registry.gitlab.com/prod-manager/prod-manager:v0.21.3 (alpine 3.18.0) - Trivy Report - 2024-10-06 06:03:26.227219372 +0000 UTC m=+2.316773861 registry.gitlab.com/prod-manager/prod-manager:v0.21.3 (alpine 3.18.0) - Trivy Report - 2024-10-06 06:03:26.227250801 +0000 UTC m=+2.316805290 alpine Package Vulnerability ID Severity Installed Version Fixed Version Links busybox CVE-2022-48174 CRITICAL 1.36.0-r9 1.36.1-r1 https://access.redhat.com/security/cve/CVE-2022-48174 https://bugs.busybox.net/show_bug.cgi?id=15216 https://linux.oracle.com/cve/CVE-2022-48174.html https://linux.oracle.com/errata/ELSA-2023-5178.html https://nvd.nist.gov/vuln/detail/CVE-2022-48174 https://ubuntu.com/security/notices/USN-6335-1 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2022-48174 busybox CVE-2023-42363 MEDIUM 1.36.0-r9 1.36.1-r7 http://lists.busybox.net/pipermail/busybox/2024-May/090760.html https://access.redhat.com/security/cve/CVE-2023-42363 https://bugs.busybox.net/show_bug.cgi?id=15865 https://nvd.nist.gov/vuln/detail/CVE-2023-42363 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42363 busybox CVE-2023-42364 MEDIUM 1.36.0-r9 1.36.1-r7 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42364 https://bugs.busybox.net/show_bug.cgi?id=15868 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42364 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42364 busybox CVE-2023-42365 MEDIUM 1.36.0-r9 1.36.1-r7 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42365 https://bugs.busybox.net/show_bug.cgi?id=15871 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42365 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42365 busybox CVE-2023-42366 MEDIUM 1.36.0-r9 1.36.1-r6 https://access.redhat.com/security/cve/CVE-2023-42366 https://bugs.busybox.net/show_bug.cgi?id=15874 https://nvd.nist.gov/vuln/detail/CVE-2023-42366 https://www.cve.org/CVERecord?id=CVE-2023-42366 busybox-binsh CVE-2022-48174 CRITICAL 1.36.0-r9 1.36.1-r1 https://access.redhat.com/security/cve/CVE-2022-48174 https://bugs.busybox.net/show_bug.cgi?id=15216 https://linux.oracle.com/cve/CVE-2022-48174.html https://linux.oracle.com/errata/ELSA-2023-5178.html https://nvd.nist.gov/vuln/detail/CVE-2022-48174 https://ubuntu.com/security/notices/USN-6335-1 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2022-48174 busybox-binsh CVE-2023-42363 MEDIUM 1.36.0-r9 1.36.1-r7 http://lists.busybox.net/pipermail/busybox/2024-May/090760.html https://access.redhat.com/security/cve/CVE-2023-42363 https://bugs.busybox.net/show_bug.cgi?id=15865 https://nvd.nist.gov/vuln/detail/CVE-2023-42363 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42363 busybox-binsh CVE-2023-42364 MEDIUM 1.36.0-r9 1.36.1-r7 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42364 https://bugs.busybox.net/show_bug.cgi?id=15868 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42364 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42364 busybox-binsh CVE-2023-42365 MEDIUM 1.36.0-r9 1.36.1-r7 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42365 https://bugs.busybox.net/show_bug.cgi?id=15871 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42365 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42365 busybox-binsh CVE-2023-42366 MEDIUM 1.36.0-r9 1.36.1-r6 https://access.redhat.com/security/cve/CVE-2023-42366 https://bugs.busybox.net/show_bug.cgi?id=15874 https://nvd.nist.gov/vuln/detail/CVE-2023-42366 https://www.cve.org/CVERecord?id=CVE-2023-42366 krb5-libs CVE-2023-36054 MEDIUM 1.20.1-r1 1.20.2-r0 https://access.redhat.com/errata/RHSA-2023:6699 https://access.redhat.com/security/cve/CVE-2023-36054 https://bugzilla.redhat.com/2230178 https://bugzilla.redhat.com/2232682 https://errata.almalinux.org/9/ALSA-2023-6699.html https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final https://linux.oracle.com/cve/CVE-2023-36054.html https://linux.oracle.com/errata/ELSA-2023-6699.html https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html https://nvd.nist.gov/vuln/detail/CVE-2023-36054 https://security.netapp.com/advisory/ntap-20230908-0004/ https://ubuntu.com/security/notices/USN-6467-1 https://ubuntu.com/security/notices/USN-6467-2 https://web.mit.edu/kerberos/www/advisories/ https://www.cve.org/CVERecord?id=CVE-2023-36054 libcrypto3 CVE-2023-5363 HIGH 3.1.0-r4 3.1.4-r0 http://www.openwall.com/lists/oss-security/2023/10/24/1 https://access.redhat.com/errata/RHSA-2024:0310 https://access.redhat.com/security/cve/CVE-2023-5363 https://bugzilla.redhat.com/2243839 https://errata.almalinux.org/9/ALSA-2024-0310.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee https://linux.oracle.com/cve/CVE-2023-5363.html https://linux.oracle.com/errata/ELSA-2024-12093.html https://nvd.nist.gov/vuln/detail/CVE-2023-5363 https://security.netapp.com/advisory/ntap-20231027-0010/ https://security.netapp.com/advisory/ntap-20240201-0003/ https://security.netapp.com/advisory/ntap-20240201-0004/ https://ubuntu.com/security/notices/USN-6450-1 https://www.cve.org/CVERecord?id=CVE-2023-5363 https://www.debian.org/security/2023/dsa-5532 https://www.openssl.org/news/secadv/20231024.txt libcrypto3 CVE-2023-2650 MEDIUM 3.1.0-r4 3.1.1-r0 http://www.openwall.com/lists/oss-security/2023/05/30/1 https://access.redhat.com/errata/RHSA-2023:6330 https://access.redhat.com/security/cve/CVE-2023-2650 https://bugzilla.redhat.com/1858038 https://bugzilla.redhat.com/2207947 https://errata.almalinux.org/9/ALSA-2023-6330.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a https://linux.oracle.com/cve/CVE-2023-2650.html https://linux.oracle.com/errata/ELSA-2023-6330.html https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html https://nvd.nist.gov/vuln/detail/CVE-2023-2650 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230703-0001/ https://security.netapp.com/advisory/ntap-20231027-0009/ https://ubuntu.com/security/notices/USN-6119-1 https://ubuntu.com/security/notices/USN-6188-1 https://ubuntu.com/security/notices/USN-6672-1 https://www.cve.org/CVERecord?id=CVE-2023-2650 https://www.debian.org/security/2023/dsa-5417 https://www.openssl.org/news/secadv/20230530.txt libcrypto3 CVE-2023-2975 MEDIUM 3.1.0-r4 3.1.1-r2 http://www.openwall.com/lists/oss-security/2023/07/15/1 http://www.openwall.com/lists/oss-security/2023/07/19/5 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-2975 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc https://linux.oracle.com/cve/CVE-2023-2975.