mirror of
https://github.com/rocky-linux/sig-cloud-instance-images.git
synced 2024-12-24 01:48:34 +00:00
deploy: 8ccce7fd31
This commit is contained in:
parent
2ddcf36365
commit
df23868c90
65
index.html
65
index.html
@ -51,7 +51,7 @@
|
||||
}
|
||||
a.toggle-more-links { cursor: pointer; }
|
||||
</style>
|
||||
<title>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-16 13:06:30.988440764 +0000 UTC m=+0.651300861 </title>
|
||||
<title>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-17 13:06:25.614870608 +0000 UTC m=+1.886522334 </title>
|
||||
<script>
|
||||
window.onload = function() {
|
||||
document.querySelectorAll('td.links').forEach(function(linkCell) {
|
||||
@ -81,7 +81,7 @@
|
||||
</script>
|
||||
</head>
|
||||
<body>
|
||||
<h1>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-16 13:06:30.988477764 +0000 UTC m=+0.651337861</h1>
|
||||
<h1>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-17 13:06:25.614900808 +0000 UTC m=+1.886552534</h1>
|
||||
<table>
|
||||
<tr class="group-header"><th colspan="6">rocky</th></tr>
|
||||
<tr class="sub-header">
|
||||
@ -111,7 +111,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/418">https://gitlab.freedesktop.org/dbus/dbus/-/issues/418</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42010.html">https://linux.oracle.com/cve/CVE-2022-42010.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -142,7 +142,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/413">https://gitlab.freedesktop.org/dbus/dbus/-/issues/413</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42011.html">https://linux.oracle.com/cve/CVE-2022-42011.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -173,7 +173,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/417">https://gitlab.freedesktop.org/dbus/dbus/-/issues/417</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42012.html">https://linux.oracle.com/cve/CVE-2022-42012.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -204,7 +204,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/418">https://gitlab.freedesktop.org/dbus/dbus/-/issues/418</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42010.html">https://linux.oracle.com/cve/CVE-2022-42010.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -235,7 +235,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/413">https://gitlab.freedesktop.org/dbus/dbus/-/issues/413</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42011.html">https://linux.oracle.com/cve/CVE-2022-42011.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -266,7 +266,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/417">https://gitlab.freedesktop.org/dbus/dbus/-/issues/417</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42012.html">https://linux.oracle.com/cve/CVE-2022-42012.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -297,7 +297,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/418">https://gitlab.freedesktop.org/dbus/dbus/-/issues/418</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42010.html">https://linux.oracle.com/cve/CVE-2022-42010.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -328,7 +328,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/413">https://gitlab.freedesktop.org/dbus/dbus/-/issues/413</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42011.html">https://linux.oracle.com/cve/CVE-2022-42011.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -359,7 +359,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/417">https://gitlab.freedesktop.org/dbus/dbus/-/issues/417</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42012.html">https://linux.oracle.com/cve/CVE-2022-42012.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -390,7 +390,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/418">https://gitlab.freedesktop.org/dbus/dbus/-/issues/418</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42010.html">https://linux.oracle.com/cve/CVE-2022-42010.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -421,7 +421,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/413">https://gitlab.freedesktop.org/dbus/dbus/-/issues/413</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42011.html">https://linux.oracle.com/cve/CVE-2022-42011.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -452,7 +452,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0096">https://errata.rockylinux.org/RLSA-2023:0096</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
|
||||
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/417">https://gitlab.freedesktop.org/dbus/dbus/-/issues/417</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-42012.html">https://linux.oracle.com/cve/CVE-2022-42012.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
|
||||
@ -477,7 +477,7 @@
|
||||
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2140059">https://bugzilla.redhat.com/show_bug.cgi?id=2140059</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0337.html">https://errata.almalinux.org/9/ALSA-2023-0337.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0103">https://errata.rockylinux.org/RLSA-2023:0103</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0337">https://errata.rockylinux.org/RLSA-2023:0337</a>
|
||||
<a href="https://github.com/libexpat/libexpat/issues/649">https://github.com/libexpat/libexpat/issues/649</a>
|
||||
<a href="https://github.com/libexpat/libexpat/pull/616">https://github.com/libexpat/libexpat/pull/616</a>
|
||||
<a href="https://github.com/libexpat/libexpat/pull/650">https://github.com/libexpat/libexpat/pull/650</a>
|
||||
@ -498,6 +498,33 @@
|
||||
<a href="https://www.debian.org/security/2022/dsa-5266">https://www.debian.org/security/2022/dsa-5266</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr class="severity-HIGH">
|
||||
<td class="pkg-name">libksba</td>
|
||||
<td>CVE-2022-47629</td>
|
||||
<td class="severity">HIGH</td>
|
||||
<td class="pkg-version">1.3.5-8.el8_6</td>
|
||||
