vulnerability.yaml

- bucket: vulnerability
  pairs:
  - key: CVE-2022-38177
    value:
      Title: "bind: memory leak in ECDSA DNSSEC verification code"
      Description: "By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources."
      Severity: HIGH
      CVSS:
        nvd:
          V3Score: 7.5
          V3Vector: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"
        redhat:
          V3Score: 7.5
          V3Vector: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"
      LastModifiedDate: "2022-09-21T11:15:00Z"
      PublishedDate: "2022-09-21T11:15:00Z"
      References:
        - "http://www.openwall.com/lists/oss-security/2022/09/21/3"
        - "https://access.redhat.com/errata/RHSA-2022:6763"
        - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38177.json"
        - "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38178.json"
        - "https://access.redhat.com/security/cve/CVE-2022-38177"
      VendorSeverity:
        arch-linux: 2
        nvd: 2
        redhat: 2
        ubuntu: 2
  - key: CVE-2022-3715
    value:
      Title: a heap-buffer-overflow in valid_parameter_transform
      Severity: LOW
      Description: A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
      CVSS:
        nvd:
          V3Score: 7.8
          V3Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
        redhat:
          V3Score: 6.6
          V3Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
      CweIDs:
        - CWE-787
      LastModifiedDate: 2023-02-24T18:38:00Z
      PublishedDate: 2023-01-05T15:15:00Z
      References:
        - https://access.redhat.com/errata/RHSA-2023:0340
        - https://access.redhat.com/security/cve/CVE-2022-3715
        - https://bugzilla.redhat.com/2126720
        - https://bugzilla.redhat.com/show_bug.cgi?id=2126720
      VendorSeverity:
        cbl-mariner: 3.0
        nvd: 3.0
        photon: 3.0
        redhat: 1.0
        ubuntu: 2.0
  - key: CVE-2016-9401
    value:
      CVSS:
        nvd:
          V2Score: 2.1
          V2Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
          V3Score: 5.5
          V3Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
        redhat:
          V2Score: 1.9
          V2Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P
          V3Score: 3.3
          V3Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
      CweIDs:
      - CWE-416
      Description: popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
      LastModifiedDate: 2020-09-14T18:32:00Z
      PublishedDate: 2017-01-23T21:59:00Z
      References:
      - http://rhn.redhat.com/errata/RHSA-2017-0725.html
      - http://www.openwall.com/lists/oss-security/2016/11/17/5
      - http://www.openwall.com/lists/oss-security/2016/11/17/9
      - http://www.securityfocus.com/bid/94398
      - https://access.redhat.com/errata/RHSA-2017:1931
      - https://access.redhat.com/security/cve/CVE-2016-9401
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9401
      - https://linux.oracle.com/cve/CVE-2016-9401.html
      - https://linux.oracle.com/errata/ELSA-2017-1931.html
      - https://lists.debian.org/debian-lts-announce/2019/03/msg00028.html
      - https://security.gentoo.org/glsa/201701-02
      - https://ubuntu.com/security/notices/USN-3294-1
      Severity: MEDIUM
      Title: "bash: popd controlled free"
      VendorSeverity:
        amazon: 2.0
        nvd: 2.0
        oracle-oval: 2.0
        photon: 2.0
        redhat: 1.0
        ubuntu: 1.0
  - key: CVE-2018-0734
    value:
      CVSS:
        nvd:
          V2Score: 4.3
          V2Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
          V3Score: 5.9
          V3Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
        redhat:
          V3Score: 5.1
          V3Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
      CweIDs:
      - CWE-327
      Description: The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
      LastModifiedDate: 2020-08-24T17:37:00Z
      PublishedDate: 2018-10-30T12:29:00Z
      References:
      - http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
      - http://www.securityfocus.com/bid/105758
      - https://access.redhat.com/errata/RHSA-2019:2304
      - https://access.redhat.com/errata/RHSA-2019:3700
      - https://access.redhat.com/errata/RHSA-2019:3932
      - https://access.redhat.com/errata/RHSA-2019:3933
      - https://access.redhat.com/errata/RHSA-2019:3935
      - https://access.redhat.com/security/cve/CVE-2018-0734
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=43e6a58d4991a451daf4891ff05a48735df871ac
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8abfe72e8c1de1b95f50aa0d9134803b4d00070f
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ef11e19d1365eea2b1851e6f540a0bf365d303e7
      - https://linux.oracle.com/cve/CVE-2018-0734.html
      - https://linux.oracle.com/errata/ELSA-2019-3700.html
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
      - https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
      - https://nvd.nist.gov/vuln/detail/CVE-2018-0734
      - https://security.netapp.com/advisory/ntap-20181105-0002/
      - https://security.netapp.com/advisory/ntap-20190118-0002/
      - https://security.netapp.com/advisory/ntap-20190423-0002/
      - https://ubuntu.com/security/notices/USN-3840-1
      - https://usn.ubuntu.com/3840-1/
      - https://www.debian.org/security/2018/dsa-4348
      - https://www.debian.org/security/2018/dsa-4355
      - https://www.openssl.org/news/secadv/20181030.txt
      - https://www.oracle.com/security-alerts/cpuapr2020.html
      - https://www.oracle.com/security-alerts/cpujan2020.html
      - https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
      - https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
      - https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
      - https://www.tenable.com/security/tns-2018-16
      - https://www.tenable.com/security/tns-2018-17
      Severity: MEDIUM
      Title: "openssl: timing side channel attack in the DSA signature algorithm"
      VendorSeverity:
        amazon: 2.0
        arch-linux: 1.0
        cbl-mariner: 2.0
        nvd: 2.0
        oracle-oval: 1.0
        photon: 2.0
        redhat: 1.0
        ubuntu: 1.0
  - key: CVE-2019-10744
    value:
      CVSS:
        nvd:
          V2Score: 6.4
          V2Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
          V3Score: 9.1
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
        redhat:
          V3Score: 9.1
          V3Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
      Description: Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
      LastModifiedDate: 2021-03-16T13:57:00Z
      PublishedDate: 2019-07-26T00:15:00Z
      References:
      - https://access.redhat.com/errata/RHSA-2019:3024
      - https://access.redhat.com/security/cve/CVE-2019-10744
      - https://github.com/advisories/GHSA-jf85-cpcp-j695
      - https://github.com/lodash/lodash/pull/4336
      - https://nvd.nist.gov/vuln/detail/CVE-2019-10744
      - https://security.netapp.com/advisory/ntap-20191004-0005/
      - https://snyk.io/vuln/SNYK-JS-LODASH-450202
      - https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS
      - https://www.npmjs.com/advisories/1065
      - https://www.oracle.com/security-alerts/cpujan2021.html
      - https://www.oracle.com/security-alerts/cpuoct2020.html
      Severity: CRITICAL
      Title: "nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties"
      VendorSeverity:
        ghsa: 4.0
        nvd: 4.0
        redhat: 3.0
  - key: CVE-2019-11358
    value:
      CVSS:
        nvd:
          V2Score: 4.3
          V2Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