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2023-2975 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230725-0004/ https://ubuntu.com/security/notices/USN-6450-1 https://www.cve.org/CVERecord?id=CVE-2023-2975 https://www.openssl.org/news/secadv/20230714.txt libcrypto3 CVE-2023-3446 MEDIUM 3.1.0-r4 3.1.1-r3 http://www.openwall.com/lists/oss-security/2023/07/19/4 http://www.openwall.com/lists/oss-security/2023/07/19/5 http://www.openwall.com/lists/oss-security/2023/07/19/6 http://www.openwall.com/lists/oss-security/2023/07/31/1 http://www.openwall.com/lists/oss-security/2024/05/16/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-3446 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://bugzilla.redhat.com/show_bug.cgi?id=2224962 https://bugzilla.redhat.com/show_bug.cgi?id=2257582 https://bugzilla.redhat.com/show_bug.cgi?id=2257583 https://bugzilla.redhat.com/show_bug.cgi?id=2258677 https://bugzilla.redhat.com/show_bug.cgi?id=2258688 https://bugzilla.redhat.com/show_bug.cgi?id=2258691 https://bugzilla.redhat.com/show_bug.cgi?id=2258694 https://bugzilla.redhat.com/show_bug.cgi?id=2258700 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36763 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36764 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45229 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45231 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45232 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45233 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45235 https://errata.almalinux.org/9/ALSA-2024-2447.html https://errata.rockylinux.org/RLSA-2024:2264 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23 https://linux.oracle.com/cve/CVE-2023-3446.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html https://nvd.nist.gov/vuln/detail/CVE-2023-3446 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230803-0011/ https://ubuntu.com/security/notices/USN-6435-1 https://ubuntu.com/security/notices/USN-6435-2 https://ubuntu.com/security/notices/USN-6450-1 https://ubuntu.com/security/notices/USN-6709-1 https://ubuntu.com/security/notices/USN-7018-1 https://www.cve.org/CVERecord?id=CVE-2023-3446 https://www.openssl.org/news/secadv/20230719.txt libcrypto3 CVE-2023-3817 MEDIUM 3.1.0-r4 3.1.2-r0 http://seclists.org/fulldisclosure/2023/Jul/43 http://www.openwall.com/lists/oss-security/2023/07/31/1 http://www.openwall.com/lists/oss-security/2023/09/22/11 http://www.openwall.com/lists/oss-security/2023/09/22/9 http://www.openwall.com/lists/oss-security/2023/11/06/2 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-3817 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5 https://linux.oracle.com/cve/CVE-2023-3817.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html https://nvd.nist.gov/vuln/detail/CVE-2023-3817 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230818-0014/ https://security.netapp.com/advisory/ntap-20231027-0008/ https://security.netapp.com/advisory/ntap-20240621-0006/ https://ubuntu.com/security/notices/USN-6435-1 https://ubuntu.com/security/notices/USN-6435-2 https://ubuntu.com/security/notices/USN-6450-1 https://ubuntu.com/security/notices/USN-6709-1 https://www.cve.org/CVERecord?id=CVE-2023-3817 https://www.openssl.org/news/secadv/20230731.txt libcrypto3 CVE-2023-5678 MEDIUM 3.1.0-r4 3.1.4-r1 http://www.openwall.com/lists/oss-security/2024/03/11/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-5678 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6 https://linux.oracle.com/cve/CVE-2023-5678.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2023-5678 https://security.netapp.com/advisory/ntap-20231130-0010/ https://ubuntu.com/security/notices/USN-6622-1 https://ubuntu.com/security/notices/USN-6632-1 https://ubuntu.com/security/notices/USN-6709-1 https://www.cve.org/CVERecord?id=CVE-2023-5678 https://www.openssl.org/news/secadv/20231106.txt libcrypto3 CVE-2023-6129 MEDIUM 3.1.0-r4 3.1.4-r3 http://www.openwall.com/lists/oss-security/2024/03/11/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-6129 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35 https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04 https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015 https://linux.oracle.com/cve/CVE-2023-6129.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2023-6129 https://security.netapp.com/advisory/ntap-20240216-0009/ https://security.netapp.com/advisory/ntap-20240426-0008/ https://security.netapp.com/advisory/ntap-20240426-0013/ https://security.netapp.com/advisory/ntap-20240503-0011/ https://ubuntu.com/security/notices/USN-6622-1 https://www.cve.org/CVERecord?id=CVE-2023-6129 https://www.openssl.org/news/secadv/20240109.txt https://www.openwall.com/lists/oss-security/2024/01/09/1 libcrypto3 CVE-2023-6237 MEDIUM 3.1.0-r4 3.1.4-r4 http://www.openwall.com/lists/oss-security/2024/03/11/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-6237 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294 https://linux.oracle.com/cve/CVE-2023-6237.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2023-6237 https://security.netapp.com/advisory/ntap-20240531-0007/ https://ubuntu.com/security/notices/USN-6622-1 https://www.cve.org/CVERecord?id=CVE-2023-6237 https://www.openssl.org/news/secadv/20240115.txt https://www.openwall.com/lists/oss-security/2024/01/15/2 libcrypto3 CVE-2024-0727 MEDIUM 3.1.0-r4 3.1.4-r5 http://www.openwall.com/lists/oss-security/2024/03/11/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2024-0727 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2 https://github.com/github/advisory-database/pull/3472 https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2 https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c https://github.com/openssl/openssl/pull/23362 https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8 https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539 https://linux.oracle.com/cve/CVE-2024-0727.