }, { "license": { "name": "Expat" } } ], "purl": "pkg:deb/ubuntu/libzstd1@1.4.4%2Bdfsg-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "libzstd1@1.4.4+dfsg-3ubuntu0.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "libzstd" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "3ubuntu0.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.4.4+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/login@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "login", "version": "4.8.1-1ubuntu5.20.04.2", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/login@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "login@1:4.8.1-1ubuntu5.20.04.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "1" }, { "name": "aquasecurity:trivy:SrcName", "value": "shadow" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu5.20.04.2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "4.8.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/logsave@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "logsave", "version": "1.45.5-2ubuntu1.1", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "LGPL-2.0" } } ], "purl": "pkg:deb/ubuntu/logsave@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "logsave@1.45.5-2ubuntu1.1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "e2fsprogs" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu1.1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.45.5" } ] }, { "bom-ref": "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "lsb-base", "version": "11.1.0ubuntu2", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "BSD-3-Clause" } } ], "purl": "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "lsb-base@11.1.0ubuntu2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "lsb" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "11.1.0ubuntu2" } ] }, { "bom-ref": "pkg:deb/ubuntu/mawk@1.3.4.20200120-2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "mawk", "version": "1.3.4.20200120-2", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/mawk@1.3.4.20200120-2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "mawk@1.3.4.20200120-2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "mawk" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.3.4.20200120" } ] }, { "bom-ref": "pkg:deb/ubuntu/mount@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "mount", "version": "2.34-0.1ubuntu9.3", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "MIT" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "LGPL-3.0" } } ], "purl": "pkg:deb/ubuntu/mount@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "mount@2.34-0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "util-linux" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.34" } ] }, { "bom-ref": "pkg:deb/ubuntu/ncurses-base@6.2-0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "ncurses-base", "version": "6.2-0ubuntu2", "purl": "pkg:deb/ubuntu/ncurses-base@6.2-0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "ncurses-base@6.2-0ubuntu2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "ncurses" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0ubuntu2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "6.2" } ] }, { "bom-ref": "pkg:deb/ubuntu/ncurses-bin@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "ncurses-bin", "version": "6.2-0ubuntu2", "purl": "pkg:deb/ubuntu/ncurses-bin@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "ncurses-bin@6.2-0ubuntu2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "ncurses" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0ubuntu2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "6.2" } ] }, { "bom-ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "openssl", "version": "1.1.1f-1ubuntu2.16", "purl": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "openssl@1.1.1f-1ubuntu2.16" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "openssl" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu2.16" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.1.1f" } ] }, { "bom-ref": "pkg:deb/ubuntu/passwd@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "passwd", "version": "4.8.1-1ubuntu5.20.04.2", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/passwd@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "passwd@1:4.8.1-1ubuntu5.20.04.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "1" }, { "name": "aquasecurity:trivy:SrcName", "value": "shadow" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu5.20.04.2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "4.8.1" } ] }, { "bom-ref": "pkg:deb/ubuntu/perl-base@5.30.0-9ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "perl-base", "version": "5.30.0-9ubuntu0.2", "licenses": [ { "license": { "name": "GPL-1.0" } }, { "license": { "name": "Artistic" } }, { "license": { "name": "Expat" } }, { "license": { "name": "REGCOMP" } }, { "license": { "name": "GPL-2.0-with-bison-exception" } }, { "license": { "name": "Unicode" } }, { "license": { "name": "BZIP" } }, { "license": { "name": "Zlib" } }, { "license": { "name": "GPL-2.0" } }, { "license": { "name": "RRA-KEEP-THIS-NOTICE" } }, { "license": { "name": "BSD-3-clause-with-weird-numbering" } }, { "license": { "name": "CC0-1.0" } }, { "license": { "name": "TEXT-TABS" } }, { "license": { "name": "BSD-4-clause-POWERDOG" } }, { "license": { "name": "BSD-3-clause-GENERIC" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "SDBM-PUBLIC-DOMAIN" } }, { "license": { "name": "DONT-CHANGE-THE-GPL" } }, { "license": { "name": "Artistic-dist" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "Artistic-2" } }, { "license": { "name": "HSIEH-DERIVATIVE" } }, { "license": { "name": "HSIEH-BSD" } } ], "purl": "pkg:deb/ubuntu/perl-base@5.30.0-9ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "perl-base@5.30.0-9ubuntu0.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "perl" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "9ubuntu0.2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "5.30.0" } ] }, { "bom-ref": "pkg:deb/ubuntu/procps@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "procps", "version": "3.3.16-1ubuntu2.3", "licenses": [ { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/procps@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "procps@2:3.3.16-1ubuntu2.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "2" }, { "name": "aquasecurity:trivy:SrcName", "value": "procps" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1ubuntu2.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "3.3.16" } ] }, { "bom-ref": "pkg:deb/ubuntu/sed@4.7-1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "sed", "version": "4.7-1", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/sed@4.7-1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "sed@4.7-1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "sed" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "4.7" } ] }, { "bom-ref": "pkg:deb/ubuntu/sensible-utils@0.0.12%2Bnmu1?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "sensible-utils", "version": "0.0.12+nmu1", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "All-permissive" } }, { "license": { "name": "configure" } }, { "license": { "name": "installsh" } } ], "purl": "pkg:deb/ubuntu/sensible-utils@0.0.12%2Bnmu1?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "sensible-utils@0.0.12+nmu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "sensible-utils" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "0.0.12+nmu1" } ] }, { "bom-ref": "pkg:deb/ubuntu/sysvinit-utils@2.96-2.1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "sysvinit-utils", "version": "2.96-2.1ubuntu1", "licenses": [ { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/sysvinit-utils@2.96-2.1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "sysvinit-utils@2.96-2.1ubuntu1" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "sysvinit" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2.1ubuntu1" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.96" } ] }, { "bom-ref": "pkg:deb/ubuntu/tar@1.30%2Bdfsg-7ubuntu0.20.04.2?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "tar", "version": "1.30+dfsg-7ubuntu0.20.04.2", "licenses": [ { "license": { "name": "GPL-3.0" } }, { "license": { "name": "GPL-2.0" } } ], "purl": "pkg:deb/ubuntu/tar@1.30%2Bdfsg-7ubuntu0.20.04.2?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "tar@1.30+dfsg-7ubuntu0.20.04.2" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "tar" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "7ubuntu0.20.04.2" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.30+dfsg" } ] }, { "bom-ref": "pkg:deb/ubuntu/tzdata@2022a-0ubuntu0.20.04?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "tzdata", "version": "2022a-0ubuntu0.20.04", "licenses": [ { "license": { "name": "ICU" } } ], "purl": "pkg:deb/ubuntu/tzdata@2022a-0ubuntu0.20.04?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:0b0cde4677a0a1d3dd78bdb145eb6abd6db2b76648c4835cebb65ec6c1ea4950" }, { "name": "aquasecurity:trivy:PkgID", "value": "tzdata@2022a-0ubuntu0.20.04" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "tzdata" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0ubuntu0.20.04" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2022a" } ] }, { "bom-ref": "pkg:deb/ubuntu/ubuntu-keyring@2020.02.11.4?arch=all\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Dimitri John Ledkov \u003cdimitri.ledkov@canonical.com\u003e" }, "name": "ubuntu-keyring", "version": "2020.02.11.4", "licenses": [ { "license": { "name": "GPL-3.0" } } ], "purl": "pkg:deb/ubuntu/ubuntu-keyring@2020.02.11.4?arch=all\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "ubuntu-keyring@2020.02.11.4" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "ubuntu-keyring" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2020.02.11.4" } ] }, { "bom-ref": "pkg:deb/ubuntu/util-linux@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "util-linux", "version": "2.34-0.1ubuntu9.3", "licenses": [ { "license": { "name": "GPL-2.0" } }, { "license": { "name": "public-domain" } }, { "license": { "name": "BSD-4-Clause" } }, { "license": { "name": "MIT" } }, { "license": { "name": "BSD-2-Clause" } }, { "license": { "name": "BSD-3-Clause" } }, { "license": { "name": "LGPL-2.0" } }, { "license": { "name": "LGPL-2.1" } }, { "license": { "name": "GPL-3.0" } }, { "license": { "name": "LGPL-3.0" } } ], "purl": "pkg:deb/ubuntu/util-linux@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "util-linux@2.34-0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcName", "value": "util-linux" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "0.1ubuntu9.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "2.34" } ] }, { "bom-ref": "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "type": "library", "supplier": { "name": "Ubuntu Developers \u003cubuntu-devel-discuss@lists.ubuntu.com\u003e" }, "name": "zlib1g", "version": "1.2.11.dfsg-2ubuntu1.3", "licenses": [ { "license": { "name": "Zlib" } } ], "purl": "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:b40ed86654e59e1012e1716d5384910f8c3bb58274b7b00fca564a53e9897ba3" }, { "name": "aquasecurity:trivy:PkgID", "value": "zlib1g@1:1.2.11.dfsg-2ubuntu1.3" }, { "name": "aquasecurity:trivy:PkgType", "value": "ubuntu" }, { "name": "aquasecurity:trivy:SrcEpoch", "value": "1" }, { "name": "aquasecurity:trivy:SrcName", "value": "zlib" }, { "name": "aquasecurity:trivy:SrcRelease", "value": "2ubuntu1.3" }, { "name": "aquasecurity:trivy:SrcVersion", "value": "1.2.11.dfsg" } ] }, { "bom-ref": "pkg:nuget/Ardalis.GuardClauses@4.0.0", "type": "library", "name": "Ardalis.GuardClauses", "version": "4.0.0", "purl": "pkg:nuget/Ardalis.GuardClauses@4.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/AutoMapper@10.0.0", "type": "library", "name": "AutoMapper", "version": "10.0.0", "purl": "pkg:nuget/AutoMapper@10.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Azure.Core@1.6.0", "type": "library", "name": "Azure.Core", "version": "1.6.0", "purl": "pkg:nuget/Azure.Core@1.6.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Azure.Identity@1.3.0", "type": "library", "name": "Azure.Identity", "version": "1.3.0", "purl": "pkg:nuget/Azure.Identity@1.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/IdentityModel@4.4.0", "type": "library", "name": "IdentityModel", "version": "4.4.0", "purl": "pkg:nuget/IdentityModel@4.4.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/IdentityServer4.EntityFramework.Storage@4.1.2", "type": "library", "name": "IdentityServer4.EntityFramework.Storage", "version": "4.1.2", "purl": "pkg:nuget/IdentityServer4.EntityFramework.Storage@4.1.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/IdentityServer4.EntityFramework@4.1.2", "type": "library", "name": "IdentityServer4.EntityFramework", "version": "4.1.2", "purl": "pkg:nuget/IdentityServer4.EntityFramework@4.1.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/IdentityServer4.Storage@4.1.2", "type": "library", "name": "IdentityServer4.Storage", "version": "4.1.2", "purl": "pkg:nuget/IdentityServer4.Storage@4.1.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/IdentityServer4@4.1.2", "type": "library", "name": "IdentityServer4", "version": "4.1.2", "purl": "pkg:nuget/IdentityServer4@4.1.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/JetBrains.Annotations@2021.2.0", "type": "library", "name": "JetBrains.Annotations", "version": "2021.2.0", "purl": "pkg:nuget/JetBrains.Annotations@2021.2.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-x64@3.1.28", "type": "library", "name": "Microsoft.AspNetCore.App.Runtime.linux-x64", "version": "3.1.28", "purl": "pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-x64@3.1.28", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:28c8a76aa34e3b62cc5a49a8bc59404da547a1dc9504ff77a0919bad4e4838a0" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.AspNetCore.Authentication.OpenIdConnect@3.1.0", "type": "library", "name": "Microsoft.AspNetCore.Authentication.OpenIdConnect", "version": "3.1.0", "purl": "pkg:nuget/Microsoft.AspNetCore.Authentication.OpenIdConnect@3.1.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.AspNetCore.Cryptography.Internal@3.1.18", "type": "library", "name": "Microsoft.AspNetCore.Cryptography.Internal", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.AspNetCore.Cryptography.Internal@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.AspNetCore.DataProtection.Abstractions@3.1.18", "type": "library", "name": "Microsoft.AspNetCore.DataProtection.Abstractions", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.AspNetCore.DataProtection.Abstractions@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.AspNetCore.DataProtection@3.1.18", "type": "library", "name": "Microsoft.AspNetCore.DataProtection", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.AspNetCore.DataProtection@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.AspNetCore.Http.Abstractions@2.2.0", "type": "library", "name": "Microsoft.AspNetCore.Http.Abstractions", "version": "2.2.0", "purl": "pkg:nuget/Microsoft.AspNetCore.Http.Abstractions@2.2.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.AspNetCore.Http.Features@2.2.0", "type": "library", "name": "Microsoft.AspNetCore.Http.Features", "version": "2.2.0", "purl": "pkg:nuget/Microsoft.AspNetCore.Http.Features@2.2.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.AspNetCore.JsonPatch@3.1.10", "type": "library", "name": "Microsoft.AspNetCore.JsonPatch", "version": "3.1.10", "purl": "pkg:nuget/Microsoft.AspNetCore.JsonPatch@3.1.10", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.AspNetCore.Mvc.NewtonsoftJson@3.1.10", "type": "library", "name": "Microsoft.AspNetCore.Mvc.NewtonsoftJson", "version": "3.1.10", "purl": "pkg:nuget/Microsoft.AspNetCore.Mvc.NewtonsoftJson@3.1.10", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.AspNetCore.Mvc.Versioning@5.0.0", "type": "library", "name": "Microsoft.AspNetCore.Mvc.Versioning", "version": "5.0.0", "purl": "pkg:nuget/Microsoft.AspNetCore.Mvc.Versioning@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Bcl.AsyncInterfaces@1.1.0", "type": "library", "name": "Microsoft.Bcl.AsyncInterfaces", "version": "1.1.0", "purl": "pkg:nuget/Microsoft.Bcl.AsyncInterfaces@1.1.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Bcl.HashCode@1.1.0", "type": "library", "name": "Microsoft.Bcl.HashCode", "version": "1.1.0", "purl": "pkg:nuget/Microsoft.Bcl.HashCode@1.1.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Build.Tasks.Git@1.1.0-beta-20206-02", "type": "library", "name": "Microsoft.Build.Tasks.Git", "version": "1.1.0-beta-20206-02", "purl": "pkg:nuget/Microsoft.Build.Tasks.Git@1.1.0-beta-20206-02", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.CSharp@4.7.0", "type": "library", "name": "Microsoft.CSharp", "version": "4.7.0", "purl": "pkg:nuget/Microsoft.CSharp@4.7.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.CodeAnalysis.NetAnalyzers@6.0.0", "type": "library", "name": "Microsoft.CodeAnalysis.NetAnalyzers", "version": "6.0.0", "purl": "pkg:nuget/Microsoft.CodeAnalysis.NetAnalyzers@6.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Data.SqlClient.SNI.runtime@4.0.0", "type": "library", "name": "Microsoft.Data.SqlClient.SNI.runtime", "version": "4.0.0", "purl": "pkg:nuget/Microsoft.Data.SqlClient.SNI.runtime@4.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Data.SqlClient@4.0.0", "type": "library", "name": "Microsoft.Data.SqlClient", "version": "4.0.0", "purl": "pkg:nuget/Microsoft.Data.SqlClient@4.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.EntityFrameworkCore.Abstractions@3.1.2", "type": "library", "name": "Microsoft.EntityFrameworkCore.Abstractions", "version": "3.1.2", "purl": "pkg:nuget/Microsoft.EntityFrameworkCore.Abstractions@3.1.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.EntityFrameworkCore.Analyzers@3.1.2", "type": "library", "name": "Microsoft.EntityFrameworkCore.Analyzers", "version": "3.1.2", "purl": "pkg:nuget/Microsoft.EntityFrameworkCore.Analyzers@3.1.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.EntityFrameworkCore.Relational@3.1.2", "type": "library", "name": "Microsoft.EntityFrameworkCore.Relational", "version": "3.1.2", "purl": "pkg:nuget/Microsoft.EntityFrameworkCore.Relational@3.1.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.EntityFrameworkCore.SqlServer@3.1.2", "type": "library", "name": "Microsoft.EntityFrameworkCore.SqlServer", "version": "3.1.2", "purl": "pkg:nuget/Microsoft.EntityFrameworkCore.SqlServer@3.1.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.EntityFrameworkCore@3.1.2", "type": "library", "name": "Microsoft.EntityFrameworkCore", "version": "3.1.2", "purl": "pkg:nuget/Microsoft.EntityFrameworkCore@3.1.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.ApiDescription.Server@3.0.0", "type": "library", "name": "Microsoft.Extensions.ApiDescription.Server", "version": "3.0.0", "purl": "pkg:nuget/Microsoft.Extensions.ApiDescription.Server@3.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Caching.Abstractions@3.1.18", "type": "library", "name": "Microsoft.Extensions.Caching.Abstractions", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Caching.Abstractions@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Caching.Memory@3.1.18", "type": "library", "name": "Microsoft.Extensions.Caching.Memory", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Caching.Memory@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@3.1.18", "type": "library", "name": "Microsoft.Extensions.Configuration.Abstractions", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Configuration.Binder@3.1.18", "type": "library", "name": "Microsoft.Extensions.Configuration.Binder", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Configuration.Binder@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Configuration@3.1.18", "type": "library", "name": "Microsoft.Extensions.Configuration", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Configuration@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@3.1.22", "type": "library", "name": "Microsoft.Extensions.DependencyInjection.Abstractions", "version": "3.1.22", "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@3.1.22", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.DependencyInjection@3.1.18", "type": "library", "name": "Microsoft.Extensions.DependencyInjection", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.DependencyInjection@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Diagnostics.HealthChecks.Abstractions@3.1.18", "type": "library", "name": "Microsoft.Extensions.Diagnostics.HealthChecks.Abstractions", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Diagnostics.HealthChecks.Abstractions@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Diagnostics.HealthChecks@3.1.18", "type": "library", "name": "Microsoft.Extensions.Diagnostics.HealthChecks", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Diagnostics.HealthChecks@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@3.1.18", "type": "library", "name": "Microsoft.Extensions.FileProviders.Abstractions", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Hosting.Abstractions@3.1.18", "type": "library", "name": "Microsoft.Extensions.Hosting.Abstractions", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Hosting.Abstractions@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Http@3.1.18", "type": "library", "name": "Microsoft.Extensions.Http", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Http@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@3.1.18", "type": "library", "name": "Microsoft.Extensions.Logging.Abstractions", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Logging.EventLog@3.1.18", "type": "library", "name": "Microsoft.Extensions.Logging.EventLog", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Logging.EventLog@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Logging@3.1.18", "type": "library", "name": "Microsoft.Extensions.Logging", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Logging@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Options@3.1.18", "type": "library", "name": "Microsoft.Extensions.Options", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Options@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Extensions.Primitives@3.1.18", "type": "library", "name": "Microsoft.Extensions.Primitives", "version": "3.1.18", "purl": "pkg:nuget/Microsoft.Extensions.Primitives@3.1.18", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Identity.Client.Extensions.Msal@2.16.5", "type": "library", "name": "Microsoft.Identity.Client.Extensions.Msal", "version": "2.16.5", "purl": "pkg:nuget/Microsoft.Identity.Client.Extensions.Msal@2.16.5", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Identity.Client@4.22.0", "type": "library", "name": "Microsoft.Identity.Client", "version": "4.22.0", "purl": "pkg:nuget/Microsoft.Identity.Client@4.22.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.IdentityModel.JsonWebTokens@6.12.2", "type": "library", "name": "Microsoft.IdentityModel.JsonWebTokens", "version": "6.12.2", "purl": "pkg:nuget/Microsoft.IdentityModel.JsonWebTokens@6.12.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.IdentityModel.Logging@6.12.2", "type": "library", "name": "Microsoft.IdentityModel.Logging", "version": "6.12.2", "purl": "pkg:nuget/Microsoft.IdentityModel.Logging@6.12.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.IdentityModel.Protocols.OpenIdConnect@6.8.0", "type": "library", "name": "Microsoft.IdentityModel.Protocols.OpenIdConnect", "version": "6.8.0", "purl": "pkg:nuget/Microsoft.IdentityModel.Protocols.OpenIdConnect@6.8.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.IdentityModel.Protocols@6.8.0", "type": "library", "name": "Microsoft.IdentityModel.Protocols", "version": "6.8.0", "purl": "pkg:nuget/Microsoft.IdentityModel.Protocols@6.8.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.IdentityModel.Tokens@6.12.2", "type": "library", "name": "Microsoft.IdentityModel.Tokens", "version": "6.12.2", "purl": "pkg:nuget/Microsoft.IdentityModel.Tokens@6.12.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.NETCore.App.Internal@3.1.28-servicing.22363.6", "type": "library", "name": "Microsoft.NETCore.App.Internal", "version": "3.1.28-servicing.22363.6", "purl": "pkg:nuget/Microsoft.NETCore.App.Internal@3.1.28-servicing.22363.6", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.NETCore.App@3.1.28-servicing.22363.6", "type": "library", "name": "Microsoft.NETCore.App", "version": "3.1.28-servicing.22363.6", "purl": "pkg:nuget/Microsoft.NETCore.App@3.1.28-servicing.22363.6", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.NETCore.DotNetHostPolicy@3.1.28", "type": "library", "name": "Microsoft.NETCore.DotNetHostPolicy", "version": "3.1.28", "purl": "pkg:nuget/Microsoft.NETCore.DotNetHostPolicy@3.1.28", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.NETCore.Platforms@3.1.9", "type": "library", "name": "Microsoft.NETCore.Platforms", "version": "3.1.9", "purl": "pkg:nuget/Microsoft.NETCore.Platforms@3.1.9", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.NETCore.Platforms@5.0.0", "type": "library", "name": "Microsoft.NETCore.Platforms", "version": "5.0.0", "purl": "pkg:nuget/Microsoft.NETCore.Platforms@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.NETCore.Targets@1.1.0", "type": "library", "name": "Microsoft.NETCore.Targets", "version": "1.1.0", "purl": "pkg:nuget/Microsoft.NETCore.Targets@1.1.