Skip to content

Instantly share code, notes, and snippets.

@mithilarun

mithilarun/lts1-p12.1-openvuln.csv

Last active May 17, 2023 16:20
Download ZIP
LTS1 Patch 12.1 Open Vulnerabilities
Raw
lts1-p12.1-openvuln.csv
Image Name Type Target PackageName VulnerabilityID Severity InstalledVersion FixedVersion Title
calico-cni-v3.18.1 Library opt/cni/bin/calico github.com/containernetworking/cni CVE-2021-20206 HIGH v0.8.0 0.8.1 containernetworking-cni: Arbitrary path injection via type field in CNI configuration
calico-cni-v3.18.1 Library opt/cni/bin/calico github.com/dgrijalva/jwt-go CVE-2020-26160 HIGH v3.2.0+incompatible jwt-go: access restriction bypass vulnerability
calico-cni-v3.18.1 Library opt/cni/bin/calico github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
calico-cni-v3.18.1 Library opt/cni/bin/calico github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.0.0 1.11.1 Denial of service using InstrumentHandlerCounter
calico-cni-v3.18.1 Library opt/cni/bin/calico go.etcd.io/etcd CVE-2018-1098 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b v3.3.2 etcd: Cross-site request forgery via crafted local POST forms
calico-cni-v3.18.1 Library opt/cni/bin/calico go.etcd.io/etcd CVE-2020-15115 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b 3.3.23; 3.4.10 etcd: improper validation of passwords allow an attacker to guess or brute-force user's passwords
calico-cni-v3.18.1 Library opt/cni/bin/calico golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
calico-cni-v3.18.1 Library opt/cni/bin/calico golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
calico-cni-v3.18.1 Library opt/cni/bin/calico golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
calico-cni-v3.18.1 Library opt/cni/bin/calico golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
calico-cni-v3.18.1 Library opt/cni/bin/calico golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
calico-cni-v3.18.1 Library opt/cni/bin/calico golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
calico-cni-v3.18.1 Library opt/cni/bin/calico golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
calico-cni-v3.18.1 Library opt/cni/bin/calico golang.org/x/text CVE-2021-38561 HIGH v0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
calico-cni-v3.18.1 Library opt/cni/bin/calico golang.org/x/text CVE-2022-32149 HIGH v0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam github.com/containernetworking/cni CVE-2021-20206 HIGH v0.8.0 0.8.1 containernetworking-cni: Arbitrary path injection via type field in CNI configuration
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam github.com/dgrijalva/jwt-go CVE-2020-26160 HIGH v3.2.0+incompatible jwt-go: access restriction bypass vulnerability
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.0.0 1.11.1 Denial of service using InstrumentHandlerCounter
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam go.etcd.io/etcd CVE-2018-1098 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b v3.3.2 etcd: Cross-site request forgery via crafted local POST forms
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam go.etcd.io/etcd CVE-2020-15115 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b 3.3.23; 3.4.10 etcd: improper validation of passwords allow an attacker to guess or brute-force user's passwords
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam golang.org/x/text CVE-2021-38561 HIGH v0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
calico-cni-v3.18.1 Library opt/cni/bin/calico-ipam golang.org/x/text CVE-2022-32149 HIGH v0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
calico-cni-v3.18.1 Library opt/cni/bin/install github.com/containernetworking/cni CVE-2021-20206 HIGH v0.8.0 0.8.1 containernetworking-cni: Arbitrary path injection via type field in CNI configuration
calico-cni-v3.18.1 Library opt/cni/bin/install github.com/dgrijalva/jwt-go CVE-2020-26160 HIGH v3.2.0+incompatible jwt-go: access restriction bypass vulnerability
calico-cni-v3.18.1 Library opt/cni/bin/install github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
calico-cni-v3.18.1 Library opt/cni/bin/install github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.0.0 1.11.1 Denial of service using InstrumentHandlerCounter
calico-cni-v3.18.1 Library opt/cni/bin/install go.etcd.io/etcd CVE-2018-1098 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b v3.3.2 etcd: Cross-site request forgery via crafted local POST forms
calico-cni-v3.18.1 Library opt/cni/bin/install go.etcd.io/etcd CVE-2020-15115 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b 3.3.23; 3.4.10 etcd: improper validation of passwords allow an attacker to guess or brute-force user's passwords
calico-cni-v3.18.1 Library opt/cni/bin/install golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
calico-cni-v3.18.1 Library opt/cni/bin/install golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
calico-cni-v3.18.1 Library opt/cni/bin/install golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
calico-cni-v3.18.1 Library opt/cni/bin/install golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
calico-cni-v3.18.1 Library opt/cni/bin/install golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
calico-cni-v3.18.1 Library opt/cni/bin/install golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
calico-cni-v3.18.1 Library opt/cni/bin/install golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
calico-cni-v3.18.1 Library opt/cni/bin/install golang.org/x/text CVE-2021-38561 HIGH v0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
calico-cni-v3.18.1 Library opt/cni/bin/install golang.org/x/text CVE-2022-32149 HIGH v0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
calico-kube-controllers-v3.18.1 Library usr/bin/check-status golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
calico-kube-controllers-v3.18.1 Library usr/bin/check-status golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
calico-kube-controllers-v3.18.1 Library usr/bin/check-status golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers github.com/dgrijalva/jwt-go CVE-2020-26160 HIGH v3.2.0+incompatible jwt-go: access restriction bypass vulnerability
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.7.1 1.11.1 Denial of service using InstrumentHandlerCounter
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers go.etcd.io/etcd CVE-2018-1098 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b v3.3.2 etcd: Cross-site request forgery via crafted local POST forms
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers go.etcd.io/etcd CVE-2020-15115 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b 3.3.23; 3.4.10 etcd: improper validation of passwords allow an attacker to guess or brute-force user's passwords
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201202161906-c7110b5ffcbb 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201202161906-c7110b5ffcbb 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201202161906-c7110b5ffcbb 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201202161906-c7110b5ffcbb 0.7.0 avoid quadratic complexity in HPACK decoding
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers golang.org/x/text CVE-2021-38561 HIGH v0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
calico-kube-controllers-v3.18.1 Library usr/bin/kube-controllers golang.org/x/text CVE-2022-32149 HIGH v0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
calico-node-v3.18.1 Library usr/bin/calico-node github.com/dgrijalva/jwt-go CVE-2020-26160 HIGH v3.2.0+incompatible jwt-go: access restriction bypass vulnerability
calico-node-v3.18.1 Library usr/bin/calico-node github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
calico-node-v3.18.1 Library usr/bin/calico-node github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.0.0 1.11.1 Denial of service using InstrumentHandlerCounter
calico-node-v3.18.1 Library usr/bin/calico-node go.etcd.io/etcd CVE-2018-1098 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b v3.3.2 etcd: Cross-site request forgery via crafted local POST forms
calico-node-v3.18.1 Library usr/bin/calico-node go.etcd.io/etcd CVE-2020-15115 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b 3.3.23; 3.4.10 etcd: improper validation of passwords allow an attacker to guess or brute-force user's passwords
calico-node-v3.18.1 Library usr/bin/calico-node golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
calico-node-v3.18.1 Library usr/bin/calico-node golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
calico-node-v3.18.1 Library usr/bin/calico-node golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
calico-node-v3.18.1 Library usr/bin/calico-node golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
calico-node-v3.18.1 Library usr/bin/calico-node golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
calico-node-v3.18.1 Library usr/bin/calico-node golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
calico-node-v3.18.1 Library usr/bin/calico-node golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
calico-node-v3.18.1 Library usr/bin/calico-node golang.org/x/text CVE-2021-38561 HIGH v0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
calico-node-v3.18.1 Library usr/bin/calico-node golang.org/x/text CVE-2022-32149 HIGH v0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
calico-node-v3.18.1 Library usr/bin/calico-node k8s.io/kubernetes CVE-2021-25741 HIGH v1.18.12 1.19.15; 1.20.11; 1.21.5; 1.22.2 kubernetes: Symlink exchange can allow host filesystem access
calico-node-v3.18.1 Library usr/bin/calico-node k8s.io/kubernetes CVE-2022-3294 HIGH v1.18.12 1.22.16; 1.23.14; 1.24.8; 1.25.4 kubernetes: node address isn't always verified when proxying
calico-typha-v3.18.1 Library code/calico-typha github.com/dgrijalva/jwt-go CVE-2020-26160 HIGH v3.2.0+incompatible jwt-go: access restriction bypass vulnerability
calico-typha-v3.18.1 Library code/calico-typha github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
calico-typha-v3.18.1 Library code/calico-typha github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.0.0 1.11.1 Denial of service using InstrumentHandlerCounter
calico-typha-v3.18.1 Library code/calico-typha go.etcd.io/etcd CVE-2018-1098 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b v3.3.2 etcd: Cross-site request forgery via crafted local POST forms
calico-typha-v3.18.1 Library code/calico-typha go.etcd.io/etcd CVE-2020-15115 HIGH v0.5.0-alpha.5.0.20201125193152-8a03d2e9614b 3.3.23; 3.4.10 etcd: improper validation of passwords allow an attacker to guess or brute-force user's passwords
calico-typha-v3.18.1 Library code/calico-typha golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
calico-typha-v3.18.1 Library code/calico-typha golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
calico-typha-v3.18.1 Library code/calico-typha golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
calico-typha-v3.18.1 Library code/calico-typha golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
calico-typha-v3.18.1 Library code/calico-typha golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
calico-typha-v3.18.1 Library code/calico-typha golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
calico-typha-v3.18.1 Library code/calico-typha golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
calico-typha-v3.18.1 Library code/calico-typha golang.org/x/text CVE-2021-38561 HIGH v0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
calico-typha-v3.18.1 Library code/calico-typha golang.org/x/text CVE-2022-32149 HIGH v0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.7.1 1.11.1 Denial of service using InstrumentHandlerCounter
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20200707034311-ab3426394381 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20200707034311-ab3426394381 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20200707034311-ab3426394381 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20200707034311-ab3426394381 0.7.0 avoid quadratic complexity in HPACK decoding
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy golang.org/x/text CVE-2021-38561 HIGH v0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
gcr.io-kubebuilder-kube-rbac-proxy-v0.8.0 Library usr/local/bin/kube-rbac-proxy golang.org/x/text CVE-2022-32149 HIGH v0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-cli github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.7.1 1.11.1 Denial of service using InstrumentHandlerCounter
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-cli golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200820211705-5c72a883971a 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-cli golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200820211705-5c72a883971a 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-cli golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200820211705-5c72a883971a 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-cli golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20200813134508-3edf25e44fcc 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-cli golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20200813134508-3edf25e44fcc 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-cli golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20200813134508-3edf25e44fcc 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-cli golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20200813134508-3edf25e44fcc 0.7.0 avoid quadratic complexity in HPACK decoding
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/crewjam/saml CVE-2020-27846 CRITICAL v0.4.1 0.4.3 crewjam/saml: authentication bypass in saml authentication
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/crewjam/saml CVE-2022-41912 CRITICAL v0.4.1 0.4.9 crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/crewjam/saml CVE-2023-28119 HIGH v0.4.1 v0.4.13 crewjam/saml: Denial Of Service Via Deflate Decompression Bomb
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.7.1 1.11.1 Denial of service using InstrumentHandlerCounter
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/russellhaering/goxmldsig CVE-2020-26290 CRITICAL v0.0.0-20200902171629-2e1fbc2c5593 1.1.0 Critical security issues in XML encoding in github.com/dexidp/dex
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/russellhaering/goxmldsig CVE-2020-27847 CRITICAL v0.0.0-20200902171629-2e1fbc2c5593 1.1.0 dexidp/dex: authentication bypass in saml authentication
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/russellhaering/goxmldsig GHSA-rrfw-hg9m-j47h CRITICAL v0.0.0-20200902171629-2e1fbc2c5593 0.4.2 Signature Validation Bypass
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/russellhaering/goxmldsig CVE-2020-7711 HIGH v0.0.0-20200902171629-2e1fbc2c5593 1.1.1 goxmldsig: sending malformed XML signatures could result in a crash
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/russellhaering/goxmldsig CVE-2020-7731 HIGH v0.0.0-20200902171629-2e1fbc2c5593 1.1.1 gosaml2 is vulnerable to NULL Pointer Dereference
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server github.com/russellhaering/goxmldsig GHSA-gq5r-cc4w-g8xf HIGH v0.0.0-20200902171629-2e1fbc2c5593 v1.1.1 gosaml2 is vulnerable to NULL Pointer Dereference
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200820211705-5c72a883971a 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200820211705-5c72a883971a 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200820211705-5c72a883971a 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20200813134508-3edf25e44fcc 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20200813134508-3edf25e44fcc 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20200813134508-3edf25e44fcc 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20200813134508-3edf25e44fcc 0.7.0 avoid quadratic complexity in HPACK decoding
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server golang.org/x/text CVE-2021-38561 HIGH v0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server golang.org/x/text CVE-2022-32149 HIGH v0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
grafana-grafana-7.2.0 Library usr/share/grafana/bin/grafana-server gopkg.in/yaml.v3 CVE-2022-28948 HIGH v3.0.0-20200615113413-eeeca48fe776 3.0.0-20220521103104-8f96da9f5d5e crash when attempting to deserialize invalid input
k8s.gcr.io-autoscaling-addon-resizer-1.8.14 Library pod_nanny golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20210525063256-abc453219eb5 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
k8s.gcr.io-autoscaling-addon-resizer-1.8.14 Library pod_nanny golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20210525063256-abc453219eb5 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
k8s.gcr.io-autoscaling-addon-resizer-1.8.14 Library pod_nanny golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20210525063256-abc453219eb5 0.7.0 avoid quadratic complexity in HPACK decoding
k8s.gcr.io-autoscaling-addon-resizer-1.8.14 Library pod_nanny golang.org/x/text CVE-2021-38561 HIGH v0.3.6 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
k8s.gcr.io-autoscaling-addon-resizer-1.8.14 Library pod_nanny golang.org/x/text CVE-2022-32149 HIGH v0.3.6 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
k8s.gcr.io-autoscaling-addon-resizer-1.8.14 Library pod_nanny gopkg.in/yaml.v3 CVE-2022-28948 HIGH v3.0.0-20210107192922-496545a6307b 3.0.0-20220521103104-8f96da9f5d5e crash when attempting to deserialize invalid input
k8s.gcr.io-coredns-1.7.0 Library coredns github.com/apache/thrift CVE-2020-13949 HIGH v0.13.0 v0.14.0 libthrift: potential DoS when processing untrusted payloads
k8s.gcr.io-coredns-1.7.0 Library coredns github.com/dgrijalva/jwt-go CVE-2020-26160 HIGH v3.2.0+incompatible jwt-go: access restriction bypass vulnerability
k8s.gcr.io-coredns-1.7.0 Library coredns github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
k8s.gcr.io-coredns-1.7.0 Library coredns github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.6.0 1.11.1 Denial of service using InstrumentHandlerCounter
k8s.gcr.io-coredns-1.7.0 Library coredns go.etcd.io/etcd CVE-2018-1098 HIGH v0.5.0-alpha.5.0.20200306183522-221f0cc107cb v3.3.2 etcd: Cross-site request forgery via crafted local POST forms
k8s.gcr.io-coredns-1.7.0 Library coredns go.etcd.io/etcd CVE-2020-15115 HIGH v0.5.0-alpha.5.0.20200306183522-221f0cc107cb 3.3.23; 3.4.10 etcd: improper validation of passwords allow an attacker to guess or brute-force user's passwords
k8s.gcr.io-coredns-1.7.0 Library coredns golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200323165209-0ec3e9974c59 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
k8s.gcr.io-coredns-1.7.0 Library coredns golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200323165209-0ec3e9974c59 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
k8s.gcr.io-coredns-1.7.0 Library coredns golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200323165209-0ec3e9974c59 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
k8s.gcr.io-coredns-1.7.0 Library coredns golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20200324143707-d3edc9973b7e 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
k8s.gcr.io-coredns-1.7.0 Library coredns golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20200324143707-d3edc9973b7e 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
k8s.gcr.io-coredns-1.7.0 Library coredns golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20200324143707-d3edc9973b7e 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
k8s.gcr.io-coredns-1.7.0 Library coredns golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20200324143707-d3edc9973b7e 0.7.0 avoid quadratic complexity in HPACK decoding
k8s.gcr.io-coredns-1.7.0 Library coredns golang.org/x/text CVE-2021-38561 HIGH v0.3.2 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
k8s.gcr.io-coredns-1.7.0 Library coredns golang.org/x/text CVE-2022-32149 HIGH v0.3.2 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server github.com/emicklei/go-restful CVE-2022-1996 CRITICAL v2.9.5+incompatible 2.16.0 go-restful: Authorization Bypass Through User-Controlled Key
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.7.1 1.11.1 Denial of service using InstrumentHandlerCounter
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server go.etcd.io/etcd CVE-2018-1098 HIGH v0.5.0-alpha.5.0.20200910180754-dd1b699fc489 v3.3.2 etcd: Cross-site request forgery via crafted local POST forms
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server go.etcd.io/etcd CVE-2020-15115 HIGH v0.5.0-alpha.5.0.20200910180754-dd1b699fc489 3.3.23; 3.4.10 etcd: improper validation of passwords allow an attacker to guess or brute-force user's passwords
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20210220033148-5ea612d1eb83 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20210220033148-5ea612d1eb83 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20210224082022-3d97a244fca7 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20210224082022-3d97a244fca7 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20210224082022-3d97a244fca7 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20210224082022-3d97a244fca7 0.7.0 avoid quadratic complexity in HPACK decoding
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server golang.org/x/text CVE-2021-38561 HIGH v0.3.5 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
k8s.gcr.io-metrics-server-metrics-server-v0.5.0 Library metrics-server golang.org/x/text CVE-2022-32149 HIGH v0.3.5 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
kubernetesui-dashboard-v2.0.3 Library dashboard github.com/emicklei/go-restful CVE-2022-1996 CRITICAL v2.12.0+incompatible 2.16.0 go-restful: Authorization Bypass Through User-Controlled Key
kubernetesui-dashboard-v2.0.3 Library dashboard github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
kubernetesui-dashboard-v2.0.3 Library dashboard github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.7.0 1.11.1 Denial of service using InstrumentHandlerCounter
kubernetesui-dashboard-v2.0.3 Library dashboard golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200220183623-bac4c82f6975 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
kubernetesui-dashboard-v2.0.3 Library dashboard golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200220183623-bac4c82f6975 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
