mirror of
https://github.com/rocky-linux/sig-cloud-instance-images.git
synced 2024-10-31 18:31:23 +00:00
deploy: 4fcb0f39f5
This commit is contained in:
parent
02c4daccd9
commit
238f801314
82
index.html
82
index.html
@ -51,7 +51,7 @@
|
||||
}
|
||||
a.toggle-more-links { cursor: pointer; }
|
||||
</style>
|
||||
<title>docker.io/rockylinux/rockylinux:8 (rocky 8.6) - Trivy Report - 2022-10-13 13:20:55.387445452 +0000 UTC m=+1.590399071 </title>
|
||||
<title>docker.io/rockylinux/rockylinux:8 (rocky 8.6) - Trivy Report - 2022-10-15 13:14:25.663067142 +0000 UTC m=+1.412600978 </title>
|
||||
<script>
|
||||
window.onload = function() {
|
||||
document.querySelectorAll('td.links').forEach(function(linkCell) {
|
||||
@ -81,7 +81,7 @@
|
||||
</script>
|
||||
</head>
|
||||
<body>
|
||||
<h1>docker.io/rockylinux/rockylinux:8 (rocky 8.6) - Trivy Report - 2022-10-13 13:20:55.387481653 +0000 UTC m=+1.590435372</h1>
|
||||
<h1>docker.io/rockylinux/rockylinux:8 (rocky 8.6) - Trivy Report - 2022-10-15 13:14:25.663096742 +0000 UTC m=+1.412630478</h1>
|
||||
<table>
|
||||
<tr class="group-header"><th colspan="6">rocky</th></tr>
|
||||
<tr class="sub-header">
|
||||
@ -99,16 +99,15 @@
|
||||
<td class="pkg-version">7.61.1-22.el8_6.3</td>
|
||||
<td>7.61.1-22.el8_6.4</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6157">https://access.redhat.com/errata/RHSA-2022:6157</a>
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6159">https://access.redhat.com/errata/RHSA-2022:6159</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json</a>
|
||||
<a href="https://access.redhat.com/security/cve/CVE-2022-32206">https://access.redhat.com/security/cve/CVE-2022-32206</a>
|
||||
<a href="https://bugzilla.redhat.com/2099300">https://bugzilla.redhat.com/2099300</a>
|
||||
<a href="https://bugzilla.redhat.com/2099305">https://bugzilla.redhat.com/2099305</a>
|
||||
<a href="https://bugzilla.redhat.com/2099306">https://bugzilla.redhat.com/2099306</a>
|
||||
<a href="https://curl.se/docs/CVE-2022-32206.html">https://curl.se/docs/CVE-2022-32206.html</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2022-6157.html">https://errata.almalinux.org/9/ALSA-2022-6157.html</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-6159.html">https://errata.almalinux.org/8/ALSA-2022-6159.html</a>
|
||||
<a href="https://hackerone.com/reports/1570651">https://hackerone.com/reports/1570651</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-32206.html">https://linux.oracle.com/cve/CVE-2022-32206.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2022-6159.html">https://linux.oracle.com/errata/ELSA-2022-6159.html</a>
|
||||
@ -127,16 +126,15 @@
|
||||
<td class="pkg-version">7.61.1-22.el8_6.3</td>
|
||||
<td>7.61.1-22.el8_6.4</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6157">https://access.redhat.com/errata/RHSA-2022:6157</a>
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6159">https://access.redhat.com/errata/RHSA-2022:6159</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json</a>
|
||||
<a href="https://access.redhat.com/security/cve/CVE-2022-32208">https://access.redhat.com/security/cve/CVE-2022-32208</a>
|
||||
<a href="https://bugzilla.redhat.com/2099300">https://bugzilla.redhat.com/2099300</a>
|
||||
<a href="https://bugzilla.redhat.com/2099305">https://bugzilla.redhat.com/2099305</a>
|
||||
<a href="https://bugzilla.redhat.com/2099306">https://bugzilla.redhat.com/2099306</a>
|
||||
<a href="https://curl.se/docs/CVE-2022-32208.html">https://curl.se/docs/CVE-2022-32208.html</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2022-6157.html">https://errata.almalinux.org/9/ALSA-2022-6157.html</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-6159.html">https://errata.almalinux.org/8/ALSA-2022-6159.html</a>
|
||||
<a href="https://hackerone.com/reports/1590071">https://hackerone.com/reports/1590071</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-32208.html">https://linux.oracle.com/cve/CVE-2022-32208.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2022-6159.html">https://linux.oracle.com/errata/ELSA-2022-6159.html</a>
|
||||
@ -149,6 +147,34 @@