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.NETCore.Targets@3.1.0", "type": "library", "name": "Microsoft.NETCore.Targets", "version": "3.1.0", "purl": "pkg:nuget/Microsoft.NETCore.Targets@3.1.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.OpenApi@1.2.3", "type": "library", "name": "Microsoft.OpenApi", "version": "1.2.3", "purl": "pkg:nuget/Microsoft.OpenApi@1.2.3", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.SourceLink.AzureRepos.Git@1.1.0-beta-20206-02", "type": "library", "name": "Microsoft.SourceLink.AzureRepos.Git", "version": "1.1.0-beta-20206-02", "purl": "pkg:nuget/Microsoft.SourceLink.AzureRepos.Git@1.1.0-beta-20206-02", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.SourceLink.Common@1.1.0-beta-20206-02", "type": "library", "name": "Microsoft.SourceLink.Common", "version": "1.1.0-beta-20206-02", "purl": "pkg:nuget/Microsoft.SourceLink.Common@1.1.0-beta-20206-02", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.SourceLink.GitHub@1.1.0-beta-20206-02", "type": "library", "name": "Microsoft.SourceLink.GitHub", "version": "1.1.0-beta-20206-02", "purl": "pkg:nuget/Microsoft.SourceLink.GitHub@1.1.0-beta-20206-02", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Win32.Registry@5.0.0", "type": "library", "name": "Microsoft.Win32.Registry", "version": "5.0.0", "purl": "pkg:nuget/Microsoft.Win32.Registry@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Microsoft.Win32.SystemEvents@5.0.0", "type": "library", "name": "Microsoft.Win32.SystemEvents", "version": "5.0.0", "purl": "pkg:nuget/Microsoft.Win32.SystemEvents@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/NETStandard.Library@2.1.0", "type": "library", "name": "NETStandard.Library", "version": "2.1.0", "purl": "pkg:nuget/NETStandard.Library@2.1.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Newtonsoft.Json.Bson@1.0.2", "type": "library", "name": "Newtonsoft.Json.Bson", "version": "1.0.2", "purl": "pkg:nuget/Newtonsoft.Json.Bson@1.0.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Newtonsoft.Json@13.0.1", "type": "library", "name": "Newtonsoft.Json", "version": "13.0.1", "purl": "pkg:nuget/Newtonsoft.Json@13.0.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/SonarAnalyzer.CSharp@8.38.0.46746", "type": "library", "name": "SonarAnalyzer.CSharp", "version": "8.38.0.46746", "purl": "pkg:nuget/SonarAnalyzer.CSharp@8.38.0.46746", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Database.Abstractions@1.8.1", "type": "library", "name": "Sputnik.Database.Abstractions", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.Database.Abstractions@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Database@1.8.2", "type": "library", "name": "Sputnik.Database", "version": "1.8.2", "purl": "pkg:nuget/Sputnik.Database@1.8.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Deployment.Operational.Api.Client@1.8.1", "type": "library", "name": "Sputnik.Deployment.Operational.Api.Client", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.Deployment.Operational.Api.Client@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Deployment.Operational.Api.Models@1.8.1", "type": "library", "name": "Sputnik.Deployment.Operational.Api.Models", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.Deployment.Operational.Api.Models@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Deployment.Operational.Api@1.8.1", "type": "library", "name": "Sputnik.Deployment.Operational.Api", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.Deployment.Operational.Api@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Feature.Api.Models@1.8.0", "type": "library", "name": "Sputnik.Feature.Api.Models", "version": "1.8.0", "purl": "pkg:nuget/Sputnik.Feature.Api.Models@1.8.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Feature.Api@1.8.0", "type": "library", "name": "Sputnik.Feature.Api", "version": "1.8.0", "purl": "pkg:nuget/Sputnik.Feature.Api@1.8.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Http@1.0.3", "type": "library", "name": "Sputnik.Http", "version": "1.0.3", "purl": "pkg:nuget/Sputnik.Http@1.0.3", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.MemoryCache.Client@1.8.1", "type": "library", "name": "Sputnik.MemoryCache.Client", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.MemoryCache.Client@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.MetaService.Client.Abstractions@1.8.0", "type": "library", "name": "Sputnik.MetaService.Client.Abstractions", "version": "1.8.0", "purl": "pkg:nuget/Sputnik.MetaService.Client.Abstractions@1.8.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.MetaService.Client.Http@1.8.1", "type": "library", "name": "Sputnik.MetaService.Client.Http", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.MetaService.Client.Http@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.MetaService.Client.Json@1.8.0", "type": "library", "name": "Sputnik.MetaService.Client.Json", "version": "1.8.0", "purl": "pkg:nuget/Sputnik.MetaService.Client.Json@1.8.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.MetaService.Client.Script@1.8.0", "type": "library", "name": "Sputnik.MetaService.Client.Script", "version": "1.8.0", "purl": "pkg:nuget/Sputnik.MetaService.Client.Script@1.8.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.MetaService.Client@1.8.1", "type": "library", "name": "Sputnik.MetaService.Client", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.MetaService.Client@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Runtime.Abstractions@1.4.0", "type": "library", "name": "Sputnik.Runtime.Abstractions", "version": "1.4.0", "purl": "pkg:nuget/Sputnik.Runtime.Abstractions@1.4.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Runtime@1.4.0", "type": "library", "name": "Sputnik.Runtime", "version": "1.4.0", "purl": "pkg:nuget/Sputnik.Runtime@1.4.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Security.Authentication.Artifact.Client@1.8.1", "type": "library", "name": "Sputnik.Security.Authentication.Artifact.Client", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.Security.Authentication.Artifact.Client@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Security.Authentication.Artifact@1.8.0", "type": "library", "name": "Sputnik.Security.Authentication.Artifact", "version": "1.8.0", "purl": "pkg:nuget/Sputnik.Security.Authentication.Artifact@1.8.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Security.Authentication.IdpWeb@1.8.1", "type": "library", "name": "Sputnik.Security.Authentication.IdpWeb", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.Security.Authentication.IdpWeb@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Security.Authentication@1.8.1", "type": "library", "name": "Sputnik.Security.Authentication", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.Security.Authentication@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Security.Claims@0.0.4", "type": "library", "name": "Sputnik.Security.Claims", "version": "0.0.4", "purl": "pkg:nuget/Sputnik.Security.Claims@0.0.4", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Security.Cryptography@0.0.2", "type": "library", "name": "Sputnik.Security.Cryptography", "version": "0.0.2", "purl": "pkg:nuget/Sputnik.Security.Cryptography@0.0.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Security.DataProtection@1.9.0", "type": "library", "name": "Sputnik.Security.DataProtection", "version": "1.9.0", "purl": "pkg:nuget/Sputnik.Security.DataProtection@1.9.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.SysLog.Client.Http@1.8.1", "type": "library", "name": "Sputnik.SysLog.Client.Http", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.SysLog.Client.Http@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Syslog.Client.Abstractions@1.8.0", "type": "library", "name": "Sputnik.Syslog.Client.Abstractions", "version": "1.8.0", "purl": "pkg:nuget/Sputnik.Syslog.Client.Abstractions@1.8.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Sputnik.Syslog.Client@1.8.1", "type": "library", "name": "Sputnik.Syslog.Client", "version": "1.8.1", "purl": "pkg:nuget/Sputnik.Syslog.Client@1.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/StyleCop.Analyzers@1.1.118", "type": "library", "name": "StyleCop.Analyzers", "version": "1.1.118", "purl": "pkg:nuget/StyleCop.Analyzers@1.1.118", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Swashbuckle.AspNetCore.Swagger@6.3.0", "type": "library", "name": "Swashbuckle.AspNetCore.Swagger", "version": "6.3.0", "purl": "pkg:nuget/Swashbuckle.AspNetCore.Swagger@6.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Swashbuckle.AspNetCore.SwaggerGen@6.3.0", "type": "library", "name": "Swashbuckle.AspNetCore.SwaggerGen", "version": "6.3.0", "purl": "pkg:nuget/Swashbuckle.AspNetCore.SwaggerGen@6.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Swashbuckle.AspNetCore.SwaggerUI@6.3.0", "type": "library", "name": "Swashbuckle.AspNetCore.SwaggerUI", "version": "6.3.0", "purl": "pkg:nuget/Swashbuckle.AspNetCore.SwaggerUI@6.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/Swashbuckle.AspNetCore@6.3.0", "type": "library", "name": "Swashbuckle.AspNetCore", "version": "6.3.0", "purl": "pkg:nuget/Swashbuckle.AspNetCore@6.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Buffers@4.5.1", "type": "library", "name": "System.Buffers", "version": "4.5.1", "purl": "pkg:nuget/System.Buffers@4.5.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Collections.Immutable@1.7.0", "type": "library", "name": "System.Collections.Immutable", "version": "1.7.0", "purl": "pkg:nuget/System.Collections.Immutable@1.7.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.ComponentModel.Annotations@4.7.0", "type": "library", "name": "System.ComponentModel.Annotations", "version": "4.7.0", "purl": "pkg:nuget/System.ComponentModel.Annotations@4.7.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Configuration.ConfigurationManager@5.0.0", "type": "library", "name": "System.Configuration.ConfigurationManager", "version": "5.0.0", "purl": "pkg:nuget/System.Configuration.ConfigurationManager@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Data.SqlClient@4.8.1", "type": "library", "name": "System.Data.SqlClient", "version": "4.8.1", "purl": "pkg:nuget/System.Data.SqlClient@4.8.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Diagnostics.DiagnosticSource@5.0.0", "type": "library", "name": "System.Diagnostics.DiagnosticSource", "version": "5.0.0", "purl": "pkg:nuget/System.Diagnostics.DiagnosticSource@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Diagnostics.EventLog@4.7.0", "type": "library", "name": "System.Diagnostics.EventLog", "version": "4.7.0", "purl": "pkg:nuget/System.Diagnostics.EventLog@4.7.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Drawing.Common@5.0.0", "type": "library", "name": "System.Drawing.Common", "version": "5.0.0", "purl": "pkg:nuget/System.Drawing.Common@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Formats.Asn1@5.0.0", "type": "library", "name": "System.Formats.Asn1", "version": "5.0.0", "purl": "pkg:nuget/System.Formats.Asn1@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Globalization@4.3.0", "type": "library", "name": "System.Globalization", "version": "4.3.0", "purl": "pkg:nuget/System.Globalization@4.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.IO.Pipelines@5.0.1", "type": "library", "name": "System.IO.Pipelines", "version": "5.0.1", "purl": "pkg:nuget/System.IO.Pipelines@5.0.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.IO@4.3.0", "type": "library", "name": "System.IO", "version": "4.3.0", "purl": "pkg:nuget/System.IO@4.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.IdentityModel.Tokens.Jwt@6.12.2", "type": "library", "name": "System.IdentityModel.Tokens.Jwt", "version": "6.12.2", "purl": "pkg:nuget/System.IdentityModel.Tokens.Jwt@6.12.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Memory@4.5.3", "type": "library", "name": "System.Memory", "version": "4.5.3", "purl": "pkg:nuget/System.Memory@4.5.3", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Numerics.Vectors@4.5.0", "type": "library", "name": "System.Numerics.Vectors", "version": "4.5.0", "purl": "pkg:nuget/System.Numerics.Vectors@4.5.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Reflection.Emit@4.7.0", "type": "library", "name": "System.Reflection.Emit", "version": "4.7.0", "purl": "pkg:nuget/System.Reflection.Emit@4.7.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Reflection.Primitives@4.3.0", "type": "library", "name": "System.Reflection.Primitives", "version": "4.3.0", "purl": "pkg:nuget/System.Reflection.Primitives@4.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Reflection@4.3.0", "type": "library", "name": "System.Reflection", "version": "4.3.0", "purl": "pkg:nuget/System.Reflection@4.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Resources.ResourceManager@4.3.0", "type": "library", "name": "System.Resources.ResourceManager", "version": "4.3.0", "purl": "pkg:nuget/System.Resources.ResourceManager@4.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Runtime.Caching@5.0.0", "type": "library", "name": "System.Runtime.Caching", "version": "5.0.0", "purl": "pkg:nuget/System.Runtime.Caching@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@5.0.0", "type": "library", "name": "System.Runtime.CompilerServices.Unsafe", "version": "5.0.0", "purl": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Runtime@4.3.0", "type": "library", "name": "System.Runtime", "version": "4.3.0", "purl": "pkg:nuget/System.Runtime@4.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Security.AccessControl@5.0.0", "type": "library", "name": "System.Security.AccessControl", "version": "5.0.0", "purl": "pkg:nuget/System.Security.AccessControl@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Security.Cryptography.Cng@5.0.0", "type": "library", "name": "System.Security.Cryptography.Cng", "version": "5.0.0", "purl": "pkg:nuget/System.Security.Cryptography.Cng@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Security.Cryptography.Pkcs@4.7.0", "type": "library", "name": "System.Security.Cryptography.Pkcs", "version": "4.7.0", "purl": "pkg:nuget/System.Security.Cryptography.Pkcs@4.7.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Security.Cryptography.ProtectedData@5.0.0", "type": "library", "name": "System.Security.Cryptography.ProtectedData", "version": "5.0.0", "purl": "pkg:nuget/System.Security.Cryptography.ProtectedData@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Security.Cryptography.Xml@4.7.0", "type": "library", "name": "System.Security.Cryptography.Xml", "version": "4.7.0", "purl": "pkg:nuget/System.Security.Cryptography.Xml@4.7.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Security.Permissions@5.0.0", "type": "library", "name": "System.Security.Permissions", "version": "5.0.0", "purl": "pkg:nuget/System.Security.Permissions@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Security.Principal.Windows@5.0.0", "type": "library", "name": "System.Security.Principal.Windows", "version": "5.0.0", "purl": "pkg:nuget/System.Security.Principal.Windows@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Text.Encoding.CodePages@5.0.0", "type": "library", "name": "System.Text.Encoding.CodePages", "version": "5.0.0", "purl": "pkg:nuget/System.Text.Encoding.CodePages@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Text.Encoding@4.3.0", "type": "library", "name": "System.Text.Encoding", "version": "4.3.0", "purl": "pkg:nuget/System.Text.Encoding@4.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Text.Encodings.Web@4.7.2", "type": "library", "name": "System.Text.Encodings.Web", "version": "4.7.2", "purl": "pkg:nuget/System.Text.Encodings.Web@4.7.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Text.Json@4.7.2", "type": "library", "name": "System.Text.Json", "version": "4.7.2", "purl": "pkg:nuget/System.Text.Json@4.7.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Threading.Tasks.Extensions@4.5.2", "type": "library", "name": "System.Threading.Tasks.Extensions", "version": "4.5.2", "purl": "pkg:nuget/System.Threading.Tasks.Extensions@4.5.2", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Threading.Tasks@4.3.0", "type": "library", "name": "System.Threading.Tasks", "version": "4.3.0", "purl": "pkg:nuget/System.Threading.Tasks@4.3.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/System.Windows.Extensions@5.0.0", "type": "library", "name": "System.Windows.Extensions", "version": "5.0.0", "purl": "pkg:nuget/System.Windows.Extensions@5.0.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/XliffTasks@1.0.0-beta.20206.1", "type": "library", "name": "XliffTasks", "version": "1.0.0-beta.20206.1", "purl": "pkg:nuget/XliffTasks@1.0.0-beta.20206.1", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/runtime.linux-x64.Microsoft.NETCore.App@3.1.28-servicing.22363.6", "type": "library", "name": "runtime.linux-x64.Microsoft.NETCore.App", "version": "3.1.28-servicing.22363.6", "purl": "pkg:nuget/runtime.linux-x64.Microsoft.NETCore.App@3.1.28-servicing.22363.6", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/runtime.linux-x64.Microsoft.NETCore.DotNetHostPolicy@3.1.28", "type": "library", "name": "runtime.linux-x64.Microsoft.NETCore.DotNetHostPolicy", "version": "3.1.28", "purl": "pkg:nuget/runtime.linux-x64.Microsoft.NETCore.DotNetHostPolicy@3.1.28", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:2aa99f4b546236e3e880edf00f6095e5bd873cc3279f28835bab343602929693" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/runtime.native.System.Data.SqlClient.sni@4.7.0", "type": "library", "name": "runtime.native.System.Data.SqlClient.sni", "version": "4.7.0", "purl": "pkg:nuget/runtime.native.System.Data.SqlClient.sni@4.7.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/runtime.win-arm64.runtime.native.System.Data.SqlClient.sni@4.4.0", "type": "library", "name": "runtime.win-arm64.runtime.native.System.Data.SqlClient.sni", "version": "4.4.0", "purl": "pkg:nuget/runtime.win-arm64.runtime.native.System.Data.SqlClient.sni@4.4.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/runtime.win-x64.runtime.native.System.Data.SqlClient.sni@4.4.0", "type": "library", "name": "runtime.win-x64.runtime.native.System.Data.SqlClient.sni", "version": "4.4.0", "purl": "pkg:nuget/runtime.win-x64.runtime.native.System.Data.SqlClient.sni@4.4.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] }, { "bom-ref": "pkg:nuget/runtime.win-x86.runtime.native.System.Data.SqlClient.sni@4.4.0", "type": "library", "name": "runtime.win-x86.runtime.native.System.Data.SqlClient.sni", "version": "4.4.0", "purl": "pkg:nuget/runtime.win-x86.runtime.native.System.Data.SqlClient.sni@4.4.0", "properties": [ { "name": "aquasecurity:trivy:LayerDiffID", "value": "sha256:7c4876284364a28c05064b8342d6ef2e4b26bf44b9d88209cc3b749fd185eaf9" }, { "name": "aquasecurity:trivy:PkgType", "value": "dotnet-core" } ] } ], "dependencies": [ { "ref": "5f3a4355-930d-4969-b731-c88b83f2437d", "dependsOn": [ "pkg:deb/ubuntu/adduser@3.118ubuntu2?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/apt@2.0.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/base-files@11ubuntu5.6?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/base-passwd@3.5.47?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/bash@5.0-6ubuntu1.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/bsdutils@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/bzip2@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/ca-certificates@20211016~20.04.1?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/coreutils@8.30-3ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/dash@0.5.10.2-6?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/debianutils@4.9.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/diffutils@3.7-3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/dpkg@1.19.7ubuntu3.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/e2fsprogs@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/fdisk@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/findutils@4.7.0-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/gcc-10-base@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/gpgv@2.2.19-3ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/grep@3.4-1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/gzip@1.10-0ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/hostname@3.23?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/init-system-helpers@1.57?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libacl1@2.2.53-6?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libapt-pkg6.0@2.0.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libattr1@2.4.48-5?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libaudit-common@2.8.5-2ubuntu6?arch=all\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libaudit1@2.8.5-2ubuntu6?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libblkid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libbrotli1@1.0.7-6ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libbz2-1.0@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc-bin@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.1build1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcrypt1@4.4.10-10ubuntu4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libdb5.3@5.3.28%2Bdfsg1-0.6ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libdebconfclient0@0.251ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libext2fs2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libfdisk1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libffi7@3.3-4?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgcc-s1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgcc1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libgcrypt20@1.8.5-5ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgmp10@6.2.0%2Bdfsg-4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "pkg:deb/ubuntu/libgnutls30@3.6.13-2ubuntu1.7?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgpg-error0@1.37-1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgssapi-krb5-2@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libhogweed5@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libicu66@66.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libidn2-0@2.2.0-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libk5crypto3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkeyutils1@1.6-6ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkrb5-3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libldap-2.4-2@2.4.49%2Bdfsg-2ubuntu1.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libldap-common@2.4.49%2Bdfsg-2ubuntu1.9?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/liblz4-1@1.9.2-2ubuntu0.20.04.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/liblzma5@5.2.4-1ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libmount1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libncurses6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libncursesw6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libnettle7@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libnghttp2-14@1.40.0-1build1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libp11-kit0@0.23.20-1ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libpam-modules-bin@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libpam-modules@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libpam-runtime@1.3.1-5ubuntu4.3?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libpam0g@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libpcre2-8-0@10.34-7?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libpcre3@8.39-12ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "pkg:deb/ubuntu/libprocps8@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "pkg:deb/ubuntu/libpsl5@0.21.0-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/librtmp1@2.4%2B20151223.gitfa8646d.1-2build1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsasl2-2@2.1.27%2Bdfsg-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsasl2-modules-db@2.1.27%2Bdfsg-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libseccomp2@2.5.1-1ubuntu1~20.04.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libselinux1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsemanage-common@3.0-1build2?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsemanage1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsepol1@3.0-1ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsmartcols1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsqlite3-0@3.31.1-4ubuntu0.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libss2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libssh-4@0.9.3-2ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libstdc%2B%2B6@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsystemd0@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libtasn1-6@4.16.0-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libudev1@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libunistring2@0.9.10-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libuuid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libzstd1@1.4.4%2Bdfsg-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/login@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/logsave@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/mawk@1.3.4.20200120-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/mount@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/ncurses-base@6.2-0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/ncurses-bin@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/passwd@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/perl-base@5.30.0-9ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/procps@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "pkg:deb/ubuntu/sed@4.7-1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/sensible-utils@0.0.12%2Bnmu1?