<td>1.3.5-9.el8_7</td>
|
||||
<td class="links" data-more-links="off">
|
||||
<a href="https://access.redhat.com/errata/RHSA-2023:0626">https://access.redhat.com/errata/RHSA-2023:0626</a>
|
||||
<a href="https://access.redhat.com/security/cve/CVE-2022-47629">https://access.redhat.com/security/cve/CVE-2022-47629</a>
|
||||
<a href="https://bugzilla.redhat.com/2161571">https://bugzilla.redhat.com/2161571</a>
|
||||
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2161571">https://bugzilla.redhat.com/show_bug.cgi?id=2161571</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47629">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47629</a>
|
||||
<a href="https://dev.gnupg.org/T6284">https://dev.gnupg.org/T6284</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0626.html">https://errata.almalinux.org/9/ALSA-2023-0626.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0626">https://errata.rockylinux.org/RLSA-2023:0626</a>
|
||||
<a href="https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=f61a5ea4e0f6a80fd4b28ef0174bee77793cf070">https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=f61a5ea4e0f6a80fd4b28ef0174bee77793cf070</a>
|
||||
<a href="https://gnupg.org/blog/20221017-pepe-left-the-ksba.html">https://gnupg.org/blog/20221017-pepe-left-the-ksba.html</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-47629.html">https://linux.oracle.com/cve/CVE-2022-47629.html</a>
|
||||
<a href="https://linux.oracle.com/errata/ELSA-2023-0626.html">https://linux.oracle.com/errata/ELSA-2023-0626.html</a>
|
||||
<a href="https://lists.debian.org/debian-lts-announce/2022/12/msg00035.html">https://lists.debian.org/debian-lts-announce/2022/12/msg00035.html</a>
|
||||
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-47629">https://nvd.nist.gov/vuln/detail/CVE-2022-47629</a>
|
||||
<a href="https://security.gentoo.org/glsa/202212-07">https://security.gentoo.org/glsa/202212-07</a>
|
||||
<a href="https://ubuntu.com/security/notices/USN-5787-1">https://ubuntu.com/security/notices/USN-5787-1</a>
|
||||
<a href="https://ubuntu.com/security/notices/USN-5787-2">https://ubuntu.com/security/notices/USN-5787-2</a>
|
||||
<a href="https://www.debian.org/security/2022/dsa-5305">https://www.debian.org/security/2022/dsa-5305</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr class="severity-MEDIUM">
|
||||
<td class="pkg-name">libtasn1</td>
|
||||
<td>CVE-2021-46848</td>
|
||||
@ -512,7 +539,7 @@
|
||||
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2140058">https://bugzilla.redhat.com/show_bug.cgi?id=2140058</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0343.html">https://errata.almalinux.org/9/ALSA-2023-0343.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0116">https://errata.rockylinux.org/RLSA-2023:0116</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0343">https://errata.rockylinux.org/RLSA-2023:0343</a>
|
||||
<a href="https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5">https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5</a>
|
||||
<a href="https://gitlab.com/gnutls/libtasn1/-/issues/32">https://gitlab.com/gnutls/libtasn1/-/issues/32</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2021-46848.html">https://linux.oracle.com/cve/CVE-2021-46848.html</a>
|
||||
@ -547,7 +574,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0338.html">https://errata.almalinux.org/9/ALSA-2023-0338.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0173">https://errata.rockylinux.org/RLSA-2023:0173</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0338">https://errata.rockylinux.org/RLSA-2023:0338</a>
|
||||
<a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0">https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0</a>
|
||||
<a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3">https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-40303.html">https://linux.oracle.com/cve/CVE-2022-40303.html</a>
|
||||
@ -583,7 +610,7 @@
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0338.html">https://errata.almalinux.org/9/ALSA-2023-0338.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0173">https://errata.rockylinux.org/RLSA-2023:0173</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0338">https://errata.rockylinux.org/RLSA-2023:0338</a>
|
||||
<a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b">https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b</a>
|
||||
<a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags">https://gitlab.gnome.org/GNOME/libxml2/-/tags</a>
|
||||
<a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3">https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3</a>
|
||||
@ -614,7 +641,7 @@
|
||||
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2110291">https://bugzilla.redhat.com/show_bug.cgi?id=2110291</a>
|
||||
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35737">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35737</a>
|
||||
<a href="https://errata.almalinux.org/9/ALSA-2023-0339.html">https://errata.almalinux.org/9/ALSA-2023-0339.html</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0110">https://errata.rockylinux.org/RLSA-2023:0110</a>
|
||||
<a href="https://errata.rockylinux.org/RLSA-2023:0339">https://errata.rockylinux.org/RLSA-2023:0339</a>
|
||||
<a href="https://github.com/advisories/GHSA-jw36-hf63-69r9">https://github.com/advisories/GHSA-jw36-hf63-69r9</a>
|
||||
<a href="https://kb.cert.org/vuls/id/720344">https://kb.cert.org/vuls/id/720344</a>
|
||||
<a href="https://linux.oracle.com/cve/CVE-2022-35737.html">https://linux.oracle.com/cve/CVE-2022-35737.html</a>
|
||||
|
@ -117,6 +117,33 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "CVE-2022-47629",
|
||||
"name": "OsPackageVulnerability",
|
||||
"shortDescription": {
|
||||
"text": "libksba: integer overflow to code execution"
|
||||
},
|
||||
"fullDescription": {
|
||||
"text": "Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser."
