registry.gitlab.com/prod-manager/prod-manager:v0.11.0 (alpine 3.16.0) - Trivy Report - 2024-05-29 06:02:32.821263095 +0000 UTC m=+3.646249037 registry.gitlab.com/prod-manager/prod-manager:v0.11.0 (alpine 3.16.0) - Trivy Report - 2024-05-29 06:02:32.821297775 +0000 UTC m=+3.646283687 alpine Package Vulnerability ID Severity Installed Version Fixed Version Links busybox CVE-2022-30065 HIGH 1.35.0-r14 1.35.0-r15 https://access.redhat.com/security/cve/CVE-2022-30065 https://bugs.busybox.net/show_bug.cgi?id=14781 https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf https://nvd.nist.gov/vuln/detail/CVE-2022-30065 https://www.cve.org/CVERecord?id=CVE-2022-30065 busybox CVE-2023-42366 MEDIUM 1.35.0-r14 1.35.0-r18 https://access.redhat.com/security/cve/CVE-2023-42366 https://bugs.busybox.net/show_bug.cgi?id=15874 https://nvd.nist.gov/vuln/detail/CVE-2023-42366 https://www.cve.org/CVERecord?id=CVE-2023-42366 expat CVE-2022-40674 HIGH 2.4.8-r0 2.4.9-r0 https://access.redhat.com/errata/RHSA-2022:7020 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40674.json https://access.redhat.com/security/cve/CVE-2022-40674 https://blog.hartwork.org/posts/expat-2-4-9-released/ https://bugzilla.redhat.com/2130769 https://errata.almalinux.org/9/ALSA-2022-7020.html https://github.com/advisories/GHSA-2vq2-xc55-3j5m https://github.com/libexpat/libexpat/pull/629 https://github.com/libexpat/libexpat/pull/640 https://linux.oracle.com/cve/CVE-2022-40674.html https://linux.oracle.com/errata/ELSA-2022-9967.html https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/ https://nvd.nist.gov/vuln/detail/CVE-2022-40674 https://security.gentoo.org/glsa/202209-24 https://security.gentoo.org/glsa/202211-06 https://security.netapp.com/advisory/ntap-20221028-0008/ https://ubuntu.com/security/notices/USN-5638-1 https://ubuntu.com/security/notices/USN-5638-2 https://ubuntu.com/security/notices/USN-5638-4 https://ubuntu.com/security/notices/USN-5726-1 https://www.cve.org/CVERecord?id=CVE-2022-40674 https://www.debian.org/security/2022/dsa-5236 expat CVE-2022-43680 HIGH 2.4.8-r0 2.5.0-r0 http://www.openwall.com/lists/oss-security/2023/12/28/5 http://www.openwall.com/lists/oss-security/2024/01/03/5 https://access.redhat.com/errata/RHSA-2023:0337 https://access.redhat.com/security/cve/CVE-2022-43680 https://bugzilla.redhat.com/2140059 https://bugzilla.redhat.com/show_bug.cgi?id=2140059 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680 https://errata.almalinux.org/9/ALSA-2023-0337.html https://errata.rockylinux.org/RLSA-2023:0103 https://github.com/libexpat/libexpat/issues/649 https://github.com/libexpat/libexpat/pull/616 https://github.com/libexpat/libexpat/pull/650 https://linux.oracle.com/cve/CVE-2022-43680.html https://linux.oracle.com/errata/ELSA-2023-0337.html https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/ https://nvd.nist.gov/vuln/detail/CVE-2022-43680 https://security.gentoo.org/glsa/202210-38 https://security.netapp.com/advisory/ntap-20221118-0007/ https://ubuntu.com/security/notices/USN-5638-2 https://ubuntu.com/security/notices/USN-5638-3 https://ubuntu.com/security/notices/USN-5638-4 https://www.cve.org/CVERecord?id=CVE-2022-43680 https://www.debian.org/security/2022/dsa-5266 expat CVE-2023-52425 HIGH 2.4.8-r0 2.6.0-r0 http://www.openwall.com/lists/oss-security/2024/03/20/5 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2023-52425 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://bugzilla.redhat.com/show_bug.cgi?id=2262877 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52425 https://errata.almalinux.org/9/ALSA-2024-1530.html https://errata.rockylinux.org/RLSA-2024:1615 https://github.com/libexpat/libexpat/pull/789 https://linux.oracle.com/cve/CVE-2023-52425.html https://linux.oracle.com/errata/ELSA-2024-1615.html https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ https://nvd.nist.gov/vuln/detail/CVE-2023-52425 https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2023-52425 expat CVE-2024-28757 HIGH 2.4.8-r0 2.6.2-r0 http://www.openwall.com/lists/oss-security/2024/03/15/1 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2024-28757 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://errata.almalinux.org/9/ALSA-2024-1530.html https://github.com/libexpat/libexpat/issues/839 https://github.com/libexpat/libexpat/pull/842 https://linux.oracle.com/cve/CVE-2024-28757.html https://linux.oracle.com/errata/ELSA-2024-1530.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/ https://nvd.nist.gov/vuln/detail/CVE-2024-28757 https://security.netapp.com/advisory/ntap-20240322-0001/ https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2024-28757 expat CVE-2023-52426 MEDIUM 2.4.8-r0 2.6.0-r0 https://access.redhat.com/security/cve/CVE-2023-52426 https://cwe.mitre.org/data/definitions/776.html https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404 https://github.com/libexpat/libexpat/pull/777 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ https://nvd.nist.gov/vuln/detail/CVE-2023-52426 https://security.netapp.com/advisory/ntap-20240307-0005/ https://www.cve.org/CVERecord?id=CVE-2023-52426 krb5-libs CVE-2022-42898 HIGH 1.19.3-r0 1.19.4-r0 https://access.redhat.com/errata/RHSA-2022:8637 https://access.redhat.com/security/cve/CVE-2022-42898 https://bugzilla.redhat.com/2140960 https://bugzilla.redhat.com/show_bug.cgi?id=2140960 https://bugzilla.samba.org/show_bug.cgi?id=15203 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898 https://errata.almalinux.org/9/ALSA-2022-8637.html https://errata.rockylinux.org/RLSA-2022:8638 https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583 https://linux.oracle.com/cve/CVE-2022-42898.html https://linux.oracle.com/errata/ELSA-2023-12104.html https://mailman.mit.edu/pipermail/krbdev/2022-November/013576.html https://nvd.nist.gov/vuln/detail/CVE-2022-42898 https://security.gentoo.org/glsa/202309-06 https://security.gentoo.org/glsa/202310-06 https://security.netapp.com/advisory/ntap-20230216-0008/ https://security.netapp.com/advisory/ntap-20230223-0001/ https://ubuntu.com/security/notices/USN-5800-1 https://ubuntu.com/security/notices/USN-5822-1 https://ubuntu.com/security/notices/USN-5822-2 https://ubuntu.com/security/notices/USN-5828-1 https://ubuntu.com/security/notices/USN-5936-1 https://web.mit.edu/kerberos/advisories/ https://web.mit.edu/kerberos/krb5-1.19/ https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt https://www.cve.org/CVERecord?id=CVE-2022-42898 https://www.samba.org/samba/security/CVE-2022-42898.html