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/sysvinit-utils@2.96-2.1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/tar@1.30%2Bdfsg-7ubuntu0.20.04.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/tzdata@2022a-0ubuntu0.20.04?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/ubuntu-keyring@2020.02.11.4?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/util-linux@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "76956f98-30e0-44d0-9f58-4586e68fd3b2", "dependsOn": [ "5f3a4355-930d-4969-b731-c88b83f2437d", "a254e903-4df0-4005-8bae-5fc4a9928945", "cc0d9f1b-c33c-4c2c-86d3-41fa40322487", "f73012a0-4253-41ff-ac27-faa347b62fb2" ] }, { "ref": "a254e903-4df0-4005-8bae-5fc4a9928945", "dependsOn": [ "pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-x64@3.1.28" ] }, { "ref": "cc0d9f1b-c33c-4c2c-86d3-41fa40322487", "dependsOn": [ "pkg:nuget/Microsoft.Build.Tasks.Git@1.1.0-beta-20206-02", "pkg:nuget/Microsoft.NETCore.App.Internal@3.1.28-servicing.22363.6", "pkg:nuget/Microsoft.NETCore.App@3.1.28-servicing.22363.6", "pkg:nuget/Microsoft.NETCore.DotNetHostPolicy@3.1.28", "pkg:nuget/Microsoft.NETCore.Platforms@3.1.9", "pkg:nuget/Microsoft.NETCore.Targets@3.1.0", "pkg:nuget/Microsoft.SourceLink.AzureRepos.Git@1.1.0-beta-20206-02", "pkg:nuget/Microsoft.SourceLink.Common@1.1.0-beta-20206-02", "pkg:nuget/Microsoft.SourceLink.GitHub@1.1.0-beta-20206-02", "pkg:nuget/NETStandard.Library@2.1.0", "pkg:nuget/XliffTasks@1.0.0-beta.20206.1", "pkg:nuget/runtime.linux-x64.Microsoft.NETCore.App@3.1.28-servicing.22363.6", "pkg:nuget/runtime.linux-x64.Microsoft.NETCore.DotNetHostPolicy@3.1.28" ] }, { "ref": "f73012a0-4253-41ff-ac27-faa347b62fb2", "dependsOn": [ "pkg:nuget/Ardalis.GuardClauses@4.0.0", "pkg:nuget/AutoMapper@10.0.0", "pkg:nuget/Azure.Core@1.6.0", "pkg:nuget/Azure.Identity@1.3.0", "pkg:nuget/IdentityModel@4.4.0", "pkg:nuget/IdentityServer4.EntityFramework.Storage@4.1.2", "pkg:nuget/IdentityServer4.EntityFramework@4.1.2", "pkg:nuget/IdentityServer4.Storage@4.1.2", "pkg:nuget/IdentityServer4@4.1.2", "pkg:nuget/JetBrains.Annotations@2021.2.0", "pkg:nuget/Microsoft.AspNetCore.Authentication.OpenIdConnect@3.1.0", "pkg:nuget/Microsoft.AspNetCore.Cryptography.Internal@3.1.18", "pkg:nuget/Microsoft.AspNetCore.DataProtection.Abstractions@3.1.18", "pkg:nuget/Microsoft.AspNetCore.DataProtection@3.1.18", "pkg:nuget/Microsoft.AspNetCore.Http.Abstractions@2.2.0", "pkg:nuget/Microsoft.AspNetCore.Http.Features@2.2.0", "pkg:nuget/Microsoft.AspNetCore.JsonPatch@3.1.10", "pkg:nuget/Microsoft.AspNetCore.Mvc.NewtonsoftJson@3.1.10", "pkg:nuget/Microsoft.AspNetCore.Mvc.Versioning@5.0.0", "pkg:nuget/Microsoft.Bcl.AsyncInterfaces@1.1.0", "pkg:nuget/Microsoft.Bcl.HashCode@1.1.0", "pkg:nuget/Microsoft.CSharp@4.7.0", "pkg:nuget/Microsoft.CodeAnalysis.NetAnalyzers@6.0.0", "pkg:nuget/Microsoft.Data.SqlClient.SNI.runtime@4.0.0", "pkg:nuget/Microsoft.Data.SqlClient@4.0.0", "pkg:nuget/Microsoft.EntityFrameworkCore.Abstractions@3.1.2", "pkg:nuget/Microsoft.EntityFrameworkCore.Analyzers@3.1.2", "pkg:nuget/Microsoft.EntityFrameworkCore.Relational@3.1.2", "pkg:nuget/Microsoft.EntityFrameworkCore.SqlServer@3.1.2", "pkg:nuget/Microsoft.EntityFrameworkCore@3.1.2", "pkg:nuget/Microsoft.Extensions.ApiDescription.Server@3.0.0", "pkg:nuget/Microsoft.Extensions.Caching.Abstractions@3.1.18", "pkg:nuget/Microsoft.Extensions.Caching.Memory@3.1.18", "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@3.1.18", "pkg:nuget/Microsoft.Extensions.Configuration.Binder@3.1.18", "pkg:nuget/Microsoft.Extensions.Configuration@3.1.18", "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@3.1.22", "pkg:nuget/Microsoft.Extensions.DependencyInjection@3.1.18", "pkg:nuget/Microsoft.Extensions.Diagnostics.HealthChecks.Abstractions@3.1.18", "pkg:nuget/Microsoft.Extensions.Diagnostics.HealthChecks@3.1.18", "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@3.1.18", "pkg:nuget/Microsoft.Extensions.Hosting.Abstractions@3.1.18", "pkg:nuget/Microsoft.Extensions.Http@3.1.18", "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@3.1.18", "pkg:nuget/Microsoft.Extensions.Logging.EventLog@3.1.18", "pkg:nuget/Microsoft.Extensions.Logging@3.1.18", "pkg:nuget/Microsoft.Extensions.Options@3.1.18", "pkg:nuget/Microsoft.Extensions.Primitives@3.1.18", "pkg:nuget/Microsoft.Identity.Client.Extensions.Msal@2.16.5", "pkg:nuget/Microsoft.Identity.Client@4.22.0", "pkg:nuget/Microsoft.IdentityModel.JsonWebTokens@6.12.2", "pkg:nuget/Microsoft.IdentityModel.Logging@6.12.2", "pkg:nuget/Microsoft.IdentityModel.Protocols.OpenIdConnect@6.8.0", "pkg:nuget/Microsoft.IdentityModel.Protocols@6.8.0", "pkg:nuget/Microsoft.IdentityModel.Tokens@6.12.2", "pkg:nuget/Microsoft.NETCore.Platforms@5.0.0", "pkg:nuget/Microsoft.NETCore.Targets@1.1.0", "pkg:nuget/Microsoft.OpenApi@1.2.3", "pkg:nuget/Microsoft.Win32.Registry@5.0.0", "pkg:nuget/Microsoft.Win32.SystemEvents@5.0.0", "pkg:nuget/Newtonsoft.Json.Bson@1.0.2", "pkg:nuget/Newtonsoft.Json@13.0.1", "pkg:nuget/SonarAnalyzer.CSharp@8.38.0.46746", "pkg:nuget/Sputnik.Database.Abstractions@1.8.1", "pkg:nuget/Sputnik.Database@1.8.2", "pkg:nuget/Sputnik.Deployment.Operational.Api.Client@1.8.1", "pkg:nuget/Sputnik.Deployment.Operational.Api.Models@1.8.1", "pkg:nuget/Sputnik.Deployment.Operational.Api@1.8.1", "pkg:nuget/Sputnik.Feature.Api.Models@1.8.0", "pkg:nuget/Sputnik.Feature.Api@1.8.0", "pkg:nuget/Sputnik.Http@1.0.3", "pkg:nuget/Sputnik.MemoryCache.Client@1.8.1", "pkg:nuget/Sputnik.MetaService.Client.Abstractions@1.8.0", "pkg:nuget/Sputnik.MetaService.Client.Http@1.8.1", "pkg:nuget/Sputnik.MetaService.Client.Json@1.8.0", "pkg:nuget/Sputnik.MetaService.Client.Script@1.8.0", "pkg:nuget/Sputnik.MetaService.Client@1.8.1", "pkg:nuget/Sputnik.Runtime.Abstractions@1.4.0", "pkg:nuget/Sputnik.Runtime@1.4.0", "pkg:nuget/Sputnik.Security.Authentication.Artifact.Client@1.8.1", "pkg:nuget/Sputnik.Security.Authentication.Artifact@1.8.0", "pkg:nuget/Sputnik.Security.Authentication.IdpWeb@1.8.1", "pkg:nuget/Sputnik.Security.Authentication@1.8.1", "pkg:nuget/Sputnik.Security.Claims@0.0.4", "pkg:nuget/Sputnik.Security.Cryptography@0.0.2", "pkg:nuget/Sputnik.Security.DataProtection@1.9.0", "pkg:nuget/Sputnik.SysLog.Client.Http@1.8.1", "pkg:nuget/Sputnik.Syslog.Client.Abstractions@1.8.0", "pkg:nuget/Sputnik.Syslog.Client@1.8.1", "pkg:nuget/StyleCop.Analyzers@1.1.118", "pkg:nuget/Swashbuckle.AspNetCore.Swagger@6.3.0", "pkg:nuget/Swashbuckle.AspNetCore.SwaggerGen@6.3.0", "pkg:nuget/Swashbuckle.AspNetCore.SwaggerUI@6.3.0", "pkg:nuget/Swashbuckle.AspNetCore@6.3.0", "pkg:nuget/System.Buffers@4.5.1", "pkg:nuget/System.Collections.Immutable@1.7.0", "pkg:nuget/System.ComponentModel.Annotations@4.7.0", "pkg:nuget/System.Configuration.ConfigurationManager@5.0.0", "pkg:nuget/System.Data.SqlClient@4.8.1", "pkg:nuget/System.Diagnostics.DiagnosticSource@5.0.0", "pkg:nuget/System.Diagnostics.EventLog@4.7.0", "pkg:nuget/System.Drawing.Common@5.0.0", "pkg:nuget/System.Formats.Asn1@5.0.0", "pkg:nuget/System.Globalization@4.3.0", "pkg:nuget/System.IO.Pipelines@5.0.1", "pkg:nuget/System.IO@4.3.0", "pkg:nuget/System.IdentityModel.Tokens.Jwt@6.12.2", "pkg:nuget/System.Memory@4.5.3", "pkg:nuget/System.Numerics.Vectors@4.5.0", "pkg:nuget/System.Reflection.Emit@4.7.0", "pkg:nuget/System.Reflection.Primitives@4.3.0", "pkg:nuget/System.Reflection@4.3.0", "pkg:nuget/System.Resources.ResourceManager@4.3.0", "pkg:nuget/System.Runtime.Caching@5.0.0", "pkg:nuget/System.Runtime.CompilerServices.Unsafe@5.0.0", "pkg:nuget/System.Runtime@4.3.0", "pkg:nuget/System.Security.AccessControl@5.0.0", "pkg:nuget/System.Security.Cryptography.Cng@5.0.0", "pkg:nuget/System.Security.Cryptography.Pkcs@4.7.0", "pkg:nuget/System.Security.Cryptography.ProtectedData@5.0.0", "pkg:nuget/System.Security.Cryptography.Xml@4.7.0", "pkg:nuget/System.Security.Permissions@5.0.0", "pkg:nuget/System.Security.Principal.Windows@5.0.0", "pkg:nuget/System.Text.Encoding.CodePages@5.0.0", "pkg:nuget/System.Text.Encoding@4.3.0", "pkg:nuget/System.Text.Encodings.Web@4.7.2", "pkg:nuget/System.Text.Json@4.7.2", "pkg:nuget/System.Threading.Tasks.Extensions@4.5.2", "pkg:nuget/System.Threading.Tasks@4.3.0", "pkg:nuget/System.Windows.Extensions@5.0.0", "pkg:nuget/runtime.native.System.Data.SqlClient.sni@4.7.0", "pkg:nuget/runtime.win-arm64.runtime.native.System.Data.SqlClient.sni@4.4.0", "pkg:nuget/runtime.win-x64.runtime.native.System.Data.SqlClient.sni@4.4.0", "pkg:nuget/runtime.win-x86.runtime.native.System.Data.SqlClient.sni@4.4.0" ] }, { "ref": "pkg:deb/ubuntu/adduser@3.118ubuntu2?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/passwd@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "pkg:deb/ubuntu/apt@2.0.9?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/adduser@3.118ubuntu2?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/gpgv@2.2.19-3ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libapt-pkg6.0@2.0.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgcc-s1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgnutls30@3.6.13-2ubuntu1.7?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libseccomp2@2.5.1-1ubuntu1~20.04.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libstdc%2B%2B6@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsystemd0@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/ubuntu-keyring@2020.02.11.4?arch=all\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/base-files@11ubuntu5.6?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcrypt1@4.4.10-10ubuntu4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "pkg:deb/ubuntu/base-passwd@3.5.47?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libdebconfclient0@0.251ubuntu1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/bash@5.0-6ubuntu1.2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/base-files@11ubuntu5.6?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/debianutils@4.9.1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/bsdutils@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/bzip2@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libbz2-1.0@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/ca-certificates@20211016~20.04.1?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/coreutils@8.30-3ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "pkg:deb/ubuntu/dash@0.5.10.2-6?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/debianutils@4.9.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/dpkg@1.19.7ubuntu3.2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/debianutils@4.9.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/diffutils@3.7-3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/dpkg@1.19.7ubuntu3.2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/tar@1.30%2Bdfsg-7ubuntu0.20.04.2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/e2fsprogs@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/logsave@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/fdisk@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libfdisk1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libmount1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libncursesw6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsmartcols1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/findutils@4.7.0-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/gcc-10-base@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/gpgv@2.2.19-3ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libbz2-1.0@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgcrypt20@1.8.5-5ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgpg-error0@1.37-1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "pkg:deb/ubuntu/grep@3.4-1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/dpkg@1.19.7ubuntu3.2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/gzip@1.10-0ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/dpkg@1.19.7ubuntu3.2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/hostname@3.23?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/init-system-helpers@1.57?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/perl-base@5.30.0-9ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libacl1@2.2.53-6?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libapt-pkg6.0@2.0.9?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libbz2-1.0@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgcc-s1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgcrypt20@1.8.5-5ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/liblz4-1@1.9.2-2ubuntu0.20.04.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/liblzma5@5.2.4-1ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libstdc%2B%2B6@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsystemd0@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libudev1@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libzstd1@1.4.4%2Bdfsg-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libattr1@2.4.48-5?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libaudit-common@2.8.5-2ubuntu6?arch=all\u0026distro=ubuntu-20.04\u0026epoch=1", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/libaudit1@2.8.5-2ubuntu6?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "dependsOn": [ "pkg:deb/ubuntu/libaudit-common@2.8.5-2ubuntu6?arch=all\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.1build1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libblkid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libbrotli1@1.0.7-6ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libbz2-1.0@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libc-bin@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libcrypt1@4.4.10-10ubuntu4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libgcc-s1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.1build1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libcrypt1@4.4.10-10ubuntu4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libbrotli1@1.0.7-6ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgssapi-krb5-2@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libidn2-0@2.2.0-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libldap-2.4-2@2.4.49%2Bdfsg-2ubuntu1.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libnghttp2-14@1.40.0-1build1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libpsl5@0.21.0-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/librtmp1@2.4%2B20151223.gitfa8646d.1-2build1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libssh-4@0.9.3-2ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "pkg:deb/ubuntu/libdb5.3@5.3.28%2Bdfsg1-0.6ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libdebconfclient0@0.251ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libext2fs2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libfdisk1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libblkid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libuuid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libffi7@3.3-4?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libgcc-s1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/gcc-10-base@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libgcc1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "dependsOn": [ "pkg:deb/ubuntu/gcc-10-base@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgcc-s1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libgcrypt20@1.8.5-5ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgpg-error0@1.37-1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libgmp10@6.2.0%2Bdfsg-4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libgnutls30@3.6.13-2ubuntu1.7?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgmp10@6.2.0%2Bdfsg-4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "pkg:deb/ubuntu/libhogweed5@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libidn2-0@2.2.0-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libnettle7@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libp11-kit0@0.23.20-1ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libtasn1-6@4.16.0-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libunistring2@0.9.10-2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libgpg-error0@1.37-1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libgssapi-krb5-2@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libk5crypto3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkrb5-3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libhogweed5@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgmp10@6.2.0%2Bdfsg-4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "pkg:deb/ubuntu/libnettle7@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libicu66@66.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgcc-s1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libstdc%2B%2B6@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/tzdata@2022a-0ubuntu0.20.04?arch=all\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libidn2-0@2.2.0-2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libunistring2@0.9.10-2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libk5crypto3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libkeyutils1@1.6-6ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcrypt1@4.4.10-10ubuntu4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsqlite3-0@3.31.1-4ubuntu0.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libkrb5-3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libk5crypto3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkeyutils1@1.6-6ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libldap-2.4-2@2.4.49%2Bdfsg-2ubuntu1.9?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgnutls30@3.6.13-2ubuntu1.7?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libldap-common@2.4.49%2Bdfsg-2ubuntu1.9?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsasl2-2@2.1.27%2Bdfsg-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libldap-common@2.4.49%2Bdfsg-2ubuntu1.9?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/liblz4-1@1.9.2-2ubuntu0.20.04.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/liblzma5@5.2.4-1ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libmount1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libblkid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libselinux1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libncurses6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libncursesw6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libnettle7@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libnghttp2-14@1.40.0-1build1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libp11-kit0@0.23.20-1ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libffi7@3.3-4?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libpam-modules-bin@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libaudit1@2.8.5-2ubuntu6?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcrypt1@4.4.10-10ubuntu4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libpam0g@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libselinux1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libpam-modules@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/libpam-runtime@1.3.1-5ubuntu4.3?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libpam-modules@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libpam0g@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libaudit1@2.8.5-2ubuntu6?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libpcre2-8-0@10.34-7?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libpcre3@8.39-12ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libprocps8@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsystemd0@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libpsl5@0.21.0-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libidn2-0@2.2.0-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libunistring2@0.9.10-2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcrypt1@4.4.10-10ubuntu4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "pkg:deb/ubuntu/librtmp1@2.4%2B20151223.gitfa8646d.1-2build1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgmp10@6.2.0%2Bdfsg-4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "pkg:deb/ubuntu/libgnutls30@3.6.13-2ubuntu1.7?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libhogweed5@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libnettle7@3.5.1%2Breally3.5.1-2ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "pkg:deb/ubuntu/libsasl2-2@2.1.27%2Bdfsg-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsasl2-modules-db@2.1.27%2Bdfsg-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libsasl2-modules-db@2.1.27%2Bdfsg-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libdb5.3@5.3.28%2Bdfsg1-0.6ubuntu2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libseccomp2@2.5.1-1ubuntu1~20.04.2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libselinux1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libpcre2-8-0@10.34-7?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libsemanage-common@3.0-1build2?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/libsemanage1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libaudit1@2.8.5-2ubuntu6?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libbz2-1.0@1.0.8-2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libselinux1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsemanage-common@3.0-1build2?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsepol1@3.0-1ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libsepol1@3.0-1ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libsmartcols1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libsqlite3-0@3.31.1-4ubuntu0.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libss2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libssh-4@0.9.3-2ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgssapi-krb5-2@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libstdc%2B%2B6@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/gcc-10-base@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libgcc-s1@10.3.0-1ubuntu1~20.04?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libsystemd0@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/libtasn1-6@4.16.0-2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libudev1@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libunistring2@0.9.10-2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libuuid1@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcom-err2@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/libzstd1@1.4.4%2Bdfsg-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/login@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/logsave@1.45.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/mawk@1.3.4.20200120-2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/mount@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/util-linux@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/ncurses-base@6.2-0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/ncurses-bin@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/passwd@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "dependsOn": [ "pkg:deb/ubuntu/libaudit1@2.8.5-2ubuntu6?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libcrypt1@4.4.10-10ubuntu4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "pkg:deb/ubuntu/libpam-modules@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libpam0g@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libselinux1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libsemanage1@3.0-1build2?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/perl-base@5.30.0-9ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/procps@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "dependsOn": [ "pkg:deb/ubuntu/init-system-helpers@1.57?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libncurses6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libncursesw6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libprocps8@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu2?arch=all\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/sed@4.7-1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/sensible-utils@0.0.12%2Bnmu1?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/sysvinit-utils@2.96-2.1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/init-system-helpers@1.57?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "pkg:deb/ubuntu/util-linux@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/tar@1.30%2Bdfsg-7ubuntu0.20.04.2?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/tzdata@2022a-0ubuntu0.20.04?