registry.gitlab.com/prod-manager/prod-manager:latest (alpine 3.19.1) - Trivy Report - 2024-11-20 07:02:24.314060005 +0000 UTC m=+2.395596262 registry.gitlab.com/prod-manager/prod-manager:latest (alpine 3.19.1) - Trivy Report - 2024-11-20 07:02:24.314084175 +0000 UTC m=+2.395620432 alpine Package Vulnerability ID Severity Installed Version Fixed Version Links busybox CVE-2023-42363 MEDIUM 1.36.1-r15 1.36.1-r17 http://lists.busybox.net/pipermail/busybox/2024-May/090760.html https://access.redhat.com/security/cve/CVE-2023-42363 https://bugs.busybox.net/show_bug.cgi?id=15865 https://nvd.nist.gov/vuln/detail/CVE-2023-42363 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42363 busybox CVE-2023-42364 MEDIUM 1.36.1-r15 1.36.1-r19 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42364 https://bugs.busybox.net/show_bug.cgi?id=15868 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42364 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42364 busybox CVE-2023-42365 MEDIUM 1.36.1-r15 1.36.1-r19 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42365 https://bugs.busybox.net/show_bug.cgi?id=15871 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42365 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42365 busybox CVE-2023-42366 MEDIUM 1.36.1-r15 1.36.1-r16 https://access.redhat.com/security/cve/CVE-2023-42366 https://bugs.busybox.net/show_bug.cgi?id=15874 https://nvd.nist.gov/vuln/detail/CVE-2023-42366 https://www.cve.org/CVERecord?id=CVE-2023-42366 busybox-binsh CVE-2023-42363 MEDIUM 1.36.1-r15 1.36.1-r17 http://lists.busybox.net/pipermail/busybox/2024-May/090760.html https://access.redhat.com/security/cve/CVE-2023-42363 https://bugs.busybox.net/show_bug.cgi?id=15865 https://nvd.nist.gov/vuln/detail/CVE-2023-42363 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42363 busybox-binsh CVE-2023-42364 MEDIUM 1.36.1-r15 1.36.1-r19 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42364 https://bugs.busybox.net/show_bug.cgi?id=15868 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42364 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42364 busybox-binsh CVE-2023-42365 MEDIUM 1.36.1-r15 1.36.1-r19 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42365 https://bugs.busybox.net/show_bug.cgi?id=15871 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42365 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42365 busybox-binsh CVE-2023-42366 MEDIUM 1.36.1-r15 1.36.1-r16 https://access.redhat.com/security/cve/CVE-2023-42366 https://bugs.busybox.net/show_bug.cgi?id=15874 https://nvd.nist.gov/vuln/detail/CVE-2023-42366 https://www.cve.org/CVERecord?id=CVE-2023-42366 libcrypto3 CVE-2024-4603 MEDIUM 3.1.4-r5 3.1.5-r0 https://access.redhat.com/security/cve/CVE-2024-4603 https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397 https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740 https://linux.oracle.com/cve/CVE-2024-4603.html https://linux.oracle.com/errata/ELSA-2024-9333.html https://nvd.nist.gov/vuln/detail/CVE-2024-4603 https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-4603 https://www.openssl.org/news/secadv/20240516.txt libcrypto3 CVE-2024-4741 MEDIUM 3.1.4-r5 3.1.6-r0 https://access.redhat.com/security/cve/CVE-2024-4741 https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177 https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8 https://github.openssl.org/openssl/extended-releases/commit/f7a045f3143fc6da2ee66bf52d8df04829590dd4 https://linux.oracle.com/cve/CVE-2024-4741.html https://linux.oracle.com/errata/ELSA-2024-9333.html https://nvd.nist.gov/vuln/detail/CVE-2024-4741 https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-4741 https://www.openssl.org/news/secadv/20240528.txt libcrypto3 CVE-2024-5535 MEDIUM 3.1.4-r5 3.1.6-r0 http://www.openwall.com/lists/oss-security/2024/06/27/1 http://www.openwall.com/lists/oss-security/2024/06/28/4 https://access.redhat.com/errata/RHSA-2024:7848 https://access.redhat.com/security/cve/CVE-2024-5535 https://bugzilla.redhat.com/2294581 https://bugzilla.redhat.com/show_bug.cgi?id=2294581 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535 https://errata.almalinux.org/8/ALSA-2024-7848.html