kubernetesui-dashboard-v2.0.3 Library dashboard golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200220183623-bac4c82f6975 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
kubernetesui-dashboard-v2.0.3 Library dashboard golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20200602114024-627f9648deb9 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
kubernetesui-dashboard-v2.0.3 Library dashboard golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20200602114024-627f9648deb9 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
kubernetesui-dashboard-v2.0.3 Library dashboard golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20200602114024-627f9648deb9 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
kubernetesui-dashboard-v2.0.3 Library dashboard golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20200602114024-627f9648deb9 0.7.0 avoid quadratic complexity in HPACK decoding
kubernetesui-dashboard-v2.0.3 Library dashboard golang.org/x/text CVE-2021-38561 HIGH v0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
kubernetesui-dashboard-v2.0.3 Library dashboard golang.org/x/text CVE-2022-32149 HIGH v0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-hostplumber-v0.3 Library manager github.com/gogo/protobuf CVE-2021-3121 HIGH v1.2.2-0.20190723190241-65acae22fc9d 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
platform9-hostplumber-v0.3 Library manager github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.0.0 1.11.1 Denial of service using InstrumentHandlerCounter
platform9-hostplumber-v0.3 Library manager golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
platform9-hostplumber-v0.3 Library manager golang.org/x/crypto CVE-2020-7919 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20200124225646-8b5121be2f68 golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service
platform9-hostplumber-v0.3 Library manager golang.org/x/crypto CVE-2020-9283 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20200220183623-bac4c82f6975 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
platform9-hostplumber-v0.3 Library manager golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-hostplumber-v0.3 Library manager golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-hostplumber-v0.3 Library manager golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-hostplumber-v0.3 Library manager golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-hostplumber-v0.3 Library manager golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-hostplumber-v0.3 Library manager golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20191004110552-13f9640d40b9 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-hostplumber-v0.3 Library manager golang.org/x/text CVE-2021-38561 HIGH v0.3.2 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-hostplumber-v0.3 Library manager golang.org/x/text CVE-2022-32149 HIGH v0.3.2 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-luigi-plugins-v0.3 Library manager github.com/gogo/protobuf CVE-2021-3121 HIGH v1.2.2-0.20190723190241-65acae22fc9d 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
platform9-luigi-plugins-v0.3 Library manager github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.0.0 1.11.1 Denial of service using InstrumentHandlerCounter
platform9-luigi-plugins-v0.3 Library manager golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
platform9-luigi-plugins-v0.3 Library manager golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-luigi-plugins-v0.3 Library manager golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-luigi-plugins-v0.3 Library manager golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-luigi-plugins-v0.3 Library manager golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-luigi-plugins-v0.3 Library manager golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-luigi-plugins-v0.3 Library manager golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-luigi-plugins-v0.3 Library manager golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-luigi-plugins-v0.3 Library manager golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/bin/multus github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.7.1 1.11.1 Denial of service using InstrumentHandlerCounter
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/bin/multus golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20210224082022-3d97a244fca7 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/bin/multus golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20210224082022-3d97a244fca7 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/bin/multus golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20210224082022-3d97a244fca7 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/bin/multus golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20210224082022-3d97a244fca7 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/bin/multus golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/bin/multus golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/bin/multus k8s.io/kubernetes CVE-2021-25741 HIGH v1.21.1 1.19.15; 1.20.11; 1.21.5; 1.22.2 kubernetes: Symlink exchange can allow host filesystem access
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/bin/multus k8s.io/kubernetes CVE-2022-3294 HIGH v1.21.1 1.22.16; 1.23.14; 1.24.8; 1.25.4 kubernetes: node address isn't always verified when proxying
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/buger/jsonparser CVE-2020-10675 HIGH 0.0.0-20180808090653-f4dd9f5a6b44 1.0.0 golang-github-buger-jsonparser: infinite loop via a Delete call
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/buger/jsonparser CVE-2020-35381 HIGH 0.0.0-20180808090653-f4dd9f5a6b44 1.1.1 jsonparser: GET call can lead to a slice bounds out of range
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/containerd/containerd CVE-2021-41103 HIGH 1.4.4 v1.4.11; v1.5.7 containerd: insufficiently restricted permissions on container root and plugin directories
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/containerd/containerd CVE-2022-23648 HIGH 1.4.4 1.4.13; 1.5.10; 1.6.1 containerd: insecure handling of image volumes
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/dgrijalva/jwt-go CVE-2020-26160 HIGH 3.2.0+incompatible jwt-go: access restriction bypass vulnerability
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/docker/docker CVE-2023-28840 HIGH 20.10.2+incompatible 20.10.24; 23.0.3 Encrypted overlay network may be unauthenticated
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/emicklei/go-restful CVE-2022-1996 CRITICAL 2.10.0+incompatible 2.16.0 go-restful: Authorization Bypass Through User-Controlled Key
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/opencontainers/runc CVE-2021-30465 HIGH 1.0.0-rc93 1.0.0-rc95 runc: vulnerable to symlink exchange attack
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/opencontainers/runc CVE-2022-29162 HIGH 1.0.0-rc93 v1.1.2 runc: incorrect handling of inheritable capabilities
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/opencontainers/runc CVE-2023-27561 HIGH 1.0.0-rc93 v1.1.5 volume mount race condition (regression of CVE-2019-19921)
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/opencontainers/runc CVE-2023-28642 HIGH 1.0.0-rc93 v1.1.5 AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod github.com/prometheus/client_golang CVE-2022-21698 HIGH 1.7.1 1.11.1 Denial of service using InstrumentHandlerCounter
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod go.etcd.io/etcd CVE-2018-1098 HIGH 0.5.0-alpha.5.0.20200910180754-dd1b699fc489 v3.3.2 etcd: Cross-site request forgery via crafted local POST forms
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod go.etcd.io/etcd CVE-2020-15115 HIGH 0.5.0-alpha.5.0.20200910180754-dd1b699fc489 3.3.23; 3.4.10 etcd: improper validation of passwords allow an attacker to guess or brute-force user's passwords
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod golang.org/x/crypto CVE-2021-43565 HIGH 0.0.0-20210220033148-5ea612d1eb83 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod golang.org/x/crypto CVE-2022-27191 HIGH 0.0.0-20210220033148-5ea612d1eb83 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod golang.org/x/net CVE-2021-33194 HIGH 0.0.0-20210224082022-3d97a244fca7 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod golang.org/x/net CVE-2021-44716 HIGH 0.0.0-20210224082022-3d97a244fca7 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod golang.org/x/net CVE-2022-27664 HIGH 0.0.0-20210224082022-3d97a244fca7 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod golang.org/x/net CVE-2022-41723 HIGH 0.0.0-20210224082022-3d97a244fca7 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod golang.org/x/text CVE-2021-38561 HIGH 0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod golang.org/x/text CVE-2022-32149 HIGH 0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod gopkg.in/yaml.v3 CVE-2022-28948 HIGH 3.0.0-20200313102051-9f266ea9e77c 3.0.0-20220521103104-8f96da9f5d5e crash when attempting to deserialize invalid input
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod k8s.io/kube-proxy CVE-2020-8558 HIGH 0.21.1 1.18.4; 1.16.11; 1.16.11 kubernetes: node localhost services reachable via martian packets
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod k8s.io/kubernetes CVE-2021-25741 HIGH 1.21.1 1.19.15; 1.20.11; 1.21.5; 1.22.2 kubernetes: Symlink exchange can allow host filesystem access
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/go.mod k8s.io/kubernetes CVE-2022-3294 HIGH 1.21.1 1.22.16; 1.23.14; 1.24.8; 1.25.4 kubernetes: node address isn't always verified when proxying
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2018-17142 HIGH 0.0.0-20180906233101-161cd47e91fd 0.0.0-20180925071336-cf3bd585ca2a golang-org-x-net-html: Runtime panic in html.Parse() via crafted html
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2018-17143 HIGH 0.0.0-20180906233101-161cd47e91fd 0.0.0-20180921000356-2f5d2388922f golang-org-x-net-html: Runtime panic in html.Parse() via crafted html
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2018-17846 HIGH 0.0.0-20180906233101-161cd47e91fd 0.0.0-20190125091013-d26f9f9a57f3 golang-org-x-net-html: infinite loop during html.Parse() via inSelectIM and inSelectInTableIM
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2018-17847 HIGH 0.0.0-20180906233101-161cd47e91fd 0.0.0-20190125002852-4b62a64f59f7 golang-org-x-net-html: index out of range in (*nodeStack).pop in node.go causes runtime panic during html.Parse() call
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2018-17848 HIGH 0.0.0-20180906233101-161cd47e91fd 0.0.0-20190125002852-4b62a64f59f7 golang-org-x-net-html: index out of range in (*insertionModeStack).pop in node.go causes runtime panic during html.Parse() call
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2019-9512 HIGH 0.0.0-20180906233101-161cd47e91fd 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using PING frames results in unbounded memory growth
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2019-9514 HIGH 0.0.0-20180906233101-161cd47e91fd 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using HEADERS frames results in unbounded memory growth
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2021-33194 HIGH 0.0.0-20180906233101-161cd47e91fd 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2021-44716 HIGH 0.0.0-20180906233101-161cd47e91fd 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2022-27664 HIGH 0.0.0-20180906233101-161cd47e91fd 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/net CVE-2022-41723 HIGH 0.0.0-20180906233101-161cd47e91fd 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/text CVE-2021-38561 HIGH 0.3.0 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/ginkgo/go.mod golang.org/x/text CVE-2022-32149 HIGH 0.3.0 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/gomega/go.mod golang.org/x/crypto CVE-2020-29652 HIGH 0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/gomega/go.mod golang.org/x/crypto CVE-2021-43565 HIGH 0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/gomega/go.mod golang.org/x/crypto CVE-2022-27191 HIGH 0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/gomega/go.mod golang.org/x/net CVE-2021-33194 HIGH 0.0.0-20201006153459-a7d1128ccaa0 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/gomega/go.mod golang.org/x/net CVE-2021-44716 HIGH 0.0.0-20201006153459-a7d1128ccaa0 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/gomega/go.mod golang.org/x/net CVE-2022-27664 HIGH 0.0.0-20201006153459-a7d1128ccaa0 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/gomega/go.mod golang.org/x/net CVE-2022-41723 HIGH 0.0.0-20201006153459-a7d1128ccaa0 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/gomega/go.mod golang.org/x/text CVE-2021-38561 HIGH 0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/github.com/onsi/gomega/go.mod golang.org/x/text CVE-2022-32149 HIGH 0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/net CVE-2018-17846 HIGH 0.0.0-20190108225652-1e06a53dbb7e 0.0.0-20190125091013-d26f9f9a57f3 golang-org-x-net-html: infinite loop during html.Parse() via inSelectIM and inSelectInTableIM
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/net CVE-2018-17847 HIGH 0.0.0-20190108225652-1e06a53dbb7e 0.0.0-20190125002852-4b62a64f59f7 golang-org-x-net-html: index out of range in (*nodeStack).pop in node.go causes runtime panic during html.Parse() call
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/net CVE-2018-17848 HIGH 0.0.0-20190108225652-1e06a53dbb7e 0.0.0-20190125002852-4b62a64f59f7 golang-org-x-net-html: index out of range in (*insertionModeStack).pop in node.go causes runtime panic during html.Parse() call
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/net CVE-2019-9512 HIGH 0.0.0-20190108225652-1e06a53dbb7e 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using PING frames results in unbounded memory growth
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/net CVE-2019-9514 HIGH 0.0.0-20190108225652-1e06a53dbb7e 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using HEADERS frames results in unbounded memory growth
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/net CVE-2021-33194 HIGH 0.0.0-20190108225652-1e06a53dbb7e 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/net CVE-2021-44716 HIGH 0.0.0-20190108225652-1e06a53dbb7e 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/net CVE-2022-27664 HIGH 0.0.0-20190108225652-1e06a53dbb7e 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/net CVE-2022-41723 HIGH 0.0.0-20190108225652-1e06a53dbb7e 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/text CVE-2021-38561 HIGH 0.3.0 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/golang.org/x/oauth2/go.mod golang.org/x/text CVE-2022-32149 HIGH 0.3.0 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/crypto CVE-2020-29652 HIGH 0.0.0-20190308221718-c2843e01d9a2 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/crypto CVE-2020-7919 HIGH 0.0.0-20190308221718-c2843e01d9a2 0.0.0-20200124225646-8b5121be2f68 golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/crypto CVE-2020-9283 HIGH 0.0.0-20190308221718-c2843e01d9a2 0.0.0-20200220183623-bac4c82f6975 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/crypto CVE-2021-43565 HIGH 0.0.0-20190308221718-c2843e01d9a2 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/crypto CVE-2022-27191 HIGH 0.0.0-20190308221718-c2843e01d9a2 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/net CVE-2019-9512 HIGH 0.0.0-20190311183353-d8887717615a 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using PING frames results in unbounded memory growth
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/net CVE-2019-9514 HIGH 0.0.0-20190311183353-d8887717615a 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using HEADERS frames results in unbounded memory growth
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/net CVE-2021-33194 HIGH 0.0.0-20190311183353-d8887717615a 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/net CVE-2021-44716 HIGH 0.0.0-20190311183353-d8887717615a 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/net CVE-2022-27664 HIGH 0.0.0-20190311183353-d8887717615a 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/net CVE-2022-41723 HIGH 0.0.0-20190311183353-d8887717615a 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/text CVE-2021-38561 HIGH 0.3.0 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-multus-v3.7.2-pmk-1 Library usr/src/multus-cni/vendor/google.golang.org/grpc/go.mod golang.org/x/text CVE-2022-32149 HIGH 0.3.0 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master github.com/gogo/protobuf CVE-2021-3121 HIGH v1.2.2-0.20190723190241-65acae22fc9d 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/crypto CVE-2020-7919 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20200124225646-8b5121be2f68 golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/crypto CVE-2020-9283 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20200220183623-bac4c82f6975 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20191004110552-13f9640d40b9 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/text CVE-2021-38561 HIGH v0.3.2 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-master golang.org/x/text CVE-2022-32149 HIGH v0.3.2 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-worker golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-worker golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-worker golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-worker golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20191004110552-13f9640d40b9 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-worker golang.org/x/text CVE-2021-38561 HIGH v0.3.2 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-node-feature-discovery-v0.6.0-pmk-1 Library usr/bin/nfd-worker golang.org/x/text CVE-2022-32149 HIGH v0.3.2 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-pf9-addon-operator-3.2.3 Library manager github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.7.1 1.11.1 Denial of service using InstrumentHandlerCounter
platform9-pf9-addon-operator-3.2.3 Library manager golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20201221181555-eec23a3978ad 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-pf9-addon-operator-3.2.3 Library manager golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20201221181555-eec23a3978ad 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-pf9-addon-operator-3.2.3 Library manager golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-pf9-addon-operator-3.2.3 Library manager golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-pf9-addon-operator-3.2.3 Library manager golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-pf9-addon-operator-3.2.3 Library manager golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-pf9-addon-operator-3.2.3 Library manager golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-pf9-addon-operator-3.2.3 Library manager golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-pf9-profile-agent-1.0.0 Library root/pf9-profile-agent github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
platform9-pf9-profile-agent-1.0.0 Library root/pf9-profile-agent golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20201221181555-eec23a3978ad 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-pf9-profile-agent-1.0.0 Library root/pf9-profile-agent golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20201221181555-eec23a3978ad 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-pf9-profile-agent-1.0.0 Library root/pf9-profile-agent golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-pf9-profile-agent-1.0.0 Library root/pf9-profile-agent golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-pf9-profile-agent-1.0.0 Library root/pf9-profile-agent golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-pf9-profile-agent-1.0.0 Library root/pf9-profile-agent golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-pf9-profile-agent-1.0.0 Library root/pf9-profile-agent golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-pf9-profile-agent-1.0.0 Library root/pf9-profile-agent golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-pf9-sentry-1.0.1 Library pf9-sentry github.com/gogo/protobuf CVE-2021-3121 HIGH v1.2.2-0.20190723190241-65acae22fc9d 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/crypto CVE-2020-7919 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20200124225646-8b5121be2f68 golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/crypto CVE-2020-9283 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20200220183623-bac4c82f6975 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20190820162420-60c769a6c586 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20191004110552-13f9640d40b9 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20191004110552-13f9640d40b9 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/text CVE-2021-38561 HIGH v0.3.2 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-pf9-sentry-1.0.1 Library pf9-sentry golang.org/x/text CVE-2022-32149 HIGH v0.3.2 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-python-3.10-alpine3.15 Library Python wheel CVE-2022-40898 HIGH 0.37.1 0.38.1 remote attackers can cause denial of service via attacker controlled input to wheel cli
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 Library usr/bin/sriovdp golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 Library usr/bin/sriovdp golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 Library usr/bin/sriovdp golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20200622213623-75b288015ac9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 Library usr/bin/sriovdp golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201021035429-f5854403a974 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 Library usr/bin/sriovdp golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201021035429-f5854403a974 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 Library usr/bin/sriovdp golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201021035429-f5854403a974 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 Library usr/bin/sriovdp golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201021035429-f5854403a974 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 Library usr/bin/sriovdp golang.org/x/text CVE-2021-38561 HIGH v0.3.3 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 Library usr/bin/sriovdp golang.org/x/text CVE-2022-32149 HIGH v0.3.3 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-whereabouts-v0.4.8 Library ip-reconciler github.com/containernetworking/cni CVE-2021-20206 HIGH v0.7.1 0.8.1 containernetworking-cni: Arbitrary path injection via type field in CNI configuration