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/debconf@1.5.73?arch=all\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:deb/ubuntu/ubuntu-keyring@2020.02.11.4?arch=all\u0026distro=ubuntu-20.04", "dependsOn": [] }, { "ref": "pkg:deb/ubuntu/util-linux@2.34-0.1ubuntu9.3?arch=amd64\u0026distro=ubuntu-20.04", "dependsOn": [ "pkg:deb/ubuntu/login@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1" ] }, { "ref": "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "dependsOn": [ "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04" ] }, { "ref": "pkg:nuget/Ardalis.GuardClauses@4.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/AutoMapper@10.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/Azure.Core@1.6.0", "dependsOn": [] }, { "ref": "pkg:nuget/Azure.Identity@1.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/IdentityModel@4.4.0", "dependsOn": [] }, { "ref": "pkg:nuget/IdentityServer4.EntityFramework.Storage@4.1.2", "dependsOn": [] }, { "ref": "pkg:nuget/IdentityServer4.EntityFramework@4.1.2", "dependsOn": [] }, { "ref": "pkg:nuget/IdentityServer4.Storage@4.1.2", "dependsOn": [] }, { "ref": "pkg:nuget/IdentityServer4@4.1.2", "dependsOn": [] }, { "ref": "pkg:nuget/JetBrains.Annotations@2021.2.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-x64@3.1.28", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.AspNetCore.Authentication.OpenIdConnect@3.1.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.AspNetCore.Cryptography.Internal@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.AspNetCore.DataProtection.Abstractions@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.AspNetCore.DataProtection@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.AspNetCore.Http.Abstractions@2.2.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.AspNetCore.Http.Features@2.2.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.AspNetCore.JsonPatch@3.1.10", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.AspNetCore.Mvc.NewtonsoftJson@3.1.10", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.AspNetCore.Mvc.Versioning@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Bcl.AsyncInterfaces@1.1.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Bcl.HashCode@1.1.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Build.Tasks.Git@1.1.0-beta-20206-02", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.CSharp@4.7.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.CodeAnalysis.NetAnalyzers@6.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Data.SqlClient.SNI.runtime@4.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Data.SqlClient@4.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.EntityFrameworkCore.Abstractions@3.1.2", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.EntityFrameworkCore.Analyzers@3.1.2", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.EntityFrameworkCore.Relational@3.1.2", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.EntityFrameworkCore.SqlServer@3.1.2", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.EntityFrameworkCore@3.1.2", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.ApiDescription.Server@3.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Caching.Abstractions@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Caching.Memory@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Configuration.Abstractions@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Configuration.Binder@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Configuration@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.DependencyInjection.Abstractions@3.1.22", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.DependencyInjection@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Diagnostics.HealthChecks.Abstractions@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Diagnostics.HealthChecks@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.FileProviders.Abstractions@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Hosting.Abstractions@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Http@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Logging.Abstractions@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Logging.EventLog@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Logging@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Options@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Extensions.Primitives@3.1.18", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Identity.Client.Extensions.Msal@2.16.5", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Identity.Client@4.22.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.IdentityModel.JsonWebTokens@6.12.2", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.IdentityModel.Logging@6.12.2", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.IdentityModel.Protocols.OpenIdConnect@6.8.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.IdentityModel.Protocols@6.8.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.IdentityModel.Tokens@6.12.2", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.NETCore.App.Internal@3.1.28-servicing.22363.6", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.NETCore.App@3.1.28-servicing.22363.6", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.NETCore.DotNetHostPolicy@3.1.28", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.NETCore.Platforms@3.1.9", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.NETCore.Platforms@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.NETCore.Targets@1.1.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.NETCore.Targets@3.1.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.OpenApi@1.2.3", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.SourceLink.AzureRepos.Git@1.1.0-beta-20206-02", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.SourceLink.Common@1.1.0-beta-20206-02", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.SourceLink.GitHub@1.1.0-beta-20206-02", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Win32.Registry@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/Microsoft.Win32.SystemEvents@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/NETStandard.Library@2.1.0", "dependsOn": [] }, { "ref": "pkg:nuget/Newtonsoft.Json.Bson@1.0.2", "dependsOn": [] }, { "ref": "pkg:nuget/Newtonsoft.Json@13.0.1", "dependsOn": [] }, { "ref": "pkg:nuget/SonarAnalyzer.CSharp@8.38.0.46746", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Database.Abstractions@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Database@1.8.2", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Deployment.Operational.Api.Client@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Deployment.Operational.Api.Models@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Deployment.Operational.Api@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Feature.Api.Models@1.8.0", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Feature.Api@1.8.0", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Http@1.0.3", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.MemoryCache.Client@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.MetaService.Client.Abstractions@1.8.0", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.MetaService.Client.Http@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.MetaService.Client.Json@1.8.0", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.MetaService.Client.Script@1.8.0", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.MetaService.Client@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Runtime.Abstractions@1.4.0", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Runtime@1.4.0", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Security.Authentication.Artifact.Client@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Security.Authentication.Artifact@1.8.0", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Security.Authentication.IdpWeb@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Security.Authentication@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Security.Claims@0.0.4", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Security.Cryptography@0.0.2", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Security.DataProtection@1.9.0", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.SysLog.Client.Http@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Syslog.Client.Abstractions@1.8.0", "dependsOn": [] }, { "ref": "pkg:nuget/Sputnik.Syslog.Client@1.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/StyleCop.Analyzers@1.1.118", "dependsOn": [] }, { "ref": "pkg:nuget/Swashbuckle.AspNetCore.Swagger@6.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/Swashbuckle.AspNetCore.SwaggerGen@6.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/Swashbuckle.AspNetCore.SwaggerUI@6.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/Swashbuckle.AspNetCore@6.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Buffers@4.5.1", "dependsOn": [] }, { "ref": "pkg:nuget/System.Collections.Immutable@1.7.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.ComponentModel.Annotations@4.7.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Configuration.ConfigurationManager@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Data.SqlClient@4.8.1", "dependsOn": [] }, { "ref": "pkg:nuget/System.Diagnostics.DiagnosticSource@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Diagnostics.EventLog@4.7.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Drawing.Common@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Formats.Asn1@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Globalization@4.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.IO.Pipelines@5.0.1", "dependsOn": [] }, { "ref": "pkg:nuget/System.IO@4.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.IdentityModel.Tokens.Jwt@6.12.2", "dependsOn": [] }, { "ref": "pkg:nuget/System.Memory@4.5.3", "dependsOn": [] }, { "ref": "pkg:nuget/System.Numerics.Vectors@4.5.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Reflection.Emit@4.7.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Reflection.Primitives@4.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Reflection@4.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Resources.ResourceManager@4.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Runtime.Caching@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Runtime.CompilerServices.Unsafe@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Runtime@4.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Security.AccessControl@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Security.Cryptography.Cng@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Security.Cryptography.Pkcs@4.7.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Security.Cryptography.ProtectedData@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Security.Cryptography.Xml@4.7.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Security.Permissions@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Security.Principal.Windows@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Text.Encoding.CodePages@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Text.Encoding@4.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Text.Encodings.Web@4.7.2", "dependsOn": [] }, { "ref": "pkg:nuget/System.Text.Json@4.7.2", "dependsOn": [] }, { "ref": "pkg:nuget/System.Threading.Tasks.Extensions@4.5.2", "dependsOn": [] }, { "ref": "pkg:nuget/System.Threading.Tasks@4.3.0", "dependsOn": [] }, { "ref": "pkg:nuget/System.Windows.Extensions@5.0.0", "dependsOn": [] }, { "ref": "pkg:nuget/XliffTasks@1.0.0-beta.20206.1", "dependsOn": [] }, { "ref": "pkg:nuget/runtime.linux-x64.Microsoft.NETCore.App@3.1.28-servicing.22363.6", "dependsOn": [] }, { "ref": "pkg:nuget/runtime.linux-x64.Microsoft.NETCore.DotNetHostPolicy@3.1.28", "dependsOn": [] }, { "ref": "pkg:nuget/runtime.native.System.Data.SqlClient.sni@4.7.0", "dependsOn": [] }, { "ref": "pkg:nuget/runtime.win-arm64.runtime.native.System.Data.SqlClient.sni@4.4.0", "dependsOn": [] }, { "ref": "pkg:nuget/runtime.win-x64.runtime.native.System.Data.SqlClient.sni@4.4.0", "dependsOn": [] }, { "ref": "pkg:nuget/runtime.win-x86.runtime.native.System.Data.SqlClient.sni@4.4.0", "dependsOn": [] } ], "vulnerabilities": [ { "id": "CVE-2021-36222", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 5, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 7.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 476 ], "description": "ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.", "recommendation": "Upgrade libgssapi-krb5-2 to version 1.17-6ubuntu4.3; Upgrade libk5crypto3 to version 1.17-6ubuntu4.3; Upgrade libkrb5-3 to version 1.17-6ubuntu4.3; Upgrade libkrb5support0 to version 1.17-6ubuntu4.3", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2021-36222" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222" }, { "url": "https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562" }, { "url": "https://github.com/krb5/krb5/releases" }, { "url": "https://linux.oracle.com/cve/CVE-2021-36222.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2021-3576.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36222" }, { "url": "https://security.netapp.com/advisory/ntap-20211022-0003/" }, { "url": "https://security.netapp.com/advisory/ntap-20211104-0007/" }, { "url": "https://ubuntu.com/security/notices/USN-5959-1" }, { "url": "https://web.mit.edu/kerberos/advisories/" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2021-36222" }, { "url": "https://www.debian.org/security/2021/dsa-4944" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" } ], "published": "2021-07-22T18:15:00+00:00", "updated": "2021-11-28T23:19:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libgssapi-krb5-2@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libk5crypto3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] } ] }, { "id": "CVE-2023-0215", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "high" }, { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "ghsa" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "high" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 7.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "high" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 416 ], "description": "The public API function BIO_new_NDEF is a helper function used for streaming\nASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the\nSMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by\nend user applications.\n\nThe function receives a BIO from the caller, prepends a new BIO_f_asn1 filter\nBIO onto the front of it to form a BIO chain, and then returns the new head of\nthe BIO chain to the caller. Under certain conditions, for example if a CMS\nrecipient public key is invalid, the new filter BIO is freed and the function\nreturns a NULL result indicating a failure. However, in this case, the BIO chain\nis not properly cleaned up and the BIO passed by the caller still retains\ninternal pointers to the previously freed filter BIO. If the caller then goes on\nto call BIO_pop() on the BIO then a use-after-free will occur. This will most\nlikely result in a crash.\n\n\n\nThis scenario occurs directly in the internal function B64_write_ASN1() which\nmay cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on\nthe BIO. This internal function is in turn called by the public API functions\nPEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream,\nSMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7.\n\nOther public API functions that may be impacted by this include\ni2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and\ni2d_PKCS7_bio_stream.\n\nThe OpenSSL cms and smime command line applications are similarly affected.\n\n\n\n", "recommendation": "Upgrade libssl1.1 to version 1.1.1f-1ubuntu2.17; Upgrade openssl to version 1.1.1f-1ubuntu2.17", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:2165" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-0215" }, { "url": "https://bugzilla.redhat.com/1960321" }, { "url": "https://bugzilla.redhat.com/2164440" }, { "url": "https://bugzilla.redhat.com/2164487" }, { "url": "https://bugzilla.redhat.com/2164492" }, { "url": "https://bugzilla.redhat.com/2164494" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-2165.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:1405" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344" }, { "url": "https://linux.oracle.com/cve/CVE-2023-0215.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-2932.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215" }, { "url": "https://rustsec.org/advisories/RUSTSEC-2023-0009.html" }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0009/" }, { "url": "https://ubuntu.com/security/notices/USN-5844-1" }, { "url": "https://ubuntu.com/security/notices/USN-5845-1" }, { "url": "https://ubuntu.com/security/notices/USN-5845-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215" }, { "url": "https://www.openssl.org/news/secadv/20230207.txt" } ], "published": "2023-02-08T20:15:00+00:00", "updated": "2023-07-19T00:55:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] } ] }, { "id": "CVE-2022-1587", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "critical" }, { "source": { "name": "nvd" }, "score": 6.4, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "source": { "name": "nvd" }, "score": 9.1, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 7.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 125 ], "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.", "recommendation": "Upgrade libpcre2-8-0 to version 10.34-7ubuntu0.1", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2022-1587" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077983," }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587" }, { "url": "https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0" }, { "url": "https://linux.oracle.com/cve/CVE-2022-1587.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2022-5251.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1587" }, { "url": "https://security.netapp.com/advisory/ntap-20221028-0009/" }, { "url": "https://ubuntu.com/security/notices/USN-5627-1" }, { "url": "https://ubuntu.com/security/notices/USN-5627-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-1587" } ], "published": "2022-05-16T21:15:00+00:00", "updated": "2023-03-16T05:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libpcre2-8-0@10.34-7?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "10.34-7", "status": "affected" } ] } ] }, { "id": "CVE-2016-20013", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 5, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 770 ], "description": "sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.", "advisories": [ { "url": "https://akkadia.org/drepper/SHA-crypt.txt" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-20013" }, { "url": "https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/" }, { "url": "https://twitter.com/solardiz/status/795601240151457793" } ], "published": "2022-02-19T05:15:00+00:00", "updated": "2022-03-03T16:43:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libc-bin@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "2.31-0ubuntu9.9", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libc6@2.31-0ubuntu9.9?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "2.31-0ubuntu9.9", "status": "affected" } ] } ] }, { "id": "CVE-2023-27533", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 8.8, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 3.1, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 74 ], "description": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.18; Upgrade libcurl4 to version 7.68.0-1ubuntu2.18", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-27533" }, { "url": "https://curl.se/docs/CVE-2023-27533.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533" }, { "url": "https://hackerone.com/reports/1891474" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533" }, { "url": "https://security.gentoo.org/glsa/202310-12" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0011/" }, { "url": "https://ubuntu.com/security/notices/USN-5964-1" }, { "url": "https://ubuntu.com/security/notices/USN-5964-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533" } ], "published": "2023-03-30T20:15:00+00:00", "updated": "2023-10-11T11:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2022-35737", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "bitnami" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "ghsa" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 129 ], "description": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", "recommendation": "Upgrade libsqlite3-0 to version 3.31.1-4ubuntu0.5", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:0339" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-35737" }, { "url": "https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/" }, { "url": "https://bugzilla.redhat.com/2110291" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2110291" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35737" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-0339.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:0110" }, { "url": "https://github.com/rusqlite/rusqlite" }, { "url": "https://kb.cert.org/vuls/id/720344" }, { "url": "https://linux.oracle.com/cve/CVE-2022-35737.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-0339.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35737" }, { "url": "https://rustsec.org/advisories/RUSTSEC-2022-0090.html" }, { "url": "https://security.gentoo.org/glsa/202210-40" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0009/" }, { "url": "https://sqlite.org/releaselog/3_39_2.html" }, { "url": "https://ubuntu.com/security/notices/USN-5712-1" }, { "url": "https://ubuntu.com/security/notices/USN-5716-1" }, { "url": "https://ubuntu.com/security/notices/USN-5716-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737" }, { "url": "https://www.sqlite.org/cves.html" }, { "url": "https://www.sqlite.org/releaselog/3_39_2.html" } ], "published": "2022-08-03T06:15:00+00:00", "updated": "2022-11-16T20:01:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libsqlite3-0@3.31.1-4ubuntu0.3?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "3.31.1-4ubuntu0.3", "status": "affected" } ] } ] }, { "id": "CVE-2023-28322", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "low" }, { "source": { "name": "nvd" }, "score": 3.7, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "low" }, { "source": { "name": "redhat" }, "score": 3.7, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "description": "An information disclosure vulnerability exists in curl \u003cv8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.19; Upgrade libcurl4 to version 7.68.0-1ubuntu2.19", "advisories": [ { "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "url": "https://access.redhat.com/errata/RHSA-2023:4354" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-28322" }, { "url": "https://bugzilla.redhat.com/2196786" }, { "url": "https://bugzilla.redhat.com/2196793" }, { "url": "https://curl.se/docs/CVE-2023-28322.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-4354.html" }, { "url": "https://hackerone.com/reports/1954658" }, { "url": "https://linux.oracle.com/cve/CVE-2023-28322.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-4354.