https://errata.rockylinux.org/RLSA-2024:7848 https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37 https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87 https://linux.oracle.com/cve/CVE-2024-5535.html https://linux.oracle.com/errata/ELSA-2024-9333.html https://nvd.nist.gov/vuln/detail/CVE-2024-5535 https://openssl.org/news/secadv/20240627.txt https://security.netapp.com/advisory/ntap-20240712-0005/ https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-5535 https://www.openssl.org/news/secadv/20240627.txt https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL libcrypto3 CVE-2024-6119 MEDIUM 3.1.4-r5 3.1.7-r0 https://access.redhat.com/errata/RHSA-2024:8935 https://access.redhat.com/security/cve/CVE-2024-6119 https://bugzilla.redhat.com/2306158 https://bugzilla.redhat.com/show_bug.cgi?id=2306158 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6119 https://errata.almalinux.org/9/ALSA-2024-8935.html https://errata.rockylinux.org/RLSA-2024:6783 https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6 https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2 https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0 https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj https://linux.oracle.com/cve/CVE-2024-6119.html https://linux.oracle.com/errata/ELSA-2024-8935.html https://nvd.nist.gov/vuln/detail/CVE-2024-6119 https://openssl-library.org/news/secadv/20240903.txt https://ubuntu.com/security/notices/USN-6986-1 https://www.cve.org/CVERecord?id=CVE-2024-6119 libcrypto3 CVE-2024-2511 LOW 3.1.4-r5 3.1.4-r6 https://access.redhat.com/security/cve/CVE-2024-2511 https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08 https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640 https://linux.oracle.com/cve/CVE-2024-2511.html https://linux.oracle.com/errata/ELSA-2024-9333.html https://nvd.nist.gov/vuln/detail/CVE-2024-2511 https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-2511 https://www.openssl.org/news/secadv/20240408.txt https://www.openssl.org/news/vulnerabilities.html libcrypto3 CVE-2024-9143 LOW 3.1.4-r5 3.1.7-r1 https://access.redhat.com/security/cve/CVE-2024-9143 https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712 https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700 https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4 https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154 https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41 https://nvd.nist.gov/vuln/detail/CVE-2024-9143 https://openssl-library.org/news/secadv/20241016.txt https://www.cve.org/CVERecord?id=CVE-2024-9143 libexpat CVE-2024-45491 CRITICAL 2.6.0-r0 2.6.3-r0 https://access.redhat.com/errata/RHSA-2024:6754 https://access.redhat.com/security/cve/CVE-2024-45491 https://bugzilla.redhat.com/2308615 https://bugzilla.redhat.com/2308616 https://bugzilla.redhat.com/2308617 https://bugzilla.redhat.com/show_bug.cgi?id=2308615 https://bugzilla.redhat.com/show_bug.cgi?id=2308616 https://bugzilla.redhat.com/show_bug.cgi?id=2308617 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492 https://errata.almalinux.org/9/ALSA-2024-6754.html https://errata.rockylinux.org/RLSA-2024:6754 https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes https://github.com/libexpat/libexpat/issues/888 https://github.com/libexpat/libexpat/pull/891 https://linux.oracle.com/cve/CVE-2024-45491.html https://linux.oracle.com/errata/ELSA-2024-8859.html https://nvd.nist.gov/vuln/detail/CVE-2024-45491 https://ubuntu.com/security/notices/USN-7000-1 https://ubuntu.com/security/notices/USN-7000-2 https://ubuntu.com/security/notices/USN-7001-1 https://ubuntu.com/security/notices/USN-7001-2 https://www.cve.org/CVERecord?id=CVE-2024-45491 libexpat CVE-2024-45492 CRITICAL 2.6.0-r0 2.6.3-r0 https://access.redhat.com/errata/RHSA-2024:6754 https://access.redhat.com/security/cve/CVE-2024-45492 https://bugzilla.redhat.com/2308615 https://bugzilla.redhat.com/2308616 https://bugzilla.redhat.com/2308617 https://bugzilla.redhat.com/show_bug.cgi?id=2308615 https://bugzilla.redhat.com/show_bug.cgi?id=2308616 https://bugzilla.redhat.com/show_bug.cgi?id=2308617 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492 