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2024-0727 https://security.netapp.com/advisory/ntap-20240208-0006 https://security.netapp.com/advisory/ntap-20240208-0006/ https://ubuntu.com/security/notices/USN-6622-1 https://ubuntu.com/security/notices/USN-6632-1 https://ubuntu.com/security/notices/USN-6709-1 https://ubuntu.com/security/notices/USN-7018-1 https://www.cve.org/CVERecord?id=CVE-2024-0727 https://www.openssl.org/news/secadv/20240125.txt libcrypto3 CVE-2024-4603 MEDIUM 3.1.0-r4 3.1.5-r0 http://www.openwall.com/lists/oss-security/2024/05/16/2 https://access.redhat.com/security/cve/CVE-2024-4603 https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397 https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740 https://nvd.nist.gov/vuln/detail/CVE-2024-4603 https://security.netapp.com/advisory/ntap-20240621-0001/ https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-4603 https://www.openssl.org/news/secadv/20240516.txt libcrypto3 CVE-2024-4741 MEDIUM 3.1.0-r4 3.1.6-r0 https://access.redhat.com/security/cve/CVE-2024-4741 https://nvd.nist.gov/vuln/detail/CVE-2024-4741 https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-4741 https://www.openssl.org/news/secadv/20240528.txt libcrypto3 CVE-2024-5535 MEDIUM 3.1.0-r4 3.1.6-r0 http://www.openwall.com/lists/oss-security/2024/06/27/1 http://www.openwall.com/lists/oss-security/2024/06/28/4 https://access.redhat.com/security/cve/CVE-2024-5535 https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37 https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87 https://nvd.nist.gov/vuln/detail/CVE-2024-5535 https://openssl.org/news/secadv/20240627.txt https://security.netapp.com/advisory/ntap-20240712-0005/ https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-5535 https://www.openssl.org/news/secadv/20240627.txt libcrypto3 CVE-2024-6119 MEDIUM 3.1.0-r4 3.1.7-r0 https://access.redhat.com/errata/RHSA-2024:6783 https://access.redhat.com/security/cve/CVE-2024-6119 https://bugzilla.redhat.com/2306158 https://bugzilla.redhat.com/show_bug.cgi?id=2306158 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6119 https://errata.almalinux.org/9/ALSA-2024-6783.html https://errata.rockylinux.org/RLSA-2024:6783 https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6 https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2 https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0 https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj https://linux.oracle.com/cve/CVE-2024-6119.html https://linux.oracle.com/errata/ELSA-2024-6783.html https://nvd.nist.gov/vuln/detail/CVE-2024-6119 https://openssl-library.org/news/secadv/20240903.txt https://ubuntu.com/security/notices/USN-6986-1 https://www.cve.org/CVERecord?id=CVE-2024-6119 libcrypto3 CVE-2024-2511 LOW 3.1.0-r4 3.1.4-r6 http://www.openwall.com/lists/oss-security/2024/04/08/5 https://access.redhat.com/security/cve/CVE-2024-2511 https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08 https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640 https://nvd.nist.gov/vuln/detail/CVE-2024-2511 https://security.netapp.com/advisory/ntap-20240503-0013/ https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-2511 https://www.openssl.org/news/secadv/20240408.txt https://www.openssl.org/news/vulnerabilities.html libexpat CVE-2024-45490 CRITICAL 2.5.0-r1 2.6.3-r0 https://access.redhat.com/errata/RHSA-2024:6754 https://access.redhat.com/security/cve/CVE-2024-45490 https://bugzilla.redhat.com/2308615 https://bugzilla.redhat.com/2308616 https://bugzilla.redhat.com/2308617 https://bugzilla.redhat.com/show_bug.cgi?id=2308615 https://bugzilla.redhat.com/show_bug.cgi?id=2308616 https://bugzilla.redhat.com/show_bug.cgi?id=2308617 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492 https://errata.almalinux.org/9/ALSA-2024-6754.html https://errata.rockylinux.org/RLSA-2024:6754 https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes https://github.com/libexpat/libexpat/issues/887 https://github.com/libexpat/libexpat/pull/890 https://linux.oracle.com/cve/CVE-2024-45490.html https://linux.oracle.com/errata/ELSA-2024-6989.html https://nvd.nist.gov/vuln/detail/CVE-2024-45490 https://ubuntu.com/security/notices/USN-7000-1 https://ubuntu.com/security/notices/USN-7000-2 https://ubuntu.com/security/notices/USN-7001-1 https://ubuntu.com/security/notices/USN-7001-2 https://www.cve.org/CVERecord?id=CVE-2024-45490 libexpat CVE-2024-45491 CRITICAL 2.5.0-r1 2.6.3-r0 https://access.redhat.com/errata/RHSA-2024:6754 https://access.redhat.com/security/cve/CVE-2024-45491 https://bugzilla.redhat.com/2308615 https://bugzilla.redhat.com/2308616 https://bugzilla.redhat.com/2308617 https://bugzilla.redhat.com/show_bug.cgi?id=2308615 https://bugzilla.redhat.com/show_bug.cgi?id=2308616 https://bugzilla.redhat.com/show_bug.cgi?id=2308617 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492 https://errata.almalinux.org/9/ALSA-2024-6754.html https://errata.rockylinux.org/RLSA-2024:6754 https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes https://github.com/libexpat/libexpat/issues/888 https://github.com/libexpat/libexpat/pull/891 https://linux.oracle.com/cve/CVE-2024-45491.html https://linux.oracle.com/errata/ELSA-2024-6989.html https://nvd.nist.gov/vuln/detail/CVE-2024-45491 https://ubuntu.com/security/notices/USN-7000-1 https://ubuntu.com/security/notices/USN-7000-2 https://ubuntu.com/security/notices/USN-7001-1 https://ubuntu.com/security/notices/USN-7001-2 https://www.cve.org/CVERecord?id=CVE-2024-45491 libexpat CVE-2024-45492 CRITICAL 2.5.0-r1 2.6.3-r0 https://access.redhat.com/errata/RHSA-2024:6754 https://access.redhat.com/security/cve/CVE-2024-45492 https://bugzilla.redhat.com/2308615 https://bugzilla.redhat.com/2308616 https://bugzilla.redhat.com/2308617 https://bugzilla.redhat.com/show_bug.cgi?id=2308615 https://bugzilla.redhat.com/show_bug.cgi?id=2308616 https://bugzilla.redhat.com/show_bug.cgi?id=2308617 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492 https://errata.almalinux.org/9/ALSA-2024-6754.html https://errata.rockylinux.org/RLSA-2024:6754 https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes https://github.com/libexpat/libexpat/issues/889 https://github.com/libexpat/libexpat/pull/892 https://linux.oracle.com/cve/CVE-2024-45492.html https://linux.oracle.com/errata/ELSA-2024-6989.html https://nvd.nist.gov/vuln/detail/CVE-2024-45492 https://ubuntu.com/security/notices/USN-7000-1 https://ubuntu.com/security/notices/USN-7000-2 https://www.cve.org/CVERecord?id=CVE-2024-45492 libexpat CVE-2023-52425 HIGH 2.5.0-r1 