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28322" }, { "url": "https://security.gentoo.org/glsa/202310-12" }, { "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" }, { "url": "https://ubuntu.com/security/notices/USN-6237-1" }, { "url": "https://ubuntu.com/security/notices/USN-6237-3" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322" } ], "published": "2023-05-26T21:15:00+00:00", "updated": "2023-10-11T11:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2023-36054", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.7, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 824 ], "description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-36054" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36054" }, { "url": "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd" }, { "url": "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final" }, { "url": "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36054" }, { "url": "https://security.netapp.com/advisory/ntap-20230908-0004/" }, { "url": "https://web.mit.edu/kerberos/www/advisories/" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-36054" } ], "published": "2023-08-07T19:15:00+00:00", "updated": "2023-09-08T17:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libgssapi-krb5-2@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libk5crypto3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] } ] }, { "id": "CVE-2021-44758", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 476 ], "description": "Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.", "recommendation": "Upgrade libasn1-8-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libgssapi3-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libhcrypto4-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libheimbase1-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libheimntlm0-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libhx509-5-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libkrb5-26-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libroken18-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libwind0-heimdal to version 7.7.0+dfsg-1ubuntu1.3", "advisories": [ { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758" }, { "url": "https://github.com/heimdal/heimdal/commit/f9ec7002cdd526ae84fbacbf153162e118f22580" }, { "url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-69h9-669w-88xv" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44758" }, { "url": "https://security.gentoo.org/glsa/202310-06" }, { "url": "https://ubuntu.com/security/notices/USN-5800-1" } ], "published": "2022-12-26T05:15:00+00:00", "updated": "2023-10-08T09:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] } ] }, { "id": "CVE-2022-3437", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "redhat" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "description": "A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.", "recommendation": "Upgrade libasn1-8-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libgssapi3-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libhcrypto4-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libheimbase1-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libheimntlm0-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libhx509-5-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libkrb5-26-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libroken18-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libwind0-heimdal to version 7.7.0+dfsg-1ubuntu1.3", "advisories": [ { "url": "http://www.openwall.com/lists/oss-security/2023/02/08/1" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-3437" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137774" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-45j3-5v39-rf9j" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3437" }, { "url": "https://security.gentoo.org/glsa/202309-06" }, { "url": "https://security.gentoo.org/glsa/202310-06" }, { "url": "https://security.netapp.com/advisory/ntap-20230216-0008/" }, { "url": "https://ubuntu.com/security/notices/USN-5800-1" }, { "url": "https://ubuntu.com/security/notices/USN-5822-1" }, { "url": "https://ubuntu.com/security/notices/USN-5822-2" }, { "url": "https://ubuntu.com/security/notices/USN-5936-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-3437" }, { "url": "https://www.samba.org/samba/security/CVE-2022-3437.html" } ], "published": "2023-01-12T15:15:00+00:00", "updated": "2023-10-08T09:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] } ] }, { "id": "CVE-2023-27538", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.9, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 287 ], "description": "An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.18; Upgrade libcurl4 to version 7.68.0-1ubuntu2.18", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-27538" }, { "url": "https://curl.se/docs/CVE-2023-27538.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538" }, { "url": "https://hackerone.com/reports/1898475" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538" }, { "url": "https://security.gentoo.org/glsa/202310-12" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "url": "https://ubuntu.com/security/notices/USN-5964-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538" } ], "published": "2023-03-30T20:15:00+00:00", "updated": "2023-10-11T11:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2023-0466", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.3, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.3, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 295 ], "description": "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications.", "recommendation": "Upgrade libssl1.1 to version 1.1.1f-1ubuntu2.18; Upgrade openssl to version 1.1.1f-1ubuntu2.18", "advisories": [ { "url": "http://www.openwall.com/lists/oss-security/2023/09/28/4" }, { "url": "https://access.redhat.com/errata/RHSA-2023:3722" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-0466" }, { "url": "https://bugzilla.redhat.com/2181082" }, { "url": "https://bugzilla.redhat.com/2182561" }, { "url": "https://bugzilla.redhat.com/2182565" }, { "url": "https://bugzilla.redhat.com/2188461" }, { "url": "https://bugzilla.redhat.com/2207947" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-3722.html" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061" }, { "url": "https://linux.oracle.com/cve/CVE-2023-0466.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-3722.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0466" }, { "url": "https://security.netapp.com/advisory/ntap-20230414-0001/" }, { "url": "https://ubuntu.com/security/notices/USN-6039-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466" }, { "url": "https://www.debian.org/security/2023/dsa-5417" }, { "url": "https://www.openssl.org/news/secadv/20230328.txt" } ], "published": "2023-03-28T15:15:00+00:00", "updated": "2023-09-28T18:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] } ] }, { "id": "CVE-2020-35525", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "bitnami" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 7.5, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 476 ], "description": "In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.", "recommendation": "Upgrade libsqlite3-0 to version 3.31.1-4ubuntu0.4", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2022:7108" }, { "url": "https://access.redhat.com/security/cve/CVE-2020-35525" }, { "url": "https://bugzilla.redhat.com/2122324" }, { "url": "https://bugzilla.redhat.com/2122329" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122324" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122329" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35525" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35527" }, { "url": "https://errata.almalinux.org/8/ALSA-2022-7108.html" }, { "url": "https://errata.rockylinux.org/RLSA-2022:7108" }, { "url": "https://linux.oracle.com/cve/CVE-2020-35525.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2022-7108.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35525" }, { "url": "https://security.netapp.com/advisory/ntap-20230706-0007/" }, { "url": "https://ubuntu.com/security/notices/USN-5615-1" }, { "url": "https://ubuntu.com/security/notices/USN-5615-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2020-35525" }, { "url": "https://www.sqlite.org/src/info/a67cf5b7d37d5b14" } ], "published": "2022-09-01T18:15:00+00:00", "updated": "2023-07-06T19:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libsqlite3-0@3.31.1-4ubuntu0.3?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "3.31.1-4ubuntu0.3", "status": "affected" } ] } ] }, { "id": "CVE-2023-29383", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 3.3, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "source": { "name": "photon" }, "severity": "low" }, { "source": { "name": "redhat" }, "score": 5.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 74 ], "description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-29383" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383" }, { "url": "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d" }, { "url": "https://github.com/shadow-maint/shadow/pull/687" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29383" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-29383" }, { "url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/" }, { "url": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797" } ], "published": "2023-04-14T22:15:00+00:00", "updated": "2023-04-24T18:05:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/login@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "versions": [ { "version": "1:4.8.1-1ubuntu5.20.04.2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/passwd@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "versions": [ { "version": "1:4.8.1-1ubuntu5.20.04.2", "status": "affected" } ] } ] }, { "id": "CVE-2023-0465", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.3, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.3, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 295 ], "description": "Applications that use a non-default option when verifying certificates may be\nvulnerable to an attack from a malicious CA to circumvent certain checks.\n\nInvalid certificate policies in leaf certificates are silently ignored by\nOpenSSL and other certificate policy checks are skipped for that certificate.\nA malicious CA could use this to deliberately assert invalid certificate policies\nin order to circumvent policy checking on the certificate altogether.\n\nPolicy processing is disabled by default but can be enabled by passing\nthe `-policy' argument to the command line utilities or by calling the\n`X509_VERIFY_PARAM_set1_policies()' function.", "recommendation": "Upgrade libssl1.1 to version 1.1.1f-1ubuntu2.18; Upgrade openssl to version 1.1.1f-1ubuntu2.18", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:3722" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-0465" }, { "url": "https://bugzilla.redhat.com/2181082" }, { "url": "https://bugzilla.redhat.com/2182561" }, { "url": "https://bugzilla.redhat.com/2182565" }, { "url": "https://bugzilla.redhat.com/2188461" }, { "url": "https://bugzilla.redhat.com/2207947" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-3722.html" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c" }, { "url": "https://linux.oracle.com/cve/CVE-2023-0465.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-3722.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0465" }, { "url": "https://security.netapp.com/advisory/ntap-20230414-0001/" }, { "url": "https://ubuntu.com/security/notices/USN-6039-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465" }, { "url": "https://www.debian.org/security/2023/dsa-5417" }, { "url": "https://www.openssl.org/news/secadv/20230328.txt" } ], "published": "2023-03-28T15:15:00+00:00", "updated": "2023-06-08T19:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] } ] }, { "id": "CVE-2020-35527", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "bitnami" }, "score": 9.8, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "nvd" }, "score": 9.8, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 8.1, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 119 ], "description": "In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.", "recommendation": "Upgrade libsqlite3-0 to version 3.31.1-4ubuntu0.4", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2022:7108" }, { "url": "https://access.redhat.com/security/cve/CVE-2020-35527" }, { "url": "https://bugzilla.redhat.com/2122324" }, { "url": "https://bugzilla.redhat.com/2122329" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122324" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122329" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35525" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35527" }, { "url": "https://errata.almalinux.org/8/ALSA-2022-7108.html" }, { "url": "https://errata.rockylinux.org/RLSA-2022:7108" }, { "url": "https://linux.oracle.com/cve/CVE-2020-35527.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2022-7108.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35527" }, { "url": "https://security.netapp.com/advisory/ntap-20221111-0007/" }, { "url": "https://ubuntu.com/security/notices/USN-5615-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2020-35527" }, { "url": "https://www.sqlite.org/src/info/c431b3fd8fd0f6a6" } ], "published": "2022-09-01T18:15:00+00:00", "updated": "2022-12-08T22:29:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libsqlite3-0@3.31.1-4ubuntu0.3?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "3.31.1-4ubuntu0.3", "status": "affected" } ] } ] }, { "id": "CVE-2020-22916", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 5.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "source": { "name": "redhat" }, "score": 5.5, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "description": "** DISPUTED ** An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of \"endless output\" and \"denial of service\" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase.", "advisories": [ { "url": "http://web.archive.org/web/20230918084612/https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability" }, { "url": "https://access.redhat.com/security/cve/CVE-2020-22916" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234987" }, { "url": "https://bugzilla.suse.com/show_bug.cgi?id=1214590" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22916" }, { "url": "https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability" }, { "url": "https://github.com/tukaani-project/xz/issues/61" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22916" }, { "url": "https://security-tracker.debian.org/tracker/CVE-2020-22916" }, { "url": "https://tukaani.org/xz/" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2020-22916" } ], "published": "2023-08-22T19:16:00+00:00", "updated": "2023-09-18T09:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/liblzma5@5.2.4-1ubuntu1.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "5.2.4-1ubuntu1.1", "status": "affected" } ] } ] }, { "id": "CVE-2022-23491", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "ghsa" }, "score": 6.8, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "source": { "name": "redhat" }, "score": 7.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 345 ], "description": "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from \"TrustCor\" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.", "recommendation": "Upgrade ca-certificates to version 20211016ubuntu0.20.04.1", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2022-23491" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23491" }, { "url": "https://github.com/certifi/python-certifi" }, { "url": "https://github.com/certifi/python-certifi/commit/9e9e840925d7b8e76c76fdac1fab7e6e88c1c3b8" }, { "url": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8" }, { "url": "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23491" }, { "url": "https://ubuntu.com/security/notices/USN-5761-1" }, { "url": "https://ubuntu.com/security/notices/USN-5761-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-23491" } ], "published": "2022-12-07T22:15:00+00:00", "updated": "2023-03-24T18:12:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/ca-certificates@20211016~20.04.1?arch=all\u0026distro=ubuntu-20.04", "versions": [ { "version": "20211016~20.04.1", "status": "affected" } ] } ] }, { "id": "CVE-2023-33170", "source": { "name": "ghsa", "url": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anuget" }, "ratings": [ { "source": { "name": "alma" }, "severity": "high" }, { "source": { "name": "bitnami" }, "score": 8.1, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "ghsa" }, "score": 8.1, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "nvd" }, "score": 8.1, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 8.1, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "rocky" }, "severity": "high" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 362 ], "description": "ASP.NET and Visual Studio Security Feature Bypass Vulnerability", "recommendation": "Upgrade Microsoft.AspNetCore.App.Runtime.linux-x64 to version 6.0.20, 7.0.9", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:4060" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-33170" }, { "url": "https://bugzilla.redhat.com/2221854" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221854" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33170" }, { "url": "https://devblogs.microsoft.com/dotnet/july-2023-updates/" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-4060.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:4059" }, { "url": "https://github.com/advisories/GHSA-25c8-p796-jg6r" }, { "url": "https://github.com/dotnet/announcements/issues/264" }, { "url": "https://github.com/dotnet/aspnetcore" }, { "url": "https://github.com/dotnet/aspnetcore/issues/49334" }, { "url": "https://github.com/dotnet/aspnetcore/security/advisories/GHSA-25c8-p796-jg6r" }, { "url": "https://linux.oracle.com/cve/CVE-2023-33170.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-4060.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/" }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33170" }, { "url": "https://ubuntu.com/security/notices/USN-6217-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-33170" } ], "published": "2023-07-11T18:15:00+00:00", "updated": "2023-07-31T17:47:00+00:00", "affects": [ { "ref": "pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-x64@3.1.28", "versions": [ { "version": "3.1.28", "status": "affected" } ] } ] }, { "id": "CVE-2022-34716", "source": { "name": "ghsa", "url": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anuget" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "bitnami" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "ghsa" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "nvd" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "description": ".NET Spoofing Vulnerability", "recommendation": "Upgrade System.Security.Cryptography.Xml to version 4.7.1, 6.0.1", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2022:6043" }, { "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34716.json" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-34716" }, { "url": "https://bugzilla.redhat.com/2115183" }, { "url": "https://errata.almalinux.org/9/ALSA-2022-6043.html" }, { "url": "https://github.com/dotnet/announcements/issues/232" }, { "url": "https://github.com/dotnet/aspnetcore/issues/43166" }, { "url": "https://github.com/dotnet/aspnetcore/security/advisories/GHSA-vh55-786g-wjwj" }, { "url": "https://linux.oracle.com/cve/CVE-2022-34716.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2022-6058.html" }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34716" }, { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34716" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-34716" } ], "published": "2022-08-09T20:15:00+00:00", "updated": "2023-05-31T19:15:00+00:00", "affects": [ { "ref": "pkg:nuget/System.Security.Cryptography.Xml@4.7.0", "versions": [ { "version": "4.7.0", "status": "affected" } ] } ] }, { "id": "CVE-2021-24112", "source": { "name": "ghsa", "url": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anuget" }, "ratings": [ { "source": { "name": "bitnami" }, "score": 9.8, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "ghsa" }, "score": 9.8, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv2", "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "source": { "name": "nvd" }, "score": 9.8, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "redhat" }, "score": 8.1, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "description": ".NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701.", "recommendation": "Upgrade System.Drawing.Common to version 4.7.2, 5.0.3", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2021-24112" }, { "url": "https://github.com/dotnet/announcements/issues/176" }, { "url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-24112" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-24112" }, { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24112" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2021-24112" } ], "published": "2021-02-25T23:15:00+00:00", "updated": "2021-07-07T19:34:00+00:00", "affects": [ { "ref": "pkg:nuget/System.Drawing.Common@5.0.0", "versions": [ { "version": "5.0.0", "status": "affected" } ] } ] }, { "id": "CVE-2022-4304", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "high" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "ghsa" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "nvd" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "high" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "source": { "name": "rocky" }, "severity": "high" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 203 ], "description": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.", "recommendation": "Upgrade libssl1.1 to version 1.1.1f-1ubuntu2.17; Upgrade openssl to version 1.1.1f-1ubuntu2.17", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:2165" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-4304" }, { "url": "https://bugzilla.redhat.com/1960321" }, { "url": "https://bugzilla.redhat.com/2164440" }, { "url": "https://bugzilla.redhat.com/2164487" }, { "url": "https://bugzilla.redhat.com/2164492" }, { "url": "https://bugzilla.redhat.com/2164494" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-2165.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:1405" }, { "url": "https://linux.oracle.com/cve/CVE-2022-4304.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-2932.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304" }, { "url": "https://rustsec.org/advisories/RUSTSEC-2023-0007.html" }, { "url": "https://ubuntu.com/security/notices/USN-5844-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304" }, { "url": "https://www.openssl.org/news/secadv/20230207.txt" } ], "published": "2023-02-08T20:15:00+00:00", "updated": "2023-08-08T14:22:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] } ] }, { "id": "CVE-2022-42898", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "high" }, { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 8.8, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "high" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 8.8, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "rocky" }, "severity": "high" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 190 ], "description": "PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"", "recommendation": "Upgrade libasn1-8-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libgssapi-krb5-2 to version 1.17-6ubuntu4.2; Upgrade libgssapi3-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libhcrypto4-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libheimbase1-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libheimntlm0-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libhx509-5-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libk5crypto3 to version 1.17-6ubuntu4.2; Upgrade libkrb5-26-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libkrb5-3 to version 1.17-6ubuntu4.2; Upgrade libkrb5support0 to version 1.17-6ubuntu4.2; Upgrade libroken18-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libwind0-heimdal to version 7.7.0+dfsg-1ubuntu1.3", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2022:8637" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-42898" }, { "url": "https://bugzilla.redhat.com/2140960" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960" }, { "url": "https://bugzilla.samba.org/show_bug.cgi?id=15203" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898" }, { "url": "https://errata.almalinux.org/9/ALSA-2022-8637.html" }, { "url": "https://errata.rockylinux.org/RLSA-2022:8638" }, { "url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c" }, { "url": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583" }, { "url": "https://linux.oracle.com/cve/CVE-2022-42898.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-12104.html" }, { "url": "https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42898" }, { "url": "https://security.gentoo.org/glsa/202309-06" }, { "url": "https://security.gentoo.org/glsa/202310-06" }, { "url": "https://security.netapp.com/advisory/ntap-20230216-0008/" }, { "url": "https://security.netapp.com/advisory/ntap-20230223-0001/" }, { "url": "https://ubuntu.com/security/notices/USN-5800-1" }, { "url": "https://ubuntu.com/security/notices/USN-5822-1" }, { "url": "https://ubuntu.com/security/notices/USN-5822-2" }, { "url": "https://ubuntu.com/security/notices/USN-5828-1" }, { "url": "https://ubuntu.com/security/notices/USN-5936-1" }, { "url": "https://web.mit.edu/kerberos/advisories/" }, { "url": "https://web.mit.edu/kerberos/krb5-1.19/" }, { "url": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-42898" }, { "url": "https://www.samba.org/samba/security/CVE-2022-42898.html" } ], "published": "2022-12-25T06:15:00+00:00", "updated": "2023-10-08T09:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libgssapi-krb5-2@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libk5crypto3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] } ] }, { "id": "CVE-2023-31484", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 8.1, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "redhat" }, "score": 7.4, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 295 ], "description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "recommendation": "Upgrade perl-base to version 5.30.0-9ubuntu0.4", "advisories": [ { "url": "http://www.openwall.com/lists/oss-security/2023/04/29/1" }, { "url": "http://www.openwall.com/lists/oss-security/2023/05/03/3" }, { "url": "http://www.openwall.com/lists/oss-security/2023/05/03/5" }, { "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-31484" }, { "url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484" }, { "url": "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)" }, { "url": "https://github.com/andk/cpanpm/pull/175" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/" }, { "url": "https://metacpan.org/dist/CPAN/changes" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31484" }, { "url": "https://ubuntu.com/security/notices/USN-6112-1" }, { "url": "https://ubuntu.com/security/notices/USN-6112-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-31484" }, { "url": "https://www.openwall.com/lists/oss-security/2023/04/18/14" } ], "published": "2023-04-29T00:15:00+00:00", "updated": "2023-08-02T15:28:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/perl-base@5.30.0-9ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "5.30.0-9ubuntu0.2", "status": "affected" } ] } ] }, { "id": "CVE-2023-0361", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 7.4, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 7.4, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 203 ], "description": "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", "recommendation": "Upgrade libgnutls30 to version 3.6.13-2ubuntu1.8", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:1141" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-0361" }, { "url": "https://bugzilla.redhat.com/2162596" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131152" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-1141.