https://errata.almalinux.org/9/ALSA-2024-6754.html https://errata.rockylinux.org/RLSA-2024:6754 https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes https://github.com/libexpat/libexpat/issues/889 https://github.com/libexpat/libexpat/pull/892 https://linux.oracle.com/cve/CVE-2024-45492.html https://linux.oracle.com/errata/ELSA-2024-6989.html https://nvd.nist.gov/vuln/detail/CVE-2024-45492 https://ubuntu.com/security/notices/USN-7000-1 https://ubuntu.com/security/notices/USN-7000-2 https://www.cve.org/CVERecord?id=CVE-2024-45492 libexpat CVE-2024-28757 HIGH 2.6.0-r0 2.6.2-r0 http://www.openwall.com/lists/oss-security/2024/03/15/1 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2024-28757 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://errata.almalinux.org/9/ALSA-2024-1530.html https://github.com/libexpat/libexpat/issues/839 https://github.com/libexpat/libexpat/pull/842 https://linux.oracle.com/cve/CVE-2024-28757.html https://linux.oracle.com/errata/ELSA-2024-1530.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/ https://nvd.nist.gov/vuln/detail/CVE-2024-28757 https://security.netapp.com/advisory/ntap-20240322-0001/ https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2024-28757 libexpat CVE-2024-45490 HIGH 2.6.0-r0 2.6.3-r0 https://access.redhat.com/errata/RHSA-2024:6754 https://access.redhat.com/security/cve/CVE-2024-45490 https://bugzilla.redhat.com/2308615 https://bugzilla.redhat.com/2308616 https://bugzilla.redhat.com/2308617 https://bugzilla.redhat.com/show_bug.cgi?id=2308615 https://bugzilla.redhat.com/show_bug.cgi?id=2308616 https://bugzilla.redhat.com/show_bug.cgi?id=2308617 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492 https://errata.almalinux.org/9/ALSA-2024-6754.html https://errata.rockylinux.org/RLSA-2024:6754 https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes https://github.com/libexpat/libexpat/issues/887 https://github.com/libexpat/libexpat/pull/890 https://linux.oracle.com/cve/CVE-2024-45490.html https://linux.oracle.com/errata/ELSA-2024-6989.html https://nvd.nist.gov/vuln/detail/CVE-2024-45490 https://ubuntu.com/security/notices/USN-7000-1 https://ubuntu.com/security/notices/USN-7000-2 https://ubuntu.com/security/notices/USN-7001-1 https://ubuntu.com/security/notices/USN-7001-2 https://www.cve.org/CVERecord?id=CVE-2024-45490 libexpat CVE-2024-50602 MEDIUM 2.6.0-r0 2.6.4-r0 https://access.redhat.com/errata/RHSA-2024:9541 https://access.redhat.com/security/cve/CVE-2024-50602 https://bugzilla.redhat.com/2321987 https://errata.almalinux.org/9/ALSA-2024-9541.html https://github.com/libexpat/libexpat/pull/915 https://linux.oracle.com/cve/CVE-2024-50602.html https://linux.oracle.com/errata/ELSA-2024-9541.html https://nvd.nist.gov/vuln/detail/CVE-2024-50602 https://www.cve.org/CVERecord?id=CVE-2024-50602 libssl3 CVE-2024-4603 MEDIUM 3.1.4-r5 3.1.5-r0 https://access.redhat.com/security/cve/CVE-2024-4603 https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397 https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740 https://linux.oracle.com/cve/CVE-2024-4603.html https://linux.oracle.com/errata/ELSA-2024-9333.html https://nvd.nist.gov/vuln/detail/CVE-2024-4603 https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-4603 https://www.openssl.org/news/secadv/20240516.txt libssl3 CVE-2024-4741 MEDIUM 3.1.4-r5 3.1.6-r0 https://access.redhat.com/security/cve/CVE-2024-4741 https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177 https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8 https://github.openssl.org/openssl/extended-releases/commit/f7a045f3143fc6da2ee66bf52d8df04829590dd4 https://linux.oracle.com/cve/CVE-2024-4741.html https://linux.oracle.com/errata/ELSA-2024-9333.html https://nvd.nist.gov/vuln/detail/CVE-2024-4741 https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-4741 https://www.openssl.org/news/secadv/20240528.txt libssl3 CVE-2024-5535 MEDIUM 3.1.4-r5 3.1.6-r0 http://www.openwall.com/lists/oss-security/2024/06/27/1 http://www.openwall.com/lists/oss-security/2024/06/28/4 https://access.redhat.com/errata/RHSA-2024:7848 https://access.redhat.com/security/cve/CVE-2024-5535 https://bugzilla.redhat.com/2294581 