|
||||
},
|
||||
"defaultConfiguration": {
|
||||
"level": "error"
|
||||
},
|
||||
"helpUri": "https://avd.aquasec.com/nvd/cve-2022-47629",
|
||||
"help": {
|
||||
"text": "Vulnerability CVE-2022-47629\nSeverity: HIGH\nPackage: libksba\nFixed Version: 1.3.5-9.el8_7\nLink: [CVE-2022-47629](https://avd.aquasec.com/nvd/cve-2022-47629)\nLibksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.",
|
||||
"markdown": "**Vulnerability CVE-2022-47629**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|HIGH|libksba|1.3.5-9.el8_7|[CVE-2022-47629](https://avd.aquasec.com/nvd/cve-2022-47629)|\n\nLibksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser."
|
||||
},
|
||||
"properties": {
|
||||
"precision": "very-high",
|
||||
"security-severity": "8.0",
|
||||
"tags": [
|
||||
"vulnerability",
|
||||
"security",
|
||||
"HIGH"
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "CVE-2021-46848",
|
||||
"name": "OsPackageVulnerability",
|
||||
@ -582,8 +609,35 @@
|
||||
]
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2021-46848",
|
||||
"ruleId": "CVE-2022-47629",
|
||||
"ruleIndex": 4,
|
||||
"level": "error",
|
||||
"message": {
|
||||
"text": "Package: libksba\nInstalled Version: 1.3.5-8.el8_6\nVulnerability CVE-2022-47629\nSeverity: HIGH\nFixed Version: 1.3.5-9.el8_7\nLink: [CVE-2022-47629](https://avd.aquasec.com/nvd/cve-2022-47629)"
|
||||
},
|
||||
"locations": [
|
||||
{
|
||||
"physicalLocation": {
|
||||
"artifactLocation": {
|
||||
"uri": "rockylinux/rockylinux",
|
||||
"uriBaseId": "ROOTPATH"
|
||||
},
|
||||
"region": {
|
||||
"startLine": 1,
|
||||
"startColumn": 1,
|
||||
"endLine": 1,
|
||||
"endColumn": 1
|
||||
}
|
||||
},
|
||||
"message": {
|
||||
"text": "rockylinux/rockylinux: libksba@1.3.5-8.el8_6"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2021-46848",
|
||||
"ruleIndex": 5,
|
||||
"level": "warning",
|
||||
"message": {
|
||||
"text": "Package: libtasn1\nInstalled Version: 4.13-3.el8\nVulnerability CVE-2021-46848\nSeverity: MEDIUM\nFixed Version: 4.13-4.el8_7\nLink: [CVE-2021-46848](https://avd.aquasec.com/nvd/cve-2021-46848)"
|
||||
@ -610,7 +664,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-40303",
|
||||
"ruleIndex": 5,
|
||||
"ruleIndex": 6,
|
||||
"level": "warning",
|
||||
"message": {
|
||||
"text": "Package: libxml2\nInstalled Version: 2.9.7-15.el8\nVulnerability CVE-2022-40303\nSeverity: MEDIUM\nFixed Version: 2.9.7-15.el8_7.1\nLink: [CVE-2022-40303](https://avd.aquasec.com/nvd/cve-2022-40303)"
|
||||
@ -637,7 +691,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-40304",
|
||||
"ruleIndex": 6,
|
||||
"ruleIndex": 7,
|
||||
"level": "warning",
|
||||
"message": {
|
||||
"text": "Package: libxml2\nInstalled Version: 2.9.7-15.el8\nVulnerability CVE-2022-40304\nSeverity: MEDIUM\nFixed Version: 2.9.7-15.el8_7.1\nLink: [CVE-2022-40304](https://avd.aquasec.com/nvd/cve-2022-40304)"
|
||||
@ -664,7 +718,7 @@
|
||||
},
|
||||
{
|
||||
"ruleId": "CVE-2022-35737",
|
||||
"ruleIndex": 7,
|
||||
"ruleIndex": 8,
|
||||
"level": "warning",
|
||||
"message": {
|
||||
"text": "Package: sqlite-libs\nInstalled Version: 3.26.0-16.el8_6\nVulnerability CVE-2022-35737\nSeverity: MEDIUM\nFixed Version: 3.26.0-17.el8_7\nLink: [CVE-2022-35737](https://avd.aquasec.com/nvd/cve-2022-35737)"
|
||||
|
Loading…
Reference in New Issue
Block a user