|
||||
<a href="https://www.debian.org/security/2022/dsa-5197">https://www.debian.org/security/2022/dsa-5197</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr class="severity-CRITICAL">
|
||||
<td class="pkg-name">expat</td>
|
||||
<td>CVE-2022-40674</td>
|
||||
<td class="severity">CRITICAL</td>
|
||||
<td class="pkg-version">2.2.5-8.el8_6.2</td>
|
||||
<td>2.2.5-8.el8_6.3</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6878">https://access.redhat.com/errata/RHSA-2022:6878</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40674.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40674.json</a>
|
||||
<a href="https://access.redhat.com/security/cve/CVE-2022-40674">https://access.redhat.com/security/cve/CVE-2022-40674</a>
|
||||
<a href="https://blog.hartwork.org/posts/expat-2-4-9-released/">https://blog.hartwork.org/posts/expat-2-4-9-released/</a>
|
||||
<a href="https://bugzilla.redhat.com/2130769">https://bugzilla.redhat.com/2130769</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-6878.html">https://errata.almalinux.org/8/ALSA-2022-6878.html</a>
|
||||
<a href="https://github.com/advisories/GHSA-2vq2-xc55-3j5m">https://github.com/advisories/GHSA-2vq2-xc55-3j5m</a>
|
||||
<a href="https://github.com/libexpat/libexpat/pull/629">https://github.com/libexpat/libexpat/pull/629</a>
|
||||
<a href="https://github.com/libexpat/libexpat/pull/640">https://github.com/libexpat/libexpat/pull/640</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-40674.html">https://linux.oracle.com/cve/CVE-2022-40674.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2022-6878.html">https://linux.oracle.com/errata/ELSA-2022-6878.html</a>
|
||||
<a href="https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html">https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html</a>
|
||||
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/</a>
|
||||
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/</a>
|
||||
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-40674">https://nvd.nist.gov/vuln/detail/CVE-2022-40674</a>
|
||||
<a href="https://security.gentoo.org/glsa/202209-24">https://security.gentoo.org/glsa/202209-24</a>
|
||||
<a href="https://ubuntu.com/security/notices/USN-5638-1">https://ubuntu.com/security/notices/USN-5638-1</a>
|
||||
<a href="https://www.debian.org/security/2022/dsa-5236">https://www.debian.org/security/2022/dsa-5236</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr class="severity-MEDIUM">
|
||||
<td class="pkg-name">gnupg2</td>
|
||||
<td>CVE-2022-34903</td>
|
||||
@ -186,16 +212,15 @@
|
||||
<td class="pkg-version">7.61.1-22.el8_6.3</td>
|
||||
<td>7.61.1-22.el8_6.4</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6157">https://access.redhat.com/errata/RHSA-2022:6157</a>
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6159">https://access.redhat.com/errata/RHSA-2022:6159</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json</a>
|
||||
<a href="https://access.redhat.com/security/cve/CVE-2022-32206">https://access.redhat.com/security/cve/CVE-2022-32206</a>
|
||||
<a href="https://bugzilla.redhat.com/2099300">https://bugzilla.redhat.com/2099300</a>
|
||||
<a href="https://bugzilla.redhat.com/2099305">https://bugzilla.redhat.com/2099305</a>
|
||||
<a href="https://bugzilla.redhat.com/2099306">https://bugzilla.redhat.com/2099306</a>
|
||||
<a href="https://curl.se/docs/CVE-2022-32206.html">https://curl.se/docs/CVE-2022-32206.html</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32206</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2022-6157.html">https://errata.almalinux.org/9/ALSA-2022-6157.html</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-6159.html">https://errata.almalinux.org/8/ALSA-2022-6159.html</a>
|
||||
<a href="https://hackerone.com/reports/1570651">https://hackerone.com/reports/1570651</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-32206.html">https://linux.oracle.com/cve/CVE-2022-32206.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2022-6159.html">https://linux.oracle.com/errata/ELSA-2022-6159.html</a>
|
||||
@ -214,16 +239,15 @@
|
||||