https://bugzilla.redhat.com/show_bug.cgi?id=2294581 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535 https://errata.almalinux.org/8/ALSA-2024-7848.html https://errata.rockylinux.org/RLSA-2024:7848 https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37 https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87 https://linux.oracle.com/cve/CVE-2024-5535.html https://linux.oracle.com/errata/ELSA-2024-9333.html https://nvd.nist.gov/vuln/detail/CVE-2024-5535 https://openssl.org/news/secadv/20240627.txt https://security.netapp.com/advisory/ntap-20240712-0005/ https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-5535 https://www.openssl.org/news/secadv/20240627.txt https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL libssl3 CVE-2024-6119 MEDIUM 3.1.4-r5 3.1.7-r0 https://access.redhat.com/errata/RHSA-2024:8935 https://access.redhat.com/security/cve/CVE-2024-6119 https://bugzilla.redhat.com/2306158 https://bugzilla.redhat.com/show_bug.cgi?id=2306158 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6119 https://errata.almalinux.org/9/ALSA-2024-8935.html https://errata.rockylinux.org/RLSA-2024:6783 https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6 https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2 https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0 https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj https://linux.oracle.com/cve/CVE-2024-6119.html https://linux.oracle.com/errata/ELSA-2024-8935.html https://nvd.nist.gov/vuln/detail/CVE-2024-6119 https://openssl-library.org/news/secadv/20240903.txt https://ubuntu.com/security/notices/USN-6986-1 https://www.cve.org/CVERecord?id=CVE-2024-6119 libssl3 CVE-2024-2511 LOW 3.1.4-r5 3.1.4-r6 https://access.redhat.com/security/cve/CVE-2024-2511 https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08 https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640 https://linux.oracle.com/cve/CVE-2024-2511.html https://linux.oracle.com/errata/ELSA-2024-9333.html https://nvd.nist.gov/vuln/detail/CVE-2024-2511 https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-2511 https://www.openssl.org/news/secadv/20240408.txt https://www.openssl.org/news/vulnerabilities.html libssl3 CVE-2024-9143 LOW 3.1.4-r5 3.1.7-r1 https://access.redhat.com/security/cve/CVE-2024-9143 https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712 https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700 https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4 https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154 https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41 https://nvd.nist.gov/vuln/detail/CVE-2024-9143 https://openssl-library.org/news/secadv/20241016.txt https://www.cve.org/CVERecord?id=CVE-2024-9143 ssl_client CVE-2023-42363 MEDIUM 1.36.1-r15 1.36.1-r17 http://lists.busybox.net/pipermail/busybox/2024-May/090760.html https://access.redhat.com/security/cve/CVE-2023-42363 https://bugs.busybox.net/show_bug.cgi?id=15865 https://nvd.nist.gov/vuln/detail/CVE-2023-42363 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42363 ssl_client CVE-2023-42364 MEDIUM 1.36.1-r15 1.36.1-r19 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42364 https://bugs.busybox.net/show_bug.cgi?id=15868 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42364 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42364 ssl_client CVE-2023-42365 MEDIUM 1.36.1-r15 1.36.1-r19 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42365 https://bugs.busybox.net/show_bug.cgi?id=15871 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42365 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42365 ssl_client CVE-2023-42366 MEDIUM 1.36.1-r15 1.36.1-r16 https://access.redhat.com/security/cve/CVE-2023-42366 https://bugs.busybox.net/show_bug.cgi?id=15874 https://nvd.nist.gov/vuln/detail/CVE-2023-42366 https://www.cve.org/CVERecord?id=CVE-2023-42366 No Misconfigurations found python-pkg Package Vulnerability ID Severity Installed Version Fixed Version Links Jinja2 CVE-2024-34064 MEDIUM 3.1.3 3.1.4 https://access.redhat.com/errata/RHSA-2024:9150 https://access.redhat.com/security/cve/CVE-2024-34064 https://bugzilla.redhat.com/2279476 https://bugzilla.redhat.com/show_bug.cgi?id=2279476 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34064 https://errata.almalinux.org/9/ALSA-2024-9150.html https://errata.rockylinux.org/RLSA-2024:3820 https://github.com/pallets/jinja https://github.com/pallets/jinja/commit/0668239dc6b44ef38e7a6c9f91f312fd4ca581cb https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj https://linux.oracle.com/cve/CVE-2024-34064.html https://linux.oracle.com/errata/ELSA-2024-9150.