libcom_err CVE-2022-1304 HIGH 1.46.5-r0 1.46.6-r0 https://access.redhat.com/errata/RHSA-2022:8361 https://access.redhat.com/security/cve/CVE-2022-1304 https://bugzilla.redhat.com/2069726 https://bugzilla.redhat.com/show_bug.cgi?id=2069726 https://bugzilla.redhat.com/show_bug.cgi?id=2083621 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304 https://errata.almalinux.org/9/ALSA-2022-8361.html https://errata.rockylinux.org/RLSA-2022:7720 https://linux.oracle.com/cve/CVE-2022-1304.html https://linux.oracle.com/errata/ELSA-2022-8361.html https://marc.info/?l=linux-ext4&m=165056234501732&w=2 https://nvd.nist.gov/vuln/detail/CVE-2022-1304 https://ubuntu.com/security/notices/USN-5464-1 https://www.cve.org/CVERecord?id=CVE-2022-1304 libcrypto1.1 CVE-2022-4450 HIGH 1.1.1q-r0 1.1.1t-r0 https://access.redhat.com/errata/RHSA-2023:2165 https://access.redhat.com/security/cve/CVE-2022-4450 https://bugzilla.redhat.com/1960321 https://bugzilla.redhat.com/2164440 https://bugzilla.redhat.com/2164487 https://bugzilla.redhat.com/2164492 https://bugzilla.redhat.com/2164494 https://bugzilla.redhat.com/show_bug.cgi?id=2164440 https://bugzilla.redhat.com/show_bug.cgi?id=2164487 https://bugzilla.redhat.com/show_bug.cgi?id=2164492 https://bugzilla.redhat.com/show_bug.cgi?id=2164494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286 https://errata.almalinux.org/9/ALSA-2023-2165.html https://errata.rockylinux.org/RLSA-2023:1405 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b https://linux.oracle.com/cve/CVE-2022-4450.html https://linux.oracle.com/errata/ELSA-2023-32791.html https://nvd.nist.gov/vuln/detail/CVE-2022-4450 https://rustsec.org/advisories/RUSTSEC-2023-0010.html https://security.gentoo.org/glsa/202402-08 https://ubuntu.com/security/notices/USN-5844-1 https://ubuntu.com/security/notices/USN-6564-1 https://www.cve.org/CVERecord?id=CVE-2022-4450 https://www.openssl.org/news/secadv/20230207.txt libcrypto1.1 CVE-2023-0215 HIGH 1.1.1q-r0 1.1.1t-r0 https://access.redhat.com/errata/RHSA-2023:2165 https://access.redhat.com/security/cve/CVE-2023-0215 https://bugzilla.redhat.com/1960321 https://bugzilla.redhat.com/2164440 https://bugzilla.redhat.com/2164487 https://bugzilla.redhat.com/2164492 https://bugzilla.redhat.com/2164494 https://bugzilla.redhat.com/show_bug.cgi?id=2164440 https://bugzilla.redhat.com/show_bug.cgi?id=2164487 https://bugzilla.redhat.com/show_bug.cgi?id=2164492 https://bugzilla.redhat.com/show_bug.cgi?id=2164494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286 https://errata.almalinux.org/9/ALSA-2023-2165.html https://errata.rockylinux.org/RLSA-2023:1405 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344 https://linux.oracle.com/cve/CVE-2023-0215.html https://linux.oracle.com/errata/ELSA-2023-32791.html https://nvd.nist.gov/vuln/detail/CVE-2023-0215 https://rustsec.org/advisories/RUSTSEC-2023-0009.html https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230427-0007 https://security.netapp.com/advisory/ntap-20230427-0007/ https://security.netapp.com/advisory/ntap-20230427-0009 https://security.netapp.com/advisory/ntap-20230427-0009/ https://ubuntu.com/security/notices/USN-5844-1 https://ubuntu.com/security/notices/USN-5845-1 https://ubuntu.com/security/notices/USN-5845-2 https://ubuntu.com/security/notices/USN-6564-1 https://www.cve.org/CVERecord?id=CVE-2023-0215 https://www.openssl.org/news/secadv/20230207.txt libcrypto1.1 CVE-2023-0286 HIGH 1.1.1q-r0 1.1.1t-r0 https://access.redhat.com/errata/RHSA-2023:2165 https://access.redhat.com/security/cve/CVE-2023-0286 https://access.redhat.com/security/cve/cve-2023-0286 https://bugzilla.redhat.com/1960321 https://bugzilla.redhat.com/2164440 https://bugzilla.redhat.com/2164487 https://bugzilla.redhat.com/2164492 https://bugzilla.redhat.com/2164494 https://bugzilla.redhat.com/show_bug.cgi?id=2164440 https://bugzilla.redhat.com/show_bug.cgi?id=2164487 https://bugzilla.redhat.com/show_bug.cgi?id=2164492 https://bugzilla.redhat.com/show_bug.cgi?id=2164494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286 https://errata.almalinux.org/9/ALSA-2023-2165.html https://errata.rockylinux.org/RLSA-2023:1405 https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d https://github.com/pyca/cryptography https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5 https://linux.oracle.com/cve/CVE-2023-0286.html https://linux.oracle.com/errata/ELSA-2023-32791.html https://nvd.nist.gov/vuln/detail/CVE-2023-0286 https://rustsec.org/advisories/RUSTSEC-2023-0006.html https://security.gentoo.org/glsa/202402-08 https://ubuntu.com/security/notices/USN-5844-1 https://ubuntu.com/security/notices/USN-5845-1 https://ubuntu.com/security/notices/USN-5845-2 https://ubuntu.com/security/notices/USN-6564-1 https://www.cve.org/CVERecord?id=CVE-2023-0286 https://www.openssl.org/news/secadv/20230207.txt libcrypto1.1 CVE-2023-0464 HIGH 1.1.1q-r0 1.1.1t-r1 https://access.redhat.com/errata/RHSA-2023:3722 https://access.redhat.com/security/cve/CVE-2023-0464 https://bugzilla.redhat.com/2181082 https://bugzilla.redhat.com/2182561 https://bugzilla.redhat.com/2182565 https://bugzilla.redhat.com/2188461 https://bugzilla.redhat.com/2207947 https://errata.almalinux.org/9/ALSA-2023-3722.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1 https://linux.oracle.com/cve/CVE-2023-0464.html https://linux.oracle.com/errata/ELSA-2023-3722.html https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html https://nvd.nist.gov/vuln/detail/CVE-2023-0464 https://security.gentoo.org/glsa/202402-08 https://ubuntu.com/security/notices/USN-6039-1 https://www.couchbase.com/alerts/ https://www.cve.org/CVERecord?id=CVE-2023-0464 https://www.debian.org/security/2023/dsa-5417 https://www.openssl.org/news/secadv/20230322.txt libcrypto1.1 CVE-2022-4304 MEDIUM 1.1.1q-r0 1.1.1t-r0 https://access.redhat.com/errata/RHSA-2023:2165 https://access.redhat.com/security/cve/CVE-2022-4304 https://bugzilla.redhat.com/1960321 https://bugzilla.redhat.com/2164440 https://bugzilla.redhat.com/2164487 https://bugzilla.redhat.com/2164492 https://bugzilla.redhat.com/2164494 https://bugzilla.redhat.com/show_bug.cgi?id=2164440 https://bugzilla.redhat.com/show_bug.cgi?id=2164487 https://bugzilla.redhat.com/show_bug.cgi?id=2164492 https://bugzilla.redhat.com/show_bug.cgi?id=2164494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286 https://errata.almalinux.org/9/ALSA-2023-2165.html https://errata.rockylinux.org/RLSA-2023:1405 https://linux.oracle.com/cve/CVE-2022-4304.html https://linux.oracle.com/errata/ELSA-2023-32791.html https://nvd.nist.gov/vuln/detail/CVE-2022-4304 https://rustsec.org/advisories/RUSTSEC-2023-0007.html https://security.gentoo.org/glsa/202402-08 https://ubuntu.com/security/notices/USN-5844-1 https://ubuntu.com/security/notices/USN-6564-1 https://www.cve.org/CVERecord?id=CVE-2022-4304 https://www.openssl.org/news/secadv/20230207.txt libcrypto1.1 CVE-2023-0465 MEDIUM 1.1.1q-r0 1.1.1t-r2 https://access.redhat.com/errata/RHSA-2023:3722 https://access.redhat.com/security/cve/CVE-2023-0465 https://bugzilla.redhat.com/2181082 https://bugzilla.redhat.com/2182561 https://bugzilla.redhat.com/2182565 https://bugzilla.redhat.com/2188461 https://bugzilla.redhat.com/2207947 https://errata.almalinux.org/9/ALSA-2023-3722.