          V3Score: 6.1
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
        redhat:
          V3Score: 5.6
          V3Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
      CweIDs:
      - CWE-79
      Description: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
      LastModifiedDate: 2021-10-20T11:15:00Z
      PublishedDate: 2019-04-20T00:29:00Z
      References:
      - http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
      - http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
      - http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html
      - http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
      - http://seclists.org/fulldisclosure/2019/May/10
      - http://seclists.org/fulldisclosure/2019/May/11
      - http://seclists.org/fulldisclosure/2019/May/13
      - http://www.openwall.com/lists/oss-security/2019/06/03/2
      - http://www.securityfocus.com/bid/108023
      - https://access.redhat.com/errata/RHBA-2019:1570
      - https://access.redhat.com/errata/RHSA-2019:1456
      - https://access.redhat.com/errata/RHSA-2019:2587
      - https://access.redhat.com/errata/RHSA-2019:3023
      - https://access.redhat.com/errata/RHSA-2019:3024
      - https://access.redhat.com/security/cve/CVE-2019-11358
      - https://backdropcms.org/security/backdrop-sa-core-2019-009
      - https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
      - https://github.com/DanielRuf/snyk-js-jquery-174006?files=1
      - https://github.com/advisories/GHSA-6c3j-c64m-qhgq
      - https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
      - https://github.com/jquery/jquery/pull/4333
      - "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434"
      - https://hackerone.com/reports/454365
      - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
      - https://linux.oracle.com/cve/CVE-2019-11358.html
      - https://linux.oracle.com/errata/ELSA-2020-4847.html
      - https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E
      - https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
      - https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E
      - https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E
      - https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E
      - https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
      - https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E
      - https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E
      - https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
      - https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
      - https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E
      - https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E
      - https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E
      - https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E
      - https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E
      - https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E
      - https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E
      - https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E
      - https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
      - https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html
      - https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html
      - https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/
      - https://nvd.nist.gov/vuln/detail/CVE-2019-11358
      - https://seclists.org/bugtraq/2019/Apr/32
      - https://seclists.org/bugtraq/2019/Jun/12
      - https://seclists.org/bugtraq/2019/May/18
      - https://security.netapp.com/advisory/ntap-20190919-0001/
      - https://snyk.io/vuln/SNYK-JS-JQUERY-174006
      - https://www.debian.org/security/2019/dsa-4434
      - https://www.debian.org/security/2019/dsa-4460
      - https://www.drupal.org/sa-core-2019-006
      - https://www.oracle.com//security-alerts/cpujul2021.html
      - https://www.oracle.com/security-alerts/cpuApr2021.html
      - https://www.oracle.com/security-alerts/cpuapr2020.html
      - https://www.oracle.com/security-alerts/cpujan2020.html
      - https://www.oracle.com/security-alerts/cpujan2021.html
      - https://www.oracle.com/security-alerts/cpujul2020.html
      - https://www.oracle.com/security-alerts/cpuoct2020.html
      - https://www.oracle.com/security-alerts/cpuoct2021.html
      - https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
      - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
      - https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/
      - https://www.synology.com/security/advisory/Synology_SA_19_19
      - https://www.tenable.com/security/tns-2019-08
      - https://www.tenable.com/security/tns-2020-02
      Severity: MEDIUM
      Title: "jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection"
      VendorSeverity:
        alma: 2.0
        amazon: 2.0
        arch-linux: 2.0
        ghsa: 2.0
        nodejs-security-wg: 2.0
        nvd: 2.0
        oracle-oval: 2.0
        redhat: 2.0
        ruby-advisory-db: 2.0
        ubuntu: 1.0
  - key: CVE-2019-14697
    value:
      CVSS:
        nvd:
          V2Score: 7.5
          V2Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
          V3Score: 9.8
          V3Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      CweIDs:
      - CWE-787
      Description: musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.
      LastModifiedDate: 2020-03-14T19:15:00Z
      PublishedDate: 2019-08-06T16:15:00Z
      References:
      - http://www.openwall.com/lists/oss-security/2019/08/06/4
      - https://security.gentoo.org/glsa/202003-13
      - https://www.openwall.com/lists/musl/2019/08/06/1
      Severity: CRITICAL
      VendorSeverity:
        nvd: 4.0
  - key: CVE-2019-14806
    value:
      CVSS:
        nvd:
          V2Score: 5.0
          V2Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
          V3Score: 7.5
          V3Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
        redhat:
          V3Score: 7.5
          V3Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
      CweIDs:
      - CWE-331
      Description: Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.
      LastModifiedDate: 2019-09-11T00:15:00Z
      PublishedDate: 2019-08-09T15:15:00Z
      References:
      - http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00034.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00047.html
      - https://access.redhat.com/security/cve/CVE-2019-14806
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14806
      - https://github.com/advisories/GHSA-gq9m-qvpx-68hc
      - "https://github.com/pallets/werkzeug/blob/7fef41b120327d3912fbe12fb64f1951496fcf3e/src/werkzeug/debug/__init__.py#L168"
      - https://github.com/pallets/werkzeug/commit/00bc43b1672e662e5e3b8cecd79e67fc968fa246
      - https://nvd.nist.gov/vuln/detail/CVE-2019-14806
      - https://palletsprojects.com/blog/werkzeug-0-15-3-released/
      - https://ubuntu.com/security/notices/USN-4655-1
      Severity: HIGH
      Title: "python-werkzeug: insufficient debugger PIN randomness vulnerability"
      VendorSeverity:
        ghsa: 3.0
        nvd: 3.0
        redhat: 2.0
        ubuntu: 1.0
  - key: CVE-2019-1549
    value:
      CVSS:
        nvd:
          V2Score: 5.0
          V2Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
          V3Score: 5.3
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
        redhat:
          V3Score: 4.8
          V3Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
      CweIDs:
      - CWE-330
      Description: OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).