<td class="pkg-version">7.61.1-22.el8_6.3</td>
|
||||
<td>7.61.1-22.el8_6.4</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6157">https://access.redhat.com/errata/RHSA-2022:6157</a>
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6159">https://access.redhat.com/errata/RHSA-2022:6159</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32206.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32208.json</a>
|
||||
<a href="https://access.redhat.com/security/cve/CVE-2022-32208">https://access.redhat.com/security/cve/CVE-2022-32208</a>
|
||||
<a href="https://bugzilla.redhat.com/2099300">https://bugzilla.redhat.com/2099300</a>
|
||||
<a href="https://bugzilla.redhat.com/2099305">https://bugzilla.redhat.com/2099305</a>
|
||||
<a href="https://bugzilla.redhat.com/2099306">https://bugzilla.redhat.com/2099306</a>
|
||||
<a href="https://curl.se/docs/CVE-2022-32208.html">https://curl.se/docs/CVE-2022-32208.html</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32208</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2022-6157.html">https://errata.almalinux.org/9/ALSA-2022-6157.html</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-6159.html">https://errata.almalinux.org/8/ALSA-2022-6159.html</a>
|
||||
<a href="https://hackerone.com/reports/1590071">https://hackerone.com/reports/1590071</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-32208.html">https://linux.oracle.com/cve/CVE-2022-32208.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2022-6159.html">https://linux.oracle.com/errata/ELSA-2022-6159.html</a>
|
||||
@ -243,18 +267,16 @@
|
||||
<td class="pkg-version">1:1.1.1k-6.el8_5</td>
|
||||
<td>1:1.1.1k-7.el8_6</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6224">https://access.redhat.com/errata/RHSA-2022:6224</a>
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:5818">https://access.redhat.com/errata/RHSA-2022:5818</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json</a>
|
||||
<a href="https://access.redhat.com/security/cve/CVE-2022-1292">https://access.redhat.com/security/cve/CVE-2022-1292</a>
|
||||
<a href="https://bugzilla.redhat.com/2081494">https://bugzilla.redhat.com/2081494</a>
|
||||
<a href="https://bugzilla.redhat.com/2087911">https://bugzilla.redhat.com/2087911</a>
|
||||
<a href="https://bugzilla.redhat.com/2087913">https://bugzilla.redhat.com/2087913</a>
|
||||
<a href="https://bugzilla.redhat.com/2097310">https://bugzilla.redhat.com/2097310</a>
|
||||
<a href="https://bugzilla.redhat.com/2104905">https://bugzilla.redhat.com/2104905</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2022-6224.html">https://errata.almalinux.org/9/ALSA-2022-6224.html</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-5818.html">https://errata.almalinux.org/8/ALSA-2022-5818.html</a>
|
||||
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2</a>
|
||||
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb</a>
|
||||
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23</a>
|
||||
@ -282,18 +304,16 @@
|
||||
<td class="pkg-version">1:1.1.1k-6.el8_5</td>
|
||||
<td>1:1.1.1k-7.el8_6</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6224">https://access.redhat.com/errata/RHSA-2022:6224</a>
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:5818">https://access.redhat.com/errata/RHSA-2022:5818</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json</a>
|
||||
<a href="https://access.redhat.com/security/cve/CVE-2022-2068">https://access.redhat.com/security/cve/CVE-2022-2068</a>
|
||||
<a href="https://bugzilla.redhat.com/2081494">https://bugzilla.redhat.com/2081494</a>
|
||||
<a href="https://bugzilla.redhat.com/2087911">https://bugzilla.redhat.com/2087911</a>
|
||||
<a href="https://bugzilla.redhat.com/2087913">https://bugzilla.redhat.com/2087913</a>
|
||||
<a href="https://bugzilla.redhat.com/2097310">https://bugzilla.redhat.com/2097310</a>
|
||||
<a href="https://bugzilla.redhat.com/2104905">https://bugzilla.redhat.com/2104905</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2022-6224.html">https://errata.almalinux.org/9/ALSA-2022-6224.html</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-5818.html">https://errata.almalinux.org/8/ALSA-2022-5818.html</a>