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c https://linux.oracle.com/cve/CVE-2023-0465.html https://linux.oracle.com/errata/ELSA-2023-3722.html https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html https://nvd.nist.gov/vuln/detail/CVE-2023-0465 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230414-0001/ https://ubuntu.com/security/notices/USN-6039-1 https://www.cve.org/CVERecord?id=CVE-2023-0465 https://www.debian.org/security/2023/dsa-5417 https://www.openssl.org/news/secadv/20230328.txt libcrypto1.1 CVE-2023-2650 MEDIUM 1.1.1q-r0 1.1.1u-r0 http://www.openwall.com/lists/oss-security/2023/05/30/1 https://access.redhat.com/errata/RHSA-2023:6330 https://access.redhat.com/security/cve/CVE-2023-2650 https://bugzilla.redhat.com/1858038 https://bugzilla.redhat.com/2207947 https://errata.almalinux.org/9/ALSA-2023-6330.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a https://linux.oracle.com/cve/CVE-2023-2650.html https://linux.oracle.com/errata/ELSA-2023-6330.html https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html https://nvd.nist.gov/vuln/detail/CVE-2023-2650 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230703-0001/ https://security.netapp.com/advisory/ntap-20231027-0009/ https://ubuntu.com/security/notices/USN-6119-1 https://ubuntu.com/security/notices/USN-6188-1 https://ubuntu.com/security/notices/USN-6672-1 https://www.cve.org/CVERecord?id=CVE-2023-2650 https://www.debian.org/security/2023/dsa-5417 https://www.openssl.org/news/secadv/20230530.txt libcrypto1.1 CVE-2023-3446 MEDIUM 1.1.1q-r0 1.1.1u-r2 http://www.openwall.com/lists/oss-security/2023/07/19/4 http://www.openwall.com/lists/oss-security/2023/07/19/5 http://www.openwall.com/lists/oss-security/2023/07/19/6 http://www.openwall.com/lists/oss-security/2023/07/31/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-3446 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://bugzilla.redhat.com/show_bug.cgi?id=2224962 https://bugzilla.redhat.com/show_bug.cgi?id=2257582 https://bugzilla.redhat.com/show_bug.cgi?id=2257583 https://bugzilla.redhat.com/show_bug.cgi?id=2258677 https://bugzilla.redhat.com/show_bug.cgi?id=2258688 https://bugzilla.redhat.com/show_bug.cgi?id=2258691 https://bugzilla.redhat.com/show_bug.cgi?id=2258694 https://bugzilla.redhat.com/show_bug.cgi?id=2258700 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36763 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36764 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45229 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45231 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45232 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45233 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45235 https://errata.almalinux.org/9/ALSA-2024-2447.html https://errata.rockylinux.org/RLSA-2024:2264 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23 https://linux.oracle.com/cve/CVE-2023-3446.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html https://nvd.nist.gov/vuln/detail/CVE-2023-3446 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230803-0011/ https://ubuntu.com/security/notices/USN-6435-1 https://ubuntu.com/security/notices/USN-6435-2 https://ubuntu.com/security/notices/USN-6450-1 https://ubuntu.com/security/notices/USN-6709-1 https://www.cve.org/CVERecord?id=CVE-2023-3446 https://www.openssl.org/news/secadv/20230719.txt libcrypto1.1 CVE-2023-3817 MEDIUM 1.1.1q-r0 1.1.1v-r0 http://seclists.org/fulldisclosure/2023/Jul/43 http://www.openwall.com/lists/oss-security/2023/07/31/1 http://www.openwall.com/lists/oss-security/2023/09/22/11 http://www.openwall.com/lists/oss-security/2023/09/22/9 http://www.openwall.com/lists/oss-security/2023/11/06/2 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-3817 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5 https://linux.oracle.com/cve/CVE-2023-3817.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html https://nvd.nist.gov/vuln/detail/CVE-2023-3817 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230818-0014/ https://security.netapp.com/advisory/ntap-20231027-0008/ https://ubuntu.com/security/notices/USN-6435-1 https://ubuntu.com/security/notices/USN-6435-2 https://ubuntu.com/security/notices/USN-6450-1 https://ubuntu.com/security/notices/USN-6709-1 https://www.cve.org/CVERecord?id=CVE-2023-3817 https://www.openssl.org/news/secadv/20230731.txt libcrypto1.1 CVE-2023-5678 MEDIUM 1.1.1q-r0 1.1.1w-r1 http://www.openwall.com/lists/oss-security/2024/03/11/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-5678 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6 https://linux.oracle.com/cve/CVE-2023-5678.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2023-5678 https://security.netapp.com/advisory/ntap-20231130-0010/ https://ubuntu.com/security/notices/USN-6622-1 https://ubuntu.com/security/notices/USN-6632-1 https://ubuntu.com/security/notices/USN-6709-1 https://www.cve.org/CVERecord?id=CVE-2023-5678 https://www.openssl.org/news/secadv/20231106.txt libssl1.1 CVE-2022-4450 HIGH 1.1.1q-r0 1.1.1t-r0 https://access.redhat.com/errata/RHSA-2023:2165 https://access.redhat.com/security/cve/CVE-2022-4450 https://bugzilla.redhat.com/1960321 https://bugzilla.redhat.com/2164440 https://bugzilla.redhat.com/2164487 https://bugzilla.redhat.com/2164492 https://bugzilla.redhat.com/2164494 https://bugzilla.redhat.com/show_bug.cgi?id=2164440 https://bugzilla.redhat.com/show_bug.cgi?id=2164487 https://bugzilla.redhat.com/show_bug.cgi?id=2164492 https://bugzilla.redhat.com/show_bug.cgi?id=2164494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286 https://errata.almalinux.org/9/ALSA-2023-2165.html https://errata.rockylinux.org/RLSA-2023:1405 