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:1569" }, { "url": "https://github.com/tlsfuzzer/tlsfuzzer/pull/679" }, { "url": "https://gitlab.com/gnutls/gnutls/-/issues/1050" }, { "url": "https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14" }, { "url": "https://linux.oracle.com/cve/CVE-2023-0361.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-1569.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0361" }, { "url": "https://security.netapp.com/advisory/ntap-20230324-0005/" }, { "url": "https://security.netapp.com/advisory/ntap-20230725-0005/" }, { "url": "https://ubuntu.com/security/notices/USN-5901-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-0361" } ], "published": "2023-02-15T18:15:00+00:00", "updated": "2023-07-25T15:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libgnutls30@3.6.13-2ubuntu1.7?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "3.6.13-2ubuntu1.7", "status": "affected" } ] } ] }, { "id": "CVE-2022-3116", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 476 ], "description": "The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.", "recommendation": "Upgrade libasn1-8-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libgssapi3-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libhcrypto4-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libheimbase1-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libheimntlm0-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libhx509-5-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libkrb5-26-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libroken18-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libwind0-heimdal to version 7.7.0+dfsg-1ubuntu1.1", "advisories": [ { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3116" }, { "url": "https://kb.cert.org/vuls/id/730793" }, { "url": "https://security.netapp.com/advisory/ntap-20230505-0010/" }, { "url": "https://ubuntu.com/security/notices/USN-5675-1" }, { "url": "https://www.kb.cert.org/vuls/id/730793" } ], "published": "2023-03-27T22:15:00+00:00", "updated": "2023-05-05T20:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] } ] }, { "id": "CVE-2022-1586", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "critical" }, { "source": { "name": "nvd" }, "score": 6.4, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "source": { "name": "nvd" }, "score": 9.1, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 7.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 125 ], "description": "An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.", "recommendation": "Upgrade libpcre2-8-0 to version 10.34-7ubuntu0.1", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2022:5809" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-1586" }, { "url": "https://bugzilla.redhat.com/2077976" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077976," }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586" }, { "url": "https://errata.almalinux.org/8/ALSA-2022-5809.html" }, { "url": "https://errata.rockylinux.org/RLSA-2022:5809" }, { "url": "https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a," }, { "url": "https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c" }, { "url": "https://linux.oracle.com/cve/CVE-2022-1586.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2022-5809.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1586" }, { "url": "https://security.netapp.com/advisory/ntap-20221028-0009/" }, { "url": "https://ubuntu.com/security/notices/USN-5627-1" }, { "url": "https://ubuntu.com/security/notices/USN-5627-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-1586" } ], "published": "2022-05-16T21:15:00+00:00", "updated": "2023-03-16T05:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libpcre2-8-0@10.34-7?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "10.34-7", "status": "affected" } ] } ] }, { "id": "CVE-2022-3219", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 3.3, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "source": { "name": "redhat" }, "score": 6.2, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 787 ], "description": "GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2022-3219" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127010" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219" }, { "url": "https://dev.gnupg.org/D556" }, { "url": "https://dev.gnupg.org/T5993" }, { "url": "https://marc.info/?l=oss-security\u0026m=165696590211434\u0026w=4" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3219" }, { "url": "https://security.netapp.com/advisory/ntap-20230324-0001/" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-3219" } ], "published": "2023-02-23T20:15:00+00:00", "updated": "2023-05-26T16:31:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/gpgv@2.2.19-3ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "2.2.19-3ubuntu2.2", "status": "affected" } ] } ] }, { "id": "CVE-2023-27535", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 287 ], "description": "An authentication bypass vulnerability exists in libcurl \u003c8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.18; Upgrade libcurl4 to version 7.68.0-1ubuntu2.18", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:2650" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-27535" }, { "url": "https://bugzilla.redhat.com/2179073" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179073" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188029" }, { "url": "https://curl.se/docs/CVE-2023-27535.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-2650.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:3106" }, { "url": "https://hackerone.com/reports/1892780" }, { "url": "https://linux.oracle.com/cve/CVE-2023-27535.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-3106.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535" }, { "url": "https://security.gentoo.org/glsa/202310-12" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "url": "https://ubuntu.com/security/notices/USN-5964-1" }, { "url": "https://ubuntu.com/security/notices/USN-5964-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535" } ], "published": "2023-03-30T20:15:00+00:00", "updated": "2023-10-11T11:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2021-39537", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 6.8, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "source": { "name": "nvd" }, "score": 8.8, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 5.5, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 787 ], "description": "An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.", "recommendation": "Upgrade libncurses6 to version 6.2-0ubuntu2.1; Upgrade libncursesw6 to version 6.2-0ubuntu2.1; Upgrade libtinfo6 to version 6.2-0ubuntu2.1; Upgrade ncurses-base to version 6.2-0ubuntu2.1; Upgrade ncurses-bin to version 6.2-0ubuntu2.1", "advisories": [ { "url": "http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1\u0026content-type=text/x-cvsweb-markup" }, { "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "url": "https://access.redhat.com/security/cve/CVE-2021-39537" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39537" }, { "url": "https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html" }, { "url": "https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39537" }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0012/" }, { "url": "https://support.apple.com/kb/HT213443" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "url": "https://ubuntu.com/security/notices/USN-5477-1" }, { "url": "https://ubuntu.com/security/notices/USN-6099-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2021-39537" } ], "published": "2021-09-20T16:15:00+00:00", "updated": "2023-04-27T15:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libncurses6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libncursesw6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/ncurses-base@6.2-0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/ncurses-bin@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] } ] }, { "id": "CVE-2020-11080", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "high" }, { "source": { "name": "amazon" }, "severity": "high" }, { "source": { "name": "bitnami" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 5, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "high" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "high" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 707 ], "description": "In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., \u003e 32), then drop the connection.", "recommendation": "Upgrade libnghttp2-14 to version 1.40.0-1ubuntu0.1", "advisories": [ { "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html" }, { "url": "https://access.redhat.com/security/cve/CVE-2020-11080" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844929" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080" }, { "url": "https://errata.almalinux.org/8/ALSA-2020-2852.html" }, { "url": "https://errata.rockylinux.org/RLSA-2020:2755" }, { "url": "https://github.com/nghttp2/nghttp2/commit/336a98feb0d56b9ac54e12736b18785c27f75090" }, { "url": "https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394" }, { "url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr" }, { "url": "https://linux.oracle.com/cve/CVE-2020-11080.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2020-5765.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00011.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAC2AA36OTRHKSVM5OV7TTVB3CZIGEFL/" }, { "url": "https://nodejs.org/en/blog/vulnerability/june-2020-security-releases/#http-2-large-settings-frame-dos-low-cve-2020-11080" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080" }, { "url": "https://ubuntu.com/security/notices/USN-6142-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2020-11080" }, { "url": "https://www.debian.org/security/2020/dsa-4696" }, { "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ], "published": "2020-06-03T23:15:00+00:00", "updated": "2022-08-29T20:41:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libnghttp2-14@1.40.0-1build1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.40.0-1build1", "status": "affected" } ] } ] }, { "id": "CVE-2022-29458", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 5.8, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "source": { "name": "nvd" }, "score": 7.1, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 6.1, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 125 ], "description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "recommendation": "Upgrade libncurses6 to version 6.2-0ubuntu2.1; Upgrade libncursesw6 to version 6.2-0ubuntu2.1; Upgrade libtinfo6 to version 6.2-0ubuntu2.1; Upgrade ncurses-base to version 6.2-0ubuntu2.1; Upgrade ncurses-bin to version 6.2-0ubuntu2.1", "advisories": [ { "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-29458" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458" }, { "url": "https://invisible-island.net/ncurses/NEWS.html#t20220416" }, { "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html" }, { "url": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html" }, { "url": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458" }, { "url": "https://support.apple.com/kb/HT213488" }, { "url": "https://ubuntu.com/security/notices/USN-5477-1" }, { "url": "https://ubuntu.com/security/notices/USN-6099-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-29458" } ], "published": "2022-04-18T21:15:00+00:00", "updated": "2022-11-08T19:46:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libncurses6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libncursesw6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/ncurses-base@6.2-0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/ncurses-bin@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] } ] }, { "id": "CVE-2021-43618", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 5, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "redhat" }, "score": 6.2, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 190 ], "description": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.", "recommendation": "Upgrade libgmp10 to version 2:6.2.0+dfsg-4ubuntu0.1", "advisories": [ { "url": "http://seclists.org/fulldisclosure/2022/Oct/8" }, { "url": "http://www.openwall.com/lists/oss-security/2022/10/13/3" }, { "url": "https://access.redhat.com/security/cve/CVE-2021-43618" }, { "url": "https://bugs.debian.org/994405" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618" }, { "url": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html" }, { "url": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e" }, { "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43618" }, { "url": "https://security.gentoo.org/glsa/202309-13" }, { "url": "https://security.netapp.com/advisory/ntap-20221111-0001/" }, { "url": "https://ubuntu.com/security/notices/USN-5672-1" }, { "url": "https://ubuntu.com/security/notices/USN-5672-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2021-43618" } ], "published": "2021-11-15T04:15:00+00:00", "updated": "2023-09-29T15:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libgmp10@6.2.0%2Bdfsg-4?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "versions": [ { "version": "2:6.2.0+dfsg-4", "status": "affected" } ] } ] }, { "id": "CVE-2023-38546", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "low" }, { "source": { "name": "redhat" }, "score": 5, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "description": "A flaw was found in the Curl package. This flaw allows an attacker to insert cookies into a running program using libcurl if the specific series of conditions are met.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.20; Upgrade libcurl4 to version 7.68.0-1ubuntu2.20", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-38546" }, { "url": "https://curl.se/docs/CVE-2023-38546.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546" }, { "url": "https://ubuntu.com/security/notices/USN-6429-1" }, { "url": "https://ubuntu.com/security/notices/USN-6429-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546" } ], "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2023-2283", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 4.8, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 287 ], "description": "A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.", "recommendation": "Upgrade libssh-4 to version 0.9.3-2ubuntu2.3", "advisories": [ { "url": "http://packetstormsecurity.com/files/172861/libssh-0.9.6-0.10.4-pki_verify_data_signature-Authorization-Bypass.html" }, { "url": "https://access.redhat.com/errata/RHSA-2023:3839" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-2283" }, { "url": "https://bugzilla.redhat.com/2182199" }, { "url": "https://bugzilla.redhat.com/2189736" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182199" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189736" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1667" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2283" }, { "url": "https://errata.almalinux.org/8/ALSA-2023-3839.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:3839" }, { "url": "https://linux.oracle.com/cve/CVE-2023-2283.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-3839.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2283" }, { "url": "https://ubuntu.com/security/notices/USN-6138-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-2283" }, { "url": "https://www.libssh.org/security/advisories/CVE-2023-2283.txt" } ], "published": "2023-05-26T18:15:00+00:00", "updated": "2023-06-12T07:17:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssh-4@0.9.3-2ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "0.9.3-2ubuntu2.2", "status": "affected" } ] } ] }, { "id": "CVE-2022-48303", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 125 ], "description": "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", "recommendation": "Upgrade tar to version 1.30+dfsg-7ubuntu0.20.04.3", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:0959" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-48303" }, { "url": "https://bugzilla.redhat.com/2149722" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149722" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-0959.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:0842" }, { "url": "https://linux.oracle.com/cve/CVE-2022-48303.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-0959.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48303" }, { "url": "https://savannah.gnu.org/bugs/?62387" }, { "url": "https://savannah.gnu.org/patch/?10307" }, { "url": "https://ubuntu.com/security/notices/USN-5900-1" }, { "url": "https://ubuntu.com/security/notices/USN-5900-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-48303" } ], "published": "2023-01-30T04:15:00+00:00", "updated": "2023-05-30T17:16:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/tar@1.30%2Bdfsg-7ubuntu0.20.04.2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.30+dfsg-7ubuntu0.20.04.2", "status": "affected" } ] } ] }, { "id": "CVE-2023-3446", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 5.3, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.3, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 1333 ], "description": "Issue summary: Checking excessively long DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_check(), DH_check_ex()\nor EVP_PKEY_param_check() to check a DH key or DH parameters may experience long\ndelays. Where the key or parameters that are being checked have been obtained\nfrom an untrusted source this may lead to a Denial of Service.\n\nThe function DH_check() performs various checks on DH parameters. One of those\nchecks confirms that the modulus ('p' parameter) is not too large. Trying to use\na very large modulus is slow and OpenSSL will not normally use a modulus which\nis over 10,000 bits in length.\n\nHowever the DH_check() function checks numerous aspects of the key or parameters\nthat have been supplied. Some of those checks use the supplied modulus value\neven if it has already been found to be too large.\n\nAn application that calls DH_check() and supplies a key or parameters obtained\nfrom an untrusted source could be vulernable to a Denial of Service attack.\n\nThe function DH_check() is itself called by a number of other OpenSSL functions.\nAn application calling any of those other functions may similarly be affected.\nThe other functions affected by this are DH_check_ex() and\nEVP_PKEY_param_check().\n\nAlso vulnerable are the OpenSSL dhparam and pkeyparam command line applications\nwhen using the '-check' option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "advisories": [ { "url": "http://www.openwall.com/lists/oss-security/2023/07/19/4" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/19/5" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/19/6" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/31/1" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-3446" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3446" }, { "url": "https://security.netapp.com/advisory/ntap-20230803-0011/" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446" }, { "url": "https://www.openssl.org/news/secadv/20230719.txt" } ], "published": "2023-07-19T12:15:00+00:00", "updated": "2023-10-03T15:48:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] } ] }, { "id": "CVE-2017-11164", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 7.8, "severity": "high", "method": "CVSSv2", "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv3", "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 3.3, "severity": "low", "method": "CVSSv3", "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 674 ], "description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", "advisories": [ { "url": "http://openwall.com/lists/oss-security/2017/07/11/3" }, { "url": "http://www.openwall.com/lists/oss-security/2023/04/11/1" }, { "url": "http://www.openwall.com/lists/oss-security/2023/04/12/1" }, { "url": "http://www.securityfocus.com/bid/99575" }, { "url": "https://access.redhat.com/security/cve/CVE-2017-11164" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164" }, { "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11164" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2017-11164" } ], "published": "2017-07-11T03:29:00+00:00", "updated": "2023-04-12T15:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libpcre3@8.39-12ubuntu0.1?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "versions": [ { "version": "2:8.39-12ubuntu0.1", "status": "affected" } ] } ] }, { "id": "CVE-2023-0286", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "high" }, { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "ghsa" }, "score": 7.4, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "source": { "name": "nvd" }, "score": 7.4, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "high" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 7.4, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "high" }, { "source": { "name": "ubuntu" }, "severity": "high" } ], "cwes": [ 843 ], "description": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.", "recommendation": "Upgrade libssl1.1 to version 1.1.1f-1ubuntu2.17; Upgrade openssl to version 1.1.1f-1ubuntu2.17", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:2165" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-0286" }, { "url": "https://access.redhat.com/security/cve/cve-2023-0286" }, { "url": "https://bugzilla.redhat.com/1960321" }, { "url": "https://bugzilla.redhat.com/2164440" }, { "url": "https://bugzilla.redhat.com/2164487" }, { "url": "https://bugzilla.redhat.com/2164492" }, { "url": "https://bugzilla.redhat.com/2164494" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-2165.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:1405" }, { "url": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt" }, { "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d" }, { "url": "https://github.com/pyca/cryptography" }, { "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5" }, { "url": "https://linux.oracle.com/cve/CVE-2023-0286.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-2932.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286" }, { "url": "https://rustsec.org/advisories/RUSTSEC-2023-0006.html" }, { "url": "https://ubuntu.com/security/notices/USN-5844-1" }, { "url": "https://ubuntu.com/security/notices/USN-5845-1" }, { "url": "https://ubuntu.com/security/notices/USN-5845-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286" }, { "url": "https://www.openssl.org/news/secadv/20230207.txt" } ], "published": "2023-02-08T20:15:00+00:00", "updated": "2023-07-19T00:54:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] } ] }, { "id": "CVE-2022-41064", "source": { "name": "ghsa", "url": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anuget" }, "ratings": [ { "source": { "name": "ghsa" }, "score": 5.8, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "source": { "name": "nvd" }, "score": 5.8, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N" } ], "description": ".NET Framework Information Disclosure Vulnerability", "recommendation": "Upgrade System.Data.SqlClient to version 4.8.5", "advisories": [ { "url": "https://github.com/dotnet/corefx" }, { "url": "https://github.com/dotnet/corefx/security/advisories/GHSA-8g2p-5pqh-5jmc" }, { "url": "https://github.com/dotnet/runtime/issues/78042" }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41064" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41064" }, { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41064" }, { "url": "https://www.nuget.org/packages/Microsoft.Data.SqlClient/" } ], "published": "2022-11-09T22:15:00+00:00", "updated": "2023-07-11T17:15:00+00:00", "affects": [ { "ref": "pkg:nuget/System.Data.SqlClient@4.8.1", "versions": [ { "version": "4.8.1", "status": "affected" } ] } ] }, { "id": "CVE-2022-44640", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "critical" }, { "source": { "name": "nvd" }, "score": 9.8, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "photon" }, "severity": "critical" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "description": "Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).", "recommendation": "Upgrade libasn1-8-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libgssapi3-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libhcrypto4-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libheimbase1-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libheimntlm0-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libhx509-5-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libkrb5-26-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libroken18-heimdal to version 7.7.0+dfsg-1ubuntu1.3; Upgrade libwind0-heimdal to version 7.7.0+dfsg-1ubuntu1.3", "advisories": [ { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640" }, { "url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-88pm-hfmq-7vv4" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-44640" }, { "url": "https://security.gentoo.org/glsa/202310-06" }, { "url": "https://security.netapp.com/advisory/ntap-20230216-0008/" }, { "url": "https://ubuntu.com/security/notices/USN-5800-1" } ], "published": "2022-12-25T05:15:00+00:00", "updated": "2023-10-08T09:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] } ] }, { "id": "CVE-2023-0464", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 5.9, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 295 ], "description": "A security vulnerability has been identified in all supported versions\n\nof OpenSSL related to the verification of X.509 certificate chains\nthat include policy constraints. Attackers may be able to exploit this\nvulnerability by creating a malicious certificate chain that triggers\nexponential use of computational resources, leading to a denial-of-service\n(DoS) attack on affected systems.