      LastModifiedDate: 2020-10-20T22:15:00Z
      PublishedDate: 2019-09-10T17:15:00Z
      References:
      - https://access.redhat.com/security/cve/CVE-2019-1549
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1549
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be
      - https://linux.oracle.com/cve/CVE-2019-1549.html
      - https://linux.oracle.com/errata/ELSA-2020-1840.html
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/
      - https://seclists.org/bugtraq/2019/Oct/1
      - https://security.netapp.com/advisory/ntap-20190919-0002/
      - https://support.f5.com/csp/article/K44070243
      - https://support.f5.com/csp/article/K44070243?utm_source=f5support&utm_medium=RSS
      - https://ubuntu.com/security/notices/USN-4376-1
      - https://usn.ubuntu.com/4376-1/
      - https://www.debian.org/security/2019/dsa-4539
      - https://www.openssl.org/news/secadv/20190910.txt
      - https://www.oracle.com/security-alerts/cpuapr2020.html
      - https://www.oracle.com/security-alerts/cpujan2020.html
      - https://www.oracle.com/security-alerts/cpujul2020.html
      - https://www.oracle.com/security-alerts/cpuoct2020.html
      - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
      Severity: MEDIUM
      Title: "openssl: information disclosure in fork()"
      VendorSeverity:
        amazon: 2.0
        nvd: 2.0
        oracle-oval: 2.0
        photon: 2.0
        redhat: 1.0
        ubuntu: 1.0
  - key: CVE-2019-1551
    value:
      CVSS:
        nvd:
          V2Score: 5.0
          V2Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
          V3Score: 5.3
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
        redhat:
          V3Score: 4.8
          V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
      CweIDs:
      - CWE-200
      Description: There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).
      LastModifiedDate: 2021-07-21T11:39:00Z
      PublishedDate: 2019-12-06T18:15:00Z
      References:
      - http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html
      - http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html
      - https://access.redhat.com/security/cve/CVE-2019-1551
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98
      - https://github.com/openssl/openssl/pull/10575
      - https://linux.oracle.com/cve/CVE-2019-1551.html
      - https://linux.oracle.com/errata/ELSA-2020-4514.html
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/
      - https://seclists.org/bugtraq/2019/Dec/39
      - https://seclists.org/bugtraq/2019/Dec/46
      - https://security.gentoo.org/glsa/202004-10
      - https://security.netapp.com/advisory/ntap-20191210-0001/
      - https://ubuntu.com/security/notices/USN-4376-1
      - https://ubuntu.com/security/notices/USN-4504-1
      - https://usn.ubuntu.com/4376-1/
      - https://usn.ubuntu.com/4504-1/
      - https://www.debian.org/security/2019/dsa-4594
      - https://www.debian.org/security/2021/dsa-4855
      - https://www.openssl.org/news/secadv/20191206.txt
      - https://www.oracle.com/security-alerts/cpuApr2021.html
      - https://www.oracle.com/security-alerts/cpujan2021.html
      - https://www.oracle.com/security-alerts/cpujul2020.html
      - https://www.tenable.com/security/tns-2019-09
      - https://www.tenable.com/security/tns-2020-03
      - https://www.tenable.com/security/tns-2020-11
      - https://www.tenable.com/security/tns-2021-10
      Severity: MEDIUM
      Title: "openssl: Integer overflow in RSAZ modular exponentiation on x86_64"
      VendorSeverity:
        amazon: 1.0
        nvd: 2.0
        oracle-oval: 1.0
        photon: 2.0
        redhat: 1.0
        ubuntu: 1.0
  - key: CVE-2019-15542
    value:
      CVSS:
        nvd:
          V2Score: 5.0
          V2Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
          V3Score: 7.5
          V3Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
      CweIDs:
      - CWE-674
      Description: An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization.
      LastModifiedDate: 2020-08-24T17:37:00Z
      PublishedDate: 2019-08-26T18:15:00Z
      References:
      - https://crates.io/crates/ammonia
      - "https://github.com/rust-ammonia/ammonia/blob/master/CHANGELOG.md#210"
      - https://rustsec.org/advisories/RUSTSEC-2019-0001.html
      Severity: HIGH
      Title: Uncontrolled recursion leads to abort in HTML serialization
      VendorSeverity:
        nvd: 3.0
  - key: CVE-2019-1559
    value:
      CVSS:
        nvd:
          V2Score: 4.3
          V2Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
          V3Score: 5.9
          V3Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
        redhat:
          V3Score: 5.9
          V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
      CweIDs:
      - CWE-203
      Description: If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
      LastModifiedDate: 2021-01-20T15:15:00Z
      PublishedDate: 2019-02-27T23:29:00Z
      References:
      - http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html
      - http://www.securityfocus.com/bid/107174
      - https://access.redhat.com/errata/RHSA-2019:2304
      - https://access.redhat.com/errata/RHSA-2019:2437
      - https://access.redhat.com/errata/RHSA-2019:2439
      - https://access.redhat.com/errata/RHSA-2019:2471
      - https://access.redhat.com/errata/RHSA-2019:3929
      - https://access.redhat.com/errata/RHSA-2019:3931
      - https://access.redhat.com/security/cve/CVE-2019-1559
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1559
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e
      - https://github.com/RUB-NDS/TLS-Padding-Oracles
      - https://kc.mcafee.com/corporate/index?page=content&id=SB10282
      - https://linux.oracle.com/cve/CVE-2019-1559.html
      - https://linux.oracle.com/errata/ELSA-2019-2471.html
      - https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
      - https://security.gentoo.org/glsa/201903-10
      - https://security.netapp.com/advisory/ntap-20190301-0001/
      - https://security.netapp.com/advisory/ntap-20190301-0002/
      - https://security.netapp.com/advisory/ntap-20190423-0002/
      - https://support.f5.com/csp/article/K18549143
      - https://support.f5.com/csp/article/K18549143?utm_source=f5support&utm_medium=RSS
      - https://ubuntu.com/security/notices/USN-3899-1
      - https://ubuntu.com/security/notices/USN-4376-2
      - https://usn.ubuntu.com/3899-1/
      - https://usn.ubuntu.com/4376-2/
      - https://www.debian.org/security/2019/dsa-4400
      - https://www.openssl.org/news/secadv/20190226.txt
      - https://www.oracle.com/security-alerts/cpujan2020.html
      - https://www.oracle.com/security-alerts/cpujan2021.html
      - https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
      - https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
      - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
      - https://www.tenable.com/security/tns-2019-02
      - https://www.tenable.com/security/tns-2019-03
      Severity: MEDIUM
      Title: "openssl: 0-byte record padding oracle"
      VendorSeverity:
        amazon: 2.0
        arch-linux: 2.0
        nvd: 2.0
        oracle-oval: 2.0
        redhat: 2.0
        ubuntu: 2.0
  - key: CVE-2019-1563
    value:
      CVSS:
        nvd:
          V2Score: 4.3
          V2Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
          V3Score: 3.7
          V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
        redhat:
          V3Score: 3.7
          V3Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
      CweIDs:
      - CWE-327
      - CWE-203
      Description: In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
      LastModifiedDate: 2021-07-31T08:15:00Z
      PublishedDate: 2019-09-10T17:15:00Z
      References:
      - http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html
      - http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html
      - https://access.redhat.com/security/cve/CVE-2019-1563
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=08229ad838c50f644d7e928e2eef147b4308ad64
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=631f94db0065c78181ca9ba5546ebc8bb3884b97
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e21f8cf78a125cd3c8c0d1a1a6c8bb0b901f893f
      - https://kc.mcafee.com/corporate/index?page=content&id=SB10365
      - https://linux.oracle.com/cve/CVE-2019-1563.html
      - https://linux.oracle.com/errata/ELSA-2020-1840.html
      - https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/
      - https://seclists.org/bugtraq/2019/Oct/0
      - https://seclists.org/bugtraq/2019/Oct/1
      - https://seclists.org/bugtraq/2019/Sep/25
      - https://security.gentoo.org/glsa/201911-04
      - https://security.netapp.com/advisory/ntap-20190919-0002/
      - https://support.f5.com/csp/article/K97324400?utm_source=f5support&utm_medium=RSS
      - https://ubuntu.com/security/notices/USN-4376-1
      - https://ubuntu.com/security/notices/USN-4376-2
      - https://ubuntu.com/security/notices/USN-4504-1
      - https://usn.ubuntu.com/4376-1/
      - https://usn.ubuntu.com/4376-2/
      - https://usn.ubuntu.com/4504-1/
      - https://www.debian.org/security/2019/dsa-4539
      - https://www.debian.org/security/2019/dsa-4540
      - https://www.openssl.org/news/secadv/20190910.txt
      - https://www.oracle.com/security-alerts/cpuapr2020.html
      - https://www.oracle.com/security-alerts/cpujan2020.html
      - https://www.oracle.com/security-alerts/cpujul2020.html
      - https://www.oracle.com/security-alerts/cpuoct2020.html
      - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
      - https://www.tenable.com/security/tns-2019-09
      Severity: LOW
      Title: "openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey"
      VendorSeverity:
        amazon: 2.0
        nvd: 1.0
        oracle-oval: 2.0
        photon: 1.0
        redhat: 1.0
        ubuntu: 1.0
  - key: CVE-2019-18224
    value:
      CVSS:
        nvd:
          V2Score: 7.5
          V2Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
          V3Score: 9.8
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
        redhat:
          V3Score: 5.6
          V3Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
      CweIDs:
      - CWE-787
      Description: idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.