platform9-whereabouts-v0.4.8 Library ip-reconciler golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
platform9-whereabouts-v0.4.8 Library ip-reconciler golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-whereabouts-v0.4.8 Library ip-reconciler golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-whereabouts-v0.4.8 Library ip-reconciler golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-whereabouts-v0.4.8 Library ip-reconciler golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-whereabouts-v0.4.8 Library ip-reconciler golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-whereabouts-v0.4.8 Library ip-reconciler golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-whereabouts-v0.4.8 Library ip-reconciler golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-whereabouts-v0.4.8 Library ip-reconciler golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-whereabouts-v0.4.8 Library ip-reconciler gopkg.in/yaml.v3 CVE-2022-28948 HIGH v3.0.0-20200615113413-eeeca48fe776 3.0.0-20220521103104-8f96da9f5d5e crash when attempting to deserialize invalid input
platform9-whereabouts-v0.4.8 Library whereabouts github.com/containernetworking/cni CVE-2021-20206 HIGH v0.7.1 0.8.1 containernetworking-cni: Arbitrary path injection via type field in CNI configuration
platform9-whereabouts-v0.4.8 Library whereabouts golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
platform9-whereabouts-v0.4.8 Library whereabouts golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
platform9-whereabouts-v0.4.8 Library whereabouts golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
platform9-whereabouts-v0.4.8 Library whereabouts golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
platform9-whereabouts-v0.4.8 Library whereabouts golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
platform9-whereabouts-v0.4.8 Library whereabouts golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
platform9-whereabouts-v0.4.8 Library whereabouts golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
platform9-whereabouts-v0.4.8 Library whereabouts golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
platform9-whereabouts-v0.4.8 Library whereabouts golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
platform9-whereabouts-v0.4.8 Library whereabouts gopkg.in/yaml.v3 CVE-2022-28948 HIGH v3.0.0-20200615113413-eeeca48fe776 3.0.0-20220521103104-8f96da9f5d5e crash when attempting to deserialize invalid input
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld github.com/docker/distribution CVE-2017-11468 HIGH v2.4.0+incompatible 2.7.0-rc.0 docker-distribution: Does not properly restrict the amount of content accepted from a user
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld github.com/emicklei/go-restful CVE-2022-1996 CRITICAL v1.1.4-0.20161212084525-09691a3b6378 2.16.0 go-restful: Authorization Bypass Through User-Controlled Key
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld github.com/gogo/protobuf CVE-2021-3121 HIGH v0.0.0-20160824171236-909568be09de 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/crypto CVE-2020-7919 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20200124225646-8b5121be2f68 golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/crypto CVE-2020-9283 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20200220183623-bac4c82f6975 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/net CVE-2019-9512 HIGH v0.0.0-20190311183353-d8887717615a 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using PING frames results in unbounded memory growth
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/net CVE-2019-9514 HIGH v0.0.0-20190311183353-d8887717615a 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using HEADERS frames results in unbounded memory growth
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20190311183353-d8887717615a 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20190311183353-d8887717615a 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20190311183353-d8887717615a 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20190311183353-d8887717615a 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/text CVE-2021-38561 HIGH v0.3.0 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld golang.org/x/text CVE-2022-32149 HIGH v0.3.0 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld gopkg.in/yaml.v2 CVE-2022-3064 HIGH v2.0.0-20170712054546-1be3d31502d6 2.2.4 Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents
quay.io-coreos-flannel-v0.13.0 Library opt/bin/flanneld k8s.io/apimachinery GHSA-74fp-r6jw-h4mp HIGH v0.0.0-20170513172009-9603df80256c 0.0.0-20190927203648-9ce6eca90e73 Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON parsing
quay.io-metallb-controller-v0.9.7 Library controller github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
quay.io-metallb-controller-v0.9.7 Library controller github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.0.0 1.11.1 Denial of service using InstrumentHandlerCounter
quay.io-metallb-controller-v0.9.7 Library controller golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
quay.io-metallb-controller-v0.9.7 Library controller golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
quay.io-metallb-controller-v0.9.7 Library controller golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
quay.io-metallb-controller-v0.9.7 Library controller golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-metallb-controller-v0.9.7 Library controller golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-metallb-controller-v0.9.7 Library controller golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-metallb-controller-v0.9.7 Library controller golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-metallb-controller-v0.9.7 Library controller golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-metallb-controller-v0.9.7 Library controller golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-metallb-speaker-v0.9.7 Library speaker github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
quay.io-metallb-speaker-v0.9.7 Library speaker github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.0.0 1.11.1 Denial of service using InstrumentHandlerCounter
quay.io-metallb-speaker-v0.9.7 Library speaker golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
quay.io-metallb-speaker-v0.9.7 Library speaker golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
quay.io-metallb-speaker-v0.9.7 Library speaker golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
quay.io-metallb-speaker-v0.9.7 Library speaker golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-metallb-speaker-v0.9.7 Library speaker golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-metallb-speaker-v0.9.7 Library speaker golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-metallb-speaker-v0.9.7 Library speaker golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-metallb-speaker-v0.9.7 Library speaker golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-metallb-speaker-v0.9.7 Library speaker golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/configmap-server gopkg.in/yaml.v3 CVE-2022-28948 HIGH v3.0.0-20200615113413-eeeca48fe776 3.0.0-20220521103104-8f96da9f5d5e crash when attempting to deserialize invalid input
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/grpc_health_probe golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20191021144547-ec77196f6094 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/grpc_health_probe golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20191021144547-ec77196f6094 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/grpc_health_probe golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20191021144547-ec77196f6094 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/grpc_health_probe golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20191021144547-ec77196f6094 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/grpc_health_probe golang.org/x/text CVE-2021-38561 HIGH v0.3.2 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/grpc_health_probe golang.org/x/text CVE-2022-32149 HIGH v0.3.2 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm github.com/docker/cli CVE-2021-41092 HIGH v0.0.0-20200130152716-5d0cf8839492 v20.10.9 docker: cli leaks private registry credentials to registry-1.docker.io
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm github.com/docker/distribution CVE-2017-11468 HIGH v0.0.0-20191216044856-a8371794149d 2.7.0-rc.0 docker-distribution: Does not properly restrict the amount of content accepted from a user
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm github.com/docker/docker CVE-2015-3627 HIGH v1.4.2-0.20200203170920-46ec8731fbce v1.6.1 insecure opening of file-descriptor 1 leading to privilege escalation
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm github.com/opencontainers/runc CVE-2019-16884 HIGH v0.1.1 1.0.0-rc8.0.20190930145003-cad42f6e0932 runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm github.com/opencontainers/runc CVE-2021-30465 HIGH v0.1.1 1.0.0-rc95 runc: vulnerable to symlink exchange attack
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm github.com/opencontainers/runc CVE-2022-29162 HIGH v0.1.1 v1.1.2 runc: incorrect handling of inheritable capabilities
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm github.com/opencontainers/runc CVE-2023-27561 HIGH v0.1.1 v1.1.5 volume mount race condition (regression of CVE-2019-19921)
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm github.com/opencontainers/runc CVE-2023-28642 HIGH v0.1.1 v1.1.5 AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.7.1 1.11.1 Denial of service using InstrumentHandlerCounter
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20201002170205-7f63de1d35b0 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201110031124-69a78807bb2b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201110031124-69a78807bb2b 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-operator-framework-configmap-operator-registry-v1.17.5 Library bin/opm gopkg.in/yaml.v3 CVE-2022-28948 HIGH v3.0.0-20200615113413-eeeca48fe776 3.0.0-20220521103104-8f96da9f5d5e crash when attempting to deserialize invalid input
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.6.0 1.11.1 Denial of service using InstrumentHandlerCounter
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20191011191535-87dc89f01550 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/crypto CVE-2020-7919 HIGH v0.0.0-20191011191535-87dc89f01550 0.0.0-20200124225646-8b5121be2f68 golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/crypto CVE-2020-9283 HIGH v0.0.0-20191011191535-87dc89f01550 0.0.0-20200220183623-bac4c82f6975 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20191011191535-87dc89f01550 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20191011191535-87dc89f01550 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20200513185701-a91f0712d120 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20200513185701-a91f0712d120 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20200513185701-a91f0712d120 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20200513185701-a91f0712d120 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/text CVE-2021-38561 HIGH v0.3.2 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-prometheus-alertmanager-v0.21.0 Library bin/alertmanager golang.org/x/text CVE-2022-32149 HIGH v0.3.2 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool github.com/gogo/protobuf CVE-2021-3121 HIGH v1.3.1 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.6.0 1.11.1 Denial of service using InstrumentHandlerCounter
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20191011191535-87dc89f01550 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/crypto CVE-2020-7919 HIGH v0.0.0-20191011191535-87dc89f01550 0.0.0-20200124225646-8b5121be2f68 golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/crypto CVE-2020-9283 HIGH v0.0.0-20191011191535-87dc89f01550 0.0.0-20200220183623-bac4c82f6975 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20191011191535-87dc89f01550 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20191011191535-87dc89f01550 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20200513185701-a91f0712d120 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20200513185701-a91f0712d120 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20200513185701-a91f0712d120 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20200513185701-a91f0712d120 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/text CVE-2021-38561 HIGH v0.3.2 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-prometheus-alertmanager-v0.21.0 Library bin/amtool golang.org/x/text CVE-2022-32149 HIGH v0.3.2 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-prometheus-operator-prometheus-config-reloader-v0.46.0 Library bin/prometheus-config-reloader github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.9.0 1.11.1 Denial of service using InstrumentHandlerCounter
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.9.0 1.11.1 Denial of service using InstrumentHandlerCounter
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20201208171446-5f87f3452ae9 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20201208171446-5f87f3452ae9 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20201208171446-5f87f3452ae9 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20201224014010-6772e930b67b 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20201224014010-6772e930b67b 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20201224014010-6772e930b67b 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20201224014010-6772e930b67b 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator golang.org/x/text CVE-2021-38561 HIGH v0.3.4 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator golang.org/x/text CVE-2022-32149 HIGH v0.3.4 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-prometheus-operator-prometheus-operator-v0.46.0 Library bin/operator gopkg.in/yaml.v3 CVE-2022-28948 HIGH v3.0.0-20200615113413-eeeca48fe776 3.0.0-20220521103104-8f96da9f5d5e crash when attempting to deserialize invalid input
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus github.com/dgrijalva/jwt-go CVE-2020-26160 HIGH v0.0.0-20160705203006-01aeca54ebda jwt-go: access restriction bypass vulnerability
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus github.com/gogo/protobuf CVE-2021-3121 HIGH v1.2.2-0.20190730201129-28a6bbf47e48 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.2.0 1.11.1 Denial of service using InstrumentHandlerCounter
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/crypto CVE-2020-7919 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20200124225646-8b5121be2f68 golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/crypto CVE-2020-9283 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20200220183623-bac4c82f6975 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/net CVE-2019-9512 HIGH v0.0.0-20190724013045-ca1201d0de80 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using PING frames results in unbounded memory growth
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/net CVE-2019-9514 HIGH v0.0.0-20190724013045-ca1201d0de80 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using HEADERS frames results in unbounded memory growth
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20190724013045-ca1201d0de80 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20190724013045-ca1201d0de80 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20190724013045-ca1201d0de80 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20190724013045-ca1201d0de80 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/text CVE-2021-38561 HIGH v0.3.2 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus golang.org/x/text CVE-2022-32149 HIGH v0.3.2 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus gopkg.in/yaml.v3 CVE-2022-28948 HIGH v3.0.0-20191120175047-4206685974f2 3.0.0-20220521103104-8f96da9f5d5e crash when attempting to deserialize invalid input
quay.io-prometheus-prometheus-v2.16.0 Library bin/prometheus k8s.io/apimachinery GHSA-74fp-r6jw-h4mp HIGH v0.0.0-20190809020650-423f5d784010 0.0.0-20190927203648-9ce6eca90e73 Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON parsing
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool github.com/dgrijalva/jwt-go CVE-2020-26160 HIGH v0.0.0-20160705203006-01aeca54ebda jwt-go: access restriction bypass vulnerability
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool github.com/gogo/protobuf CVE-2021-3121 HIGH v1.2.2-0.20190730201129-28a6bbf47e48 1.3.2 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool github.com/prometheus/client_golang CVE-2022-21698 HIGH v1.2.0 1.11.1 Denial of service using InstrumentHandlerCounter
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/crypto CVE-2020-29652 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20201216223049-8b5274cf687f golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/crypto CVE-2020-7919 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20200124225646-8b5121be2f68 golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/crypto CVE-2020-9283 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20200220183623-bac4c82f6975 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/crypto CVE-2021-43565 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20211202192323-5770296d904e golang.org/x/crypto: empty plaintext packet causes panic
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/crypto CVE-2022-27191 HIGH v0.0.0-20190308221718-c2843e01d9a2 0.0.0-20220314234659-1baeb1ce4c0b crash in a golang.org/x/crypto/ssh server
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/net CVE-2019-9512 HIGH v0.0.0-20190724013045-ca1201d0de80 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using PING frames results in unbounded memory growth
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/net CVE-2019-9514 HIGH v0.0.0-20190724013045-ca1201d0de80 0.0.0-20190813141303-74dc4d7220e7 HTTP/2: flood using HEADERS frames results in unbounded memory growth
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/net CVE-2021-33194 HIGH v0.0.0-20190724013045-ca1201d0de80 0.0.0-20210520170846-37e1c6afe023 golang: x/net/html: infinite loop in ParseFragment
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/net CVE-2021-44716 HIGH v0.0.0-20190724013045-ca1201d0de80 0.0.0-20211209124913-491a49abca63 golang: net/http: limit growth of header canonicalization cache
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/net CVE-2022-27664 HIGH v0.0.0-20190724013045-ca1201d0de80 0.0.0-20220906165146-f3363e06e74c handle server errors after sending GOAWAY
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/net CVE-2022-41723 HIGH v0.0.0-20190724013045-ca1201d0de80 0.7.0 avoid quadratic complexity in HPACK decoding
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/text CVE-2021-38561 HIGH v0.3.2 0.3.7 out-of-bounds read in golang.org/x/text/language leads to DoS
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool golang.org/x/text CVE-2022-32149 HIGH v0.3.2 0.3.8 ParseAcceptLanguage takes a long time to parse complex tags
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool gopkg.in/yaml.v3 CVE-2022-28948 HIGH v3.0.0-20191120175047-4206685974f2 3.0.0-20220521103104-8f96da9f5d5e crash when attempting to deserialize invalid input
quay.io-prometheus-prometheus-v2.16.0 Library bin/promtool k8s.io/apimachinery GHSA-74fp-r6jw-h4mp HIGH v0.0.0-20190809020650-423f5d784010 0.0.0-20190927203648-9ce6eca90e73 Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON parsing
calico-node-v3.18.1 OS calico/node:v3.18.1 (redhat 8.3) openssl-libs CVE-2021-3449 HIGH 1:1.1.1g-12.el8_3 1:1.1.1g-15.el8_3 openssl: NULL pointer dereference in signature_algorithms processing
calico-node-v3.18.1 OS calico/node:v3.18.1 (redhat 8.3) openssl-libs CVE-2021-3450 HIGH 1:1.1.1g-12.el8_3 1:1.1.1g-15.el8_3 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT
calico-node-v3.18.1 OS calico/node:v3.18.1 (redhat 8.3) openssl-libs CVE-2022-0778 HIGH 1:1.1.1g-12.el8_3 1:1.1.1k-6.el8_5 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
calico-node-v3.18.1 OS calico/node:v3.18.1 (redhat 8.3) openssl-libs CVE-2023-0286 HIGH 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 X.400 address type confusion in X.509 GeneralName
calico-node-v3.18.1 OS calico/node:v3.18.1 (redhat 8.3) systemd-libs CVE-2021-33910 HIGH 239-41.el8_3.1 239-45.el8_4.2 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash
calico-node-v3.18.1 OS calico/node:v3.18.1 (redhat 8.3) systemd-libs CVE-2022-2526 HIGH 239-41.el8_3.1 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
calico-node-v3.18.1 OS calico/node:v3.18.1 (redhat 8.3) systemd-pam CVE-2021-33910 HIGH 239-41.el8_3.1 239-45.el8_4.2 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash
calico-node-v3.18.1 OS calico/node:v3.18.1 (redhat 8.3) systemd-pam CVE-2022-2526 HIGH 239-41.el8_3.1 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
calico-node-v3.18.1 OS calico/node:v3.18.1 (redhat 8.3) xz-libs CVE-2022-1271 HIGH 5.2.4-3.el8 5.2.4-4.el8_6 gzip: arbitrary-file-write vulnerability
calico-node-v3.18.1 OS calico/node:v3.18.1 (redhat 8.3) zlib CVE-2018-25032 HIGH 1.2.11-16.el8_2 1.2.11-18.el8_5 A flaw found in zlib when compressing (not decompressing) certain inputs
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) bash CVE-2022-3715 HIGH 5.1-2+b3 a heap-buffer-overflow in valid_parameter_transform
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) dpkg CVE-2022-1664 CRITICAL 1.20.9 1.20.10 Dpkg::Source::Archive in dpkg; the Debian package management system; b ...