\n\nPolicy processing is disabled by default but can be enabled by passing\nthe `-policy' argument to the command line utilities or by calling the\n`X509_VERIFY_PARAM_set1_policies()' function.", "recommendation": "Upgrade libssl1.1 to version 1.1.1f-1ubuntu2.18; Upgrade openssl to version 1.1.1f-1ubuntu2.18", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:3722" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-0464" }, { "url": "https://bugzilla.redhat.com/2181082" }, { "url": "https://bugzilla.redhat.com/2182561" }, { "url": "https://bugzilla.redhat.com/2182565" }, { "url": "https://bugzilla.redhat.com/2188461" }, { "url": "https://bugzilla.redhat.com/2207947" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-3722.html" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1" }, { "url": "https://linux.oracle.com/cve/CVE-2023-0464.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-3722.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0464" }, { "url": "https://ubuntu.com/security/notices/USN-6039-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464" }, { "url": "https://www.debian.org/security/2023/dsa-5417" }, { "url": "https://www.openssl.org/news/secadv/20230322.txt" } ], "published": "2023-03-22T17:15:00+00:00", "updated": "2023-06-08T19:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] } ] }, { "id": "CVE-2023-2953", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "bitnami" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 7.1, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 476 ], "description": "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", "advisories": [ { "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-2953" }, { "url": "https://bugs.openldap.org/show_bug.cgi?id=9904" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2953" }, { "url": "https://security.netapp.com/advisory/ntap-20230703-0005/" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" }, { "url": "https://ubuntu.com/security/notices/USN-6197-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-2953" } ], "published": "2023-05-30T22:15:00+00:00", "updated": "2023-08-02T16:46:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libldap-2.4-2@2.4.49%2Bdfsg-2ubuntu1.9?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "2.4.49+dfsg-2ubuntu1.9", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libldap-common@2.4.49%2Bdfsg-2ubuntu1.9?arch=all\u0026distro=ubuntu-20.04", "versions": [ { "version": "2.4.49+dfsg-2ubuntu1.9", "status": "affected" } ] } ] }, { "id": "CVE-2022-41916", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 193 ], "description": "Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8. There are no known workarounds for this issue.", "recommendation": "Upgrade libasn1-8-heimdal to version 7.7.0+dfsg-1ubuntu1.2; Upgrade libgssapi3-heimdal to version 7.7.0+dfsg-1ubuntu1.2; Upgrade libhcrypto4-heimdal to version 7.7.0+dfsg-1ubuntu1.2; Upgrade libheimbase1-heimdal to version 7.7.0+dfsg-1ubuntu1.2; Upgrade libheimntlm0-heimdal to version 7.7.0+dfsg-1ubuntu1.2; Upgrade libhx509-5-heimdal to version 7.7.0+dfsg-1ubuntu1.2; Upgrade libkrb5-26-heimdal to version 7.7.0+dfsg-1ubuntu1.2; Upgrade libroken18-heimdal to version 7.7.0+dfsg-1ubuntu1.2; Upgrade libwind0-heimdal to version 7.7.0+dfsg-1ubuntu1.2", "advisories": [ { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916" }, { "url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-mgqr-gvh6-23cx" }, { "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41916" }, { "url": "https://security.gentoo.org/glsa/202310-06" }, { "url": "https://security.netapp.com/advisory/ntap-20230216-0008/" }, { "url": "https://ubuntu.com/security/notices/USN-5766-1" }, { "url": "https://www.debian.org/security/2022/dsa-5287" } ], "published": "2022-11-15T23:15:00+00:00", "updated": "2023-10-08T09:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] } ] }, { "id": "CVE-2022-3821", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "amazon" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 193 ], "description": "An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.", "recommendation": "Upgrade libsystemd0 to version 245.4-4ubuntu3.20; Upgrade libudev1 to version 245.4-4ubuntu3.20", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:0336" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-3821" }, { "url": "https://bugzilla.redhat.com/2139327" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139327" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-0336.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:0336" }, { "url": "https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e" }, { "url": "https://github.com/systemd/systemd/issues/23928" }, { "url": "https://github.com/systemd/systemd/pull/23933" }, { "url": "https://linux.oracle.com/cve/CVE-2022-3821.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-0336.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3821" }, { "url": "https://security.gentoo.org/glsa/202305-15" }, { "url": "https://ubuntu.com/security/notices/USN-5928-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-3821" } ], "published": "2022-11-08T22:15:00+00:00", "updated": "2023-06-29T23:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libsystemd0@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "245.4-4ubuntu3.17", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libudev1@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "245.4-4ubuntu3.17", "status": "affected" } ] } ] }, { "id": "CVE-2023-23916", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 770 ], "description": "An allocation of resources without limits or throttling vulnerability exists in curl \u003cv7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.16; Upgrade libcurl4 to version 7.68.0-1ubuntu2.16", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:1701" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-23916" }, { "url": "https://bugzilla.redhat.com/2167815" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167815" }, { "url": "https://curl.se/docs/CVE-2023-23916.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-1701.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:1140" }, { "url": "https://hackerone.com/reports/1826048" }, { "url": "https://linux.oracle.com/cve/CVE-2023-23916.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-1701.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916" }, { "url": "https://security.gentoo.org/glsa/202310-12" }, { "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "url": "https://ubuntu.com/security/notices/USN-5891-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916" }, { "url": "https://www.debian.org/security/2023/dsa-5365" } ], "published": "2023-02-23T20:15:00+00:00", "updated": "2023-10-11T11:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2021-37750", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "amazon" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 4, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "source": { "name": "nvd" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 476 ], "description": "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.", "recommendation": "Upgrade libgssapi-krb5-2 to version 1.17-6ubuntu4.3; Upgrade libk5crypto3 to version 1.17-6ubuntu4.3; Upgrade libkrb5-3 to version 1.17-6ubuntu4.3; Upgrade libkrb5support0 to version 1.17-6ubuntu4.3", "advisories": [ { "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37750.json" }, { "url": "https://access.redhat.com/security/cve/CVE-2021-37750" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750" }, { "url": "https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49" }, { "url": "https://github.com/krb5/krb5/releases" }, { "url": "https://linux.oracle.com/cve/CVE-2021-37750.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2021-4788.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37750" }, { "url": "https://security.netapp.com/advisory/ntap-20210923-0002/" }, { "url": "https://ubuntu.com/security/notices/USN-5959-1" }, { "url": "https://web.mit.edu/kerberos/advisories/" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2021-37750" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://www.starwindsoftware.com/security/sw-20220817-0004/" } ], "published": "2021-08-23T05:15:00+00:00", "updated": "2022-10-25T16:57:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libgssapi-krb5-2@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libk5crypto3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-3@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5support0@1.17-6ubuntu4.1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.17-6ubuntu4.1", "status": "affected" } ] } ] }, { "id": "CVE-2021-3671", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 4, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "source": { "name": "nvd" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "redhat" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 476 ], "description": "A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.", "recommendation": "Upgrade libasn1-8-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libgssapi3-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libhcrypto4-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libheimbase1-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libheimntlm0-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libhx509-5-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libkrb5-26-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libroken18-heimdal to version 7.7.0+dfsg-1ubuntu1.1; Upgrade libwind0-heimdal to version 7.7.0+dfsg-1ubuntu1.1", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2021-3671" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013080," }, { "url": "https://bugzilla.samba.org/show_bug.cgi?id=14770," }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" }, { "url": "https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a" }, { "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3671" }, { "url": "https://security.netapp.com/advisory/ntap-20221215-0002/" }, { "url": "https://security.netapp.com/advisory/ntap-20230216-0008/" }, { "url": "https://ubuntu.com/security/notices/USN-5142-1" }, { "url": "https://ubuntu.com/security/notices/USN-5174-1" }, { "url": "https://ubuntu.com/security/notices/USN-5675-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2021-3671" }, { "url": "https://www.debian.org/security/2022/dsa-5287" } ], "published": "2021-10-12T18:15:00+00:00", "updated": "2023-02-24T17:39:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] } ] }, { "id": "CVE-2022-32221", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 9.8, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "critical" }, { "source": { "name": "redhat" }, "score": 4.8, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 668 ], "description": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.14; Upgrade libcurl4 to version 7.68.0-1ubuntu2.14", "advisories": [ { "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "url": "http://www.openwall.com/lists/oss-security/2023/05/17/4" }, { "url": "https://access.redhat.com/errata/RHSA-2023:0333" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-32221" }, { "url": "https://bugzilla.redhat.com/2135411" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135411" }, { "url": "https://curl.se/docs/CVE-2022-32221.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-0333.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:0333" }, { "url": "https://hackerone.com/reports/1704017" }, { "url": "https://linux.oracle.com/cve/CVE-2022-32221.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-0333.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221" }, { "url": "https://security.gentoo.org/glsa/202212-01" }, { "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "url": "https://security.netapp.com/advisory/ntap-20230208-0002/" }, { "url": "https://support.apple.com/kb/HT213604" }, { "url": "https://support.apple.com/kb/HT213605" }, { "url": "https://ubuntu.com/security/notices/USN-5702-1" }, { "url": "https://ubuntu.com/security/notices/USN-5702-2" }, { "url": "https://ubuntu.com/security/notices/USN-5823-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221" }, { "url": "https://www.debian.org/security/2023/dsa-5330" } ], "published": "2022-12-05T22:15:00+00:00", "updated": "2023-05-17T09:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2022-38013", "source": { "name": "ghsa", "url": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anuget" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "bitnami" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ghsa" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 7.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "description": ".NET Core and Visual Studio Denial of Service Vulnerability.", "recommendation": "Upgrade Microsoft.AspNetCore.App.Runtime.linux-x64 to version 3.1.29, 6.0.9", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2022:6521" }, { "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38013.json" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-38013" }, { "url": "https://bugzilla.redhat.com/2125124" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38013" }, { "url": "https://devblogs.microsoft.com/dotnet/september-2022-updates/" }, { "url": "https://errata.almalinux.org/9/ALSA-2022-6521.html" }, { "url": "https://github.com/dotnet/aspnetcore" }, { "url": "https://github.com/dotnet/aspnetcore/security/advisories/GHSA-r8m2-4x37-6592" }, { "url": "https://linux.oracle.com/cve/CVE-2022-38013.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2022-6539.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M/" }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38013" }, { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013" }, { "url": "https://ubuntu.com/security/notices/USN-5609-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-38013" } ], "published": "2022-09-13T19:15:00+00:00", "updated": "2022-12-07T02:39:00+00:00", "affects": [ { "ref": "pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-x64@3.1.28", "versions": [ { "version": "3.1.28", "status": "affected" } ] } ] }, { "id": "CVE-2023-2650", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 770 ], "description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or\ndata containing them may be very slow.\n\nImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\nthe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\nsize limit may experience notable to very long delays when processing those\nmessages, which may lead to a Denial of Service.\n\nAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\nmost of which have no size limit. OBJ_obj2txt() may be used to translate\nan ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\ntype ASN1_OBJECT) to its canonical numeric text form, which are the\nsub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\nperiods.\n\nWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\n(these are sizes that are seen as absurdly large, taking up tens or hundreds\nof KiBs), the translation to a decimal number in text may take a very long\ntime. The time complexity is O(n^2) with 'n' being the size of the\nsub-identifiers in bytes (*).\n\nWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\nidentifiers in string form was introduced. This includes using OBJECT\nIDENTIFIERs in canonical numeric text form as identifiers for fetching\nalgorithms.\n\nSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\nAlgorithmIdentifier, which is commonly used in multiple protocols to specify\nwhat cryptographic algorithm should be used to sign or verify, encrypt or\ndecrypt, or digest passed data.\n\nApplications that call OBJ_obj2txt() directly with untrusted data are\naffected, with any version of OpenSSL. If the use is for the mere purpose\nof display, the severity is considered low.\n\nIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\nCMS, CMP/CRMF or TS. It also impacts anything that processes X.509\ncertificates, including simple things like verifying its signature.\n\nThe impact on TLS is relatively low, because all versions of OpenSSL have a\n100KiB limit on the peer's certificate chain. Additionally, this only\nimpacts clients, or servers that have explicitly enabled client\nauthentication.\n\nIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\nsuch as X.509 certificates. This is assumed to not happen in such a way\nthat it would cause a Denial of Service, so these versions are considered\nnot affected by this issue in such a way that it would be cause for concern,\nand the severity is therefore considered low.", "recommendation": "Upgrade libssl1.1 to version 1.1.1f-1ubuntu2.19; Upgrade openssl to version 1.1.1f-1ubuntu2.19", "advisories": [ { "url": "http://www.openwall.com/lists/oss-security/2023/05/30/1" }, { "url": "https://access.redhat.com/errata/RHSA-2023:3722" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-2650" }, { "url": "https://bugzilla.redhat.com/2181082" }, { "url": "https://bugzilla.redhat.com/2182561" }, { "url": "https://bugzilla.redhat.com/2182565" }, { "url": "https://bugzilla.redhat.com/2188461" }, { "url": "https://bugzilla.redhat.com/2207947" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-3722.html" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a" }, { "url": "https://linux.oracle.com/cve/CVE-2023-2650.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-3722.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650" }, { "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009" }, { "url": "https://security.netapp.com/advisory/ntap-20230703-0001/" }, { "url": "https://ubuntu.com/security/notices/USN-6119-1" }, { "url": "https://ubuntu.com/security/notices/USN-6188-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650" }, { "url": "https://www.debian.org/security/2023/dsa-5417" }, { "url": "https://www.openssl.org/news/secadv/20230530.txt" } ], "published": "2023-05-30T14:15:00+00:00", "updated": "2023-08-29T18:04:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] } ] }, { "id": "CVE-2022-4415", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "description": "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", "recommendation": "Upgrade libsystemd0 to version 245.4-4ubuntu3.20; Upgrade libudev1 to version 245.4-4ubuntu3.20", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:0954" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-4415" }, { "url": "https://bugzilla.redhat.com/2149063" }, { "url": "https://bugzilla.redhat.com/2155515" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155515" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164049" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-0954.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:0837" }, { "url": "https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c" }, { "url": "https://linux.oracle.com/cve/CVE-2022-4415.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-0954.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4415" }, { "url": "https://ubuntu.com/security/notices/USN-5928-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-4415" }, { "url": "https://www.openwall.com/lists/oss-security/2022/12/21/3" } ], "published": "2023-01-11T15:15:00+00:00", "updated": "2023-02-02T16:19:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libsystemd0@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "245.4-4ubuntu3.17", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libudev1@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "245.4-4ubuntu3.17", "status": "affected" } ] } ] }, { "id": "CVE-2023-26604", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "amazon" }, "severity": "high" }, { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 7.8, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 7.1, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "description": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the \"systemctl status\" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.", "advisories": [ { "url": "http://packetstormsecurity.com/files/174130/systemd-246-Local-Root-Privilege-Escalation.html" }, { "url": "https://access.redhat.com/errata/RHSA-2023:3837" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-26604" }, { "url": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/" }, { "url": "https://bugzilla.redhat.com/2175611" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175611" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190153" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604" }, { "url": "https://errata.almalinux.org/8/ALSA-2023-3837.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:3837" }, { "url": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340" }, { "url": "https://github.com/systemd/systemd/issues/5666" }, { "url": "https://linux.oracle.com/cve/CVE-2023-26604.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-3837.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html" }, { "url": "https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26604" }, { "url": "https://security.netapp.com/advisory/ntap-20230505-0009/" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-26604" } ], "published": "2023-03-03T16:15:00+00:00", "updated": "2023-08-11T15:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libsystemd0@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "245.4-4ubuntu3.17", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libudev1@245.4-4ubuntu3.17?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "245.4-4ubuntu3.17", "status": "affected" } ] } ] }, { "id": "CVE-2023-27536", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 287 ], "description": "An authentication bypass vulnerability exists libcurl \u003c8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.18; Upgrade libcurl4 to version 7.68.0-1ubuntu2.18", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:4523" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-27536" }, { "url": "https://bugzilla.redhat.com/2179092" }, { "url": "https://bugzilla.redhat.com/2196786" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179092" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196786" }, { "url": "https://curl.se/docs/CVE-2023-27536.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321" }, { "url": "https://errata.almalinux.org/8/ALSA-2023-4523.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:4523" }, { "url": "https://hackerone.com/reports/1895135" }, { "url": "https://linux.oracle.com/cve/CVE-2023-27536.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-4523.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536" }, { "url": "https://security.gentoo.org/glsa/202310-12" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "url": "https://ubuntu.com/security/notices/USN-5964-1" }, { "url": "https://ubuntu.com/security/notices/USN-5964-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536" } ], "published": "2023-03-30T20:15:00+00:00", "updated": "2023-10-11T11:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2023-4016", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 5.