      LastModifiedDate: 2019-10-29T19:15:00Z
      PublishedDate: 2019-10-21T17:15:00Z
      References:
      - http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html
      - https://access.redhat.com/security/cve/CVE-2019-18224
      - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12420
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18224
      - https://github.com/libidn/libidn2/commit/e4d1558aa2c1c04a05066ee8600f37603890ba8c
      - https://github.com/libidn/libidn2/compare/libidn2-2.1.0...libidn2-2.1.1
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDQVQ2XPV5BTZUFINT7AFJSKNNBVURNJ/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MINU5RKDFE6TKAFY5DRFN3WSFDS4DYVS/
      - https://seclists.org/bugtraq/2020/Feb/4
      - https://security.gentoo.org/glsa/202003-63
      - https://ubuntu.com/security/notices/USN-4168-1
      - https://usn.ubuntu.com/4168-1/
      - https://www.debian.org/security/2020/dsa-4613
      Severity: CRITICAL
      Title: "libidn2: heap-based buffer overflow in idn2_to_ascii_4i in lib/lookup.c"
      VendorSeverity:
        amazon: 2.0
        nvd: 4.0
        redhat: 2.0
        ubuntu: 2.0
  - key: CVE-2019-18276
    value:
      CVSS:
        nvd:
          V2Score: 7.2
          V2Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
          V3Score: 7.8
          V3Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
        redhat:
          V3Score: 7.8
          V3Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
      CweIDs:
      - CWE-273
      Description: An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.
      LastModifiedDate: 2021-05-26T12:15:00Z
      PublishedDate: 2019-11-28T01:15:00Z
      References:
      - http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
      - https://access.redhat.com/security/cve/CVE-2019-18276
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
      - https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
      - https://linux.oracle.com/cve/CVE-2019-18276.html
      - https://linux.oracle.com/errata/ELSA-2021-1679.html
      - https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
      - https://nvd.nist.gov/vuln/detail/CVE-2019-18276
      - https://security.gentoo.org/glsa/202105-34
      - https://security.netapp.com/advisory/ntap-20200430-0003/
      - https://www.youtube.com/watch?v=-wGtxJ8opa8
      Severity: HIGH
      Title: "bash: when effective UID is not equal to its real UID the saved UID is not dropped"
      VendorSeverity:
        cbl-mariner: 3.0
        nvd: 3.0
        oracle-oval: 1.0
        photon: 3.0
        redhat: 1.0
        ubuntu: 1.0
  - key: CVE-2019-3823
    value:
      CVSS:
        nvd:
          V2Score: 5.0
          V2Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
          V3Score: 7.5
          V3Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
        redhat:
          V3Score: 4.3
          V3Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
      CweIDs:
      - CWE-125
      Description: libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.
      LastModifiedDate: 2021-03-09T15:15:00Z
      PublishedDate: 2019-02-06T20:29:00Z
      References:
      - http://www.securityfocus.com/bid/106950
      - https://access.redhat.com/errata/RHSA-2019:3701
      - https://access.redhat.com/security/cve/CVE-2019-3823
      - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823
      - https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf
      - https://curl.haxx.se/docs/CVE-2019-3823.html
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823
      - https://linux.oracle.com/cve/CVE-2019-3823.html
      - https://linux.oracle.com/errata/ELSA-2019-3701.html
      - https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
      - https://security.gentoo.org/glsa/201903-03
      - https://security.netapp.com/advisory/ntap-20190315-0001/
      - https://ubuntu.com/security/notices/USN-3882-1
      - https://usn.ubuntu.com/3882-1/
      - https://www.debian.org/security/2019/dsa-4386
      - https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
      - https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
      Severity: HIGH
      Title: "curl: SMTP end-of-response out-of-bounds read"
      VendorSeverity:
        amazon: 2.0
        arch-linux: 3.0
        nvd: 3.0
        oracle-oval: 2.0
        photon: 3.0
        redhat: 1.0
        ubuntu: 1.0
  - key: CVE-2019-5094
    value:
      CVSS:
        nvd:
          V2Score: 4.6
          V2Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
          V3Score: 6.7
          V3Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
        redhat:
          V3Score: 6.4
          V3Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
      CweIDs:
      - CWE-787
      Description: An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
      LastModifiedDate: 2021-01-11T19:21:00Z
      PublishedDate: 2019-09-24T22:15:00Z
      References:
      - https://access.redhat.com/security/cve/CVE-2019-5094
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5094
      - https://linux.oracle.com/cve/CVE-2019-5094.html
      - https://linux.oracle.com/errata/ELSA-2020-4011.html
      - https://lists.debian.org/debian-lts-announce/2019/09/msg00029.html
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AKETJ6BREDUHRWQTV35SPGG5C6H7KSI/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DOBCYQKCTTWXBLMUPJ5TX3FY7JNCOKY/
      - https://nvd.nist.gov/vuln/detail/CVE-2019-5094
      - https://seclists.org/bugtraq/2019/Sep/58
      - https://security.gentoo.org/glsa/202003-05
      - https://security.netapp.com/advisory/ntap-20200115-0002/
      - https://talosintelligence.com/vulnerability_reports/TALOS-2019-0887
      - https://ubuntu.com/security/notices/USN-4142-1
      - https://ubuntu.com/security/notices/USN-4142-2
      - https://usn.ubuntu.com/4142-1/
      - https://usn.ubuntu.com/4142-2/
      - https://www.debian.org/security/2019/dsa-4535
      Severity: MEDIUM
      Title: "e2fsprogs: Crafted ext4 partition leads to out-of-bounds write"
      VendorSeverity:
        amazon: 2.0
        cbl-mariner: 2.0
        nvd: 2.0
        oracle-oval: 2.0
        photon: 2.0
        redhat: 2.0
        ubuntu: 2.0
  - key: CVE-2019-5436
    value:
      CVSS:
        nvd:
          V2Score: 4.6
          V2Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
          V3Score: 7.8