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) e2fsprogs CVE-2022-1304 HIGH 1.46.2-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) gzip CVE-2022-1271 HIGH 1.10-4 1.10-4+deb11u1 gzip: arbitrary-file-write vulnerability
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libc-bin CVE-2021-33574 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: mq_notify does not handle separately allocated thread attributes
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libc-bin CVE-2022-23218 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libc-bin CVE-2022-23219 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libc-bin CVE-2021-3999 HIGH 2.31-13 2.31-13+deb11u4 glibc: Off-by-one buffer overflow/underflow in getcwd()
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libc6 CVE-2021-33574 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: mq_notify does not handle separately allocated thread attributes
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libc6 CVE-2022-23218 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libc6 CVE-2022-23219 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libc6 CVE-2021-3999 HIGH 2.31-13 2.31-13+deb11u4 glibc: Off-by-one buffer overflow/underflow in getcwd()
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libcom-err2 CVE-2022-1304 HIGH 1.46.2-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libdb5.3 CVE-2019-8457 CRITICAL 5.3.28+dfsg1-0.8 sqlite: heap out-of-bound read in function rtreenode()
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libext2fs2 CVE-2022-1304 HIGH 1.46.2-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libgcrypt20 CVE-2021-33560 HIGH 1.8.7-6 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libgmp10 CVE-2021-43618 HIGH 2:6.2.1+dfsg-1 2:6.2.1+dfsg-1+deb11u1 Integer overflow and resultant buffer overflow via crafted input
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libgnutls30 CVE-2022-2509 HIGH 3.7.1-5 3.7.1-5+deb11u2 gnutls: Double free during gnutls_pkcs7_verify
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libgnutls30 CVE-2023-0361 HIGH 3.7.1-5 3.7.1-5+deb11u3 timing side-channel in the TLS RSA key exchange code
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libgssapi-krb5-2 CVE-2022-42898 HIGH 1.18.3-6 1.18.3-6+deb11u3 krb5: integer overflow vulnerabilities in PAC parsing
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libk5crypto3 CVE-2022-42898 HIGH 1.18.3-6 1.18.3-6+deb11u3 krb5: integer overflow vulnerabilities in PAC parsing
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libkrb5-3 CVE-2022-42898 HIGH 1.18.3-6 1.18.3-6+deb11u3 krb5: integer overflow vulnerabilities in PAC parsing
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libkrb5support0 CVE-2022-42898 HIGH 1.18.3-6 1.18.3-6+deb11u3 krb5: integer overflow vulnerabilities in PAC parsing
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) liblzma5 CVE-2022-1271 HIGH 5.2.5-2 5.2.5-2.1~deb11u1 gzip: arbitrary-file-write vulnerability
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libpcre2-8-0 CVE-2022-1586 CRITICAL 10.36-2 10.36-2+deb11u1 pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libpcre2-8-0 CVE-2022-1587 CRITICAL 10.36-2 10.36-2+deb11u1 pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libss2 CVE-2022-1304 HIGH 1.46.2-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2022-1292 CRITICAL 1.1.1k-1+deb11u1 1.1.1n-0+deb11u2 openssl: c_rehash script allows command injection
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2022-2068 CRITICAL 1.1.1k-1+deb11u1 1.1.1n-0+deb11u3 openssl: the c_rehash script allows command injection
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2022-0778 HIGH 1.1.1k-1+deb11u1 1.1.1k-1+deb11u2 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2022-4450 HIGH 1.1.1k-1+deb11u1 1.1.1n-0+deb11u4 double free after calling PEM_read_bio_ex
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2023-0215 HIGH 1.1.1k-1+deb11u1 1.1.1n-0+deb11u4 use-after-free following BIO_new_NDEF
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2023-0286 HIGH 1.1.1k-1+deb11u1 1.1.1n-0+deb11u4 X.400 address type confusion in X.509 GeneralName
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2023-0464 HIGH 1.1.1k-1+deb11u1 Denial of service by excessive resource usage in verifying X509 policy constraints
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libtasn1-6 CVE-2021-46848 CRITICAL 4.16.0-2 4.16.0-2+deb11u1 libtasn1: Out-of-bound access in ETYPE_OK
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libtinfo6 CVE-2022-29458 HIGH 6.2+20201114-2 6.2+20201114-2+deb11u1 ncurses: segfaulting OOB read
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libtinfo6 CVE-2023-29491 HIGH 6.2+20201114-2 Local users can trigger security-relevant memory corruption via malformed data
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libtirpc-common CVE-2021-46828 HIGH 1.3.1-1 1.3.1-1+deb11u1 libtirpc: DoS vulnerability with lots of connections
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libtirpc3 CVE-2021-46828 HIGH 1.3.1-1 1.3.1-1+deb11u1 libtirpc: DoS vulnerability with lots of connections
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) libzstd1 CVE-2022-4899 HIGH 1.4.8+dfsg-2.1 buffer overrun in util.c
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) logsave CVE-2022-1304 HIGH 1.46.2-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) ncurses-base CVE-2022-29458 HIGH 6.2+20201114-2 6.2+20201114-2+deb11u1 ncurses: segfaulting OOB read
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) ncurses-base CVE-2023-29491 HIGH 6.2+20201114-2 Local users can trigger security-relevant memory corruption via malformed data
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) ncurses-bin CVE-2022-29458 HIGH 6.2+20201114-2 6.2+20201114-2+deb11u1 ncurses: segfaulting OOB read
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) ncurses-bin CVE-2023-29491 HIGH 6.2+20201114-2 Local users can trigger security-relevant memory corruption via malformed data
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) perl-base CVE-2020-16156 HIGH 5.32.1-4+deb11u1 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) perl-base CVE-2023-31484 HIGH 5.32.1-4+deb11u1 CPAN.pm before 2.35 does not verify TLS certificates when downloading ...
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) zlib1g CVE-2022-37434 CRITICAL 1:1.2.11.dfsg-2 1:1.2.11.dfsg-2+deb11u2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
gcr.io-etcd-development-etcd-v3.4.18 OS gcr.io/etcd-development/etcd:v3.4.18 (debian 11.0) zlib1g CVE-2018-25032 HIGH 1:1.2.11.dfsg-2 1:1.2.11.dfsg-2+deb11u1 A flaw found in zlib when compressing (not decompressing) certain inputs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) bash CVE-2022-3715 HIGH 5.0-4 a heap-buffer-overflow in valid_parameter_transform
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) ceph-common CVE-2019-10222 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthenticated clients can crash ceph RGW configured with beast as frontend
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) ceph-common CVE-2020-12059 HIGH 12.2.11+dfsg1-2.1+b1 ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) ceph-common CVE-2020-27781 HIGH 12.2.11+dfsg1-2.1+b1 ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) ceph-common CVE-2021-20288 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthorized global_id reuse in cephx
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) cifs-utils CVE-2020-14342 HIGH 2:6.8-2 cifs-utils: shell command injection in mount.cifs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) cifs-utils CVE-2022-27239 HIGH 2:6.8-2 2:6.8-2+deb10u1 cifs-utils: stack-based buffer overflow mount.cifs may lead to local privilege escalation to root
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) dpkg CVE-2022-1664 CRITICAL 1.19.7 1.19.8 Dpkg::Source::Archive in dpkg; the Debian package management system; b ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) e2fsprogs CVE-2022-1304 HIGH 1.44.5-1+deb10u3 e2fsprogs: out-of-bounds read/write via crafted filesystem
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) gcc-8-base CVE-2018-12886 HIGH 8.3.0-6 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) gcc-8-base CVE-2019-15847 HIGH 8.3.0-6 gcc: POWER9 DARN RNG intrinsic produces repeated output
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git CVE-2022-23521 CRITICAL 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u7 git: gitattributes parsing integer overflow
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git CVE-2022-41903 CRITICAL 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u7 git: Heap overflow in `git archive`; `git log --format` leading to RCE
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git CVE-2021-21300 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u4 git: remote code execution during clone operation on case-insensitive filesystems
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git CVE-2021-40330 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u4 git: unexpected cross-protocol requests via a repository path containing a newline character
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git CVE-2022-24765 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u5 On multi-user machines Git users might find themselves unexpectedly in a Git worktree
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git CVE-2022-29187 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u5 Bypass of safe.directory protections
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git CVE-2022-39260 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u5 git shell function that splits command arguments can lead to arbitrary heap writes.
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git CVE-2023-23946 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u8 a path outside the working tree can be overwritten with crafted input
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git CVE-2023-25652 HIGH 1:2.20.1-2+deb10u3 by feeding specially crafted input to `git apply --reject`; a path outside the working tree can be overwritten with partially controlled contents
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git CVE-2023-29007 HIGH 1:2.20.1-2+deb10u3 arbitrary configuration injection when renaming or deleting a section from a configuration file
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git-man CVE-2022-23521 CRITICAL 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u7 git: gitattributes parsing integer overflow
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git-man CVE-2022-41903 CRITICAL 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u7 git: Heap overflow in `git archive`; `git log --format` leading to RCE
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git-man CVE-2021-21300 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u4 git: remote code execution during clone operation on case-insensitive filesystems
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git-man CVE-2021-40330 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u4 git: unexpected cross-protocol requests via a repository path containing a newline character
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git-man CVE-2022-24765 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u5 On multi-user machines Git users might find themselves unexpectedly in a Git worktree
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git-man CVE-2022-29187 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u5 Bypass of safe.directory protections
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git-man CVE-2022-39260 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u5 git shell function that splits command arguments can lead to arbitrary heap writes.
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git-man CVE-2023-23946 HIGH 1:2.20.1-2+deb10u3 1:2.20.1-2+deb10u8 a path outside the working tree can be overwritten with crafted input
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git-man CVE-2023-25652 HIGH 1:2.20.1-2+deb10u3 by feeding specially crafted input to `git apply --reject`; a path outside the working tree can be overwritten with partially controlled contents
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) git-man CVE-2023-29007 HIGH 1:2.20.1-2+deb10u3 arbitrary configuration injection when renaming or deleting a section from a configuration file
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) glusterfs-client CVE-2022-48340 HIGH 5.5-3 glusterfs: heap use-after-free in dht_setxattr_mds_cbk() in dht-common.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) glusterfs-client CVE-2023-26253 HIGH 5.5-3 glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) glusterfs-common CVE-2022-48340 HIGH 5.5-3 glusterfs: heap use-after-free in dht_setxattr_mds_cbk() in dht-common.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) glusterfs-common CVE-2023-26253 HIGH 5.5-3 glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) gzip CVE-2022-1271 HIGH 1.9-3 1.9-3+deb10u1 gzip: arbitrary-file-write vulnerability
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libbsd0 CVE-2019-20367 CRITICAL 0.9.1-2 0.9.1-2+deb10u1 nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a com ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-bin CVE-2021-33574 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: mq_notify does not handle separately allocated thread attributes
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-bin CVE-2021-35942 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Arbitrary read in wordexp()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-bin CVE-2022-23218 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in svcunix_create via long pathnames
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-bin CVE-2022-23219 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-bin CVE-2020-1751 HIGH 2.28-10 glibc: array overflow in backtrace functions for powerpc
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-bin CVE-2020-1752 HIGH 2.28-10 2.28-10+deb10u2 glibc: use-after-free in glob() function when expanding ~user
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-bin CVE-2020-6096 HIGH 2.28-10 2.28-10+deb10u2 glibc: signed comparison vulnerability in the ARMv7 memcpy function
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-bin CVE-2021-3326 HIGH 2.28-10 2.28-10+deb10u2 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-bin CVE-2021-3999 HIGH 2.28-10 2.28-10+deb10u2 glibc: Off-by-one buffer overflow/underflow in getcwd()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-dev-bin CVE-2021-33574 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: mq_notify does not handle separately allocated thread attributes
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-dev-bin CVE-2021-35942 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Arbitrary read in wordexp()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-dev-bin CVE-2022-23218 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in svcunix_create via long pathnames
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-dev-bin CVE-2022-23219 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-dev-bin CVE-2020-1751 HIGH 2.28-10 glibc: array overflow in backtrace functions for powerpc
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-dev-bin CVE-2020-1752 HIGH 2.28-10 2.28-10+deb10u2 glibc: use-after-free in glob() function when expanding ~user
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-dev-bin CVE-2020-6096 HIGH 2.28-10 2.28-10+deb10u2 glibc: signed comparison vulnerability in the ARMv7 memcpy function
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-dev-bin CVE-2021-3326 HIGH 2.28-10 2.28-10+deb10u2 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc-dev-bin CVE-2021-3999 HIGH 2.28-10 2.28-10+deb10u2 glibc: Off-by-one buffer overflow/underflow in getcwd()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6 CVE-2021-33574 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: mq_notify does not handle separately allocated thread attributes
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6 CVE-2021-35942 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Arbitrary read in wordexp()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6 CVE-2022-23218 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in svcunix_create via long pathnames
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6 CVE-2022-23219 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6 CVE-2020-1751 HIGH 2.28-10 glibc: array overflow in backtrace functions for powerpc
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6 CVE-2020-1752 HIGH 2.28-10 2.28-10+deb10u2 glibc: use-after-free in glob() function when expanding ~user
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6 CVE-2020-6096 HIGH 2.28-10 2.28-10+deb10u2 glibc: signed comparison vulnerability in the ARMv7 memcpy function
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6 CVE-2021-3326 HIGH 2.28-10 2.28-10+deb10u2 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6 CVE-2021-3999 HIGH 2.28-10 2.28-10+deb10u2 glibc: Off-by-one buffer overflow/underflow in getcwd()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6-dev CVE-2021-33574 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: mq_notify does not handle separately allocated thread attributes
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6-dev CVE-2021-35942 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Arbitrary read in wordexp()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6-dev CVE-2022-23218 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in svcunix_create via long pathnames
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6-dev CVE-2022-23219 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6-dev CVE-2020-1751 HIGH 2.28-10 glibc: array overflow in backtrace functions for powerpc
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6-dev CVE-2020-1752 HIGH 2.28-10 2.28-10+deb10u2 glibc: use-after-free in glob() function when expanding ~user
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6-dev CVE-2020-6096 HIGH 2.28-10 2.28-10+deb10u2 glibc: signed comparison vulnerability in the ARMv7 memcpy function
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6-dev CVE-2021-3326 HIGH 2.28-10 2.28-10+deb10u2 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libc6-dev CVE-2021-3999 HIGH 2.28-10 2.28-10+deb10u2 glibc: Off-by-one buffer overflow/underflow in getcwd()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcephfs2 CVE-2019-10222 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthenticated clients can crash ceph RGW configured with beast as frontend
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcephfs2 CVE-2020-12059 HIGH 12.2.11+dfsg1-2.1+b1 ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcephfs2 CVE-2020-27781 HIGH 12.2.11+dfsg1-2.1+b1 ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcephfs2 CVE-2021-20288 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthorized global_id reuse in cephx
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcom-err2 CVE-2022-1304 HIGH 1.44.5-1+deb10u3 e2fsprogs: out-of-bounds read/write via crafted filesystem
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2022-32221 CRITICAL 7.64.0-4+deb10u1 7.64.0-4+deb10u4 POST following PUT confusion
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2023-27536 CRITICAL 7.64.0-4+deb10u1 7.64.0-4+deb10u6 GSS delegation too eager connection re-use
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2020-8169 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u2 libcurl: partial password leak over DNS on HTTP redirect
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2020-8177 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u2 curl: Incorrect argument check can allow remote servers to overwrite local files
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2020-8231 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u2 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2020-8285 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u2 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2020-8286 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u2 curl: Inferior OCSP verification