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/567XIGSZMABG6TSMYWD7MIYNJSUQQRUC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/567XIGSZMABG6TSMYWD7MIYNJSUQQRUC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCLF44KY43BSVMTE6S53B4V5WP3FRRSE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCLF44KY43BSVMTE6S53B4V5WP3FRRSE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SSCBHIL6BYKR5NRCBXP4XMP2CEEKGFVS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SSCBHIL6BYKR5NRCBXP4XMP2CEEKGFVS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZALNWE3TXPPHVPSI3AZ5CTMSTAVN5UMS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZALNWE3TXPPHVPSI3AZ5CTMSTAVN5UMS/ https://nvd.nist.gov/vuln/detail/CVE-2024-34064 https://ubuntu.com/security/notices/USN-6787-1 https://www.cve.org/CVERecord?id=CVE-2024-34064 Werkzeug CVE-2024-34069 HIGH 3.0.1 3.0.3 https://access.redhat.com/security/cve/CVE-2024-34069 https://github.com/pallets/werkzeug https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692 https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4SH32AM3CTPMAAEOIDAN7VU565LO4IR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4SH32AM3CTPMAAEOIDAN7VU565LO4IR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFERFN7PINV4MOGMGA3DPIXJPDCYOEJZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFERFN7PINV4MOGMGA3DPIXJPDCYOEJZ/ https://nvd.nist.gov/vuln/detail/CVE-2024-34069 https://security.netapp.com/advisory/ntap-20240614-0004 https://security.netapp.com/advisory/ntap-20240614-0004/ https://ubuntu.com/security/notices/USN-6799-1 https://www.cve.org/CVERecord?id=CVE-2024-34069 Werkzeug CVE-2024-49766 MEDIUM 3.0.1 3.0.6 https://access.redhat.com/security/cve/CVE-2024-49766 https://github.com/pallets/werkzeug https://github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092 https://github.com/pallets/werkzeug/releases/tag/3.0.6 https://github.com/pallets/werkzeug/security/advisories/GHSA-f9vj-2wh5-fj8j https://nvd.nist.gov/vuln/detail/CVE-2024-49766 https://www.cve.org/CVERecord?id=CVE-2024-49766 Werkzeug CVE-2024-49767 MEDIUM 3.0.1 3.0.6 https://access.redhat.com/security/cve/CVE-2024-49767 https://github.com/pallets/quart/commit/5e78c4169b8eb66b91ead3e62d44721b9e1644ee https://github.com/pallets/werkzeug https://github.com/pallets/werkzeug/commit/50cfeebcb0727e18cc52ffbeb125f4a66551179b https://github.com/pallets/werkzeug/releases/tag/3.0.6 https://github.com/pallets/werkzeug/security/advisories/GHSA-q34m-jh98-gwm2 https://nvd.nist.gov/vuln/detail/CVE-2024-49767 https://ubuntu.com/security/notices/USN-7093-1 https://www.cve.org/CVERecord?id=CVE-2024-49767 certifi CVE-2024-39689 LOW 2024.2.2 2024.07.04 https://access.redhat.com/security/cve/CVE-2024-39689 https://github.com/certifi/python-certifi https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463 https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI https://nvd.nist.gov/vuln/detail/CVE-2024-39689 https://www.cve.org/CVERecord?id=CVE-2024-39689 dnspython CVE-2023-29483 MEDIUM 2.6.0 2.6.1 https://access.redhat.com/errata/RHSA-2024:9423 https://access.redhat.com/security/cve/CVE-2023-29483 https://bugzilla.redhat.com/2274520 https://bugzilla.redhat.com/show_bug.cgi?id=2274520 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29483 https://errata.almalinux.org/9/ALSA-2024-9423.html https://errata.rockylinux.org/RLSA-2024:3275 https://github.com/eventlet/eventlet https://github.com/eventlet/eventlet/commit/51e3c4928d4938beb576eff34f3bf97e6e64e6b4 https://github.com/eventlet/eventlet/issues/913 https://github.com/eventlet/eventlet/releases/tag/v0.35.2 https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2 https://github.com/rthalley/dnspython/issues/1045 https://github.com/rthalley/dnspython/releases/tag/v2.6.0 https://linux.oracle.com/cve/CVE-2023-29483.html https://linux.oracle.com/errata/ELSA-2024-9423.