2.6.0-r0 http://www.openwall.com/lists/oss-security/2024/03/20/5 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2023-52425 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://bugzilla.redhat.com/show_bug.cgi?id=2262877 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52425 https://errata.almalinux.org/9/ALSA-2024-1530.html https://errata.rockylinux.org/RLSA-2024:1615 https://github.com/libexpat/libexpat/pull/789 https://linux.oracle.com/cve/CVE-2023-52425.html https://linux.oracle.com/errata/ELSA-2024-4259.html https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ https://nvd.nist.gov/vuln/detail/CVE-2023-52425 https://security.netapp.com/advisory/ntap-20240614-0003/ https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2023-52425 libexpat CVE-2024-28757 HIGH 2.5.0-r1 2.6.2-r0 http://www.openwall.com/lists/oss-security/2024/03/15/1 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2024-28757 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://errata.almalinux.org/9/ALSA-2024-1530.html https://github.com/libexpat/libexpat/issues/839 https://github.com/libexpat/libexpat/pull/842 https://linux.oracle.com/cve/CVE-2024-28757.html https://linux.oracle.com/errata/ELSA-2024-1530.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/ https://nvd.nist.gov/vuln/detail/CVE-2024-28757 https://security.netapp.com/advisory/ntap-20240322-0001/ https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2024-28757 libexpat CVE-2023-52426 MEDIUM 2.5.0-r1 2.6.0-r0 https://access.redhat.com/security/cve/CVE-2023-52426 https://cwe.mitre.org/data/definitions/776.html https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404 https://github.com/libexpat/libexpat/pull/777 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ https://nvd.nist.gov/vuln/detail/CVE-2023-52426 https://security.netapp.com/advisory/ntap-20240307-0005/ https://www.cve.org/CVERecord?id=CVE-2023-52426 libssl3 CVE-2023-5363 HIGH 3.1.0-r4 3.1.4-r0 http://www.openwall.com/lists/oss-security/2023/10/24/1 https://access.redhat.com/errata/RHSA-2024:0310 https://access.redhat.com/security/cve/CVE-2023-5363 https://bugzilla.redhat.com/2243839 https://errata.almalinux.org/9/ALSA-2024-0310.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee https://linux.oracle.com/cve/CVE-2023-5363.html https://linux.oracle.com/errata/ELSA-2024-12093.html https://nvd.nist.gov/vuln/detail/CVE-2023-5363 https://security.netapp.com/advisory/ntap-20231027-0010/ https://security.netapp.com/advisory/ntap-20240201-0003/ https://security.netapp.com/advisory/ntap-20240201-0004/ https://ubuntu.com/security/notices/USN-6450-1 https://www.cve.org/CVERecord?id=CVE-2023-5363 https://www.debian.org/security/2023/dsa-5532 https://www.openssl.org/news/secadv/20231024.txt libssl3 CVE-2023-2650 MEDIUM 3.1.0-r4 3.1.1-r0 http://www.openwall.com/lists/oss-security/2023/05/30/1 https://access.redhat.com/errata/RHSA-2023:6330 https://access.redhat.com/security/cve/CVE-2023-2650 https://bugzilla.redhat.com/1858038 https://bugzilla.redhat.com/2207947 https://errata.almalinux.org/9/ALSA-2023-6330.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a https://linux.oracle.com/cve/CVE-2023-2650.html https://linux.oracle.com/errata/ELSA-2023-6330.html https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html https://nvd.nist.gov/vuln/detail/CVE-2023-2650 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230703-0001/ https://security.netapp.com/advisory/ntap-20231027-0009/ https://ubuntu.com/security/notices/USN-6119-1 https://ubuntu.com/security/notices/USN-6188-1 https://ubuntu.com/security/notices/USN-6672-1 https://www.cve.org/CVERecord?id=CVE-2023-2650 https://www.debian.org/security/2023/dsa-5417 https://www.openssl.org/news/secadv/20230530.txt libssl3 CVE-2023-2975 MEDIUM 3.1.0-r4 3.1.1-r2 http://www.openwall.com/lists/oss-security/2023/07/15/1 http://www.openwall.com/lists/oss-security/2023/07/19/5 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-2975 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc https://linux.oracle.com/cve/CVE-2023-2975.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2023-2975 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230725-0004/ https://ubuntu.com/security/notices/USN-6450-1 https://www.cve.org/CVERecord?id=CVE-2023-2975 https://www.openssl.org/news/secadv/20230714.txt libssl3 CVE-2023-3446 MEDIUM 3.1.0-r4 3.1.1-r3 http://www.openwall.com/lists/oss-security/2023/07/19/4 http://www.openwall.com/lists/oss-security/2023/07/19/5 http://www.openwall.com/lists/oss-security/2023/07/19/6 http://www.openwall.com/lists/oss-security/2023/07/31/1 http://www.openwall.com/lists/oss-security/2024/05/16/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-3446 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://bugzilla.redhat.com/show_bug.cgi?id=2224962 https://bugzilla.redhat.com/show_bug.cgi?id=2257582 https://bugzilla.redhat.com/show_bug.cgi?id=2257583 https://bugzilla.redhat.com/show_bug.cgi?id=2258677 https://bugzilla.redhat.com/show_bug.cgi?id=2258688 https://bugzilla.redhat.com/show_bug.cgi?id=2258691 https://bugzilla.redhat.com/show_bug.cgi?id=2258694 https://bugzilla.redhat.com/show_bug.cgi?id=2258700 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36763 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36764 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45229 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45231 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45232 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45233 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45235 https://errata.almalinux.org/9/ALSA-2024-2447.html https://errata.rockylinux.org/RLSA-2024:2264 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23 https://linux.oracle.com/cve/CVE-2023-3446.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html https://nvd.nist.gov/vuln/detail/CVE-2023-3446 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230803-0011/ https://ubuntu.com/security/notices/USN-6435-1 https://ubuntu.com/security/notices/USN-6435-2 https://ubuntu.com/security/notices/USN-6450-1 https://ubuntu.com/security/notices/USN-6709-1 https://ubuntu.com/security/notices/USN-7018-1 https://www.cve.org/CVERecord?id=CVE-2023-3446 https://www.openssl.org/news/secadv/20230719.txt libssl3 CVE-2023-3817 MEDIUM 3.1.0-r4 3.1.2-r0 http://seclists.org/fulldisclosure/2023/Jul/43 http://www.openwall.com/lists/oss-security/2023/07/31/1 http://www.openwall.com/lists/oss-security/2023/09/22/11 http://www.openwall.com/lists/oss-security/2023/09/22/9 http://www.openwall.com/lists/oss-security/2023/11/06/2 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-3817 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5 https://linux.oracle.com/cve/CVE-2023-3817.