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bbcf509bd046b34cca19c766bbddc31683d0858b https://linux.oracle.com/cve/CVE-2022-4450.html https://linux.oracle.com/errata/ELSA-2023-32791.html https://nvd.nist.gov/vuln/detail/CVE-2022-4450 https://rustsec.org/advisories/RUSTSEC-2023-0010.html https://security.gentoo.org/glsa/202402-08 https://ubuntu.com/security/notices/USN-5844-1 https://ubuntu.com/security/notices/USN-6564-1 https://www.cve.org/CVERecord?id=CVE-2022-4450 https://www.openssl.org/news/secadv/20230207.txt libssl1.1 CVE-2023-0215 HIGH 1.1.1q-r0 1.1.1t-r0 https://access.redhat.com/errata/RHSA-2023:2165 https://access.redhat.com/security/cve/CVE-2023-0215 https://bugzilla.redhat.com/1960321 https://bugzilla.redhat.com/2164440 https://bugzilla.redhat.com/2164487 https://bugzilla.redhat.com/2164492 https://bugzilla.redhat.com/2164494 https://bugzilla.redhat.com/show_bug.cgi?id=2164440 https://bugzilla.redhat.com/show_bug.cgi?id=2164487 https://bugzilla.redhat.com/show_bug.cgi?id=2164492 https://bugzilla.redhat.com/show_bug.cgi?id=2164494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286 https://errata.almalinux.org/9/ALSA-2023-2165.html https://errata.rockylinux.org/RLSA-2023:1405 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344 https://linux.oracle.com/cve/CVE-2023-0215.html https://linux.oracle.com/errata/ELSA-2023-32791.html https://nvd.nist.gov/vuln/detail/CVE-2023-0215 https://rustsec.org/advisories/RUSTSEC-2023-0009.html https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230427-0007 https://security.netapp.com/advisory/ntap-20230427-0007/ https://security.netapp.com/advisory/ntap-20230427-0009 https://security.netapp.com/advisory/ntap-20230427-0009/ https://ubuntu.com/security/notices/USN-5844-1 https://ubuntu.com/security/notices/USN-5845-1 https://ubuntu.com/security/notices/USN-5845-2 https://ubuntu.com/security/notices/USN-6564-1 https://www.cve.org/CVERecord?id=CVE-2023-0215 https://www.openssl.org/news/secadv/20230207.txt libssl1.1 CVE-2023-0286 HIGH 1.1.1q-r0 1.1.1t-r0 https://access.redhat.com/errata/RHSA-2023:2165 https://access.redhat.com/security/cve/CVE-2023-0286 https://access.redhat.com/security/cve/cve-2023-0286 https://bugzilla.redhat.com/1960321 https://bugzilla.redhat.com/2164440 https://bugzilla.redhat.com/2164487 https://bugzilla.redhat.com/2164492 https://bugzilla.redhat.com/2164494 https://bugzilla.redhat.com/show_bug.cgi?id=2164440 https://bugzilla.redhat.com/show_bug.cgi?id=2164487 https://bugzilla.redhat.com/show_bug.cgi?id=2164492 https://bugzilla.redhat.com/show_bug.cgi?id=2164494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286 https://errata.almalinux.org/9/ALSA-2023-2165.html https://errata.rockylinux.org/RLSA-2023:1405 https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d https://github.com/pyca/cryptography https://github.com/pyca/cryptography/security/advisories/GHSA-x4qr-2fvf-3mr5 https://linux.oracle.com/cve/CVE-2023-0286.html https://linux.oracle.com/errata/ELSA-2023-32791.html https://nvd.nist.gov/vuln/detail/CVE-2023-0286 https://rustsec.org/advisories/RUSTSEC-2023-0006.html https://security.gentoo.org/glsa/202402-08 https://ubuntu.com/security/notices/USN-5844-1 https://ubuntu.com/security/notices/USN-5845-1 https://ubuntu.com/security/notices/USN-5845-2 https://ubuntu.com/security/notices/USN-6564-1 https://www.cve.org/CVERecord?id=CVE-2023-0286 https://www.openssl.org/news/secadv/20230207.txt libssl1.1 CVE-2023-0464 HIGH 1.1.1q-r0 1.1.1t-r1 https://access.redhat.com/errata/RHSA-2023:3722 https://access.redhat.com/security/cve/CVE-2023-0464 https://bugzilla.redhat.com/2181082 https://bugzilla.redhat.com/2182561 https://bugzilla.redhat.com/2182565 https://bugzilla.redhat.com/2188461 https://bugzilla.redhat.com/2207947 https://errata.almalinux.org/9/ALSA-2023-3722.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1 https://linux.oracle.com/cve/CVE-2023-0464.html https://linux.oracle.com/errata/ELSA-2023-3722.html https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html https://nvd.nist.gov/vuln/detail/CVE-2023-0464 https://security.gentoo.org/glsa/202402-08 https://ubuntu.com/security/notices/USN-6039-1 https://www.couchbase.com/alerts/ https://www.cve.org/CVERecord?id=CVE-2023-0464 https://www.debian.org/security/2023/dsa-5417 https://www.openssl.org/news/secadv/20230322.txt libssl1.1 CVE-2022-4304 MEDIUM 1.1.1q-r0 1.1.1t-r0 https://access.redhat.com/errata/RHSA-2023:2165 https://access.redhat.com/security/cve/CVE-2022-4304 https://bugzilla.redhat.com/1960321 https://bugzilla.redhat.com/2164440 https://bugzilla.redhat.com/2164487 https://bugzilla.redhat.com/2164492 https://bugzilla.redhat.com/2164494 https://bugzilla.redhat.com/show_bug.cgi?id=2164440 https://bugzilla.redhat.com/show_bug.cgi?id=2164487 https://bugzilla.redhat.com/show_bug.cgi?id=2164492 https://bugzilla.redhat.com/show_bug.cgi?id=2164494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286 https://errata.almalinux.org/9/ALSA-2023-2165.html https://errata.rockylinux.org/RLSA-2023:1405 https://linux.oracle.com/cve/CVE-2022-4304.html https://linux.oracle.com/errata/ELSA-2023-32791.html https://nvd.nist.gov/vuln/detail/CVE-2022-4304 https://rustsec.org/advisories/RUSTSEC-2023-0007.html https://security.gentoo.org/glsa/202402-08 https://ubuntu.com/security/notices/USN-5844-1 https://ubuntu.com/security/notices/USN-6564-1 https://www.cve.org/CVERecord?id=CVE-2022-4304 https://www.openssl.org/news/secadv/20230207.txt libssl1.1 CVE-2023-0465 MEDIUM 1.1.1q-r0 1.1.1t-r2 https://access.redhat.com/errata/RHSA-2023:3722 https://access.redhat.com/security/cve/CVE-2023-0465 https://bugzilla.redhat.com/2181082 https://bugzilla.redhat.com/2182561 https://bugzilla.redhat.com/2182565 https://bugzilla.redhat.com/2188461 https://bugzilla.redhat.com/2207947 https://errata.almalinux.org/9/ALSA-2023-3722.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c https://linux.oracle.com/cve/CVE-2023-0465.html https://linux.oracle.com/errata/ELSA-2023-3722.html https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html https://nvd.nist.gov/vuln/detail/CVE-2023-0465 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230414-0001/ https://ubuntu.com/security/notices/USN-6039-1 https://www.cve.org/CVERecord?id=CVE-2023-0465 https://www.debian.org/security/2023/dsa-5417 https://www.openssl.org/news/secadv/20230328.txt libssl1.1 CVE-2023-2650 MEDIUM 1.1.1q-r0 1.1.1u-r0 http://www.openwall.com/lists/oss-security/2023/05/30/1 https://access.redhat.com/errata/RHSA-2023:6330 https://access.redhat.com/security/cve/CVE-2023-2650 https://bugzilla.redhat.com/1858038 https://bugzilla.redhat.com/2207947 https://errata.almalinux.org/9/ALSA-2023-6330.