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 2.5, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 787 ], "description": "Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-4016" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4016" }, { "url": "https://gitlab.com/procps-ng/procps" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4016" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-4016" } ], "published": "2023-08-02T05:15:00+00:00", "updated": "2023-08-21T03:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libprocps8@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "versions": [ { "version": "2:3.3.16-1ubuntu2.3", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/procps@3.3.16-1ubuntu2.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=2", "versions": [ { "version": "2:3.3.16-1ubuntu2.3", "status": "affected" } ] } ] }, { "id": "CVE-2022-4450", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "high" }, { "source": { "name": "ghsa" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "high" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 7.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "rocky" }, "severity": "high" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 415 ], "description": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.", "recommendation": "Upgrade libssl1.1 to version 1.1.1f-1ubuntu2.17; Upgrade openssl to version 1.1.1f-1ubuntu2.17", "advisories": [ { "url": "https://access.redhat.com/errata/RHSA-2023:2165" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-4450" }, { "url": "https://bugzilla.redhat.com/1960321" }, { "url": "https://bugzilla.redhat.com/2164440" }, { "url": "https://bugzilla.redhat.com/2164487" }, { "url": "https://bugzilla.redhat.com/2164492" }, { "url": "https://bugzilla.redhat.com/2164494" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-2165.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:1405" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b" }, { "url": "https://linux.oracle.com/cve/CVE-2022-4450.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-2932.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450" }, { "url": "https://rustsec.org/advisories/RUSTSEC-2023-0010.html" }, { "url": "https://ubuntu.com/security/notices/USN-5844-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450" }, { "url": "https://www.openssl.org/news/secadv/20230207.txt" } ], "published": "2023-02-08T20:15:00+00:00", "updated": "2023-07-19T00:57:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] } ] }, { "id": "CVE-2013-4235", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 3.3, "severity": "info", "method": "CVSSv2", "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:P" }, { "source": { "name": "nvd" }, "score": 4.7, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 3.7, "severity": "low", "method": "CVSSv2", "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P" }, { "source": { "name": "redhat" }, "score": 4.4, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 367 ], "description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2013-4235" }, { "url": "https://access.redhat.com/security/cve/cve-2013-4235" }, { "url": "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1998169" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235" }, { "url": "https://github.com/shadow-maint/shadow/issues/317" }, { "url": "https://github.com/shadow-maint/shadow/pull/545" }, { "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4235" }, { "url": "https://security-tracker.debian.org/tracker/CVE-2013-4235" }, { "url": "https://security.gentoo.org/glsa/202210-26" }, { "url": "https://ubuntu.com/security/notices/USN-5745-1" }, { "url": "https://ubuntu.com/security/notices/USN-5745-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2013-4235" } ], "published": "2019-12-03T15:15:00+00:00", "updated": "2023-02-13T00:28:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/login@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "versions": [ { "version": "1:4.8.1-1ubuntu5.20.04.2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/passwd@4.8.1-1ubuntu5.20.04.2?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "versions": [ { "version": "1:4.8.1-1ubuntu5.20.04.2", "status": "affected" } ] } ] }, { "id": "CVE-2020-16156", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 6.8, "severity": "medium", "method": "CVSSv2", "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "source": { "name": "nvd" }, "score": 7.8, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "source": { "name": "redhat" }, "score": 7.8, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 347 ], "description": "CPAN 2.28 allows Signature Verification Bypass.", "recommendation": "Upgrade perl-base to version 5.30.0-9ubuntu0.3", "advisories": [ { "url": "http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html" }, { "url": "https://access.redhat.com/security/cve/CVE-2020-16156" }, { "url": "https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/" }, { "url": "https://metacpan.org/pod/distribution/CPAN/scripts/cpan" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16156" }, { "url": "https://ubuntu.com/security/notices/USN-5689-1" }, { "url": "https://ubuntu.com/security/notices/USN-5689-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2020-16156" } ], "published": "2021-12-13T18:15:00+00:00", "updated": "2022-04-01T13:26:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/perl-base@5.30.0-9ubuntu0.2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "5.30.0-9ubuntu0.2", "status": "affected" } ] } ] }, { "id": "CVE-2023-29491", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 7.8, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 7.8, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 787 ], "description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "recommendation": "Upgrade libncurses6 to version 6.2-0ubuntu2.1; Upgrade libncursesw6 to version 6.2-0ubuntu2.1; Upgrade libtinfo6 to version 6.2-0ubuntu2.1; Upgrade ncurses-base to version 6.2-0ubuntu2.1; Upgrade ncurses-bin to version 6.2-0ubuntu2.1", "advisories": [ { "url": "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56" }, { "url": "http://www.openwall.com/lists/oss-security/2023/04/19/10" }, { "url": "http://www.openwall.com/lists/oss-security/2023/04/19/11" }, { "url": "https://access.redhat.com/errata/RHSA-2023:5249" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-29491" }, { "url": "https://bugzilla.redhat.com/2191704" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491" }, { "url": "https://errata.almalinux.org/8/ALSA-2023-5249.html" }, { "url": "https://invisible-island.net/ncurses/NEWS.html#index-t20230408" }, { "url": "https://linux.oracle.com/cve/CVE-2023-29491.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-5249.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491" }, { "url": "https://security.netapp.com/advisory/ntap-20230517-0009/" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" }, { "url": "https://ubuntu.com/security/notices/USN-6099-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-29491" }, { "url": "https://www.openwall.com/lists/oss-security/2023/04/12/5" }, { "url": "https://www.openwall.com/lists/oss-security/2023/04/13/4" } ], "published": "2023-04-14T01:15:00+00:00", "updated": "2023-09-09T22:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libncurses6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libncursesw6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libtinfo6@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/ncurses-base@6.2-0ubuntu2?arch=all\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/ncurses-bin@6.2-0ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "6.2-0ubuntu2", "status": "affected" } ] } ] }, { "id": "CVE-2022-43552", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "low" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "low" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.9, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 416 ], "description": "A use after free vulnerability exists in curl \u003c7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.15; Upgrade libcurl4 to version 7.68.0-1ubuntu2.15", "advisories": [ { "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "url": "https://access.redhat.com/errata/RHSA-2023:2478" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-43552" }, { "url": "https://bugzilla.redhat.com/2120718" }, { "url": "https://bugzilla.redhat.com/2152652" }, { "url": "https://curl.se/docs/CVE-2022-43552.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-2478.html" }, { "url": "https://hackerone.com/reports/1764858" }, { "url": "https://linux.oracle.com/cve/CVE-2022-43552.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-2963.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552" }, { "url": "https://security.gentoo.org/glsa/202310-12" }, { "url": "https://security.netapp.com/advisory/ntap-20230214-0002/" }, { "url": "https://support.apple.com/kb/HT213670" }, { "url": "https://ubuntu.com/security/notices/USN-5788-1" }, { "url": "https://ubuntu.com/security/notices/USN-5894-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552" } ], "published": "2023-02-09T20:15:00+00:00", "updated": "2023-10-11T11:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2023-28321", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.9, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 295 ], "description": "An improper certificate validation vulnerability exists in curl \u003cv8.1.0 in the way it supports matching of wildcard patterns when listed as \"Subject Alternative Name\" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.19; Upgrade libcurl4 to version 7.68.0-1ubuntu2.19", "advisories": [ { "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "url": "https://access.redhat.com/errata/RHSA-2023:4354" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-28321" }, { "url": "https://bugzilla.redhat.com/2196786" }, { "url": "https://bugzilla.redhat.com/2196793" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179092" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196786" }, { "url": "https://curl.se/docs/CVE-2023-28321.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321" }, { "url": "https://errata.almalinux.org/9/ALSA-2023-4354.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:4523" }, { "url": "https://hackerone.com/reports/1950627" }, { "url": "https://linux.oracle.com/cve/CVE-2023-28321.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-4523.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28321" }, { "url": "https://security.gentoo.org/glsa/202310-12" }, { "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" }, { "url": "https://ubuntu.com/security/notices/USN-6237-1" }, { "url": "https://ubuntu.com/security/notices/USN-6237-3" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321" } ], "published": "2023-05-26T21:15:00+00:00", "updated": "2023-10-11T15:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2023-1667", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 6.5, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 4.3, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 476 ], "description": "A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.", "recommendation": "Upgrade libssh-4 to version 0.9.3-2ubuntu2.3", "advisories": [ { "url": "http://www.libssh.org/security/advisories/CVE-2023-1667.txt" }, { "url": "https://access.redhat.com/errata/RHSA-2023:3839" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-1667" }, { "url": "https://bugzilla.redhat.com/2182199" }, { "url": "https://bugzilla.redhat.com/2189736" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182199" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189736" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1667" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2283" }, { "url": "https://errata.almalinux.org/8/ALSA-2023-3839.html" }, { "url": "https://errata.rockylinux.org/RLSA-2023:3839" }, { "url": "https://linux.oracle.com/cve/CVE-2023-1667.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-3839.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00029.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1667" }, { "url": "https://ubuntu.com/security/notices/USN-6138-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-1667" }, { "url": "https://www.libssh.org/security/advisories/CVE-2023-1667.txt" } ], "published": "2023-05-26T18:15:00+00:00", "updated": "2023-06-06T15:02:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssh-4@0.9.3-2ubuntu2.2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "0.9.3-2ubuntu2.2", "status": "affected" } ] } ] }, { "id": "CVE-2016-2781", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 2.1, "severity": "info", "method": "CVSSv2", "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N" }, { "source": { "name": "nvd" }, "score": 6.5, "severity": "medium", "method": "CVSSv3", "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "source": { "name": "redhat" }, "score": 6.2, "severity": "medium", "method": "CVSSv2", "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C" }, { "source": { "name": "redhat" }, "score": 8.6, "severity": "medium", "method": "CVSSv3", "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 20 ], "description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", "advisories": [ { "url": "http://seclists.org/oss-sec/2016/q1/452" }, { "url": "http://www.openwall.com/lists/oss-security/2016/02/28/2" }, { "url": "http://www.openwall.com/lists/oss-security/2016/02/28/3" }, { "url": "https://access.redhat.com/security/cve/CVE-2016-2781" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781" }, { "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" }, { "url": "https://lore.kernel.org/patchwork/patch/793178/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2781" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2016-2781" } ], "published": "2017-02-07T15:59:00+00:00", "updated": "2021-02-25T17:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/coreutils@8.30-3ubuntu2?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "8.30-3ubuntu2", "status": "affected" } ] } ] }, { "id": "CVE-2022-37434", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "alma" }, "severity": "medium" }, { "source": { "name": "cbl-mariner" }, "severity": "critical" }, { "source": { "name": "nvd" }, "score": 9.8, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "oracle-oval" }, "severity": "medium" }, { "source": { "name": "photon" }, "severity": "critical" }, { "source": { "name": "redhat" }, "score": 7, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "source": { "name": "rocky" }, "severity": "medium" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 787 ], "description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "recommendation": "Upgrade zlib1g to version 1:1.2.11.dfsg-2ubuntu1.5", "advisories": [ { "url": "http://seclists.org/fulldisclosure/2022/Oct/37" }, { "url": "http://seclists.org/fulldisclosure/2022/Oct/38" }, { "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "url": "http://seclists.org/fulldisclosure/2022/Oct/42" }, { "url": "http://www.openwall.com/lists/oss-security/2022/08/05/2" }, { "url": "http://www.openwall.com/lists/oss-security/2022/08/09/1" }, { "url": "https://access.redhat.com/errata/RHSA-2022:8291" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-37434" }, { "url": "https://bugzilla.redhat.com/2116639" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043753" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116639" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434" }, { "url": "https://errata.almalinux.org/9/ALSA-2022-8291.html" }, { "url": "https://errata.rockylinux.org/RLSA-2022:7793" }, { "url": "https://github.com/curl/curl/issues/9271" }, { "url": "https://github.com/ivd38/zlib_overflow" }, { "url": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063" }, { "url": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1" }, { "url": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764" }, { "url": "https://linux.oracle.com/cve/CVE-2022-37434.html" }, { "url": "https://linux.oracle.com/errata/ELSA-2023-1095.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434" }, { "url": "https://security.netapp.com/advisory/ntap-20220901-0005/" }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" }, { "url": "https://support.apple.com/kb/HT213488" }, { "url": "https://support.apple.com/kb/HT213489" }, { "url": "https://support.apple.com/kb/HT213490" }, { "url": "https://support.apple.com/kb/HT213491" }, { "url": "https://support.apple.com/kb/HT213493" }, { "url": "https://support.apple.com/kb/HT213494" }, { "url": "https://ubuntu.com/security/notices/USN-5570-1" }, { "url": "https://ubuntu.com/security/notices/USN-5570-2" }, { "url": "https://ubuntu.com/security/notices/USN-5573-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434" }, { "url": "https://www.debian.org/security/2022/dsa-5218" } ], "published": "2022-08-05T07:15:00+00:00", "updated": "2023-07-19T00:56:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu1.3?arch=amd64\u0026distro=ubuntu-20.04\u0026epoch=1", "versions": [ { "version": "1:1.2.11.dfsg-2ubuntu1.3", "status": "affected" } ] } ] }, { "id": "CVE-2022-28321", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "nvd" }, "score": 9.8, "severity": "critical", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "redhat" }, "score": 9.8, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 287 ], "description": "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.", "recommendation": "Upgrade libpam-modules to version 1.3.1-5ubuntu4.4; Upgrade libpam-modules-bin to version 1.3.1-5ubuntu4.4; Upgrade libpam-runtime to version 1.3.1-5ubuntu4.4; Upgrade libpam0g to version 1.3.1-5ubuntu4.4", "advisories": [ { "url": "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-28321" }, { "url": "https://bugzilla.suse.com/show_bug.cgi?id=1197654" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28321" }, { "url": "https://github.com/linux-pam/linux-pam/pull/447" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28321" }, { "url": "https://ubuntu.com/security/notices/USN-5825-1" }, { "url": "https://ubuntu.com/security/notices/USN-5825-2" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-28321" }, { "url": "https://www.suse.com/security/cve/CVE-2022-28321.html" } ], "published": "2022-09-19T22:15:00+00:00", "updated": "2023-08-08T14:21:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libpam-modules-bin@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.3.1-5ubuntu4.3", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libpam-modules@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.3.1-5ubuntu4.3", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libpam-runtime@1.3.1-5ubuntu4.3?arch=all\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.3.1-5ubuntu4.3", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libpam0g@1.3.1-5ubuntu4.3?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.3.1-5ubuntu4.3", "status": "affected" } ] } ] }, { "id": "CVE-2022-45142", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 7.5, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "source": { "name": "redhat" }, "severity": "high" }, { "source": { "name": "ubuntu" }, "severity": "medium" } ], "cwes": [ 354 ], "description": "The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding \"!= 0\" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.", "recommendation": "Upgrade libasn1-8-heimdal to version 7.7.0+dfsg-1ubuntu1.4; Upgrade libgssapi3-heimdal to version 7.7.0+dfsg-1ubuntu1.4; Upgrade libhcrypto4-heimdal to version 7.7.0+dfsg-1ubuntu1.4; Upgrade libheimbase1-heimdal to version 7.7.0+dfsg-1ubuntu1.4; Upgrade libheimntlm0-heimdal to version 7.7.0+dfsg-1ubuntu1.4; Upgrade libhx509-5-heimdal to version 7.7.0+dfsg-1ubuntu1.4; Upgrade libkrb5-26-heimdal to version 7.7.0+dfsg-1ubuntu1.4; Upgrade libroken18-heimdal to version 7.7.0+dfsg-1ubuntu1.4; Upgrade libwind0-heimdal to version 7.7.0+dfsg-1ubuntu1.4", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2022-45142" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45142" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45142" }, { "url": "https://security.gentoo.org/glsa/202310-06" }, { "url": "https://ubuntu.com/security/notices/USN-5849-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2022-45142" }, { "url": "https://www.openwall.com/lists/oss-security/2023/02/08/1" } ], "published": "2023-03-06T23:15:00+00:00", "updated": "2023-10-08T09:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libasn1-8-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libgssapi3-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhcrypto4-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimbase1-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libheimntlm0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libhx509-5-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libkrb5-26-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libroken18-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libwind0-heimdal@7.7.0%2Bdfsg-1ubuntu1?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.7.0+dfsg-1ubuntu1", "status": "affected" } ] } ] }, { "id": "CVE-2023-27534", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "high" }, { "source": { "name": "nvd" }, "score": 8.8, "severity": "high", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "source": { "name": "photon" }, "severity": "high" }, { "source": { "name": "redhat" }, "score": 3.7, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 22 ], "description": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", "recommendation": "Upgrade curl to version 7.68.0-1ubuntu2.18; Upgrade libcurl4 to version 7.68.0-1ubuntu2.18", "advisories": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-27534" }, { "url": "https://curl.se/docs/CVE-2023-27534.html" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534" }, { "url": "https://hackerone.com/reports/1892351" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534" }, { "url": "https://security.gentoo.org/glsa/202310-12" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0012/" }, { "url": "https://ubuntu.com/security/notices/USN-5964-1" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534" } ], "published": "2023-03-30T20:15:00+00:00", "updated": "2023-10-11T11:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/curl@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/libcurl4@7.68.0-1ubuntu2.13?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "7.68.0-1ubuntu2.13", "status": "affected" } ] } ] }, { "id": "CVE-2023-3817", "source": { "name": "ubuntu", "url": "https://git.launchpad.net/ubuntu-cve-tracker" }, "ratings": [ { "source": { "name": "cbl-mariner" }, "severity": "medium" }, { "source": { "name": "nvd" }, "score": 5.3, "severity": "medium", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "source": { "name": "photon" }, "severity": "medium" }, { "source": { "name": "redhat" }, "score": 5.3, "severity": "low", "method": "CVSSv31", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "source": { "name": "ubuntu" }, "severity": "low" } ], "cwes": [ 834 ], "description": "Issue summary: Checking excessively long DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_check(), DH_check_ex()\nor EVP_PKEY_param_check() to check a DH key or DH parameters may experience long\ndelays. Where the key or parameters that are being checked have been obtained\nfrom an untrusted source this may lead to a Denial of Service.\n\nThe function DH_check() performs various checks on DH parameters. After fixing\nCVE-2023-3446 it was discovered that a large q parameter value can also trigger\nan overly long computation during some of these checks. A correct q value,\nif present, cannot be larger than the modulus p parameter, thus it is\nunnecessary to perform these checks if q is larger than p.\n\nAn application that calls DH_check() and supplies a key or parameters obtained\nfrom an untrusted source could be vulnerable to a Denial of Service attack.\n\nThe function DH_check() is itself called by a number of other OpenSSL functions.\nAn application calling any of those other functions may similarly be affected.\nThe other functions affected by this are DH_check_ex() and\nEVP_PKEY_param_check().\n\nAlso vulnerable are the OpenSSL dhparam and pkeyparam command line applications\nwhen using the \"-check\" option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "advisories": [ { "url": "http://seclists.org/fulldisclosure/2023/Jul/43" }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/31/1" }, { "url": "http://www.openwall.com/lists/oss-security/2023/09/22/11" }, { "url": "http://www.openwall.com/lists/oss-security/2023/09/22/9" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-3817" }, { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3817" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html" }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3817" }, { "url": "https://security.netapp.com/advisory/ntap-20230818-0014/" }, { "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817" }, { "url": "https://www.openssl.org/news/secadv/20230731.txt" } ], "published": "2023-07-31T16:15:00+00:00", "updated": "2023-09-23T00:15:00+00:00", "affects": [ { "ref": "pkg:deb/ubuntu/libssl1.1@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] }, { "ref": "pkg:deb/ubuntu/openssl@1.1.1f-1ubuntu2.16?arch=amd64\u0026distro=ubuntu-20.04", "versions": [ { "version": "1.1.1f-1ubuntu2.16", "status": "affected" } ] } ] } ] }