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2021-22946 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u3 curl: Requirement to use TLS not properly enforced for IMAP; POP3; and FTP protocols
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2022-22576 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u3 curl: OAUTH2 bearer bypass in connection re-use
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2022-27781 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u3 curl: CERTINFO never-ending busy-loop
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2022-27782 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u3 curl: TLS and SSH connection too eager reuse
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2023-27533 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u6 curl: TELNET option IAC injection
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2023-27534 HIGH 7.64.0-4+deb10u1 curl: SFTP path ~ resolving discrepancy
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libcurl3-gnutls CVE-2023-27535 HIGH 7.64.0-4+deb10u1 7.64.0-4+deb10u6 FTP too eager connection reuse
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libdb5.3 CVE-2019-8457 CRITICAL 5.3.28+dfsg1-0.5 sqlite: heap out-of-bound read in function rtreenode()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-22822 CRITICAL 2.2.6-2+deb10u1 2.2.6-2+deb10u2 Integer overflow in addBinding in xmlparse.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-22823 CRITICAL 2.2.6-2+deb10u1 2.2.6-2+deb10u2 Integer overflow in build_model in xmlparse.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-22824 CRITICAL 2.2.6-2+deb10u1 2.2.6-2+deb10u2 Integer overflow in defineAttribute in xmlparse.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-23852 CRITICAL 2.2.6-2+deb10u1 2.2.6-2+deb10u2 Integer overflow in function XML_GetBuffer
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-25235 CRITICAL 2.2.6-2+deb10u1 2.2.6-2+deb10u3 Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-25236 CRITICAL 2.2.6-2+deb10u1 2.2.6-2+deb10u3 prefix] attribute values can lead to arbitrary code execution
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-25315 CRITICAL 2.2.6-2+deb10u1 2.2.6-2+deb10u3 Integer overflow in storeRawNames()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2021-45960 HIGH 2.2.6-2+deb10u1 2.2.6-2+deb10u2 Large number of prefixed XML attributes on a single tag can crash libexpat
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2021-46143 HIGH 2.2.6-2+deb10u1 2.2.6-2+deb10u2 Integer overflow in doProlog in xmlparse.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-22825 HIGH 2.2.6-2+deb10u1 2.2.6-2+deb10u2 Integer overflow in lookup in xmlparse.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-22826 HIGH 2.2.6-2+deb10u1 2.2.6-2+deb10u2 Integer overflow in nextScaffoldPart in xmlparse.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-22827 HIGH 2.2.6-2+deb10u1 2.2.6-2+deb10u2 Integer overflow in storeAtts in xmlparse.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-23990 HIGH 2.2.6-2+deb10u1 2.2.6-2+deb10u2 integer overflow in the doProlog function
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-25314 HIGH 2.2.6-2+deb10u1 2.2.6-2+deb10u3 Integer overflow in copyString()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-40674 HIGH 2.2.6-2+deb10u1 2.2.6-2+deb10u5 a use-after-free in the doContent function in xmlparse.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libexpat1 CVE-2022-43680 HIGH 2.2.6-2+deb10u1 2.2.6-2+deb10u6 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libext2fs2 CVE-2022-1304 HIGH 1.44.5-1+deb10u3 e2fsprogs: out-of-bounds read/write via crafted filesystem
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgcc1 CVE-2018-12886 HIGH 1:8.3.0-6 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgcc1 CVE-2019-15847 HIGH 1:8.3.0-6 gcc: POWER9 DARN RNG intrinsic produces repeated output
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgcrypt20 CVE-2021-33560 HIGH 1.8.4-5 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgfapi0 CVE-2022-48340 HIGH 5.5-3 glusterfs: heap use-after-free in dht_setxattr_mds_cbk() in dht-common.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgfapi0 CVE-2023-26253 HIGH 5.5-3 glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgfchangelog0 CVE-2022-48340 HIGH 5.5-3 glusterfs: heap use-after-free in dht_setxattr_mds_cbk() in dht-common.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgfchangelog0 CVE-2023-26253 HIGH 5.5-3 glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgfdb0 CVE-2022-48340 HIGH 5.5-3 glusterfs: heap use-after-free in dht_setxattr_mds_cbk() in dht-common.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgfdb0 CVE-2023-26253 HIGH 5.5-3 glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgfrpc0 CVE-2022-48340 HIGH 5.5-3 glusterfs: heap use-after-free in dht_setxattr_mds_cbk() in dht-common.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgfrpc0 CVE-2023-26253 HIGH 5.5-3 glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgfxdr0 CVE-2022-48340 HIGH 5.5-3 glusterfs: heap use-after-free in dht_setxattr_mds_cbk() in dht-common.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgfxdr0 CVE-2023-26253 HIGH 5.5-3 glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libglib2.0-0 CVE-2021-27218 HIGH 2.58.3-2+deb10u2 2.58.3-2+deb10u3 glib: integer overflow in g_byte_array_new_take function when called with a buffer of 4GB or more on a 64-bit platform
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libglib2.0-0 CVE-2021-27219 HIGH 2.58.3-2+deb10u2 2.58.3-2+deb10u3 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libglusterfs-dev CVE-2022-48340 HIGH 5.5-3 glusterfs: heap use-after-free in dht_setxattr_mds_cbk() in dht-common.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libglusterfs-dev CVE-2023-26253 HIGH 5.5-3 glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libglusterfs0 CVE-2022-48340 HIGH 5.5-3 glusterfs: heap use-after-free in dht_setxattr_mds_cbk() in dht-common.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libglusterfs0 CVE-2023-26253 HIGH 5.5-3 glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgmp10 CVE-2021-43618 HIGH 2:6.1.2+dfsg-4 2:6.1.2+dfsg-4+deb10u1 Integer overflow and resultant buffer overflow via crafted input
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgnutls30 CVE-2021-20231 CRITICAL 3.6.7-4+deb10u3 3.6.7-4+deb10u7 gnutls: Use after free in client key_share extension
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgnutls30 CVE-2021-20232 CRITICAL 3.6.7-4+deb10u3 3.6.7-4+deb10u7 gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgnutls30 CVE-2020-13777 HIGH 3.6.7-4+deb10u3 3.6.7-4+deb10u4 gnutls: session resumption works without master key allowing MITM
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgnutls30 CVE-2020-24659 HIGH 3.6.7-4+deb10u3 3.6.7-4+deb10u7 gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgnutls30 CVE-2022-2509 HIGH 3.6.7-4+deb10u3 3.6.7-4+deb10u9 gnutls: Double free during gnutls_pkcs7_verify
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgnutls30 CVE-2023-0361 HIGH 3.6.7-4+deb10u3 3.6.7-4+deb10u10 timing side-channel in the TLS RSA key exchange code
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgssapi-krb5-2 CVE-2020-28196 HIGH 1.17-3 1.17-3+deb10u1 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgssapi-krb5-2 CVE-2021-36222 HIGH 1.17-3 1.17-3+deb10u2 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libgssapi-krb5-2 CVE-2022-42898 HIGH 1.17-3 1.17-3+deb10u5 krb5: integer overflow vulnerabilities in PAC parsing
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libhogweed4 CVE-2021-20305 HIGH 3.4.1-1 3.4.1-1+deb10u1 nettle: Out of bounds memory access in signature verification
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libhogweed4 CVE-2021-3580 HIGH 3.4.1-1 3.4.1-1+deb10u1 nettle: Remote crash in RSA decryption via manipulated ciphertext
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libidn2-0 CVE-2019-12290 HIGH 2.0.5-1+deb10u1 GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libk5crypto3 CVE-2020-28196 HIGH 1.17-3 1.17-3+deb10u1 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libk5crypto3 CVE-2021-36222 HIGH 1.17-3 1.17-3+deb10u2 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libk5crypto3 CVE-2022-42898 HIGH 1.17-3 1.17-3+deb10u5 krb5: integer overflow vulnerabilities in PAC parsing
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libkrb5-3 CVE-2020-28196 HIGH 1.17-3 1.17-3+deb10u1 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libkrb5-3 CVE-2021-36222 HIGH 1.17-3 1.17-3+deb10u2 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libkrb5-3 CVE-2022-42898 HIGH 1.17-3 1.17-3+deb10u5 krb5: integer overflow vulnerabilities in PAC parsing
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libkrb5support0 CVE-2020-28196 HIGH 1.17-3 1.17-3+deb10u1 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libkrb5support0 CVE-2021-36222 HIGH 1.17-3 1.17-3+deb10u2 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libkrb5support0 CVE-2022-42898 HIGH 1.17-3 1.17-3+deb10u5 krb5: integer overflow vulnerabilities in PAC parsing
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2022-29155 CRITICAL 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u7 openldap: OpenLDAP SQL injection
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-25692 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u3 openldap: NULL pointer dereference for unauthenticated packet in slapd
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-25709 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u4 openldap: assertion failure in Certificate List syntax validation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-25710 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u4 openldap: assertion failure in CSN normalization with invalid input
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-36221 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-36222 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Assertion failure in slapd in the saslAuthzTo validation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-36223 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Out-of-bounds read in Values Return Filter
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-36224 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Invalid pointer free in the saslAuthzTo processing
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-36225 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Double free in the saslAuthzTo processing
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-36226 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Denial of service via length miscalculation in slap_parse_user
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-36227 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Infinite loop in slapd with the cancel_extop Cancel operation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-36228 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-36229 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Type confusion in ad_keystring in ad.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2020-36230 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Assertion failure in ber_next_element in decode.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-2.4-2 CVE-2021-27212 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u6 openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2022-29155 CRITICAL 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u7 openldap: OpenLDAP SQL injection
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-25692 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u3 openldap: NULL pointer dereference for unauthenticated packet in slapd
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-25709 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u4 openldap: assertion failure in Certificate List syntax validation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-25710 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u4 openldap: assertion failure in CSN normalization with invalid input
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-36221 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-36222 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Assertion failure in slapd in the saslAuthzTo validation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-36223 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Out-of-bounds read in Values Return Filter
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-36224 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Invalid pointer free in the saslAuthzTo processing
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-36225 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Double free in the saslAuthzTo processing
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-36226 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Denial of service via length miscalculation in slap_parse_user
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-36227 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Infinite loop in slapd with the cancel_extop Cancel operation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-36228 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-36229 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Type confusion in ad_keystring in ad.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2020-36230 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u5 openldap: Assertion failure in ber_next_element in decode.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libldap-common CVE-2021-27212 HIGH 2.4.47+dfsg-3+deb10u2 2.4.47+dfsg-3+deb10u6 openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) liblz4-1 CVE-2021-3520 CRITICAL 1.8.3-1 1.8.3-1+deb10u1 memory corruption due to an integer overflow bug caused by memmove argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) liblzma5 CVE-2022-1271 HIGH 5.2.4-1 5.2.4-1+deb10u1 gzip: arbitrary-file-write vulnerability
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libncurses6 CVE-2022-29458 HIGH 6.1+20181013-2+deb10u2 6.1+20181013-2+deb10u3 ncurses: segfaulting OOB read
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libncurses6 CVE-2023-29491 HIGH 6.1+20181013-2+deb10u2 Local users can trigger security-relevant memory corruption via malformed data
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libncursesw6 CVE-2022-29458 HIGH 6.1+20181013-2+deb10u2 6.1+20181013-2+deb10u3 ncurses: segfaulting OOB read
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libncursesw6 CVE-2023-29491 HIGH 6.1+20181013-2+deb10u2 Local users can trigger security-relevant memory corruption via malformed data
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libnettle6 CVE-2021-20305 HIGH 3.4.1-1 3.4.1-1+deb10u1 nettle: Out of bounds memory access in signature verification
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libnettle6 CVE-2021-3580 HIGH 3.4.1-1 3.4.1-1+deb10u1 nettle: Remote crash in RSA decryption via manipulated ciphertext
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libnghttp2-14 CVE-2020-11080 HIGH 1.36.0-2+deb10u1 nghttp2: overly large SETTINGS frames can lead to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libnss3 CVE-2019-17006 CRITICAL 2:3.42.1-1+deb10u2 2:3.42.1-1+deb10u3 nss: Check length of inputs for cryptographic primitives
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libnss3 CVE-2020-12403 CRITICAL 2:3.42.1-1+deb10u2 2:3.42.1-1+deb10u6 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libnss3 CVE-2021-43527 CRITICAL 2:3.42.1-1+deb10u2 2:3.42.1-1+deb10u4 nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libnss3 CVE-2020-25648 HIGH 2:3.42.1-1+deb10u2 nss: TLS 1.3 CCS flood remote DoS Attack
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libnss3 CVE-2023-0767 HIGH 2:3.42.1-1+deb10u2 2:3.42.1-1+deb10u6 nss: Arbitrary memory write via PKCS 12
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libp11-kit0 CVE-2020-29361 HIGH 0.23.15-2 0.23.15-2+deb10u1 p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libp11-kit0 CVE-2020-29363 HIGH 0.23.15-2 0.23.15-2+deb10u1 p11-kit: out-of-bounds write in p11_rpc_buffer_get_byte_array_value function in rpc-message.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpcre2-8-0 CVE-2022-1586 CRITICAL 10.32-5 10.32-5+deb10u1 pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpcre2-8-0 CVE-2022-1587 CRITICAL 10.32-5 10.32-5+deb10u1 pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpcre2-8-0 CVE-2019-20454 HIGH 10.32-5 10.32-5+deb10u1 pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libperl5.28 CVE-2020-10543 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: heap-based buffer overflow in regular expression compiler leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libperl5.28 CVE-2020-10878 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libperl5.28 CVE-2020-12723 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libperl5.28 CVE-2020-16156 HIGH 5.28.1-6 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libperl5.28 CVE-2023-31484 HIGH 5.28.1-6 CPAN.pm before 2.35 does not verify TLS certificates when downloading ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7 CVE-2021-3177 CRITICAL 2.7.16-2+deb10u1 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7 CVE-2015-20107 HIGH 2.7.16-2+deb10u1 python: mailcap: findmatch() function does not sanitize the second argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7 CVE-2020-10735 HIGH 2.7.16-2+deb10u1 int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7 CVE-2020-26116 HIGH 2.7.16-2+deb10u1 python: CRLF injection via HTTP request method in httplib/http.client
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7 CVE-2021-3737 HIGH 2.7.16-2+deb10u1 HTTP client possible infinite loop on a 100 Continue response
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7 CVE-2022-0391 HIGH 2.7.16-2+deb10u1 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7 CVE-2022-45061 HIGH 2.7.16-2+deb10u1 CPU denial of service via inefficient IDNA decoder
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7 CVE-2023-24329 HIGH 2.7.16-2+deb10u1 urllib.parse url blocklisting bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-minimal CVE-2021-3177 CRITICAL 2.7.16-2+deb10u1 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-minimal CVE-2015-20107 HIGH 2.7.16-2+deb10u1 python: mailcap: findmatch() function does not sanitize the second argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-minimal CVE-2020-10735 HIGH 2.7.16-2+deb10u1 int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-minimal CVE-2020-26116 HIGH 2.7.16-2+deb10u1 python: CRLF injection via HTTP request method in httplib/http.client
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-minimal CVE-2021-3737 HIGH 2.7.16-2+deb10u1 HTTP client possible infinite loop on a 100 Continue response
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-minimal CVE-2022-0391 HIGH 2.7.16-2+deb10u1 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-minimal CVE-2022-45061 HIGH 2.7.16-2+deb10u1 CPU denial of service via inefficient IDNA decoder
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-minimal CVE-2023-24329 HIGH 2.7.16-2+deb10u1 urllib.parse url blocklisting bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-stdlib CVE-2021-3177 CRITICAL 2.7.16-2+deb10u1 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-stdlib CVE-2015-20107 HIGH 2.7.16-2+deb10u1 python: mailcap: findmatch() function does not sanitize the second argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-stdlib CVE-2020-10735 HIGH 2.7.16-2+deb10u1 int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-stdlib CVE-2020-26116 HIGH 2.7.16-2+deb10u1 python: CRLF injection via HTTP request method in httplib/http.client
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-stdlib CVE-2021-3737 HIGH 2.7.16-2+deb10u1 HTTP client possible infinite loop on a 100 Continue response
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-stdlib CVE-2022-0391 HIGH 2.7.16-2+deb10u1 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-stdlib CVE-2022-45061 HIGH 2.7.16-2+deb10u1 CPU denial of service via inefficient IDNA decoder