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html https://nvd.nist.gov/vuln/detail/CVE-2023-3817 https://security.gentoo.org/glsa/202402-08 https://security.netapp.com/advisory/ntap-20230818-0014/ https://security.netapp.com/advisory/ntap-20231027-0008/ https://security.netapp.com/advisory/ntap-20240621-0006/ https://ubuntu.com/security/notices/USN-6435-1 https://ubuntu.com/security/notices/USN-6435-2 https://ubuntu.com/security/notices/USN-6450-1 https://ubuntu.com/security/notices/USN-6709-1 https://www.cve.org/CVERecord?id=CVE-2023-3817 https://www.openssl.org/news/secadv/20230731.txt libssl3 CVE-2023-5678 MEDIUM 3.1.0-r4 3.1.4-r1 http://www.openwall.com/lists/oss-security/2024/03/11/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-5678 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6 https://linux.oracle.com/cve/CVE-2023-5678.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2023-5678 https://security.netapp.com/advisory/ntap-20231130-0010/ https://ubuntu.com/security/notices/USN-6622-1 https://ubuntu.com/security/notices/USN-6632-1 https://ubuntu.com/security/notices/USN-6709-1 https://www.cve.org/CVERecord?id=CVE-2023-5678 https://www.openssl.org/news/secadv/20231106.txt libssl3 CVE-2023-6129 MEDIUM 3.1.0-r4 3.1.4-r3 http://www.openwall.com/lists/oss-security/2024/03/11/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-6129 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35 https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04 https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015 https://linux.oracle.com/cve/CVE-2023-6129.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2023-6129 https://security.netapp.com/advisory/ntap-20240216-0009/ https://security.netapp.com/advisory/ntap-20240426-0008/ https://security.netapp.com/advisory/ntap-20240426-0013/ https://security.netapp.com/advisory/ntap-20240503-0011/ https://ubuntu.com/security/notices/USN-6622-1 https://www.cve.org/CVERecord?id=CVE-2023-6129 https://www.openssl.org/news/secadv/20240109.txt https://www.openwall.com/lists/oss-security/2024/01/09/1 libssl3 CVE-2023-6237 MEDIUM 3.1.0-r4 3.1.4-r4 http://www.openwall.com/lists/oss-security/2024/03/11/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2023-6237 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294 https://linux.oracle.com/cve/CVE-2023-6237.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2023-6237 https://security.netapp.com/advisory/ntap-20240531-0007/ https://ubuntu.com/security/notices/USN-6622-1 https://www.cve.org/CVERecord?id=CVE-2023-6237 https://www.openssl.org/news/secadv/20240115.txt https://www.openwall.com/lists/oss-security/2024/01/15/2 libssl3 CVE-2024-0727 MEDIUM 3.1.0-r4 3.1.4-r5 http://www.openwall.com/lists/oss-security/2024/03/11/1 https://access.redhat.com/errata/RHSA-2024:2447 https://access.redhat.com/security/cve/CVE-2024-0727 https://bugzilla.redhat.com/2223016 https://bugzilla.redhat.com/2224962 https://bugzilla.redhat.com/2227852 https://bugzilla.redhat.com/2248616 https://bugzilla.redhat.com/2257571 https://bugzilla.redhat.com/2258502 https://bugzilla.redhat.com/2259944 https://errata.almalinux.org/9/ALSA-2024-2447.html https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2 https://github.com/github/advisory-database/pull/3472 https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2 https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c https://github.com/openssl/openssl/pull/23362 https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8 https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539 https://linux.oracle.com/cve/CVE-2024-0727.html https://linux.oracle.com/errata/ELSA-2024-2447.html https://nvd.nist.gov/vuln/detail/CVE-2024-0727 https://security.netapp.com/advisory/ntap-20240208-0006 https://security.netapp.com/advisory/ntap-20240208-0006/ https://ubuntu.com/security/notices/USN-6622-1 https://ubuntu.com/security/notices/USN-6632-1 https://ubuntu.com/security/notices/USN-6709-1 https://ubuntu.com/security/notices/USN-7018-1 https://www.cve.org/CVERecord?id=CVE-2024-0727 https://www.openssl.org/news/secadv/20240125.txt libssl3 CVE-2024-4603 MEDIUM 3.1.0-r4 3.1.5-r0 http://www.openwall.com/lists/oss-security/2024/05/16/2 https://access.redhat.com/security/cve/CVE-2024-4603 https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397 https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740 https://nvd.nist.gov/vuln/detail/CVE-2024-4603 https://security.netapp.com/advisory/ntap-20240621-0001/ https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-4603 https://www.openssl.org/news/secadv/20240516.txt libssl3 CVE-2024-4741 MEDIUM 3.1.0-r4 3.1.6-r0 https://access.redhat.com/security/cve/CVE-2024-4741 https://nvd.nist.gov/vuln/detail/CVE-2024-4741 https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-4741 https://www.openssl.org/news/secadv/20240528.txt libssl3 CVE-2024-5535 MEDIUM 3.1.0-r4 3.1.6-r0 http://www.openwall.com/lists/oss-security/2024/06/27/1 http://www.openwall.com/lists/oss-security/2024/06/28/4 https://access.redhat.com/security/cve/CVE-2024-5535 https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37 https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87 https://nvd.nist.gov/vuln/detail/CVE-2024-5535 https://openssl.org/news/secadv/20240627.txt https://security.netapp.com/advisory/ntap-20240712-0005/ https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-5535 https://www.openssl.org/news/secadv/20240627.txt libssl3 CVE-2024-6119 MEDIUM 3.1.0-r4 3.1.7-r0 https://access.redhat.com/errata/RHSA-2024:6783 https://access.redhat.com/security/cve/CVE-2024-6119 https://bugzilla.redhat.com/2306158 https://bugzilla.redhat.com/show_bug.cgi?id=2306158 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6119 https://errata.almalinux.org/9/ALSA-2024-6783.html https://errata.rockylinux.org/RLSA-2024:6783 