|
||||
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa</a>
|
||||
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9</a>
|
||||
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7</a>
|
||||
@ -316,19 +336,17 @@
|
||||
<td class="pkg-version">1:1.1.1k-6.el8_5</td>
|
||||
<td>1:1.1.1k-7.el8_6</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:6224">https://access.redhat.com/errata/RHSA-2022:6224</a>
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:5818">https://access.redhat.com/errata/RHSA-2022:5818</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1292.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2068.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2097.json</a>
|
||||
<a href="https://access.redhat.com/security/cve/CVE-2022-2097">https://access.redhat.com/security/cve/CVE-2022-2097</a>
|
||||
<a href="https://bugzilla.redhat.com/2081494">https://bugzilla.redhat.com/2081494</a>
|
||||
<a href="https://bugzilla.redhat.com/2087911">https://bugzilla.redhat.com/2087911</a>
|
||||
<a href="https://bugzilla.redhat.com/2087913">https://bugzilla.redhat.com/2087913</a>
|
||||
<a href="https://bugzilla.redhat.com/2097310">https://bugzilla.redhat.com/2097310</a>
|
||||
<a href="https://bugzilla.redhat.com/2104905">https://bugzilla.redhat.com/2104905</a>
|
||||
<a href="https://crates.io/crates/openssl-src">https://crates.io/crates/openssl-src</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2022-6224.html">https://errata.almalinux.org/9/ALSA-2022-6224.html</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-5818.html">https://errata.almalinux.org/8/ALSA-2022-5818.html</a>
|
||||
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431</a>
|
||||
<a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-2097.html">https://linux.oracle.com/cve/CVE-2022-2097.html</a>
|
||||
@ -436,7 +454,7 @@
|
||||
<td class="pkg-version">2:8.0.1763-19.el8_6.2</td>
|
||||
<td>2:8.0.1763-19.el8_6.4</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:5942">https://access.redhat.com/errata/RHSA-2022:5942</a>
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:5813">https://access.redhat.com/errata/RHSA-2022:5813</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json</a>
|
||||
@ -445,7 +463,7 @@
|
||||
<a href="https://bugzilla.redhat.com/2091682">https://bugzilla.redhat.com/2091682</a>
|
||||
<a href="https://bugzilla.redhat.com/2091687">https://bugzilla.redhat.com/2091687</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1927">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1927</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2022-5942.html">https://errata.almalinux.org/9/ALSA-2022-5942.html</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-5813.html">https://errata.almalinux.org/8/ALSA-2022-5813.html</a>
|
||||
<a href="https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010">https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010</a>
|
||||
<a href="https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 (v8.2.5037)">https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 (v8.2.5037)</a>
|
||||
<a href="https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777">https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777</a>
|
||||
@ -464,7 +482,7 @@
|
||||
<td class="pkg-version">2:8.0.1763-19.el8_6.2</td>
|
||||
<td>2:8.0.1763-19.el8_6.4</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:5942">https://access.redhat.com/errata/RHSA-2022:5942</a>
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:5813">https://access.redhat.com/errata/RHSA-2022:5813</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json</a>
|
||||
@ -473,7 +491,7 @@
|
||||
<a href="https://bugzilla.redhat.com/2091682">https://bugzilla.redhat.com/2091682</a>
|
||||
<a href="https://bugzilla.redhat.com/2091687">https://bugzilla.redhat.com/2091687</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1785">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1785</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2022-5942.html">https://errata.almalinux.org/9/ALSA-2022-5942.html</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-5813.html">https://errata.almalinux.org/8/ALSA-2022-5813.html</a>