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a https://linux.oracle.com/cve/CVE-2023-2650.html https://linux.oracle.com/errata/ELSA-2023-6330.html https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html https://nvd.nist.gov/vuln/detail/CVE-2023-2650 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230703-0001/ https://security.netapp.com/advisory/ntap-20231027-0009/ https://ubuntu.com/security/notices/USN-6119-1 https://ubuntu.com/security/notices/USN-6188-1 https://ubuntu.com/security/notices/USN-6672-1 https://www.cve.org/CVERecord?id=CVE-2023-2650 https://www.debian.org/security/2023/dsa-5417 https://www.openssl.org/news/secadv/20230530.txt libssl1.1 CVE-2023-3446 MEDIUM 1.1.1q-r0 1.1.1u-r2 http://www.openwall.com/lists/oss-security/2023/07/19/4 http://www.openwall.com/lists/oss-security/2023/07/19/5 http://www.openwall.com/lists/oss-security/2023/07/19/6 http://www.openwall.com/lists/oss-security/2023/07/31/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-3446 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://bugzilla.redhat.com/show_bug.cgi?id=2224962 https://bugzilla.redhat.com/show_bug.cgi?id=2257582 https://bugzilla.redhat.com/show_bug.cgi?id=2257583 https://bugzilla.redhat.com/show_bug.cgi?id=2258677 https://bugzilla.redhat.com/show_bug.cgi?id=2258688 https://bugzilla.redhat.com/show_bug.cgi?id=2258691 https://bugzilla.redhat.com/show_bug.cgi?id=2258694 https://bugzilla.redhat.com/show_bug.cgi?id=2258700 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36763 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36764 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45229 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45231 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45232 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45233 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45235 https://errata.almalinux.org/9/ALSA-2024-2447.html https://errata.rockylinux.org/RLSA-2024:2264 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23 https://linux.oracle.com/cve/CVE-2023-3446.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html https://nvd.nist.gov/vuln/detail/CVE-2023-3446 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230803-0011/ https://ubuntu.com/security/notices/USN-6435-1 https://ubuntu.com/security/notices/USN-6435-2 https://ubuntu.com/security/notices/USN-6450-1 https://ubuntu.com/security/notices/USN-6709-1 https://www.cve.org/CVERecord?id=CVE-2023-3446 https://www.openssl.org/news/secadv/20230719.txt libssl1.1 CVE-2023-3817 MEDIUM 1.1.1q-r0 1.1.1v-r0 http://seclists.org/fulldisclosure/2023/Jul/43 http://www.openwall.com/lists/oss-security/2023/07/31/1 http://www.openwall.com/lists/oss-security/2023/09/22/11 http://www.openwall.com/lists/oss-security/2023/09/22/9 http://www.openwall.com/lists/oss-security/2023/11/06/2 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-3817 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5 https://linux.oracle.com/cve/CVE-2023-3817.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html https://nvd.nist.gov/vuln/detail/CVE-2023-3817 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230818-0014/ https://security.netapp.com/advisory/ntap-20231027-0008/ https://ubuntu.com/security/notices/USN-6435-1 https://ubuntu.com/security/notices/USN-6435-2 https://ubuntu.com/security/notices/USN-6450-1 https://ubuntu.com/security/notices/USN-6709-1 https://www.cve.org/CVERecord?id=CVE-2023-3817 https://www.openssl.org/news/secadv/20230731.txt libssl1.1 CVE-2023-5678 MEDIUM 1.1.1q-r0 1.1.1w-r1 http://www.openwall.com/lists/oss-security/2024/03/11/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-5678 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6 https://linux.oracle.com/cve/CVE-2023-5678.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2023-5678 https://security.netapp.com/advisory/ntap-20231130-0010/ https://ubuntu.com/security/notices/USN-6622-1 https://ubuntu.com/security/notices/USN-6632-1 https://ubuntu.com/security/notices/USN-6709-1 https://www.cve.org/CVERecord?id=CVE-2023-5678 https://www.openssl.org/news/secadv/20231106.txt libtirpc CVE-2021-46828 HIGH 1.3.2-r0 1.3.2-r1 http://git.linux-nfs.org/?p=steved/libtirpc.git%3Ba=commit%3Bh=86529758570cef4c73fb9b9c4104fdc510f701ed https://access.redhat.com/errata/RHSA-2022:8400 https://access.redhat.com/security/cve/CVE-2021-46828 https://bugzilla.redhat.com/2109352 https://bugzilla.redhat.com/show_bug.cgi?id=2109352 https://bugzilla.redhat.com/show_bug.cgi?id=2118157 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828 https://errata.almalinux.org/9/ALSA-2022-8400.html https://errata.rockylinux.org/RLSA-2022:8400 https://linux.oracle.com/cve/CVE-2021-46828.html https://linux.oracle.com/errata/ELSA-2022-8400.html https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html https://nvd.nist.gov/vuln/detail/CVE-2021-46828 https://security.gentoo.org/glsa/202210-33 https://security.netapp.com/advisory/ntap-20221007-0004/ https://ubuntu.com/security/notices/USN-5538-1 https://www.cve.org/CVERecord?id=CVE-2021-46828 https://www.debian.org/security/2022/dsa-5200 libtirpc-conf CVE-2021-46828 HIGH 1.3.2-r0 1.3.2-r1 http://git.linux-nfs.org/?p=steved/libtirpc.git%3Ba=commit%3Bh=86529758570cef4c73fb9b9c4104fdc510f701ed https://access.redhat.com/errata/RHSA-2022:8400 https://access.redhat.com/security/cve/CVE-2021-46828 https://bugzilla.redhat.com/2109352 https://bugzilla.redhat.com/show_bug.cgi?id=2109352 https://bugzilla.redhat.com/show_bug.cgi?id=2118157 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828 https://errata.almalinux.org/9/ALSA-2022-8400.html https://errata.rockylinux.org/RLSA-2022:8400 https://linux.oracle.com/cve/CVE-2021-46828.html https://linux.oracle.com/errata/ELSA-2022-8400.html https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html https://nvd.nist.gov/vuln/detail/CVE-2021-46828 https://security.gentoo.org/glsa/202210-33 https://security.netapp.com/advisory/ntap-20221007-0004/ https://ubuntu.com/security/notices/USN-5538-1 https://www.cve.org/CVERecord?id=CVE-2021-46828 https://www.debian.org/security/2022/dsa-5200 ncurses-libs CVE-2023-29491 HIGH 6.3_p20220521-r0 6.3_p20220521-r1 http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56 