          V3Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
        redhat:
          V3Score: 7.0
          V3Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
      CweIDs:
      - CWE-787
      Description: A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
      LastModifiedDate: 2020-10-20T22:15:00Z
      PublishedDate: 2019-05-28T19:29:00Z
      References:
      - http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00008.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00017.html
      - http://www.openwall.com/lists/oss-security/2019/09/11/6
      - https://access.redhat.com/security/cve/CVE-2019-5436
      - https://curl.haxx.se/docs/CVE-2019-5436.html
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436
      - https://linux.oracle.com/cve/CVE-2019-5436.html
      - https://linux.oracle.com/errata/ELSA-2020-1792.html
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2/
      - https://seclists.org/bugtraq/2020/Feb/36
      - https://security.gentoo.org/glsa/202003-29
      - https://security.netapp.com/advisory/ntap-20190606-0004/
      - https://support.f5.com/csp/article/K55133295
      - https://support.f5.com/csp/article/K55133295?utm_source=f5support&utm_medium=RSS
      - https://ubuntu.com/security/notices/USN-3993-1
      - https://ubuntu.com/security/notices/USN-3993-2
      - https://www.debian.org/security/2020/dsa-4633
      - https://www.oracle.com/security-alerts/cpuapr2020.html
      - https://www.oracle.com/security-alerts/cpuoct2020.html
      - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
      Severity: HIGH
      Title: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function"
      VendorSeverity:
        amazon: 1.0
        arch-linux: 3.0
        nvd: 3.0
        oracle-oval: 2.0
        photon: 3.0
        redhat: 1.0
        ubuntu: 2.0
  - key: CVE-2019-5481
    value:
      CVSS:
        nvd:
          V2Score: 7.5
          V2Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
          V3Score: 9.8
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
        redhat:
          V3Score: 5.7
          V3Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
      CweIDs:
      - CWE-415
      Description: Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
      LastModifiedDate: 2020-10-20T22:15:00Z
      PublishedDate: 2019-09-16T19:15:00Z
      References:
      - http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html
      - http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html
      - https://access.redhat.com/security/cve/CVE-2019-5481
      - https://curl.haxx.se/docs/CVE-2019-5481.html
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481
      - https://linux.oracle.com/cve/CVE-2019-5481.html
      - https://linux.oracle.com/errata/ELSA-2020-1792.html
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/
      - https://seclists.org/bugtraq/2020/Feb/36
      - https://security.gentoo.org/glsa/202003-29
      - https://security.netapp.com/advisory/ntap-20191004-0003/
      - https://ubuntu.com/security/notices/USN-4129-1
      - https://www.debian.org/security/2020/dsa-4633
      - https://www.oracle.com/security-alerts/cpuapr2020.html
      - https://www.oracle.com/security-alerts/cpujan2020.html
      - https://www.oracle.com/security-alerts/cpuoct2020.html
      Severity: CRITICAL
      Title: "curl: double free due to subsequent call of realloc()"
      VendorSeverity:
        amazon: 2.0
        arch-linux: 2.0
        nvd: 4.0
        oracle-oval: 2.0
        photon: 4.0
        redhat: 2.0
        ubuntu: 2.0
  - key: CVE-2020-28724
    value:
      CVSS:
        nvd:
          V2Score: 5.8
          V2Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
          V3Score: 6.1
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
        redhat:
          V3Score: 5.4
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
      CweIDs:
      - CWE-601
      Description: Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.
      LastModifiedDate: 2020-12-01T16:05:00Z
      PublishedDate: 2020-11-18T15:15:00Z
      References:
      - https://access.redhat.com/security/cve/CVE-2020-28724
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28724
      - https://github.com/advisories/GHSA-3p3h-qghp-hvh2
      - https://github.com/pallets/flask/issues/1639
      - https://github.com/pallets/werkzeug/issues/822
      - https://github.com/pallets/werkzeug/pull/890/files
      - https://nvd.nist.gov/vuln/detail/CVE-2020-28724
      - https://ubuntu.com/security/notices/USN-4655-1
      Severity: MEDIUM
      Title: "python-werkzeug: open redirect via double slash in the URL"
      VendorSeverity:
        ghsa: 2.0
        nvd: 2.0
        redhat: 2.0
        ubuntu: 2.0
  - key: CVE-2020-29573
    value:
      CVSS:
        nvd:
          V2Score: 5.0
          V2Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
          V3Score: 7.5
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
        redhat:
          V3Score: 7.5
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
      CweIDs:
      - CWE-787
      Description: "sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of \"Fixed for glibc 2.33\" in the 26649 reference."
      LastModifiedDate: 2021-01-26T18:15:00Z
      PublishedDate: 2020-12-06T00:15:00Z
      References:
      - https://access.redhat.com/security/cve/CVE-2020-29573
      - https://linux.oracle.com/cve/CVE-2020-29573.html
      - https://linux.oracle.com/errata/ELSA-2021-0348.html
      - https://security.gentoo.org/glsa/202101-20
      - https://security.netapp.com/advisory/ntap-20210122-0004/
      - https://sourceware.org/bugzilla/show_bug.cgi?id=26649
      - https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html
      Severity: HIGH
      Title: "glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern"
      VendorSeverity:
        amazon: 2.0
        arch-linux: 2.0
        nvd: 3.0
        oracle-oval: 2.0
        photon: 3.0
        redhat: 2.0
  - key: CVE-2020-8165
    value:
      CVSS:
        nvd:
          V2Score: 7.5
          V2Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
          V3Score: 9.8
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
        redhat:
          V3Score: 9.8
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      CweIDs:
      - CWE-502
      Description: A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.