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython2.7-stdlib CVE-2023-24329 HIGH 2.7.16-2+deb10u1 urllib.parse url blocklisting bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7 CVE-2021-3177 CRITICAL 3.7.3-2+deb10u1 3.7.3-2+deb10u3 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7 CVE-2022-37454 CRITICAL 3.7.3-2+deb10u1 3.7.3-2+deb10u4 buffer overflow in the SHA-3 reference implementation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7 CVE-2015-20107 HIGH 3.7.3-2+deb10u1 python: mailcap: findmatch() function does not sanitize the second argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7 CVE-2020-10735 HIGH 3.7.3-2+deb10u1 int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7 CVE-2020-26116 HIGH 3.7.3-2+deb10u1 3.7.3-2+deb10u3 python: CRLF injection via HTTP request method in httplib/http.client
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7 CVE-2021-3737 HIGH 3.7.3-2+deb10u1 HTTP client possible infinite loop on a 100 Continue response
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7 CVE-2022-0391 HIGH 3.7.3-2+deb10u1 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7 CVE-2022-45061 HIGH 3.7.3-2+deb10u1 CPU denial of service via inefficient IDNA decoder
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7 CVE-2023-24329 HIGH 3.7.3-2+deb10u1 urllib.parse url blocklisting bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-minimal CVE-2021-3177 CRITICAL 3.7.3-2+deb10u1 3.7.3-2+deb10u3 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-minimal CVE-2022-37454 CRITICAL 3.7.3-2+deb10u1 3.7.3-2+deb10u4 buffer overflow in the SHA-3 reference implementation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-minimal CVE-2015-20107 HIGH 3.7.3-2+deb10u1 python: mailcap: findmatch() function does not sanitize the second argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-minimal CVE-2020-10735 HIGH 3.7.3-2+deb10u1 int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-minimal CVE-2020-26116 HIGH 3.7.3-2+deb10u1 3.7.3-2+deb10u3 python: CRLF injection via HTTP request method in httplib/http.client
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-minimal CVE-2021-3737 HIGH 3.7.3-2+deb10u1 HTTP client possible infinite loop on a 100 Continue response
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-minimal CVE-2022-0391 HIGH 3.7.3-2+deb10u1 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-minimal CVE-2022-45061 HIGH 3.7.3-2+deb10u1 CPU denial of service via inefficient IDNA decoder
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-minimal CVE-2023-24329 HIGH 3.7.3-2+deb10u1 urllib.parse url blocklisting bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-stdlib CVE-2021-3177 CRITICAL 3.7.3-2+deb10u1 3.7.3-2+deb10u3 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-stdlib CVE-2022-37454 CRITICAL 3.7.3-2+deb10u1 3.7.3-2+deb10u4 buffer overflow in the SHA-3 reference implementation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-stdlib CVE-2015-20107 HIGH 3.7.3-2+deb10u1 python: mailcap: findmatch() function does not sanitize the second argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-stdlib CVE-2020-10735 HIGH 3.7.3-2+deb10u1 int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-stdlib CVE-2020-26116 HIGH 3.7.3-2+deb10u1 3.7.3-2+deb10u3 python: CRLF injection via HTTP request method in httplib/http.client
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-stdlib CVE-2021-3737 HIGH 3.7.3-2+deb10u1 HTTP client possible infinite loop on a 100 Continue response
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-stdlib CVE-2022-0391 HIGH 3.7.3-2+deb10u1 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-stdlib CVE-2022-45061 HIGH 3.7.3-2+deb10u1 CPU denial of service via inefficient IDNA decoder
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libpython3.7-stdlib CVE-2023-24329 HIGH 3.7.3-2+deb10u1 urllib.parse url blocklisting bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) librados2 CVE-2019-10222 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthenticated clients can crash ceph RGW configured with beast as frontend
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) librados2 CVE-2020-12059 HIGH 12.2.11+dfsg1-2.1+b1 ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) librados2 CVE-2020-27781 HIGH 12.2.11+dfsg1-2.1+b1 ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) librados2 CVE-2021-20288 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthorized global_id reuse in cephx
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libradosstriper1 CVE-2019-10222 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthenticated clients can crash ceph RGW configured with beast as frontend
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libradosstriper1 CVE-2020-12059 HIGH 12.2.11+dfsg1-2.1+b1 ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libradosstriper1 CVE-2020-27781 HIGH 12.2.11+dfsg1-2.1+b1 ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libradosstriper1 CVE-2021-20288 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthorized global_id reuse in cephx
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) librbd1 CVE-2019-10222 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthenticated clients can crash ceph RGW configured with beast as frontend
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) librbd1 CVE-2020-12059 HIGH 12.2.11+dfsg1-2.1+b1 ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) librbd1 CVE-2020-27781 HIGH 12.2.11+dfsg1-2.1+b1 ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) librbd1 CVE-2021-20288 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthorized global_id reuse in cephx
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsasl2-2 CVE-2022-24407 HIGH 2.1.27+dfsg-1+deb10u1 2.1.27+dfsg-1+deb10u2 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsasl2-modules-db CVE-2022-24407 HIGH 2.1.27+dfsg-1+deb10u1 2.1.27+dfsg-1+deb10u2 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsqlite3-0 CVE-2020-35527 CRITICAL 3.27.2-3 3.27.2-3+deb10u2 sqlite: Out of bounds access during table rename
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsqlite3-0 CVE-2019-19603 HIGH 3.27.2-3 sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsqlite3-0 CVE-2019-19923 HIGH 3.27.2-3 3.27.2-3+deb10u1 sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsqlite3-0 CVE-2019-19925 HIGH 3.27.2-3 3.27.2-3+deb10u1 sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsqlite3-0 CVE-2019-19959 HIGH 3.27.2-3 3.27.2-3+deb10u1 sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsqlite3-0 CVE-2019-20218 HIGH 3.27.2-3 3.27.2-3+deb10u1 sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsqlite3-0 CVE-2020-13630 HIGH 3.27.2-3 3.27.2-3+deb10u1 sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsqlite3-0 CVE-2020-35525 HIGH 3.27.2-3 3.27.2-3+deb10u2 sqlite: Null pointer derreference in src/select.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libss2 CVE-2022-1304 HIGH 1.44.5-1+deb10u3 e2fsprogs: out-of-bounds read/write via crafted filesystem
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssh2-1 CVE-2019-13115 HIGH 1.8.0-2.1 libssh2: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c leads to out-of-bounds write
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssl1.1 CVE-2021-3711 CRITICAL 1.1.1d-0+deb10u3 1.1.1d-0+deb10u7 openssl: SM2 Decryption Buffer Overflow
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssl1.1 CVE-2022-1292 CRITICAL 1.1.1d-0+deb10u3 1.1.1n-0+deb10u2 openssl: c_rehash script allows command injection
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssl1.1 CVE-2022-2068 CRITICAL 1.1.1d-0+deb10u3 1.1.1n-0+deb10u3 openssl: the c_rehash script allows command injection
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssl1.1 CVE-2021-23840 HIGH 1.1.1d-0+deb10u3 1.1.1d-0+deb10u5 openssl: integer overflow in CipherUpdate
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssl1.1 CVE-2021-3712 HIGH 1.1.1d-0+deb10u3 1.1.1d-0+deb10u7 openssl: Read buffer overruns processing ASN.1 strings
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssl1.1 CVE-2022-0778 HIGH 1.1.1d-0+deb10u3 1.1.1d-0+deb10u8 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssl1.1 CVE-2022-4450 HIGH 1.1.1d-0+deb10u3 1.1.1n-0+deb10u4 double free after calling PEM_read_bio_ex
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssl1.1 CVE-2023-0215 HIGH 1.1.1d-0+deb10u3 1.1.1n-0+deb10u4 use-after-free following BIO_new_NDEF
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssl1.1 CVE-2023-0286 HIGH 1.1.1d-0+deb10u3 1.1.1n-0+deb10u4 X.400 address type confusion in X.509 GeneralName
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libssl1.1 CVE-2023-0464 HIGH 1.1.1d-0+deb10u3 Denial of service by excessive resource usage in verifying X509 policy constraints
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libstdc++6 CVE-2018-12886 HIGH 8.3.0-6 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libstdc++6 CVE-2019-15847 HIGH 8.3.0-6 gcc: POWER9 DARN RNG intrinsic produces repeated output
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsystemd0 CVE-2019-3843 HIGH 241-7~deb10u3 systemd: services with DynamicUser can create SUID/SGID binaries
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsystemd0 CVE-2019-3844 HIGH 241-7~deb10u3 systemd: services with DynamicUser can get new privileges and create SGID binaries
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsystemd0 CVE-2020-1712 HIGH 241-7~deb10u3 241-7~deb10u4 systemd: use-after-free when asynchronous polkit queries are performed
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libsystemd0 CVE-2023-26604 HIGH 241-7~deb10u3 241-7~deb10u9 systemd: privilege escalation via the less pager
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libtasn1-6 CVE-2021-46848 CRITICAL 4.13-3 4.13-3+deb10u1 libtasn1: Out-of-bound access in ETYPE_OK
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libtinfo6 CVE-2022-29458 HIGH 6.1+20181013-2+deb10u2 6.1+20181013-2+deb10u3 ncurses: segfaulting OOB read
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libtinfo6 CVE-2023-29491 HIGH 6.1+20181013-2+deb10u2 Local users can trigger security-relevant memory corruption via malformed data
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libtirpc-common CVE-2021-46828 HIGH 1.1.4-0.4 1.1.4-0.4+deb10u1 libtirpc: DoS vulnerability with lots of connections
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libtirpc3 CVE-2021-46828 HIGH 1.1.4-0.4 1.1.4-0.4+deb10u1 libtirpc: DoS vulnerability with lots of connections
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libudev1 CVE-2019-3843 HIGH 241-7~deb10u4 systemd: services with DynamicUser can create SUID/SGID binaries
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libudev1 CVE-2019-3844 HIGH 241-7~deb10u4 systemd: services with DynamicUser can get new privileges and create SGID binaries
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libudev1 CVE-2023-26604 HIGH 241-7~deb10u4 241-7~deb10u9 systemd: privilege escalation via the less pager
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2020-1472 CRITICAL 2:4.9.5+dfsg-5+deb10u1 samba: Netlogon elevation of privilege vulnerability (Zerologon)
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2022-44640 CRITICAL 2:4.9.5+dfsg-5+deb10u1 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2022-45141 CRITICAL 2:4.9.5+dfsg-5+deb10u1 samba: Samba AD DC using Heimdal can be forced to issue rc4-hmac encrypted Kerberos tickets
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2020-10704 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: LDAP Denial of Service (stack overflow) in Samba AD DC
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2020-10745 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Parsing and packing of NBT and DNS packets can consume excessive CPU
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2020-14303 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Empty UDP packet DoS in Samba AD DC nbtd
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2020-25717 HIGH 2:4.9.5+dfsg-5+deb10u1 2:4.9.5+dfsg-5+deb10u2 samba: Active Directory (AD) domain user could become root on domain members
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2020-25718 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Samba AD DC did not correctly sandbox Kerberos tickets issues by an RODC
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2020-25719 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2020-25721 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Kerberos acceptors need easy access to stableAD identifiers (eg objectSid)
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2020-25722 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Samba AD DC did not do sufficient access and conformance checking of data stored
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2021-3738 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Use after free in Samba AD DC RPC server
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2021-44142 HIGH 2:4.9.5+dfsg-5+deb10u1 2:4.9.5+dfsg-5+deb10u3 samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2022-0336 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Samba AD users with permission to write to an account can impersonate arbitrary services
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2022-2031 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: kpasswd authentication with canonicalization enabled against Samba AD DC with Heimdal returns a krbtgt
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2022-32743 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Validated dnsHostname write right needs to be implemented
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2022-32744 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: AD users can forge password change requests for any user
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2022-37966 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability.
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2022-37967 HIGH 2:4.9.5+dfsg-5+deb10u1 samba: Kerberos constrained delegation ticket forgery possible against Samba AD DC
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2022-38023 HIGH 2:4.9.5+dfsg-5+deb10u1 RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libwbclient0 CVE-2022-42898 HIGH 2:4.9.5+dfsg-5+deb10u1 krb5: integer overflow vulnerabilities in PAC parsing
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libxml2 CVE-2017-16932 HIGH 2.9.4+dfsg1-7+b3 libxml2: Infinite recursion in parameter entities
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libxml2 CVE-2019-19956 HIGH 2.9.4+dfsg1-7+b3 2.9.4+dfsg1-7+deb10u1 libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libxml2 CVE-2019-20388 HIGH 2.9.4+dfsg1-7+b3 2.9.4+dfsg1-7+deb10u1 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libxml2 CVE-2020-7595 HIGH 2.9.4+dfsg1-7+b3 2.9.4+dfsg1-7+deb10u1 infinite loop in xmlStringLenDecodeEntities in some end-of-file situations
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libxml2 CVE-2021-3516 HIGH 2.9.4+dfsg1-7+b3 2.9.4+dfsg1-7+deb10u2 libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libxml2 CVE-2021-3517 HIGH 2.9.4+dfsg1-7+b3 2.9.4+dfsg1-7+deb10u2 libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libxml2 CVE-2021-3518 HIGH 2.9.4+dfsg1-7+b3 2.9.4+dfsg1-7+deb10u2 libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libxml2 CVE-2022-23308 HIGH 2.9.4+dfsg1-7+b3 2.9.4+dfsg1-7+deb10u3 libxml2: Use-after-free of ID and IDREF attributes
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libxml2 CVE-2022-40303 HIGH 2.9.4+dfsg1-7+b3 2.9.4+dfsg1-7+deb10u5 libxml2: integer overflows with XML_PARSE_HUGE
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) libxml2 CVE-2022-40304 HIGH 2.9.4+dfsg1-7+b3 2.9.4+dfsg1-7+deb10u5 libxml2: dict corruption caused by entity reference cycles
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2019-18814 CRITICAL 4.19.118-2+deb10u1 4.19.131-1 kernel: use-after-free in aa_audit_rule_init() in security/apparmor/audit.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2013-7445 HIGH 4.19.118-2+deb10u1 kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2019-0145 HIGH 4.19.118-2+deb10u1 4.19.146-1 Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Contro ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2019-19074 HIGH 4.19.118-2+deb10u1 4.19.146-1 kernel: a memory leak in the ath9k management function in allows local DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2019-19377 HIGH 4.19.118-2+deb10u1 4.19.160-1 kernel: use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2019-19448 HIGH 4.19.118-2+deb10u1 4.19.146-1 kernel: mounting a crafted btrfs filesystem image; performing some operations; and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2019-19449 HIGH 4.19.118-2+deb10u1 kernel: mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2019-19770 HIGH 4.19.118-2+deb10u1 4.19.160-1 kernel: use-after-free in debugfs_remove in fs/debugfs/inode.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2019-19814 HIGH 4.19.118-2+deb10u1 kernel: out-of-bounds write in __remove_dirty_segment in fs/f2fs/segment.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2019-19816 HIGH 4.19.118-2+deb10u1 4.19.160-1 kernel: out-of-bounds write in __btrfs_map_block in fs/btrfs/volumes.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-0423 HIGH 4.19.118-2+deb10u1 4.19.160-1 kernel: use-after-free in binder_release_work of binder.c due to improper locking may lead to local escalation of privilege
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-0466 HIGH 4.19.118-2+deb10u1 4.19.146-1 kernel: use after free in eventpoll.c may lead to escalation of privilege
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-12351 HIGH 4.19.118-2+deb10u1 4.19.152-1 kernel: net: bluetooth: type confusion while processing AMP packets
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-12362 HIGH 4.19.118-2+deb10u1 kernel: Integer overflow in Intel(R) Graphics Drivers
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-13974 HIGH 4.19.118-2+deb10u1 4.19.131-1 kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-14351 HIGH 4.19.118-2+deb10u1 4.19.160-1 performance counters race condition use-after-free
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-14356 HIGH 4.19.118-2+deb10u1 4.19.146-1 kernel: Use After Free vulnerability in cgroup BPF component
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-14386 HIGH 4.19.118-2+deb10u1 4.19.146-1 kernel: memory corruption in net/packet/af_packet.c leads to elevation of privilege
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-16119 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: DCCP CCID structure use-after-free may lead to DoS or code execution
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-24394 HIGH 4.19.118-2+deb10u1 4.19.131-1 kernel: umask not applied on filesystem without ACL support
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-25212 HIGH 4.19.118-2+deb10u1 4.19.146-1 kernel: TOCTOU mismatch in the NFS client code
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-25643 HIGH 4.19.118-2+deb10u1 4.19.152-1 kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-25645 HIGH 4.19.118-2+deb10u1 4.19.152-1 kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-25668 HIGH 4.19.118-2+deb10u1 4.19.160-1 kernel: race condition in fg_console can lead to use-after-free in con_font_op
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-25669 HIGH 4.19.118-2+deb10u1 4.19.160-1 kernel: use-after-free read in sunkbd_reinit in drivers/input/keyboard/sunkbd.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-25670 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: refcount leak in llcp_sock_bind()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-25671 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: refcount leak in llcp_sock_connect()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-25672 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: memory leak in llcp_sock_connect()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-25705 HIGH 4.19.118-2+deb10u1 4.19.160-1 kernel: ICMP rate limiting can be used for DNS poisoning attack
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-27786 HIGH 4.19.118-2+deb10u1 4.19.131-1 kernel: use-after-free in kernel midi subsystem
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-27815 HIGH 4.19.118-2+deb10u1 4.19.171-2 kernel: Array index out of bounds access when setting extended attributes on journaling filesystems.