http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56 http://www.openwall.com/lists/oss-security/2023/04/19/10 http://www.openwall.com/lists/oss-security/2023/04/19/11 https://access.redhat.com/errata/RHSA-2023:6698 https://access.redhat.com/security/cve/CVE-2023-29491 https://bugzilla.redhat.com/2191704 https://errata.almalinux.org/9/ALSA-2023-6698.html https://invisible-island.net/ncurses/NEWS.html#index-t20230408 https://linux.oracle.com/cve/CVE-2023-29491.html https://linux.oracle.com/errata/ELSA-2023-6698.html https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/ https://nvd.nist.gov/vuln/detail/CVE-2023-29491 https://security.netapp.com/advisory/ntap-20230517-0009/ https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845 https://ubuntu.com/security/notices/USN-6099-1 https://www.cve.org/CVERecord?id=CVE-2023-29491 https://www.openwall.com/lists/oss-security/2023/04/12/5 https://www.openwall.com/lists/oss-security/2023/04/13/4 ncurses-terminfo-base CVE-2023-29491 HIGH 6.3_p20220521-r0 6.3_p20220521-r1 http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56 http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56 http://www.openwall.com/lists/oss-security/2023/04/19/10 http://www.openwall.com/lists/oss-security/2023/04/19/11 https://access.redhat.com/errata/RHSA-2023:6698 https://access.redhat.com/security/cve/CVE-2023-29491 https://bugzilla.redhat.com/2191704 https://errata.almalinux.org/9/ALSA-2023-6698.html https://invisible-island.net/ncurses/NEWS.html#index-t20230408 https://linux.oracle.com/cve/CVE-2023-29491.html https://linux.oracle.com/errata/ELSA-2023-6698.html https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/ https://nvd.nist.gov/vuln/detail/CVE-2023-29491 https://security.netapp.com/advisory/ntap-20230517-0009/ https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845 https://ubuntu.com/security/notices/USN-6099-1 https://www.cve.org/CVERecord?id=CVE-2023-29491 https://www.openwall.com/lists/oss-security/2023/04/12/5 https://www.openwall.com/lists/oss-security/2023/04/13/4 sqlite-libs CVE-2023-7104 HIGH 3.38.5-r0 3.40.1-r1 https://access.redhat.com/errata/RHSA-2024:0465 https://access.redhat.com/security/cve/CVE-2023-7104 https://bugzilla.redhat.com/2256194 https://bugzilla.redhat.com/show_bug.cgi?id=2256194 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7104 https://errata.almalinux.org/9/ALSA-2024-0465.html https://errata.rockylinux.org/RLSA-2024:0253 https://linux.oracle.com/cve/CVE-2023-7104.html https://linux.oracle.com/errata/ELSA-2024-0465.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/ https://nvd.nist.gov/vuln/detail/CVE-2023-7104 https://security.netapp.com/advisory/ntap-20240112-0008/ https://sqlite.org/forum/forumpost/5bcbf4571c https://sqlite.org/src/info/0e4e7a05c4204b47 https://ubuntu.com/security/notices/USN-6566-1 https://vuldb.com/?ctiid.248999 https://vuldb.com/?id.248999 https://www.cve.org/CVERecord?id=CVE-2023-7104 ssl_client CVE-2022-30065 HIGH 1.35.0-r14 1.35.0-r15 https://access.redhat.com/security/cve/CVE-2022-30065 https://bugs.busybox.net/show_bug.cgi?id=14781 https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf https://nvd.nist.gov/vuln/detail/CVE-2022-30065 https://www.cve.org/CVERecord?id=CVE-2022-30065 ssl_client CVE-2023-42366 MEDIUM 1.35.0-r14 1.35.0-r18 https://access.redhat.com/security/cve/CVE-2023-42366 https://bugs.busybox.net/show_bug.cgi?id=15874 https://nvd.nist.gov/vuln/detail/CVE-2023-42366 https://www.cve.org/CVERecord?id=CVE-2023-42366 zlib CVE-2022-37434 CRITICAL 1.2.12-r1 1.2.12-r2 http://seclists.org/fulldisclosure/2022/Oct/37 http://seclists.org/fulldisclosure/2022/Oct/38 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/42 http://www.openwall.com/lists/oss-security/2022/08/05/2 http://www.openwall.com/lists/oss-security/2022/08/09/1 https://access.redhat.com/errata/RHSA-2022:8291 https://access.redhat.com/security/cve/CVE-2022-37434 https://bugzilla.redhat.com/2116639 https://bugzilla.redhat.com/show_bug.cgi?id=2043753 https://bugzilla.redhat.com/show_bug.cgi?id=2116639 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434 https://errata.almalinux.org/9/ALSA-2022-8291.html https://errata.rockylinux.org/RLSA-2022:7793 https://github.com/curl/curl/issues/9271 https://github.com/ivd38/zlib_overflow https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063 https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1 https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764 https://linux.oracle.com/cve/CVE-2022-37434.html https://linux.oracle.com/errata/ELSA-2023-1095.html https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/ https://nvd.nist.gov/vuln/detail/CVE-2022-37434 https://security.netapp.com/advisory/ntap-20220901-0005/ https://security.netapp.com/advisory/ntap-20230427-0007/ https://support.apple.com/kb/HT213488 https://support.apple.com/kb/HT213489 https://support.apple.com/kb/HT213490 https://support.apple.com/kb/HT213491 https://support.apple.com/kb/HT213493 https://support.apple.com/kb/HT213494 https://ubuntu.com/security/notices/USN-5570-1 https://ubuntu.com/security/notices/USN-5570-2 https://ubuntu.com/security/notices/USN-5573-1 https://ubuntu.com/security/notices/USN-6736-1 https://ubuntu.com/security/notices/USN-6736-2 https://www.cve.org/CVERecord?id=CVE-2022-37434 https://www.debian.org/security/2022/dsa-5218 No Misconfigurations found python-pkg Package Vulnerability ID Severity Installed Version Fixed Version Links Flask CVE-2023-30861 HIGH 2.1.2 2.3.2, 2.2.5 https://access.redhat.com/security/cve/CVE-2023-30861 https://github.com/pallets/flask https://github.com/pallets/flask/commit/70f906c51ce49c485f1d355703e9cc3386b1cc2b https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d (2.2.5) https://github.com/pallets/flask/commit/8705dd39c4fa563ea0fe0bf84c85da8fcc98b88d (2.3.2) https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965 https://github.com/pallets/flask/releases/tag/2.2.5 https://github.com/pallets/flask/releases/tag/2.3.2 https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq https://github.com/pypa/advisory-database/tree/main/vulns/flask/PYSEC-2023-62.yaml https://linux.oracle.com/cve/CVE-2023-30861.html https://linux.oracle.com/errata/ELSA-2023-12710.html https://lists.debian.org/debian-lts-announce/2023/08/msg00024.html https://nvd.nist.gov/vuln/detail/CVE-2023-30861 https://security.netapp.com/advisory/ntap-20230818-0006 https://security.netapp.com/advisory/ntap-20230818-0006/ https://ubuntu.com/security/notices/USN-6111-1 https://www.cve.org/CVERecord?id=CVE-2023-30861 https://www.debian.org/security/2023/dsa-5442 Jinja2 CVE-2024-22195 MEDIUM 3.1.2 3.1.3 https://access.redhat.com/errata/RHSA-2024:2348 https://access.redhat.com/security/cve/CVE-2024-22195 https://bugzilla.redhat.com/2257854 https://errata.almalinux.org/9/ALSA-2024-2348.html https://github.com/pallets/jinja https://github.com/pallets/jinja/commit/716795349a41d4983a9a4771f7d883c96ea17be7 https://github.com/pallets/jinja/releases/tag/3.1.3 https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95 https://linux.oracle.com/cve/CVE-2024-22195.html https://linux.oracle.com/errata/ELSA-2024-2348.html https://lists.debian.org/debian-lts-announce/2024/01/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3/ https://nvd.nist.gov/vuln/detail/CVE-2024-22195 https://ubuntu.com/security/notices/USN-6599-1 https://www.cve.org/CVERecord?id=CVE-2024-22195 Jinja2 CVE-2024-34064 MEDIUM 3.1.2 3.1.4 https://access.redhat.com/security/cve/CVE-2024-34064 https://github.com/pallets/jinja https://github.com/pallets/jinja/commit/0668239dc6b44ef38e7a6c9f91f312fd4ca581cb https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj https://nvd.nist.gov/vuln/detail/CVE-2024-34064 https://www.cve.org/CVERecord?id=CVE-2024-34064 Mako CVE-2022-40023 HIGH 1.2.1 1.2.2 https://access.redhat.com/errata/RHSA-2023:2258 https://access.redhat.com/security/cve/CVE-2022-40023 https://bugzilla.redhat.com/2128977 https://errata.almalinux.org/9/ALSA-2023-2258.html https://github.com/pypa/advisory-database/tree/main/vulns/mako/PYSEC-2022-260.yaml https://github.com/sqlalchemy/mako https://github.com/sqlalchemy/mako/blob/c2f392e0be52dc67d1b9770ab8cce6a9c736d547/mako/ext/extract.py#L21 https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c (rel_1_2_2) https://github.com/sqlalchemy/mako/issues/366 https://linux.oracle.com/cve/CVE-2022-40023.html https://linux.oracle.com/errata/ELSA-2023-2893.html https://lists.debian.org/debian-lts-announce/2022/09/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2022-40023 https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/ https://pyup.io/vulnerabilities/CVE-2022-40023/50870 https://pyup.io/vulnerabilities/CVE-2022-40023/50870/ https://ubuntu.com/security/notices/USN-5625-1 https://ubuntu.com/security/notices/USN-5625-2 https://www.cve.org/CVERecord?id=CVE-2022-40023 Werkzeug CVE-2023-25577 HIGH 2.1.2 2.2.3 https://access.redhat.com/security/cve/CVE-2023-25577 https://github.com/pallets/werkzeug https://github.com/pallets/werkzeug/commit/517cac5a804e8c4dc4ed038bb20dacd038e7a9f1 https://github.com/pallets/werkzeug/releases/tag/2.2.3 https://github.com/pallets/werkzeug/security/advisories/GHSA-xg9f-g7g7-2323 https://linux.oracle.com/cve/CVE-2023-25577.html https://linux.oracle.com/errata/ELSA-2023-12709.html https://nvd.nist.gov/vuln/detail/CVE-2023-25577 https://security.netapp.com/advisory/ntap-20230818-0003 https://security.netapp.com/advisory/ntap-20230818-0003/ https://ubuntu.com/security/notices/USN-5948-1 https://ubuntu.com/security/notices/USN-5948-2 https://www.cve.org/CVERecord?id=CVE-2023-25577 https://www.debian.org/security/2023/dsa-5470 Werkzeug CVE-2024-34069 HIGH 2.1.2 3.0.3 https://access.redhat.com/security/cve/CVE-2024-34069 https://github.com/pallets/werkzeug https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692 https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985 https://nvd.nist.gov/vuln/detail/CVE-2024-34069 https://www.cve.org/CVERecord?id=CVE-2024-34069 Werkzeug CVE-2023-46136 MEDIUM 2.1.2 3.0.1, 2.3.8 https://access.redhat.com/security/cve/CVE-2023-46136 https://github.com/pallets/werkzeug https://github.com/pallets/werkzeug/commit/b1916c0c083e0be1c9d887ee2f3d696922bfc5c1 https://github.com/pallets/werkzeug/commit/f2300208d5e2a5076cbbb4c2aad71096fd040ef9 https://github.com/pallets/werkzeug/commit/f3c803b3ade485a45f12b6d6617595350c0f03e2 https://github.com/pallets/werkzeug/security/advisories/GHSA-hrfv-mqp8-q5rw https://github.com/pypa/advisory-database/tree/main/vulns/werkzeug/PYSEC-2023-221.yaml https://nvd.nist.gov/vuln/detail/CVE-2023-46136 https://security.netapp.com/advisory/ntap-20231124-0008 https://security.netapp.com/advisory/ntap-20231124-0008/ https://www.cve.org/CVERecord?id=CVE-2023-46136 Werkzeug CVE-2023-23934 LOW 2.1.2 2.2.3 https://access.redhat.com/security/cve/CVE-2023-23934 https://github.com/pallets/werkzeug https://github.com/pallets/werkzeug/commit/cf275f42acad1b5950c50ffe8ef58fe62cdce028 https://github.com/pallets/werkzeug/releases/tag/2.2.3 https://github.com/pallets/werkzeug/security/advisories/GHSA-px8h-6qxv-m22q https://linux.oracle.com/cve/CVE-2023-23934.html https://linux.oracle.com/errata/ELSA-2023-12709.html https://nvd.nist.gov/vuln/detail/CVE-2023-23934 https://security.netapp.com/advisory/ntap-20230818-0003 https://security.netapp.com/advisory/ntap-20230818-0003/ https://ubuntu.com/security/notices/USN-5948-1 https://ubuntu.com/security/notices/USN-5948-2 https://www.cve.org/CVERecord?id=CVE-2023-23934 https://www.debian.org/security/2023/dsa-5470 certifi CVE-2023-37920 HIGH 2022.6.15 2023.7.22 https://access.redhat.com/errata/RHSA-2023:7753 https://access.redhat.com/security/cve/CVE-2023-37920 https://bugzilla.redhat.com/2226586 https://bugzilla.redhat.com/2242493 https://errata.almalinux.org/9/ALSA-2023-7753.html https://github.com/certifi/python-certifi https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909 https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7 https://github.com/pypa/advisory-database/tree/main/vulns/certifi/PYSEC-2023-135.yaml https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A https://linux.oracle.com/cve/CVE-2023-37920.html https://linux.oracle.com/errata/ELSA-2024-0133.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG/ https://nvd.nist.gov/vuln/detail/CVE-2023-37920 https://www.cve.org/CVERecord?id=CVE-2023-37920 certifi CVE-2022-23491 MEDIUM 2022.6.15 2022.12.07 https://access.redhat.com/security/cve/CVE-2022-23491 https://github.com/certifi/python-certifi https://github.com/certifi/python-certifi/commit/9e9e840925d7b8e76c76fdac1fab7e6e88c1c3b8 https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8 https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ https://nvd.nist.gov/vuln/detail/CVE-2022-23491 https://ubuntu.com/security/notices/USN-5761-1 https://ubuntu.com/security/notices/USN-5761-2 https://www.cve.org/CVERecord?id=CVE-2022-23491 dnspython CVE-2023-29483 MEDIUM 2.2.1 2.6.1 https://access.redhat.com/security/cve/CVE-2023-29483 https://github.com/eventlet/eventlet https://github.com/eventlet/eventlet/commit/51e3c4928d4938beb576eff34f3bf97e6e64e6b4 https://github.com/eventlet/eventlet/issues/913 https://github.com/eventlet/eventlet/releases/tag/v0.35.2 https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2 https://github.com/rthalley/dnspython/issues/1045 https://github.com/rthalley/dnspython/releases/tag/v2.6.