https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6 https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2 https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0 https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj https://linux.oracle.com/cve/CVE-2024-6119.html https://linux.oracle.com/errata/ELSA-2024-6783.html https://nvd.nist.gov/vuln/detail/CVE-2024-6119 https://openssl-library.org/news/secadv/20240903.txt https://ubuntu.com/security/notices/USN-6986-1 https://www.cve.org/CVERecord?id=CVE-2024-6119 libssl3 CVE-2024-2511 LOW 3.1.0-r4 3.1.4-r6 http://www.openwall.com/lists/oss-security/2024/04/08/5 https://access.redhat.com/security/cve/CVE-2024-2511 https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08 https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640 https://nvd.nist.gov/vuln/detail/CVE-2024-2511 https://security.netapp.com/advisory/ntap-20240503-0013/ https://ubuntu.com/security/notices/USN-6937-1 https://www.cve.org/CVERecord?id=CVE-2024-2511 https://www.openssl.org/news/secadv/20240408.txt https://www.openssl.org/news/vulnerabilities.html sqlite-libs CVE-2023-7104 HIGH 3.41.2-r2 3.41.2-r3 https://access.redhat.com/errata/RHSA-2024:0465 https://access.redhat.com/security/cve/CVE-2023-7104 https://bugzilla.redhat.com/2256194 https://bugzilla.redhat.com/show_bug.cgi?id=2256194 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7104 https://errata.almalinux.org/9/ALSA-2024-0465.html https://errata.rockylinux.org/RLSA-2024:0253 https://linux.oracle.com/cve/CVE-2023-7104.html https://linux.oracle.com/errata/ELSA-2024-0465.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/ https://nvd.nist.gov/vuln/detail/CVE-2023-7104 https://security.netapp.com/advisory/ntap-20240112-0008/ https://sqlite.org/forum/forumpost/5bcbf4571c https://sqlite.org/src/info/0e4e7a05c4204b47 https://ubuntu.com/security/notices/USN-6566-1 https://ubuntu.com/security/notices/USN-6566-2 https://vuldb.com/?ctiid.248999 https://vuldb.com/?id.248999 https://www.cve.org/CVERecord?id=CVE-2023-7104 ssl_client CVE-2022-48174 CRITICAL 1.36.0-r9 1.36.1-r1 https://access.redhat.com/security/cve/CVE-2022-48174 https://bugs.busybox.net/show_bug.cgi?id=15216 https://linux.oracle.com/cve/CVE-2022-48174.html https://linux.oracle.com/errata/ELSA-2023-5178.html https://nvd.nist.gov/vuln/detail/CVE-2022-48174 https://ubuntu.com/security/notices/USN-6335-1 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2022-48174 ssl_client CVE-2023-42363 MEDIUM 1.36.0-r9 1.36.1-r7 http://lists.busybox.net/pipermail/busybox/2024-May/090760.html https://access.redhat.com/security/cve/CVE-2023-42363 https://bugs.busybox.net/show_bug.cgi?id=15865 https://nvd.nist.gov/vuln/detail/CVE-2023-42363 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42363 ssl_client CVE-2023-42364 MEDIUM 1.36.0-r9 1.36.1-r7 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42364 https://bugs.busybox.net/show_bug.cgi?id=15868 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42364 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42364 ssl_client CVE-2023-42365 MEDIUM 1.36.0-r9 1.36.1-r7 http://lists.busybox.net/pipermail/busybox/2024-May/090762.html https://access.redhat.com/security/cve/CVE-2023-42365 https://bugs.busybox.net/show_bug.cgi?id=15871 https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/CVE-2023-42364-CVE-2023-42365.patch https://nvd.nist.gov/vuln/detail/CVE-2023-42365 https://ubuntu.com/security/notices/USN-6961-1 https://www.cve.org/CVERecord?id=CVE-2023-42365 ssl_client CVE-2023-42366 MEDIUM 1.36.0-r9 1.36.1-r6 https://access.redhat.com/security/cve/CVE-2023-42366 https://bugs.busybox.net/show_bug.cgi?id=15874 https://nvd.nist.gov/vuln/detail/CVE-2023-42366 https://www.cve.org/CVERecord?id=CVE-2023-42366 No Misconfigurations found python-pkg Package Vulnerability ID Severity Installed Version Fixed Version Links Jinja2 CVE-2024-22195 MEDIUM 3.1.2 3.1.3 https://access.redhat.com/errata/RHSA-2024:2348 https://access.redhat.com/security/cve/CVE-2024-22195 https://bugzilla.redhat.com/2257854 https://bugzilla.redhat.com/show_bug.cgi?id=2257854 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22195 https://errata.almalinux.org/9/ALSA-2024-2348.html https://errata.rockylinux.org/RLSA-2024:3102 https://github.com/pallets/jinja https://github.com/pallets/jinja/commit/716795349a41d4983a9a4771f7d883c96ea17be7 https://github.com/pallets/jinja/releases/tag/3.1.3 https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95 https://linux.oracle.com/cve/CVE-2024-22195.html https://linux.oracle.com/errata/ELSA-2024-3102.html https://lists.debian.org/debian-lts-announce/2024/01/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3/ https://nvd.nist.gov/vuln/detail/CVE-2024-22195 https://ubuntu.com/security/notices/USN-6599-1 https://www.cve.org/CVERecord?id=CVE-2024-22195 Jinja2 CVE-2024-34064 MEDIUM 3.1.2 3.1.4 https://access.redhat.com/errata/RHSA-2024:3820 https://access.redhat.com/security/cve/CVE-2024-34064 https://bugzilla.redhat.com/2279476 https://bugzilla.redhat.com/show_bug.cgi?id=2279476 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34064 https://errata.almalinux.org/9/ALSA-2024-3820.html https://errata.rockylinux.org/RLSA-2024:3820 https://github.com/pallets/jinja https://github.com/pallets/jinja/commit/0668239dc6b44ef38e7a6c9f91f312fd4ca581cb https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj https://linux.oracle.com/cve/CVE-2024-34064.html https://linux.oracle.com/errata/ELSA-2024-4231.