      LastModifiedDate: 2020-10-17T12:15:00Z
      PublishedDate: 2020-06-19T18:15:00Z
      References:
      - http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00031.html
      - http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00034.html
      - https://access.redhat.com/security/cve/CVE-2020-8165
      - https://github.com/advisories/GHSA-2p68-f74v-9wc6
      - https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2020-8165.yml
      - "https://groups.google.com/forum/#!msg/rubyonrails-security/bv6fW4S0Y1c/KnkEqM7AAQAJ"
      - "https://groups.google.com/forum/#!topic/rubyonrails-security/bv6fW4S0Y1c"
      - https://groups.google.com/g/rubyonrails-security/c/bv6fW4S0Y1c
      - https://hackerone.com/reports/413388
      - https://lists.debian.org/debian-lts-announce/2020/06/msg00022.html
      - https://lists.debian.org/debian-lts-announce/2020/07/msg00013.html
      - https://nvd.nist.gov/vuln/detail/CVE-2020-8165
      - https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released/
      - https://www.debian.org/security/2020/dsa-4766
      Severity: CRITICAL
      Title: "rubygem-activesupport: potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore"
      VendorSeverity:
        ghsa: 3.0
        nvd: 4.0
        redhat: 3.0
  - key: CVE-2020-9548
    value:
      CVSS:
        nvd:
          V2Score: 6.8
          V2Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
          V3Score: 9.8
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
        redhat:
          V3Score: 8.1
          V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
      CweIDs:
      - CWE-502
      Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).
      LastModifiedDate: 2021-12-02T21:23:00Z
      PublishedDate: 2020-03-02T04:15:00Z
      References:
      - https://access.redhat.com/security/cve/CVE-2020-9548
      - https://github.com/FasterXML/jackson-databind/issues/2634
      - https://github.com/advisories/GHSA-p43x-xfjf-5jhr
      - https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E
      - https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E
      - https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E
      - https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E
      - https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E
      - https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E
      - https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E
      - https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
      - https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html
      - https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
      - https://nvd.nist.gov/vuln/detail/CVE-2020-9548
      - https://security.netapp.com/advisory/ntap-20200904-0006/
      - https://www.oracle.com/security-alerts/cpujan2021.html
      - https://www.oracle.com/security-alerts/cpujul2020.html
      - https://www.oracle.com/security-alerts/cpuoct2020.html
      - https://www.oracle.com/security-alerts/cpuoct2021.html
      Severity: CRITICAL
      Title: "jackson-databind: Serialization gadgets in anteros-core"
      VendorSeverity:
        ghsa: 4.0
        nvd: 4.0
        redhat: 3.0
  - key: CVE-2021-20190
    value:
      CVSS:
        nvd:
          V2Score: 8.3
          V2Vector: AV:N/AC:M/Au:N/C:P/I:P/A:C
          V3Score: 8.1
          V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
        redhat:
          V3Score: 8.1
          V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
      CweIDs:
      - CWE-502
      Description: A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
      LastModifiedDate: 2021-07-20T23:15:00Z
      PublishedDate: 2021-01-19T17:15:00Z
      References:
      - https://access.redhat.com/security/cve/CVE-2021-20190
      - https://bugzilla.redhat.com/show_bug.cgi?id=1916633
      - https://github.com/FasterXML/jackson-databind/commit/7dbf51bf78d157098074a20bd9da39bd48c18e4a
      - https://github.com/FasterXML/jackson-databind/issues/2854
      - https://github.com/advisories/GHSA-5949-rw7g-wx7w
      - https://lists.apache.org/thread.html/r380e9257bacb8551ee6fcf2c59890ae9477b2c78e553fa9ea08e9d9a@%3Ccommits.nifi.apache.org%3E
      - https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html
      - https://nvd.nist.gov/vuln/detail/CVE-2021-20190
      - https://security.netapp.com/advisory/ntap-20210219-0008/
      Severity: HIGH
      Title: "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing"
      VendorSeverity:
        ghsa: 3.0
        nvd: 3.0
        redhat: 3.0
  - key: CVE-2023-2431
    value:
      Title: "Bypass of seccomp profile enforcement "
      Description: "A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement..."
      Severity: LOW
      VendorSeverity:
        k8s: 1
      CVSS:
        k8s:
          V3Vector: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"
          V3Score: 3.4
      References:
        - https://github.com/kubernetes/kubernetes/issues/118690
        - https://www.cve.org/cverecord?id=CVE-2023-2431
  - key: CVE-2021-3712
    value:
      CVSS:
        nvd:
          V2Score: 5.8
          V2Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
          V3Score: 7.4
          V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
        redhat:
          V3Score: 7.4
          V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
      CweIDs:
      - CWE-125
      Description: ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are represented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).
      LastModifiedDate: 2022-01-06T09:15:00Z
      PublishedDate: 2021-08-24T15:15:00Z
      References:
      - http://www.openwall.com/lists/oss-security/2021/08/26/2
      - https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3712.json
      - https://access.redhat.com/security/cve/CVE-2021-3712
      - https://crates.io/crates/openssl-src
      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
      - https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
      - https://kc.mcafee.com/corporate/index?page=content&id=SB10366
      - https://linux.oracle.com/cve/CVE-2021-3712.html
      - https://linux.oracle.com/errata/ELSA-2022-9023.html
      - https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
      - https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
      - https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
      - https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
      - https://nvd.nist.gov/vuln/detail/CVE-2021-3712
      - https://rustsec.org/advisories/RUSTSEC-2021-0098.html
      - https://security.netapp.com/advisory/ntap-20210827-0010/
      - https://ubuntu.com/security/notices/USN-5051-1
      - https://ubuntu.com/security/notices/USN-5051-2
      - https://ubuntu.com/security/notices/USN-5051-3
      - https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)
      - https://ubuntu.com/security/notices/USN-5088-1
      - https://www.debian.org/security/2021/dsa-4963
      - https://www.openssl.org/news/secadv/20210824.txt
      - https://www.oracle.com/security-alerts/cpuoct2021.html
      - https://www.tenable.com/security/tns-2021-16
      - https://www.tenable.com/security/tns-2022-02
      Severity: HIGH
      Title: "openssl: Read buffer overruns processing ASN.1 strings"
      VendorSeverity:
        alma: 2.0
        amazon: 2.0
        arch-linux: 3.0
        cbl-mariner: 3.0
        nvd: 3.0
        oracle-oval: 2.0
        photon: 3.0
        redhat: 2.0
        rocky: 2.0
        ubuntu: 2.0
  - key: CVE-2021-38193
    value:
      CVSS:
        nvd:
          V2Score: 4.3
          V2Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
          V3Score: 6.1
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
      CweIDs:
      - CWE-79
      Description: An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870.