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-28374 HIGH 4.19.118-2+deb10u1 4.19.171-2 kernel: SCSI target (LIO) write to any block on ILO backstore
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-29368 HIGH 4.19.118-2+deb10u1 4.19.131-1 kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-29569 HIGH 4.19.118-2+deb10u1 4.19.171-2 An issue was discovered in the Linux kernel through 5.10.1; as used wi ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-29661 HIGH 4.19.118-2+deb10u1 4.19.171-2 kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-35519 HIGH 4.19.118-2+deb10u1 4.19.171-1 kernel: x25_bind out-of-bounds read
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-36385 HIGH 4.19.118-2+deb10u1 kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2020-36386 HIGH 4.19.118-2+deb10u1 4.19.146-1 kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-0512 HIGH 4.19.118-2+deb10u1 4.19.181-1 kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-1048 HIGH 4.19.118-2+deb10u1 4.19.146-1 kernel: Use After Free in epoll_loop_check_proc() which could result in a local privilege escalation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-20322 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-22543 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-22555 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-22600 HIGH 4.19.118-2+deb10u1 4.19.232-1 double free in packet_set_ring() in net/packet/af_packet.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-23133 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: Race condition in sctp_destroy_sock list_del
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-23134 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: use-after-free in nfc sockets
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-26930 HIGH 4.19.118-2+deb10u1 4.19.177-1 An issue was discovered in the Linux kernel 3.11 through 5.10.16; as u ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-27364 HIGH 4.19.118-2+deb10u1 4.19.181-1 kernel: out-of-bounds read in libiscsi module
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-27365 HIGH 4.19.118-2+deb10u1 4.19.181-1 kernel: heap buffer overflow in the iSCSI subsystem
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-28660 HIGH 4.19.118-2+deb10u1 4.19.181-1 kernel: buffer overflow in rtw_wx_set_scan function in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-29154 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-32399 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: race condition for removal of the HCI controller
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-33033 HIGH 4.19.118-2+deb10u1 4.19.181-1 kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-33034 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3347 HIGH 4.19.118-2+deb10u1 4.19.171-2 kernel: Use after free via PI futex state
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3348 HIGH 4.19.118-2+deb10u1 4.19.177-1 kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-33909 HIGH 4.19.118-2+deb10u1 4.19.194-3 kernel: size_t-to-int conversion vulnerability in the filesystem layer
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3444 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: bpf verifier incorrect mod32 truncation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3483 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: use-after-free in nosy driver in nosy_ioctl() in drivers/firewire/nosy.c when a device is added twice
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3493 HIGH 4.19.118-2+deb10u1 kernel: overlayfs file system caps privilege escalation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-34981 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-35039 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: allows loading unsigned kernel modules via init_module syscall
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3506 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: Out of bounds memory access bug in get_next_net_page() in fs/f2fs/node.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3600 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: eBPF 32-bit source register truncation on div/mod
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3609 HIGH 4.19.118-2+deb10u1 4.19.194-3 kernel: race condition in net/can/bcm.c leads to local privilege escalation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3612 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3640 HIGH 4.19.118-2+deb10u1 4.19.232-1 use-after-free vulnerability in function sco_sock_sendmsg()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3653 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: SVM nested virtualization issue in KVM (AVIC support)
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3656 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3743 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3752 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: possible use-after-free in bluetooth module
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-37576 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: powerpc: KVM guest OS users can cause host OS memory corruption
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3760 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: nfc: Use-After-Free vulnerability of ndev->rf_conn_info object
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-38160 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-38207 HIGH 4.19.118-2+deb10u1 kernel: buffer overflow in drivers/net/ethernet/xilinx/ll_temac_main.c by sending heavy network traffic for about ten minutes
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-38300 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: crafting anomalous machine code may lead to arbitrary Kernel code execution
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3847 HIGH 4.19.118-2+deb10u1 kernel: low-privileged user privileges escalation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-3864 HIGH 4.19.118-2+deb10u1 descendant's dumpable setting with certain SUID binaries
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-39634 HIGH 4.19.118-2+deb10u1 4.19.152-1 In fs/eventpoll.c; there is a possible use after free. This could lead ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-39685 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: USB gadget buffer overflow
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-39686 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: race condition in the Android binder driver could lead to incorrect security checks
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-39698 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: use-after-free in the file polling implementation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-39713 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: race condition in the network scheduling subsystem could lead to an use-after-free
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-4037 HIGH 4.19.118-2+deb10u1 kernel: security regression for CVE-2018-13405
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-40490 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-4083 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: fget: check that the fd still exists after getting a ref to it
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-4157 HIGH 4.19.118-2+deb10u1 4.19.194-1 kernel: Buffer overwrite in decode_nfs_fh function
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-41864 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-4197 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: cgroup: Use open-time creds and namespace for migration perm checks
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-42008 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: slab out-of-bounds write in decode_data() in drivers/net/hamradio/6pack.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-4202 HIGH 4.19.118-2+deb10u1 4.19.232-1 Race condition in nci_request() leads to use after free while the device is getting removed
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-42252 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: memory overwrite in the kernel with potential privileges execution
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-44733 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: use-after-free in the TEE subsystem
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-45469 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: out-of-bounds memory access in __f2fs_setxattr() in fs/f2fs/xattr.c when an inode has an invalid last xattr entry
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2021-45485 HIGH 4.19.118-2+deb10u1 4.19.208-1 kernel: information leak in the IPv6 implementation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-0330 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: possible privileges escalation due to missing TLB flush
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-0435 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-0492 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: cgroups v1 release_agent feature may allow privilege escalation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-0850 HIGH 4.19.118-2+deb10u1 4.19.208-1 information leak in copy_page_to_iter() in iov_iter.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1011 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: FUSE allows UAF reads of write() buffers; allowing theft of (partial) /etc/shadow hashes
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1012 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1048 HIGH 4.19.118-2+deb10u1 4.19.249-2 race condition in snd_pcm_hw_free leading to use-after-free
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1199 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: Null pointer dereference and use after free in ax25_release()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1353 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel info leak issue in pfkey_register
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1419 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: a concurrency use-after-free in vgem_gem_dumb_create
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1652 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: A concurrency use-after-free in floppy disk device driver.
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1678 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: improper update of sock reference in TCP pacing can lead to memory leak
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1679 HIGH 4.19.118-2+deb10u1 4.19.260-1 use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1729 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: race condition in perf_event_open leads to privilege escalation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-1734 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: Use-After-Free in NFC driver in nfcmrvl_nci_unregister_dev when simulating NFC device from user-space
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-20141 HIGH 4.19.118-2+deb10u1 4.19.208-1 use-after-free in ip_check_mc_rcu when opening and closing inet sockets
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-20368 HIGH 4.19.118-2+deb10u1 4.19.249-1 kernel: net/packet: slab-out-of-bounds access in packet_recvmsg()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-20421 HIGH 4.19.118-2+deb10u1 4.19.260-1 kernel: use after free in binder_inc_ref_for_node in drivers/android/binder.c due
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-20422 HIGH 4.19.118-2+deb10u1 4.19.260-1 In emulation_proc_handler of armv8_deprecated.c; there is a possible w ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-20566 HIGH 4.19.118-2+deb10u1 4.19.260-1 kernel: possible use after free due to improper locking in l2cap_chan_put of l2cap_core
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-22942 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: failing usercopy allows for use-after-free exploitation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-23036 HIGH 4.19.118-2+deb10u1 4.19.235-1 Linux PV device frontends vulnerable to attacks by backends T[his CNA ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-23037 HIGH 4.19.118-2+deb10u1 4.19.235-1 Linux PV device frontends vulnerable to attacks by backends T[his CNA ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-23038 HIGH 4.19.118-2+deb10u1 4.19.235-1 Linux PV device frontends vulnerable to attacks by backends T[his CNA ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-23039 HIGH 4.19.118-2+deb10u1 4.19.235-1 Linux PV device frontends vulnerable to attacks by backends T[his CNA ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-23040 HIGH 4.19.118-2+deb10u1 4.19.235-1 Linux PV device frontends vulnerable to attacks by backends T[his CNA ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-23041 HIGH 4.19.118-2+deb10u1 4.19.235-1 Linux PV device frontends vulnerable to attacks by backends T[his CNA ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-23042 HIGH 4.19.118-2+deb10u1 4.19.235-1 Linux PV device frontends vulnerable to attacks by backends T[his CNA ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-24958 HIGH 4.19.118-2+deb10u1 4.19.235-1 kernel: use-after-free in dev->buf release in drivers/usb/gadget/legacy/inode.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-2588 HIGH 4.19.118-2+deb10u1 4.19.260-1 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-26365 HIGH 4.19.118-2+deb10u1 4.19.260-1 Linux disk/nic frontends data leaks T[his CNA information record relat ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-2639 HIGH 4.19.118-2+deb10u1 4.19.249-1 kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-26490 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: potential buffer overflows in EVT_TRANSACTION in st21nfca
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-27223 HIGH 4.19.118-2+deb10u1 4.19.232-1 kernel: In drivers/usb/gadget/udc/udc-xilinx.c the endpoint index is not validated
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-27666 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: buffer overflow in IPsec ESP transformation code
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-28390 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-29581 HIGH 4.19.118-2+deb10u1 4.19.249-2 use-after-free due to improper update of reference count in net/sched/cls_u32.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-2964 HIGH 4.19.118-2+deb10u1 4.19.232-1 memory corruption in AX88179_178A based USB ethernet device.
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-2977 HIGH 4.19.118-2+deb10u1 4.19.249-1 kernel: use-after-free Read in put_device (/dev/vtpmx)
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-2978 HIGH 4.19.118-2+deb10u1 4.19.269-1 kernel: use-after-free in nilfs_mdt_destroy
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3028 HIGH 4.19.118-2+deb10u1 4.19.260-1 race condition in xfrm_probe_algs can lead to OOB read/write
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-30594 HIGH 4.19.118-2+deb10u1 4.19.249-2 Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3176 HIGH 4.19.118-2+deb10u1 kernel: use-after-free in io_uring for POLLFREE notification with Signalfd_poll() and binder_poll()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3202 HIGH 4.19.118-2+deb10u1 4.19.249-1 Kernel: jfs: Null Pointer Deference in jfs_evict_inode leads to Denial of Service
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-32250 HIGH 4.19.118-2+deb10u1 4.19.249-2 kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3239 HIGH 4.19.118-2+deb10u1 4.19.249-1 initialize refcount before kref_get
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-33740 HIGH 4.19.118-2+deb10u1 4.19.260-1 Linux disk/nic frontends data leaks T[his CNA information record relat ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-33741 HIGH 4.19.118-2+deb10u1 4.19.260-1 Linux disk/nic frontends data leaks T[his CNA information record relat ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-33742 HIGH 4.19.118-2+deb10u1 4.19.260-1 Linux disk/nic frontends data leaks T[his CNA information record relat ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3424 HIGH 4.19.118-2+deb10u1 4.19.282-1 Use after Free in gru_set_context_option leading to kernel panic
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3545 HIGH 4.19.118-2+deb10u1 4.19.282-1 A flaw leading to a use-after-free in area_cache_get()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3564 HIGH 4.19.118-2+deb10u1 4.19.269-1 use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3565 HIGH 4.19.118-2+deb10u1 4.19.269-1 kernel: use-after-free in l1oip timer handlers
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3566 HIGH 4.19.118-2+deb10u1 data races around icsk->icsk_af_ops in do_ipv6_setsockopt
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3567 HIGH 4.19.118-2+deb10u1 data races around sk->sk_prot
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3635 HIGH 4.19.118-2+deb10u1 4.19.260-1 kernel: use after in tst_timer in drivers/atm/idt77252.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3640 HIGH 4.19.118-2+deb10u1 4.19.269-1 use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-3649 HIGH 4.19.118-2+deb10u1 4.19.269-1 kernel: nilfs2: use-after-free in nilfs_new_inode of fs/nilfs2/inode.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-36946 HIGH 4.19.118-2+deb10u1 4.19.260-1 DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-39189 HIGH 4.19.118-2+deb10u1 TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-4095 HIGH 4.19.118-2+deb10u1 4.19.260-1 kernel: Use-after-Free/Double-Free bug in read_bbreg_hdl in drivers/staging/rtl8712/rtl8712_cmd.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-41858 HIGH 4.19.118-2+deb10u1 4.19.249-1 null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-42896 HIGH 4.19.118-2+deb10u1 4.19.269-1 use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-4378 HIGH 4.19.118-2+deb10u1 4.19.269-1 stack overflow in do_proc_dointvec and proc_skip_spaces
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-43945 HIGH 4.19.118-2+deb10u1 nfsd buffer overflow by RPC message over TCP with garbage data
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-45934 HIGH 4.19.118-2+deb10u1 4.19.282-1 kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-4744 HIGH 4.19.118-2+deb10u1 4.19.282-1 avoid double free in tun_free_netdev
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-47518 HIGH 4.19.118-2+deb10u1 kernel: a heap-based buffer overflow in drivers/net/wireless/microchip/wilc1000/cfg80211.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-47519 HIGH 4.19.118-2+deb10u1 kernel: an out-of-bounds write in drivers/net/wireless/microchip/wilc1000/cfg80211.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-47520 HIGH 4.19.118-2+deb10u1 kernel: an out-of-bounds read in drivers/net/wireless/microchip/wilc1000/hif.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2022-47521 HIGH 4.19.118-2+deb10u1 kernel: a heap-based buffer overflow in drivers/net/wireless/microchip/wilc1000/cfg80211.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-0030 HIGH 4.19.118-2+deb10u1 kernel: Use after Free in nvkm_vmm_pfn_map
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-0045 HIGH 4.19.118-2+deb10u1 4.19.282-1 Bypassing Spectre-BTI User Space Mitigations
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-0266 HIGH 4.19.118-2+deb10u1 4.19.282-1 Move rwsem lock inside snd_ctl_elem_read to prevent UAF
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-0386 HIGH 4.19.118-2+deb10u1 FUSE filesystem low-privileged user privileges escalation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-0461 HIGH 4.19.118-2+deb10u1 4.19.282-1 use-after-free in listening ULP sockets
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-1077 HIGH 4.19.118-2+deb10u1 kernel: Type confusion in pick_next_rt_entity()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-1078 HIGH 4.19.118-2+deb10u1 4.19.282-1 kernel: Heap OOB Write in rds_rm_zerocopy_callback()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-1118 HIGH 4.19.118-2+deb10u1 4.19.282-1 use-after-free in drivers/media/rc/ene_ir.c due to race condition
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-1281 HIGH 4.19.118-2+deb10u1 4.19.282-1 Use After Free vulnerability in traffic control index filter (tcindex) allows Privilege Escalation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-1380 HIGH 4.19.118-2+deb10u1 a USB-accessible slab-out-of-bounds read in brcmfmac
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-1390 HIGH 4.19.118-2+deb10u1 4.19.171-1 kernel: remote DoS in TIPC kernel module
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-1670 HIGH 4.19.118-2+deb10u1 4.19.282-1 use after free bug in xirc2ps_detach
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-1829 HIGH 4.19.118-2+deb10u1 4.19.282-1 Use-after-free vulnerability in the Linux Kernel traffic control index filter
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-1838 HIGH 4.19.118-2+deb10u1 4.19.249-1 Possible use-after-free since the two fdget() during vhost_net_set_backend()
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-1989 HIGH 4.19.118-2+deb10u1 4.19.282-1 Use after free bug in btsdio_remove due to race condition
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-2007 HIGH 4.19.118-2+deb10u1 The specific flaw exists within the DPT I2O Controller driver. The iss ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-20938 HIGH 4.19.118-2+deb10u1 In binder_transaction_buffer_release of binder.c; there is a possible ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-2124 HIGH 4.19.118-2+deb10u1 OOB access in the Linux kernel's XFS subsystem
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-2176 HIGH 4.19.118-2+deb10u1 Slab-out-of-bound read in compare_netdev_and_ip
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-22995 HIGH 4.19.118-2+deb10u1 kernel: missing platform_device_put() and kfree() calls in an error path in dwc3_qcom_acpi_register_core() in drivers/usb/dwc3/dwc3-qcom.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-23003 HIGH 4.19.118-2+deb10u1 kernel: missing check for return value of hashmap__new() in the function expr__ctx_new
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-23559 HIGH 4.19.118-2+deb10u1 4.19.282-1 kernel: Integer overflow in function rndis_query_oid of rndis_wlan.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-28410 HIGH 4.19.118-2+deb10u1 Improper restriction in memory buffer in graphics drivers cause escalation of privilege
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-28464 HIGH 4.19.118-2+deb10u1 double free in hci_conn_cleanup of the bluetooth subsystem
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-28466 HIGH 4.19.118-2+deb10u1 a race condition in do_tls_getsockopt in net/tls/tls_main.c may lead to use-after-free or NULL pointer dereference
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-28772 HIGH 4.19.118-2+deb10u1 4.19.208-1 lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-31436 HIGH 4.19.118-2+deb10u1 4.19.282-1 out-of-bounds write in qfq_change_class function
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) linux-libc-dev CVE-2023-32233 HIGH 4.19.118-2+deb10u1 use-after-free in Netfilter nf_tables when processing batch requests can lead to privilege escalation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) nfs-common CVE-2019-3689 CRITICAL 1:1.3.4-2.5 1:1.3.4-2.5+deb10u1 nfs-utils: root-owned files stored in insecure /var/lib/nfs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssh-client CVE-2021-41617 HIGH 1:7.9p1-10+deb10u2 openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssl CVE-2021-3711 CRITICAL 1.1.1d-0+deb10u3 1.1.1d-0+deb10u7 openssl: SM2 Decryption Buffer Overflow
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssl CVE-2022-1292 CRITICAL 1.1.1d-0+deb10u3 1.1.1n-0+deb10u2 openssl: c_rehash script allows command injection
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssl CVE-2022-2068 CRITICAL 1.1.1d-0+deb10u3 1.1.1n-0+deb10u3 openssl: the c_rehash script allows command injection
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssl CVE-2021-23840 HIGH 1.1.1d-0+deb10u3 1.1.1d-0+deb10u5 openssl: integer overflow in CipherUpdate
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssl CVE-2021-3712 HIGH 1.1.1d-0+deb10u3 1.1.1d-0+deb10u7 openssl: Read buffer overruns processing ASN.1 strings
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssl CVE-2022-0778 HIGH 1.1.1d-0+deb10u3 1.1.1d-0+deb10u8 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssl CVE-2022-4450 HIGH 1.1.1d-0+deb10u3 1.1.1n-0+deb10u4 double free after calling PEM_read_bio_ex
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssl CVE-2023-0215 HIGH 1.1.1d-0+deb10u3 1.1.1n-0+deb10u4 use-after-free following BIO_new_NDEF
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssl CVE-2023-0286 HIGH 1.1.1d-0+deb10u3 1.1.1n-0+deb10u4 X.400 address type confusion in X.509 GeneralName
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) openssl CVE-2023-0464 HIGH 1.1.1d-0+deb10u3 Denial of service by excessive resource usage in verifying X509 policy constraints
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl CVE-2020-10543 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: heap-based buffer overflow in regular expression compiler leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl CVE-2020-10878 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl CVE-2020-12723 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl CVE-2020-16156 HIGH 5.28.1-6 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl CVE-2023-31484 HIGH 5.28.1-6 CPAN.pm before 2.35 does not verify TLS certificates when downloading ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl-base CVE-2020-10543 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: heap-based buffer overflow in regular expression compiler leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl-base CVE-2020-10878 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl-base CVE-2020-12723 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl-base CVE-2020-16156 HIGH 5.28.1-6 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl-base CVE-2023-31484 HIGH 5.28.1-6 CPAN.pm before 2.35 does not verify TLS certificates when downloading ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl-modules-5.28 CVE-2020-10543 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: heap-based buffer overflow in regular expression compiler leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl-modules-5.28 CVE-2020-10878 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl-modules-5.28 CVE-2020-12723 HIGH 5.28.1-6 5.28.1-6+deb10u1 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl-modules-5.28 CVE-2020-16156 HIGH 5.28.1-6 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) perl-modules-5.28 CVE-2023-31484 HIGH 5.28.1-6 CPAN.pm before 2.35 does not verify TLS certificates when downloading ...