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/567XIGSZMABG6TSMYWD7MIYNJSUQQRUC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/567XIGSZMABG6TSMYWD7MIYNJSUQQRUC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCLF44KY43BSVMTE6S53B4V5WP3FRRSE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCLF44KY43BSVMTE6S53B4V5WP3FRRSE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SSCBHIL6BYKR5NRCBXP4XMP2CEEKGFVS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SSCBHIL6BYKR5NRCBXP4XMP2CEEKGFVS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZALNWE3TXPPHVPSI3AZ5CTMSTAVN5UMS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZALNWE3TXPPHVPSI3AZ5CTMSTAVN5UMS/ https://nvd.nist.gov/vuln/detail/CVE-2024-34064 https://ubuntu.com/security/notices/USN-6787-1 https://www.cve.org/CVERecord?id=CVE-2024-34064 Werkzeug CVE-2024-34069 HIGH 2.3.4 3.0.3 https://access.redhat.com/security/cve/CVE-2024-34069 https://github.com/pallets/werkzeug https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692 https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4SH32AM3CTPMAAEOIDAN7VU565LO4IR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4SH32AM3CTPMAAEOIDAN7VU565LO4IR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFERFN7PINV4MOGMGA3DPIXJPDCYOEJZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFERFN7PINV4MOGMGA3DPIXJPDCYOEJZ/ https://nvd.nist.gov/vuln/detail/CVE-2024-34069 https://security.netapp.com/advisory/ntap-20240614-0004 https://security.netapp.com/advisory/ntap-20240614-0004/ https://ubuntu.com/security/notices/USN-6799-1 https://www.cve.org/CVERecord?id=CVE-2024-34069 Werkzeug CVE-2023-46136 MEDIUM 2.3.4 3.0.1, 2.3.8 https://access.redhat.com/security/cve/CVE-2023-46136 https://github.com/pallets/werkzeug https://github.com/pallets/werkzeug/commit/b1916c0c083e0be1c9d887ee2f3d696922bfc5c1 https://github.com/pallets/werkzeug/commit/f2300208d5e2a5076cbbb4c2aad71096fd040ef9 https://github.com/pallets/werkzeug/commit/f3c803b3ade485a45f12b6d6617595350c0f03e2 https://github.com/pallets/werkzeug/security/advisories/GHSA-hrfv-mqp8-q5rw https://github.com/pypa/advisory-database/tree/main/vulns/werkzeug/PYSEC-2023-221.yaml https://nvd.nist.gov/vuln/detail/CVE-2023-46136 https://security.netapp.com/advisory/ntap-20231124-0008 https://security.netapp.com/advisory/ntap-20231124-0008/ https://www.cve.org/CVERecord?id=CVE-2023-46136 certifi CVE-2023-37920 HIGH 2023.5.7 2023.7.22 https://access.redhat.com/errata/RHSA-2023:7753 https://access.redhat.com/security/cve/CVE-2023-37920 https://bugzilla.redhat.com/2226586 https://bugzilla.redhat.com/2242493 https://errata.almalinux.org/9/ALSA-2023-7753.html https://github.com/certifi/python-certifi https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909 https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7 https://github.com/pypa/advisory-database/tree/main/vulns/certifi/PYSEC-2023-135.yaml https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A https://linux.oracle.com/cve/CVE-2023-37920.html https://linux.oracle.com/errata/ELSA-2024-0133.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EX6NG7WUFNUKGFHLM35KHHU3GAKXRTG/ https://nvd.nist.gov/vuln/detail/CVE-2023-37920 https://www.cve.org/CVERecord?id=CVE-2023-37920 certifi CVE-2024-39689 LOW 2023.5.7 2024.07.04 https://access.redhat.com/security/cve/CVE-2024-39689 https://github.com/certifi/python-certifi https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463 https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI https://nvd.nist.gov/vuln/detail/CVE-2024-39689 https://www.cve.org/CVERecord?id=CVE-2024-39689 dnspython CVE-2023-29483 MEDIUM 2.3.0 2.6.1 https://access.redhat.com/errata/RHSA-2024:3275 https://access.redhat.com/security/cve/CVE-2023-29483 https://bugzilla.redhat.com/2274520 https://bugzilla.redhat.com/show_bug.cgi?id=2274520 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29483 https://errata.almalinux.org/8/ALSA-2024-3275.html https://errata.rockylinux.org/RLSA-2024:3275 https://github.com/eventlet/eventlet https://github.com/eventlet/eventlet/commit/51e3c4928d4938beb576eff34f3bf97e6e64e6b4 https://github.com/eventlet/eventlet/issues/913 https://github.com/eventlet/eventlet/releases/tag/v0.35.2 https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2 https://github.com/rthalley/dnspython/issues/1045 https://github.com/rthalley/dnspython/releases/tag/v2.6.0 https://linux.oracle.com/cve/CVE-2023-29483.html https://linux.oracle.com/errata/ELSA-2024-3275.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF/ https://nvd.nist.gov/vuln/detail/CVE-2023-29483 https://security.netapp.com/advisory/ntap-20240510-0001 https://security.netapp.com/advisory/ntap-20240510-0001/ https://security.snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713 https://www.cve.org/CVERecord?id=CVE-2023-29483 https://www.dnspython.org https://www.dnspython.org/ https://www.dnspython.org/news/2.6.0rc1/ gunicorn CVE-2024-1135 HIGH 20.1.0 22.0.0 https://access.redhat.com/security/cve/CVE-2024-1135 https://github.com/advisories/GHSA-w3h3-4rj7-4ph4 https://github.com/benoitc/gunicorn https://github.com/benoitc/gunicorn/commit/ac29c9b0a758d21f1e0fb3b3457239e523fa9f1d https://github.com/benoitc/gunicorn/releases/tag/22.0.0 https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1 https://lists.debian.org/debian-lts-announce/2024/06/msg00027.html https://nvd.nist.gov/vuln/detail/CVE-2024-1135 https://www.cve.org/CVERecord?id=CVE-2024-1135 idna CVE-2024-3651 MEDIUM 3.4 3.7 https://access.redhat.com/errata/RHSA-2024:3846 https://access.redhat.com/security/cve/CVE-2024-3651 https://bugzilla.redhat.com/2274779 https://bugzilla.redhat.com/show_bug.cgi?id=2274779 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3651 https://errata.almalinux.org/9/ALSA-2024-3846.html https://errata.rockylinux.org/RLSA-2024:3846 https://github.com/kjd/idna https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d https://github.com/kjd/idna/security/advisories/GHSA-jjg7-2v4v-x38h https://github.com/pypa/advisory-database/tree/main/vulns/idna/PYSEC-2024-60.yaml https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb https://linux.oracle.com/cve/CVE-2024-3651.html https://linux.oracle.com/errata/ELSA-2024-4260.html https://nvd.nist.gov/vuln/detail/CVE-2024-3651 https://ubuntu.com/security/notices/USN-6780-1 https://www.cve.org/CVERecord?id=CVE-2024-3651 pip CVE-2023-5752 MEDIUM 22.3.1 23.3 https://access.redhat.com/security/cve/CVE-2023-5752 https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2023-228.yaml https://github.com/pypa/pip https://github.com/pypa/pip/commit/389cb799d0da9a840749fcd14878928467ed49b4 https://github.com/pypa/pip/pull/12306 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/622OZXWG72ISQPLM5Y57YCVIMWHD4C3U https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/622OZXWG72ISQPLM5Y57YCVIMWHD4C3U/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65UKKF5LBHEFDCUSPBHUN4IHYX7SRMHH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65UKKF5LBHEFDCUSPBHUN4IHYX7SRMHH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXUVMJM25PUAZRQZBF54OFVKTY3MINPW