      LastModifiedDate: 2021-08-16T16:37:00Z
      PublishedDate: 2021-08-08T06:15:00Z
      References:
      - https://crates.io/crates/ammonia
      - https://github.com/rust-ammonia/ammonia/pull/142
      - https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/ammonia/RUSTSEC-2021-0074.md
      - https://rustsec.org/advisories/RUSTSEC-2021-0074.html
      Severity: MEDIUM
      Title: Incorrect handling of embedded SVG and MathML leads to mutation XSS
      VendorSeverity:
        nvd: 2.0
  - key: CVE-2022-0158
    value:
      CVSS:
        nvd:
          V2Score: 4.3
          V2Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
          V3Score: 3.3
          V3Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
        redhat:
          V3Score: 3.3
          V3Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
      CweIDs:
      - CWE-122
      Description: vim is vulnerable to Heap-based Buffer Overflow
      LastModifiedDate: 2022-01-15T16:15:00Z
      PublishedDate: 2022-01-10T16:15:00Z
      References:
      - http://www.openwall.com/lists/oss-security/2022/01/15/1
      - https://access.redhat.com/security/cve/CVE-2022-0158
      - https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39
      - https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b
      - https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b/
      - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/
      - https://nvd.nist.gov/vuln/detail/CVE-2022-0158
      Severity: LOW
      Title: "vim: heap-based read buffer overflow in compile_get_env()"
      VendorSeverity:
        cbl-mariner: 1.0
        nvd: 1.0
        redhat: 1.0
  - key: CVE-2022-0261
    value:
      CweIDs:
      - CWE-122
      Description: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
      LastModifiedDate: 2022-01-18T16:15:00Z
      PublishedDate: 2022-01-18T16:15:00Z
      References:
      - https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc
      - https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82
      - https://nvd.nist.gov/vuln/detail/CVE-2022-0261
      Severity: HIGH
      Title: CVE-2022-0261 affecting package vim 8.2.4081
      VendorSeverity:
        cbl-mariner: 3.0
  - key: openSUSE-SU-2020:0062-1
    value:
      Description: "This update for openssl-1_1 fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (bsc#1158809).                             \n\nVarious FIPS related improvements were done:\n\n- FIPS: Backport SSH KDF to openssl (jsc#SLE-8789, bsc#1157775).\n- Port FIPS patches from SLE-12 (bsc#1158101).\n- Use SHA-2 in the RSA pairwise consistency check (bsc#1155346).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project."
      References:
      - https://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html
      - https://www.suse.com/support/security/rating/
      Severity: MEDIUM
      Title: Security update for openssl-1_1
      VendorSeverity:
        suse-cvrf: 2.0
  - key: CVE-2022-24765
    value:
      Title: "Git for Windows is a fork of Git containing Windows-specific patches.  ..."
      Description: "Git for Windows is a fork of Git containing Windows-specific patches."
      CweIDs:
        - CWE-427
      References:
        - http://www.openwall.com/lists/oss-security/2022/04/12/7
        - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
        - https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
        - https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode
        - https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2
        - https://ubuntu.com/security/notices/USN-5376-1
      Severity: MEDIUM
      VendorSeverity:
        ubuntu: 2
      LastModifiedDate: 2022-04-12T21:15:00Z
      PublishedDate: 2022-04-12T18:15:00Z
  - key: GMS-2022-20
    value:
      Title: OCI Manifest Type Confusion Issue
      Description: "### Impact\n\nSystems that rely on digest equivalence for image attestations may be vulnerable to type confusion."
      Severity: UNKNOWN
      References:
        - https://github.com/advisories/GHSA-qq97-vm5h-rrhg
        - https://github.com/distribution/distribution/commit/b59a6f827947f9e0e67df0cfb571046de4733586
        - https://github.com/distribution/distribution/security/advisories/GHSA-qq97-vm5h-rrhg
        - https://github.com/opencontainers/image-spec/pull/411
  - key: CVE-2022-23628
    value:
      Title: Incorrect Calculation
      Description: "OPA is an open source, general-purpose policy engine. Under certain conditions, pretty-printing an abstract syntax tree (AST) that contains synthetic nodes could change the logic of some statements by reordering array literals. Example of policies impacted are those that parse and compare web paths. **All of these** three conditions have to be met to create an adverse effect: 1. An AST of Rego had to be **created programmatically** such that it ends up containing terms without a location (such as wildcard variables). 2. The AST had to be **pretty-printed** using the `github.com/open-policy-agent/opa/format` package. 3. The result of the pretty-printing had to be **parsed and evaluated again** via an OPA instance using the bundles, or the Golang packages. If any of these three conditions are not met, you are not affected. Notably, all three would be true if using **optimized bundles**, i.e. bundles created with `opa build -O=1` or higher. In that case, the optimizer would fulfil condition (1.), the result of that would be pretty-printed when writing the bundle to disk, fulfilling (2.). When the bundle was then used, we'd satisfy (3.). As a workaround users may disable optimization when creating bundles."
      Severity: MEDIUM
      CweIDs:
        - CWE-682
      VendorSeverity:
        nvd: 2
      CVSS:
        nvd:
          V2Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
          V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
          V2Score: 4.3
          V3Score: 5.3
      References:
        - https://github.com/advisories/GHSA-hcw3-j74m-qc58
        - https://github.com/open-policy-agent/opa/commit/932e4ffc37a590ace79e9b75ca4340288c220239
        - https://github.com/open-policy-agent/opa/commit/bfd984ddf93ef2c4963a08d4fdadae0bcf1a3717
        - https://github.com/open-policy-agent/opa/pull/3851
        - https://github.com/open-policy-agent/opa/security/advisories/GHSA-hcw3-j74m-qc58
        - https://nvd.nist.gov/vuln/detail/CVE-2022-23628
      PublishedDate: '2022-02-09T22:15:00Z'
      LastModifiedDate: '2022-02-17T02:37:00Z'
  - key: CVE-2021-38561
    value:
      Description: "Due to improper index calculation, an incorrectly formatted language tag can cause Parse\nto panic via an out of bounds read. If Parse is used to process untrusted user inputs,\nthis may be used as a vector for a denial of service attack.\n"
      Severity: UNKNOWN
      References:
        - https://go-review.googlesource.com/c/text/+/340830
        - https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
        - https://pkg.go.dev/vuln/GO-2021-0113
  - key: GHSA-5crp-9r3c-p9vr
    value:
      Title: "Improper Handling of Exceptional Conditions in Newtonsoft.Json"
      Description: "Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of expressions with high nesting level that lead to StackOverFlow exception or high CPU and RAM usage."
      Severity: HIGH
      VendorSeverity:
        ghsa: 3
      CweIDs:
        - CWE-755
      CVSS:
        ghsa:
          V3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          V3Score: 7.5
      References:
        - https://alephsecurity.com/2018/10/22/StackOverflowException/
        - https://alephsecurity.com/vulns/aleph-2018004
      PublishedDate: "2022-06-22T15:08:47Z"
      LastModifiedDate: "2022-06-27T18:37:23Z"
  - key: CVE-2022-42975
    value:
      Title: "Phoenix before 1.6.14 mishandles check_origin wildcarding"
      Description: "socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token."