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF/ https://nvd.nist.gov/vuln/detail/CVE-2023-29483 https://security.netapp.com/advisory/ntap-20240510-0001 https://security.netapp.com/advisory/ntap-20240510-0001/ https://security.snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713 https://www.cve.org/CVERecord?id=CVE-2023-29483 https://www.dnspython.org https://www.dnspython.org/ https://www.dnspython.org/news/2.6.0rc1/ gunicorn CVE-2024-1135 HIGH 21.2.0 22.0.0 https://access.redhat.com/security/cve/CVE-2024-1135 https://github.com/advisories/GHSA-w3h3-4rj7-4ph4 https://github.com/benoitc/gunicorn https://github.com/benoitc/gunicorn/commit/ac29c9b0a758d21f1e0fb3b3457239e523fa9f1d https://github.com/benoitc/gunicorn/releases/tag/22.0.0 https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1 https://lists.debian.org/debian-lts-announce/2024/06/msg00027.html https://nvd.nist.gov/vuln/detail/CVE-2024-1135 https://www.cve.org/CVERecord?id=CVE-2024-1135 idna CVE-2024-3651 MEDIUM 3.6 3.7 https://access.redhat.com/errata/RHSA-2024:3846 https://access.redhat.com/security/cve/CVE-2024-3651 https://bugzilla.redhat.com/2274779 https://bugzilla.redhat.com/show_bug.cgi?id=2274779 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3651 https://errata.almalinux.org/9/ALSA-2024-3846.html https://errata.rockylinux.org/RLSA-2024:3846 https://github.com/kjd/idna https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d https://github.com/kjd/idna/security/advisories/GHSA-jjg7-2v4v-x38h https://github.com/pypa/advisory-database/tree/main/vulns/idna/PYSEC-2024-60.yaml https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb https://linux.oracle.com/cve/CVE-2024-3651.html https://linux.oracle.com/errata/ELSA-2024-8365.html https://nvd.nist.gov/vuln/detail/CVE-2024-3651 https://ubuntu.com/security/notices/USN-6780-1 https://www.cve.org/CVERecord?id=CVE-2024-3651 requests CVE-2024-35195 MEDIUM 2.31.0 2.32.0 https://access.redhat.com/security/cve/CVE-2024-35195 https://github.com/psf/requests https://github.com/psf/requests/commit/a58d7f2ffb4d00b46dca2d70a3932a0b37e22fac https://github.com/psf/requests/pull/6655 https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ/ https://nvd.nist.gov/vuln/detail/CVE-2024-35195 https://www.cve.org/CVERecord?id=CVE-2024-35195 setuptools CVE-2024-6345 HIGH 69.0.3 70.0.0 https://access.redhat.com/errata/RHSA-2024:6726 https://access.redhat.com/security/cve/CVE-2024-6345 https://bugzilla.redhat.com/2297771 https://bugzilla.redhat.com/show_bug.cgi?id=2297771 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345 https://errata.almalinux.org/9/ALSA-2024-6726.html https://errata.rockylinux.org/RLSA-2024:6726 https://github.com/pypa/setuptools https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0 https://github.com/pypa/setuptools/pull/4332 https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 https://linux.oracle.com/cve/CVE-2024-6345.html https://linux.oracle.com/errata/ELSA-2024-6726.html https://nvd.nist.gov/vuln/detail/CVE-2024-6345 https://ubuntu.com/security/notices/USN-7002-1 https://www.cve.org/CVERecord?id=CVE-2024-6345 urllib3 CVE-2024-37891 MEDIUM 2.2.1 1.26.19, 2.2.2 https://access.redhat.com/errata/RHSA-2024:9458 https://access.redhat.com/security/cve/CVE-2024-37891 https://bugzilla.redhat.com/2292788 https://bugzilla.redhat.com/show_bug.cgi?id=2292788 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37891 https://errata.almalinux.org/9/ALSA-2024-9458.html https://errata.rockylinux.org/RLSA-2024:8843 https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468 https://github.com/urllib3/urllib3/commit/accff72ecc2f6cf5a76d9570198a93ac7c90270e https://github.com/urllib3/urllib3/security/advisories/GHSA-34jh-p97f-mpxf https://linux.oracle.com/cve/CVE-2024-37891.html https://linux.oracle.com/errata/ELSA-2024-8843.html https://nvd.nist.gov/vuln/detail/CVE-2024-37891 https://ubuntu.com/security/notices/USN-7084-1 https://ubuntu.com/security/notices/USN-7084-2 https://www.cve.org/CVERecord?id=CVE-2024-37891 No Misconfigurations found