https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXUVMJM25PUAZRQZBF54OFVKTY3MINPW/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KFC2SPFG5FLCZBYY2K3T5MFW2D22NG6E/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBSB3SUPQ3VIFYUMHPO3MEQI4BJAXKCZ/ https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL https://mail.python.org/archives/list/security-announce@python.org/thread/F4PL35U6X4VVHZ5ILJU3PWUWN7H7LZXL/ https://nvd.nist.gov/vuln/detail/CVE-2023-5752 https://www.cve.org/CVERecord?id=CVE-2023-5752 requests CVE-2023-32681 MEDIUM 2.30.0 2.31.0 https://access.redhat.com/errata/RHSA-2023:4350 https://access.redhat.com/security/cve/CVE-2023-32681 https://bugzilla.redhat.com/2209469 https://bugzilla.redhat.com/show_bug.cgi?id=2209469 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32681 https://errata.almalinux.org/9/ALSA-2023-4350.html https://errata.rockylinux.org/RLSA-2023:4520 https://github.com/psf/requests https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5 https://github.com/psf/requests/releases/tag/v2.31.0 https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q https://github.com/pypa/advisory-database/tree/main/vulns/requests/PYSEC-2023-74.yaml https://linux.oracle.com/cve/CVE-2023-32681.html https://linux.oracle.com/errata/ELSA-2023-7050.html https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/ https://nvd.nist.gov/vuln/detail/CVE-2023-32681 https://security.gentoo.org/glsa/202309-08 https://ubuntu.com/security/notices/USN-6155-1 https://ubuntu.com/security/notices/USN-6155-2 https://www.cve.org/CVERecord?id=CVE-2023-32681 requests CVE-2024-35195 MEDIUM 2.30.0 2.32.0 https://access.redhat.com/security/cve/CVE-2024-35195 https://github.com/psf/requests https://github.com/psf/requests/commit/a58d7f2ffb4d00b46dca2d70a3932a0b37e22fac https://github.com/psf/requests/pull/6655 https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ/ https://nvd.nist.gov/vuln/detail/CVE-2024-35195 https://www.cve.org/CVERecord?id=CVE-2024-35195 setuptools CVE-2024-6345 HIGH 65.5.1 70.0.0 https://access.redhat.com/errata/RHSA-2024:6726 https://access.redhat.com/security/cve/CVE-2024-6345 https://bugzilla.redhat.com/2297771 https://bugzilla.redhat.com/show_bug.cgi?id=2297771 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345 https://errata.almalinux.org/9/ALSA-2024-6726.html https://errata.rockylinux.org/RLSA-2024:6726 https://github.com/pypa/setuptools https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0 https://github.com/pypa/setuptools/pull/4332 https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 https://linux.oracle.com/cve/CVE-2024-6345.html https://linux.oracle.com/errata/ELSA-2024-6726.html https://nvd.nist.gov/vuln/detail/CVE-2024-6345 https://ubuntu.com/security/notices/USN-7002-1 https://www.cve.org/CVERecord?id=CVE-2024-6345 urllib3 CVE-2023-43804 MEDIUM 2.0.2 2.0.6, 1.26.17 https://access.redhat.com/errata/RHSA-2024:2159 https://access.redhat.com/security/cve/CVE-2023-43804 https://bugzilla.redhat.com/2242493 https://bugzilla.redhat.com/show_bug.cgi?id=2242493 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43804 https://errata.almalinux.org/9/ALSA-2024-2159.html https://errata.rockylinux.org/RLSA-2024:2986 https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-192.yaml https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb https://github.com/urllib3/urllib3/commit/644124ecd0b6e417c527191f866daa05a5a2056d https://github.com/urllib3/urllib3/security/advisories/GHSA-v845-jxx5-vc9f https://linux.oracle.com/cve/CVE-2023-43804.html https://linux.oracle.com/errata/ELSA-2024-2987.html https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3PR7C6RJ6JUBQKIJ644DMIJSUP36VDY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3PR7C6RJ6JUBQKIJ644DMIJSUP36VDY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAGZXYJ7H2G3SB47M453VQVNAWKAEJJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAGZXYJ7H2G3SB47M453VQVNAWKAEJJ/ https://nvd.nist.gov/vuln/detail/CVE-2023-43804 https://ubuntu.com/security/notices/USN-6473-1 https://ubuntu.com/security/notices/USN-6473-2 https://www.cve.org/CVERecord?id=CVE-2023-43804 urllib3 CVE-2023-45803 MEDIUM 2.0.2 2.0.7, 1.26.18 https://access.redhat.com/errata/RHSA-2024:2132 https://access.redhat.com/security/cve/CVE-2023-45803 https://bugzilla.redhat.com/2246840 https://bugzilla.redhat.com/2257028 https://bugzilla.redhat.com/2257854 https://bugzilla.redhat.com/show_bug.cgi?id=2246840 https://bugzilla.redhat.com/show_bug.cgi?id=2257028 https://bugzilla.redhat.com/show_bug.cgi?id=2257854 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45803 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52323 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22195 https://errata.almalinux.org/9/ALSA-2024-2132.html https://errata.rockylinux.org/RLSA-2024:2968 https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-212.yaml https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/4e50fbc5db74e32cabd5ccc1ab81fc103adfe0b3 https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9 https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36 https://github.com/urllib3/urllib3/releases/tag/1.26.18 https://github.com/urllib3/urllib3/releases/tag/2.0.7 https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4 https://linux.oracle.com/cve/CVE-2023-45803.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/ https://nvd.nist.gov/vuln/detail/CVE-2023-45803 https://ubuntu.com/security/notices/USN-6473-1 https://ubuntu.com/security/notices/USN-6473-2 https://www.cve.org/CVERecord?id=CVE-2023-45803 https://www.rfc-editor.org/rfc/rfc9110.html#name-get urllib3 CVE-2024-37891 MEDIUM 2.0.2 1.26.19, 2.2.2 https://access.redhat.com/errata/RHSA-2024:6162 https://access.redhat.com/security/cve/CVE-2024-37891 https://bugzilla.redhat.com/2292788 https://errata.almalinux.org/9/ALSA-2024-6162.html https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468 https://github.com/urllib3/urllib3/commit/accff72ecc2f6cf5a76d9570198a93ac7c90270e https://github.com/urllib3/urllib3/security/advisories/GHSA-34jh-p97f-mpxf https://linux.oracle.com/cve/CVE-2024-37891.html https://linux.oracle.com/errata/ELSA-2024-6311.html https://nvd.nist.gov/vuln/detail/CVE-2024-37891 https://www.cve.org/CVERecord?id=CVE-2024-37891 No Misconfigurations found