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH/ https://nvd.nist.gov/vuln/detail/CVE-2023-29483 https://security.snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713 https://www.cve.org/CVERecord?id=CVE-2023-29483 https://www.dnspython.org https://www.dnspython.org/ https://www.dnspython.org/news/2.6.0rc1/ gunicorn CVE-2024-1135 HIGH 20.1.0 22.0.0 https://access.redhat.com/security/cve/CVE-2024-1135 https://github.com/advisories/GHSA-w3h3-4rj7-4ph4 https://github.com/benoitc/gunicorn https://github.com/benoitc/gunicorn/commit/ac29c9b0a758d21f1e0fb3b3457239e523fa9f1d https://github.com/benoitc/gunicorn/releases/tag/22.0.0 https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1 https://nvd.nist.gov/vuln/detail/CVE-2024-1135 https://www.cve.org/CVERecord?id=CVE-2024-1135 idna CVE-2024-3651 MEDIUM 3.3 3.7 https://access.redhat.com/security/cve/CVE-2024-3651 https://github.com/kjd/idna https://github.com/kjd/idna/security/advisories/GHSA-jjg7-2v4v-x38h https://nvd.nist.gov/vuln/detail/CVE-2024-3651 https://www.cve.org/CVERecord?id=CVE-2024-3651 pip CVE-2023-5752 MEDIUM 22.0.4 23.3 https://access.redhat.com/security/cve/CVE-2023-5752 https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2023-228.yaml https://github.com/pypa/pip https://github.com/pypa/pip/commit/389cb799d0da9a840749fcd14878928467ed49b4 https://github.com/pypa/pip/pull/12306 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ/ https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL/ https://nvd.nist.gov/vuln/detail/CVE-2023-5752 https://www.cve.org/CVERecord?id=CVE-2023-5752 setuptools CVE-2022-40897 HIGH 58.1.0 65.5.1 https://access.redhat.com/errata/RHSA-2023:0952 https://access.redhat.com/security/cve/CVE-2022-40897 https://bugzilla.redhat.com/2158559 https://bugzilla.redhat.com/show_bug.cgi?id=2158559 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897 https://errata.almalinux.org/9/ALSA-2023-0952.html https://errata.rockylinux.org/RLSA-2023:0835 https://github.com/pypa/setuptools https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200 https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1 https://github.com/pypa/setuptools/issues/3659 https://linux.oracle.com/cve/CVE-2022-40897.html https://linux.oracle.com/errata/ELSA-2023-12348.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H https://nvd.nist.gov/vuln/detail/CVE-2022-40897 https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/ https://pyup.io/vulnerabilities/CVE-2022-40897/52495 https://pyup.io/vulnerabilities/CVE-2022-40897/52495/ https://security.netapp.com/advisory/ntap-20230214-0001 https://security.netapp.com/advisory/ntap-20230214-0001/ https://setuptools.pypa.io/en/latest https://ubuntu.com/security/notices/USN-5817-1 https://www.cve.org/CVERecord?id=CVE-2022-40897 urllib3 CVE-2023-43804 MEDIUM 1.26.10 2.0.6, 1.26.17 https://access.redhat.com/errata/RHSA-2024:2159 https://access.redhat.com/security/cve/CVE-2023-43804 https://bugzilla.redhat.com/2242493 https://errata.almalinux.org/9/ALSA-2024-2159.html https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-192.yaml https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb https://github.com/urllib3/urllib3/commit/644124ecd0b6e417c527191f866daa05a5a2056d https://github.com/urllib3/urllib3/security/advisories/GHSA-v845-jxx5-vc9f https://linux.oracle.com/cve/CVE-2023-43804.html https://linux.oracle.com/errata/ELSA-2024-2159.html https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3PR7C6RJ6JUBQKIJ644DMIJSUP36VDY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3PR7C6RJ6JUBQKIJ644DMIJSUP36VDY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAGZXYJ7H2G3SB47M453VQVNAWKAEJJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAGZXYJ7H2G3SB47M453VQVNAWKAEJJ/ https://nvd.nist.gov/vuln/detail/CVE-2023-43804 https://ubuntu.com/security/notices/USN-6473-1 https://ubuntu.com/security/notices/USN-6473-2 https://www.cve.org/CVERecord?id=CVE-2023-43804 urllib3 CVE-2023-45803 MEDIUM 1.26.10 2.0.7, 1.26.18 https://access.redhat.com/errata/RHSA-2024:2132 https://access.redhat.com/security/cve/CVE-2023-45803 https://bugzilla.redhat.com/2246840 https://bugzilla.redhat.com/2257028 https://bugzilla.redhat.com/2257854 https://errata.almalinux.org/9/ALSA-2024-2132.html https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-212.yaml https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/4e50fbc5db74e32cabd5ccc1ab81fc103adfe0b3 https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9 https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36 https://github.com/urllib3/urllib3/releases/tag/1.26.18 https://github.com/urllib3/urllib3/releases/tag/2.0.7 https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4 https://linux.oracle.com/cve/CVE-2023-45803.html https://linux.oracle.com/errata/ELSA-2024-2132.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/ https://nvd.nist.gov/vuln/detail/CVE-2023-45803 https://ubuntu.com/security/notices/USN-6473-1 https://ubuntu.com/security/notices/USN-6473-2 https://www.cve.org/CVERecord?id=CVE-2023-45803 https://www.rfc-editor.org/rfc/rfc9110.html#name-get wheel CVE-2022-40898 HIGH 0.37.1 0.38.1 https://access.redhat.com/errata/RHSA-2023:6712 https://access.redhat.com/security/cve/CVE-2022-40898 https://bugzilla.redhat.com/2165864 https://errata.almalinux.org/9/ALSA-2023-6712.html https://github.com/pypa/wheel https://github.com/pypa/wheel/blob/main/src/wheel/wheelfile.py#L18 https://github.com/pypa/wheel/commit/88f02bc335d5404991e532e7f3b0fc80437bf4e0 https://linux.oracle.com/cve/CVE-2022-40898.html https://linux.oracle.com/errata/ELSA-2023-6712.html https://nvd.nist.gov/vuln/detail/CVE-2022-40898 https://pypi.org/project/wheel https://pypi.org/project/wheel/ https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/ https://pyup.io/vulnerabilities/CVE-2022-40898/51499 https://ubuntu.com/security/notices/USN-5821-1 https://ubuntu.com/security/notices/USN-5821-2 https://www.cve.org/CVERecord?id=CVE-2022-40898 No Misconfigurations found