<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <style> * { font-family: Arial, Helvetica, sans-serif; } h1 { text-align: center; } .group-header th { font-size: 200%; } .sub-header th { font-size: 150%; } table, th, td { border: 1px solid black; border-collapse: collapse; white-space: nowrap; padding: .3em; } table { margin: 0 auto; } .severity { text-align: center; font-weight: bold; color: #fafafa; } .severity-LOW .severity { background-color: #5fbb31; } .severity-MEDIUM .severity { background-color: #e9c600; } .severity-HIGH .severity { background-color: #ff8800; } .severity-CRITICAL .severity { background-color: #e40000; } .severity-UNKNOWN .severity { background-color: #747474; } .severity-LOW { background-color: #5fbb3160; } .severity-MEDIUM { background-color: #e9c60060; } .severity-HIGH { background-color: #ff880060; } .severity-CRITICAL { background-color: #e4000060; } .severity-UNKNOWN { background-color: #74747460; } table tr td:first-of-type { font-weight: bold; } .links a, .links[data-more-links=on] a { display: block; } .links[data-more-links=off] a:nth-of-type(1n+5) { display: none; } a.toggle-more-links { cursor: pointer; } </style> <title>docker.io/rockylinux/rockylinux:8 (rocky 8.5) - Trivy Report - 2022-04-28 13:13:49.652562679 +0000 UTC m=+0.780327651 </title> <script> window.onload = function() { document.querySelectorAll('td.links').forEach(function(linkCell) { var links = [].concat.apply([], linkCell.querySelectorAll('a')); [].sort.apply(links, function(a, b) { return a.href > b.href ? 1 : -1; }); links.forEach(function(link, idx) { if (links.length > 3 && 3 === idx) { var toggleLink = document.createElement('a'); toggleLink.innerText = "Toggle more links"; toggleLink.href = "#toggleMore"; toggleLink.setAttribute("class", "toggle-more-links"); linkCell.appendChild(toggleLink); } linkCell.appendChild(link); }); }); document.querySelectorAll('a.toggle-more-links').forEach(function(toggleLink) { toggleLink.onclick = function() { var expanded = toggleLink.parentElement.getAttribute("data-more-links"); toggleLink.parentElement.setAttribute("data-more-links", "on" === expanded ? "off" : "on"); return false; }; }); }; </script> </head> <body> <h1>docker.io/rockylinux/rockylinux:8 (rocky 8.5) - Trivy Report - 2022-04-28 13:13:49.652593279 +0000 UTC m=+0.780358151</h1> <table> <tr class="group-header"><th colspan="6">rocky</th></tr> <tr class="sub-header"> <th>Package</th> <th>Vulnerability ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> <th>Links</th> </tr> <tr class="severity-HIGH"> <td class="pkg-name">openssl-libs</td> <td>CVE-2022-0778</td> <td class="severity">HIGH</td> <td class="pkg-version">1:1.1.1k-5.el8_5</td> <td>1:1.1.1k-6.el8_5</td> <td class="links" data-more-links="off"> <a href="https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json">https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json</a> <a href="https://access.redhat.com/security/cve/CVE-2022-0778">https://access.redhat.com/security/cve/CVE-2022-0778</a> <a href="https://crates.io/crates/openssl-src">https://crates.io/crates/openssl-src</a> <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778</a> <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65</a> <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83</a> <a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246">https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246</a> <a href="https://linux.oracle.com/cve/CVE-2022-0778.html">https://linux.oracle.com/cve/CVE-2022-0778.html</a> <a href="https://linux.oracle.com/errata/ELSA-2022-9272.html">https://linux.oracle.com/errata/ELSA-2022-9272.html</a> <a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html</a> <a href="https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html">https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html</a> <a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/</a> <a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/</a> <a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/</a> <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-0778">https://nvd.nist.gov/vuln/detail/CVE-2022-0778</a> <a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002</a> <a href="https://rustsec.org/advisories/RUSTSEC-2022-0014.html">https://rustsec.org/advisories/RUSTSEC-2022-0014.html</a> <a href="https://security.netapp.com/advisory/ntap-20220321-0002/">https://security.netapp.com/advisory/ntap-20220321-0002/</a> <a href="https://ubuntu.com/security/notices/USN-5328-1">https://ubuntu.com/security/notices/USN-5328-1</a> <a href="https://ubuntu.com/security/notices/USN-5328-2">https://ubuntu.com/security/notices/USN-5328-2</a> <a href="https://www.debian.org/security/2022/dsa-5103">https://www.debian.org/security/2022/dsa-5103</a> <a href="https://www.openssl.org/news/secadv/20220315.txt">https://www.openssl.org/news/secadv/20220315.txt</a> <a href="https://www.oracle.com/security-alerts/cpuapr2022.html">https://www.oracle.com/security-alerts/cpuapr2022.html</a> <a href="https://www.tenable.com/security/tns-2022-06">https://www.tenable.com/security/tns-2022-06</a> <a href="https://www.tenable.com/security/tns-2022-07">https://www.tenable.com/security/tns-2022-07</a> <a href="https://www.tenable.com/security/tns-2022-08">https://www.tenable.com/security/tns-2022-08</a> <a href="https://www.tenable.com/security/tns-2022-09">https://www.tenable.com/security/tns-2022-09</a> </td> </tr> <tr><th colspan="6">No Misconfigurations found</th></tr> <tr class="group-header"><th colspan="6">python-pkg</th></tr> <tr><th colspan="6">No Vulnerabilities found</th></tr> <tr><th colspan="6">No Misconfigurations found</th></tr> </table> </body> </html>