|
||||
<a href="https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839">https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839</a>
|
||||
<a href="https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109">https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-1785.html">https://linux.oracle.com/cve/CVE-2022-1785.html</a>
|
||||
@ -490,7 +508,7 @@
|
||||
<td class="pkg-version">2:8.0.1763-19.el8_6.2</td>
|
||||
<td>2:8.0.1763-19.el8_6.4</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:5942">https://access.redhat.com/errata/RHSA-2022:5942</a>
|
||||
<a href="https://access.redhat.com/errata/RHSA-2022:5813">https://access.redhat.com/errata/RHSA-2022:5813</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1785.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1897.json</a>
|
||||
<a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1927.json</a>
|
||||
@ -499,7 +517,7 @@
|
||||
<a href="https://bugzilla.redhat.com/2091682">https://bugzilla.redhat.com/2091682</a>
|
||||
<a href="https://bugzilla.redhat.com/2091687">https://bugzilla.redhat.com/2091687</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1897">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1897</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2022-5942.html">https://errata.almalinux.org/9/ALSA-2022-5942.html</a>
|
||||
<a href="https://errata.almalinux.org/8/ALSA-2022-5813.html">https://errata.almalinux.org/8/ALSA-2022-5813.html</a>
|
||||
<a href="https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a">https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a</a>
|
||||
<a href="https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a (v8.2.5023)">https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a (v8.2.5023)</a>
|
||||
<a href="https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118">https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118</a>
|
||||
|
@ -63,6 +63,33 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "CVE-2022-40674",
|
||||
"name": "OsPackageVulnerability",
|
||||
"shortDescription": {
|
||||
"text": "CVE-2022-40674"
|
||||
},
|
||||
"fullDescription": {
|
||||
"text": "libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c."
|
||||
},
|
||||
"defaultConfiguration": {
|
||||
"level": "error"
|
||||
},
|
||||
"helpUri": "https://avd.aquasec.com/nvd/cve-2022-40674",
|
||||
"help": {
|
||||
"text": "Vulnerability CVE-2022-40674\nSeverity: CRITICAL\nPackage: expat\nFixed Version: 2.2.5-8.el8_6.3\nLink: [CVE-2022-40674](https://avd.aquasec.com/nvd/cve-2022-40674)\nlibexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.",
|
||||
"markdown": "**Vulnerability CVE-2022-40674**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|CRITICAL|expat|2.2.5-8.el8_6.3|[CVE-2022-40674](https://avd.aquasec.com/nvd/cve-2022-40674)|\n\nlibexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c."
|
||||
},
|
||||
"properties": {
|
||||
"precision": "very-high",
|
||||
"security-severity": "9.8",
|
||||
"tags": [
|
||||
"vulnerability",
|
||||
"security",
|
||||
"CRITICAL"
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "CVE-2022-34903",
|
||||
"name": "OsPackageVulnerability",
|
||||
@ -360,8 +387,32 @@
|
||||
]
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-34903",
|
||||
"ruleId": "CVE-2022-40674",
|
||||
"ruleIndex": 2,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: expat\nInstalled Version: 2.2.5-8.el8_6.2\nVulnerability CVE-2022-40674\nSeverity: CRITICAL\nFixed Version: 2.2.5-8.el8_6.3\nLink: [CVE-2022-40674](https://avd.aquasec.com/nvd/cve-2022-40674)"
|
||||
},
|
||||
"locations": [
|
||||
{
|
||||
"physicalLocation": {
|
||||
"artifactLocation": {
|
||||
"uri": "rockylinux/rockylinux",
|
||||
"uriBaseId": "ROOTPATH"
|
||||
},
|
||||
"region": {
|
||||
"startLine": 1,
|
||||
"startColumn": 1,
|
||||
"endLine": 1,
|
||||
"endColumn": 1
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-34903",
|
||||