      Severity: HIGH
      VendorSeverity:
        ghsa: 3
      CVSS:
        ghsa:
          V3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
          V3Score: 7.5
      References:
        - https://nvd.nist.gov/vuln/detail/CVE-2022-42975
        - https://github.com/phoenixframework/phoenix/commit/6e7185b33a59e0b1d1c0b4223adf340a73e963ae
        - https://hexdocs.pm/phoenix/1.6.14/changelog.html#1-6-14-2022-10-10
        - https://github.com/advisories/GHSA-p8f7-22gq-m7j9
      PublishedDate: "2022-10-17T12:00:27Z"
      LastModifiedDate: "2022-10-18T18:01:44Z"
  - key: CVE-2020-35669
    value:
      Title: "http before 0.13.3 vulnerable to header injection"
      Description: "An issue was discovered in the http package before 0.13.3 for Dart. If the attacker controls the HTTP method and the app is using Request directly, it's possible to achieve CRLF injection in an HTTP request via HTTP header injection. This issue has been addressed in commit abb2bb182 by validating request methods."
      Severity: MEDIUM
      VendorSeverity:
        ghsa: 2
      CweIDs:
        - CWE-74
      CVSS:
        ghsa:
          V3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
          V3Score: 6.1
      References:
        - https://nvd.nist.gov/vuln/detail/CVE-2020-35669
        - https://github.com/dart-lang/http/issues/511
        - https://github.com/dart-lang/http/blob/master/CHANGELOG.md#0133
        - https://github.com/dart-lang/http/pull/512
        - https://github.com/dart-lang/http/commit/abb2bb182fbd7f03aafd1f889b902d7b3bdb8769
        - https://pub.dev/packages/http/changelog#0133
        - https://github.com/advisories/GHSA-4rgh-jx4f-qfcq
      PublishedDate: "2022-05-24T17:37:16Z"
      LastModifiedDate: "2022-10-06T20:26:08Z"
  - key: CVE-2022-3215
    value:
      Title: "SwiftNIO vulnerable to Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')"
      Description: "`NIOHTTP1` and projects using it for generating HTTP responses, including SwiftNIO, can be subject to a HTTP Response Injection attack..."
      Severity: MEDIUM
      VendorSeverity:
        ghsa: 2
      CVSS:
        ghsa:
          V3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
          V3Score: 5.3
      References:
        - https://github.com/apple/swift-nio/security/advisories/GHSA-7fj7-39wj-c64f
        - https://nvd.nist.gov/vuln/detail/CVE-2022-3215
        - https://github.com/apple/swift-nio/commit/a16e2f54a25b2af217044e5168997009a505930f
        - https://github.com/advisories/GHSA-7fj7-39wj-c64f
      PublishedDate: "2023-06-07T16:01:53Z"
      LastModifiedDate: "2023-06-19T16:45:07Z"
  - key: CVE-2022-24775
    value:
      Title: "Improper Input Validation in guzzlehttp/psr7"
      Description: "### Impact\nIn proper header parsing. An attacker could sneak in a new line character and pass untrusted values. \n\n### Patches\nThe issue is patched in 1.8.4 and 2.1.1.\n\n### Workarounds\nThere are no known workarounds.\n"
      Severity: HIGH
      VendorSeverity:
        ghsa: 3
      CweIDs:
        - CWE-20
      CVSS:
        ghsa:
          V3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
          V3Score: 7.5
      References:
        - https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96
        - https://nvd.nist.gov/vuln/detail/CVE-2022-24775
      PublishedDate: "2022-03-25T19:26:33Z"
      LastModifiedDate: "2022-06-14T20:02:29Z"
  - key: openSUSE-SU-2024:13065-1
    value:
      Title: "libopenssl-3-devel-3.1.1-3.1 on GA media"
      Description: "These are all security issues fixed in the libopenssl-3-devel-3.1.1-3.1 package on the GA media of openSUSE Tumbleweed."
      Severity: MEDIUM
      References:
        - "https://www.suse.com/security/cve/CVE-2023-2975/"
        - "https://www.suse.com/security/cve/CVE-2023-3446/"
        - "https://www.suse.com/support/security/rating/"
  - key: SUSE-SU-2022:2251-1
    value:
      Title: "Security update for openssl-1_1"
      Description: "This update for openssl-1_1 fixes the following issues:\nCVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166).\nCVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550)"
      Severity: MEDIUM
      References:
        - "https://www.suse.com/security/cve/CVE-2022-1292/"
        - "https://www.suse.com/security/cve/CVE-2022-2068/"
        - "https://www.suse.com/support/security/rating/"
  - key: CVE-2022-22965
    value:
      Title: "spring-framework: RCE via Data Binding on JDK 9+"
      Description: "A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it."
      Severity: CRITICAL
      CweIDs:
        - CWE-94
      VendorSeverity:
        nvd: 4
        ghsa: 4
        redhat: 3
      CVSS:
        ghsa:
          V3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
          V3Score: 9.8
        nvd:
          V2Vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"
          V3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
          V2Score: 7.5
          V3Score: 9.8
        redhat:
          V3Vector: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
          V3Score: 8.1
      References:
        - "https://github.com/advisories/GHSA-36p3-wjmg-h94x"
      PublishedDate: "2022-04-01T23:15:00Z"
      LastModifiedDate: "2022-05-19T14:21:00Z"
  - key: CVE-2020-14155
    value:
      Title: "pcre: Integer overflow when parsing callout numeric arguments"
      Description: "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring."
      Severity: MEDIUM
      CweIDs:
        - CWE-190
      VendorSeverity:
        alma: 1
        nvd: 2
      CVSS:
        nvd:
          V2Vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"
          V3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
          V2Score: 5
          V3Score: 5.3
        redhat:
          V3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
          V3Score: 5.3
      References:
        - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155"
        - "https://nvd.nist.gov/vuln/detail/CVE-2020-14155"
      PublishedDate: "2020-06-15T17:15:00Z"
      LastModifiedDate: "2022-04-28T15:06:00Z"
  - key: CVE-2022-40897
    value:
      Title: "pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py"
      Description: "Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py."
      Severity: MEDIUM
      CweIDs:
        - CWE-1333
      VendorSeverity:
        ghsa: 3
        nvd: 2
      CVSS:
        nvd:
          V3Vector: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
          V3Score: 5.9
      References:
        - "https://access.redhat.com/errata/RHSA-2023:0952"
        - "https://access.redhat.com/security/cve/CVE-2022-40897"
      PublishedDate: "2022-12-23T00:15:13.987Z"
      LastModifiedDate: "2024-06-21T19:15:23.877Z"