"ruleIndex": 3,
|
||||
"level": "warning",
|
||||
"message": {
|
||||
"text": "Package: gnupg2\nInstalled Version: 2.2.20-2.el8\nVulnerability CVE-2022-34903\nSeverity: MEDIUM\nFixed Version: 2.2.20-3.el8_6\nLink: [CVE-2022-34903](https://avd.aquasec.com/nvd/cve-2022-34903)"
|
||||
@ -433,7 +484,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-1292",
|
||||
"ruleIndex": 3,
|
||||
"ruleIndex": 4,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: openssl-libs\nInstalled Version: 1:1.1.1k-6.el8_5\nVulnerability CVE-2022-1292\nSeverity: CRITICAL\nFixed Version: 1:1.1.1k-7.el8_6\nLink: [CVE-2022-1292](https://avd.aquasec.com/nvd/cve-2022-1292)"
|
||||
@ -457,7 +508,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-2068",
|
||||
"ruleIndex": 4,
|
||||
"ruleIndex": 5,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: openssl-libs\nInstalled Version: 1:1.1.1k-6.el8_5\nVulnerability CVE-2022-2068\nSeverity: CRITICAL\nFixed Version: 1:1.1.1k-7.el8_6\nLink: [CVE-2022-2068](https://avd.aquasec.com/nvd/cve-2022-2068)"
|
||||
@ -481,7 +532,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-2097",
|
||||
"ruleIndex": 5,
|
||||
"ruleIndex": 6,
|
||||
"level": "warning",
|
||||
"message": {
|
||||
"text": "Package: openssl-libs\nInstalled Version: 1:1.1.1k-6.el8_5\nVulnerability CVE-2022-2097\nSeverity: MEDIUM\nFixed Version: 1:1.1.1k-7.el8_6\nLink: [CVE-2022-2097](https://avd.aquasec.com/nvd/cve-2022-2097)"
|
||||
@ -505,7 +556,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-1586",
|
||||
"ruleIndex": 6,
|
||||
"ruleIndex": 7,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: pcre2\nInstalled Version: 10.32-2.el8\nVulnerability CVE-2022-1586\nSeverity: CRITICAL\nFixed Version: 10.32-3.el8_6\nLink: [CVE-2022-1586](https://avd.aquasec.com/nvd/cve-2022-1586)"
|
||||
@ -529,7 +580,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-2526",
|
||||
"ruleIndex": 7,
|
||||
"ruleIndex": 8,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: systemd\nInstalled Version: 239-58.el8\nVulnerability CVE-2022-2526\nSeverity: CRITICAL\nFixed Version: 239-58.el8_6.4\nLink: [CVE-2022-2526](https://avd.aquasec.com/nvd/cve-2022-2526)"
|
||||
@ -553,7 +604,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-2526",
|
||||
"ruleIndex": 7,
|
||||
"ruleIndex": 8,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: systemd-libs\nInstalled Version: 239-58.el8\nVulnerability CVE-2022-2526\nSeverity: CRITICAL\nFixed Version: 239-58.el8_6.4\nLink: [CVE-2022-2526](https://avd.aquasec.com/nvd/cve-2022-2526)"
|
||||
@ -577,7 +628,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-2526",
|
||||
"ruleIndex": 7,
|
||||
"ruleIndex": 8,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: systemd-pam\nInstalled Version: 239-58.el8\nVulnerability CVE-2022-2526\nSeverity: CRITICAL\nFixed Version: 239-58.el8_6.4\nLink: [CVE-2022-2526](https://avd.aquasec.com/nvd/cve-2022-2526)"
|
||||
@ -601,7 +652,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-1927",
|
||||
"ruleIndex": 8,
|
||||
"ruleIndex": 9,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: vim-minimal\nInstalled Version: 2:8.0.1763-19.el8_6.2\nVulnerability CVE-2022-1927\nSeverity: CRITICAL\nFixed Version: 2:8.0.1763-19.el8_6.4\nLink: [CVE-2022-1927](https://avd.aquasec.com/nvd/cve-2022-1927)"
|
||||
@ -625,7 +676,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-1785",
|
||||
"ruleIndex": 9,
|
||||
"ruleIndex": 10,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: vim-minimal\nInstalled Version: 2:8.0.1763-19.el8_6.2\nVulnerability CVE-2022-1785\nSeverity: HIGH\nFixed Version: 2:8.0.1763-19.el8_6.4\nLink: [CVE-2022-1785](https://avd.aquasec.com/nvd/cve-2022-1785)"
|
||||
@ -649,7 +700,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-1897",
|
||||
"ruleIndex": 10,
|
||||
"ruleIndex": 11,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: vim-minimal\nInstalled Version: 2:8.0.1763-19.el8_6.2\nVulnerability CVE-2022-1897\nSeverity: HIGH\nFixed Version: 2:8.0.1763-19.el8_6.4\nLink: [CVE-2022-1897](https://avd.aquasec.com/nvd/cve-2022-1897)"
|
||||
|
Loading…
Reference in New Issue
Block a user