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-cephfs CVE-2019-10222 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthenticated clients can crash ceph RGW configured with beast as frontend
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-cephfs CVE-2020-12059 HIGH 12.2.11+dfsg1-2.1+b1 ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-cephfs CVE-2020-27781 HIGH 12.2.11+dfsg1-2.1+b1 ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-cephfs CVE-2021-20288 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthorized global_id reuse in cephx
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-rados CVE-2019-10222 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthenticated clients can crash ceph RGW configured with beast as frontend
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-rados CVE-2020-12059 HIGH 12.2.11+dfsg1-2.1+b1 ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-rados CVE-2020-27781 HIGH 12.2.11+dfsg1-2.1+b1 ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-rados CVE-2021-20288 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthorized global_id reuse in cephx
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-rbd CVE-2019-10222 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthenticated clients can crash ceph RGW configured with beast as frontend
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-rbd CVE-2020-12059 HIGH 12.2.11+dfsg1-2.1+b1 ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-rbd CVE-2020-27781 HIGH 12.2.11+dfsg1-2.1+b1 ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-rbd CVE-2021-20288 HIGH 12.2.11+dfsg1-2.1+b1 ceph: Unauthorized global_id reuse in cephx
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-urllib3 CVE-2019-11324 HIGH 1.24.1-1 python-urllib3: Certification mishandle when error should be thrown
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python-urllib3 CVE-2021-33503 HIGH 1.24.1-1 python-urllib3: ReDoS in the parsing of authority part of URL
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7 CVE-2021-3177 CRITICAL 2.7.16-2+deb10u1 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7 CVE-2015-20107 HIGH 2.7.16-2+deb10u1 python: mailcap: findmatch() function does not sanitize the second argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7 CVE-2020-10735 HIGH 2.7.16-2+deb10u1 int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7 CVE-2020-26116 HIGH 2.7.16-2+deb10u1 python: CRLF injection via HTTP request method in httplib/http.client
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7 CVE-2021-3737 HIGH 2.7.16-2+deb10u1 HTTP client possible infinite loop on a 100 Continue response
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7 CVE-2022-0391 HIGH 2.7.16-2+deb10u1 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7 CVE-2022-45061 HIGH 2.7.16-2+deb10u1 CPU denial of service via inefficient IDNA decoder
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7 CVE-2023-24329 HIGH 2.7.16-2+deb10u1 urllib.parse url blocklisting bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7-minimal CVE-2021-3177 CRITICAL 2.7.16-2+deb10u1 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7-minimal CVE-2015-20107 HIGH 2.7.16-2+deb10u1 python: mailcap: findmatch() function does not sanitize the second argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7-minimal CVE-2020-10735 HIGH 2.7.16-2+deb10u1 int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7-minimal CVE-2020-26116 HIGH 2.7.16-2+deb10u1 python: CRLF injection via HTTP request method in httplib/http.client
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7-minimal CVE-2021-3737 HIGH 2.7.16-2+deb10u1 HTTP client possible infinite loop on a 100 Continue response
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7-minimal CVE-2022-0391 HIGH 2.7.16-2+deb10u1 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7-minimal CVE-2022-45061 HIGH 2.7.16-2+deb10u1 CPU denial of service via inefficient IDNA decoder
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python2.7-minimal CVE-2023-24329 HIGH 2.7.16-2+deb10u1 urllib.parse url blocklisting bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3-urllib3 CVE-2019-11324 HIGH 1.24.1-1 python-urllib3: Certification mishandle when error should be thrown
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3-urllib3 CVE-2021-33503 HIGH 1.24.1-1 python-urllib3: ReDoS in the parsing of authority part of URL
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7 CVE-2021-3177 CRITICAL 3.7.3-2+deb10u1 3.7.3-2+deb10u3 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7 CVE-2022-37454 CRITICAL 3.7.3-2+deb10u1 3.7.3-2+deb10u4 buffer overflow in the SHA-3 reference implementation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7 CVE-2015-20107 HIGH 3.7.3-2+deb10u1 python: mailcap: findmatch() function does not sanitize the second argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7 CVE-2020-10735 HIGH 3.7.3-2+deb10u1 int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7 CVE-2020-26116 HIGH 3.7.3-2+deb10u1 3.7.3-2+deb10u3 python: CRLF injection via HTTP request method in httplib/http.client
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7 CVE-2021-3737 HIGH 3.7.3-2+deb10u1 HTTP client possible infinite loop on a 100 Continue response
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7 CVE-2022-0391 HIGH 3.7.3-2+deb10u1 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7 CVE-2022-45061 HIGH 3.7.3-2+deb10u1 CPU denial of service via inefficient IDNA decoder
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7 CVE-2023-24329 HIGH 3.7.3-2+deb10u1 urllib.parse url blocklisting bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7-minimal CVE-2021-3177 CRITICAL 3.7.3-2+deb10u1 3.7.3-2+deb10u3 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7-minimal CVE-2022-37454 CRITICAL 3.7.3-2+deb10u1 3.7.3-2+deb10u4 buffer overflow in the SHA-3 reference implementation
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7-minimal CVE-2015-20107 HIGH 3.7.3-2+deb10u1 python: mailcap: findmatch() function does not sanitize the second argument
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7-minimal CVE-2020-10735 HIGH 3.7.3-2+deb10u1 int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7-minimal CVE-2020-26116 HIGH 3.7.3-2+deb10u1 3.7.3-2+deb10u3 python: CRLF injection via HTTP request method in httplib/http.client
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7-minimal CVE-2021-3737 HIGH 3.7.3-2+deb10u1 HTTP client possible infinite loop on a 100 Continue response
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7-minimal CVE-2022-0391 HIGH 3.7.3-2+deb10u1 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7-minimal CVE-2022-45061 HIGH 3.7.3-2+deb10u1 CPU denial of service via inefficient IDNA decoder
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) python3.7-minimal CVE-2023-24329 HIGH 3.7.3-2+deb10u1 urllib.parse url blocklisting bypass
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) udev CVE-2019-3843 HIGH 241-7~deb10u4 systemd: services with DynamicUser can create SUID/SGID binaries
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) udev CVE-2019-3844 HIGH 241-7~deb10u4 systemd: services with DynamicUser can get new privileges and create SGID binaries
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) udev CVE-2023-26604 HIGH 241-7~deb10u4 241-7~deb10u9 systemd: privilege escalation via the less pager
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) zlib1g CVE-2022-37434 CRITICAL 1:1.2.11.dfsg-1 1:1.2.11.dfsg-1+deb10u2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
gcr.io-google_containers-hyperkube-v1.17.9 OS gcr.io/google_containers/hyperkube:v1.17.9 (debian 10.3) zlib1g CVE-2018-25032 HIGH 1:1.2.11.dfsg-1 1:1.2.11.dfsg-1+deb10u1 A flaw found in zlib when compressing (not decompressing) certain inputs
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) dpkg CVE-2022-1664 CRITICAL 1.18.25 1.18.26 Dpkg::Source::Archive in dpkg; the Debian package management system; b ...
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) gcc-6-base CVE-2018-12886 HIGH 6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) gpgv CVE-2018-1000858 HIGH 2.1.18-8~deb9u4 gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) gzip CVE-2022-1271 HIGH 1.6-5+b1 1.6-5+deb9u1 gzip: arbitrary-file-write vulnerability
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libbz2-1.0 CVE-2019-12900 CRITICAL 1.0.6-8.1 bzip2: out-of-bounds write in function BZ2_decompress
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libcomerr2 CVE-2022-1304 HIGH 1.43.4-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libdb5.3 CVE-2019-8457 CRITICAL 5.3.28-12+deb9u1 sqlite: heap out-of-bound read in function rtreenode()
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libelf1 CVE-2018-16402 CRITICAL 0.168-1 0.168-1+deb9u1 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libgcc1 CVE-2018-12886 HIGH 1:6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libgcrypt20 CVE-2021-33560 HIGH 1.7.6-2+deb9u3 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libidn11 CVE-2017-14062 CRITICAL 1.33-1 1.33-1+deb9u1 libidn2: Integer overflow in puny_decode.c/decode_digit
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) liblz4-1 CVE-2021-3520 CRITICAL 0.0~r131-2+b1 0.0~r131-2+deb9u1 memory corruption due to an integer overflow bug caused by memmove argument
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) liblzma5 CVE-2022-1271 HIGH 5.2.2-1.2+b1 5.2.2-1.2+deb9u1 gzip: arbitrary-file-write vulnerability
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libnettle6 CVE-2021-20305 HIGH 3.3-1+b2 3.3-1+deb9u1 nettle: Out of bounds memory access in signature verification
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libnettle6 CVE-2021-3580 HIGH 3.3-1+b2 3.3-1+deb9u1 nettle: Remote crash in RSA decryption via manipulated ciphertext
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libssl1.1 CVE-2022-1292 CRITICAL 1.1.0j-1~deb9u1 1.1.0l-1~deb9u6 openssl: c_rehash script allows command injection
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libssl1.1 CVE-2019-1543 HIGH 1.1.0j-1~deb9u1 1.1.0k-1~deb9u1 openssl: ChaCha20-Poly1305 with long nonces
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libssl1.1 CVE-2021-23840 HIGH 1.1.0j-1~deb9u1 1.1.0l-1~deb9u3 openssl: integer overflow in CipherUpdate
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libssl1.1 CVE-2021-3712 HIGH 1.1.0j-1~deb9u1 1.1.0l-1~deb9u4 openssl: Read buffer overruns processing ASN.1 strings
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libssl1.1 CVE-2022-0778 HIGH 1.1.0j-1~deb9u1 1.1.0l-1~deb9u5 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libstdc++6 CVE-2018-12886 HIGH 6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libtinfo5 CVE-2022-29458 HIGH 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) libuuid1 CVE-2016-2779 HIGH 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) login CVE-2017-12424 CRITICAL 1:4.4-4.1 1:4.4-4.1+deb9u1 shadow-utils: Buffer overflow via newusers tool
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) login CVE-2017-20002 HIGH 1:4.4-4.1 1:4.4-4.1+deb9u1 The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ...
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) openssl CVE-2022-1292 CRITICAL 1.1.0j-1~deb9u1 1.1.0l-1~deb9u6 openssl: c_rehash script allows command injection
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) openssl CVE-2019-1543 HIGH 1.1.0j-1~deb9u1 1.1.0k-1~deb9u1 openssl: ChaCha20-Poly1305 with long nonces
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) openssl CVE-2021-23840 HIGH 1.1.0j-1~deb9u1 1.1.0l-1~deb9u3 openssl: integer overflow in CipherUpdate
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) openssl CVE-2021-3712 HIGH 1.1.0j-1~deb9u1 1.1.0l-1~deb9u4 openssl: Read buffer overruns processing ASN.1 strings
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) openssl CVE-2022-0778 HIGH 1.1.0j-1~deb9u1 1.1.0l-1~deb9u5 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) passwd CVE-2017-12424 CRITICAL 1:4.4-4.1 1:4.4-4.1+deb9u1 shadow-utils: Buffer overflow via newusers tool
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) passwd CVE-2017-20002 HIGH 1:4.4-4.1 1:4.4-4.1+deb9u1 The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ...
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) perl-base CVE-2020-10543 HIGH 5.24.1-3+deb9u5 5.24.1-3+deb9u7 perl: heap-based buffer overflow in regular expression compiler leads to DoS
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) perl-base CVE-2020-10878 HIGH 5.24.1-3+deb9u5 5.24.1-3+deb9u7 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) perl-base CVE-2020-12723 HIGH 5.24.1-3+deb9u5 5.24.1-3+deb9u7 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) perl-base CVE-2020-16156 HIGH 5.24.1-3+deb9u5 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files
k8s.gcr.io-cluster-autoscaler-v1.14.7 OS k8s.gcr.io/cluster-autoscaler:v1.14.7 (debian 9.8) zlib1g CVE-2018-25032 HIGH 1:1.2.8.dfsg-5 1:1.2.8.dfsg-5+deb9u1 A flaw found in zlib when compressing (not decompressing) certain inputs
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) dpkg CVE-2022-1664 CRITICAL 1.19.7 1.19.8 Dpkg::Source::Archive in dpkg; the Debian package management system; b ...
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) gcc-8-base CVE-2018-12886 HIGH 8.3.0-6 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) gcc-8-base CVE-2019-15847 HIGH 8.3.0-6 gcc: POWER9 DARN RNG intrinsic produces repeated output
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) gzip CVE-2022-1271 HIGH 1.9-3 1.9-3+deb10u1 gzip: arbitrary-file-write vulnerability
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc-bin CVE-2021-33574 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: mq_notify does not handle separately allocated thread attributes
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc-bin CVE-2021-35942 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Arbitrary read in wordexp()
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc-bin CVE-2022-23218 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in svcunix_create via long pathnames
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc-bin CVE-2022-23219 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc-bin CVE-2020-1751 HIGH 2.28-10 glibc: array overflow in backtrace functions for powerpc
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc-bin CVE-2020-1752 HIGH 2.28-10 2.28-10+deb10u2 glibc: use-after-free in glob() function when expanding ~user
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc-bin CVE-2020-6096 HIGH 2.28-10 2.28-10+deb10u2 glibc: signed comparison vulnerability in the ARMv7 memcpy function
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc-bin CVE-2021-3326 HIGH 2.28-10 2.28-10+deb10u2 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc-bin CVE-2021-3999 HIGH 2.28-10 2.28-10+deb10u2 glibc: Off-by-one buffer overflow/underflow in getcwd()
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc6 CVE-2021-33574 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: mq_notify does not handle separately allocated thread attributes
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc6 CVE-2021-35942 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Arbitrary read in wordexp()
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc6 CVE-2022-23218 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in svcunix_create via long pathnames
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc6 CVE-2022-23219 CRITICAL 2.28-10 2.28-10+deb10u2 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc6 CVE-2020-1751 HIGH 2.28-10 glibc: array overflow in backtrace functions for powerpc
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc6 CVE-2020-1752 HIGH 2.28-10 2.28-10+deb10u2 glibc: use-after-free in glob() function when expanding ~user
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc6 CVE-2020-6096 HIGH 2.28-10 2.28-10+deb10u2 glibc: signed comparison vulnerability in the ARMv7 memcpy function
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc6 CVE-2021-3326 HIGH 2.28-10 2.28-10+deb10u2 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libc6 CVE-2021-3999 HIGH 2.28-10 2.28-10+deb10u2 glibc: Off-by-one buffer overflow/underflow in getcwd()
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libdb5.3 CVE-2019-8457 CRITICAL 5.3.28+dfsg1-0.5 sqlite: heap out-of-bound read in function rtreenode()
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libgcc1 CVE-2018-12886 HIGH 1:8.3.0-6 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libgcc1 CVE-2019-15847 HIGH 1:8.3.0-6 gcc: POWER9 DARN RNG intrinsic produces repeated output
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libgcrypt20 CVE-2021-33560 HIGH 1.8.4-5+deb10u1 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libgmp10 CVE-2021-43618 HIGH 2:6.1.2+dfsg-4 2:6.1.2+dfsg-4+deb10u1 Integer overflow and resultant buffer overflow via crafted input
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libgnutls30 CVE-2022-2509 HIGH 3.6.7-4+deb10u7 3.6.7-4+deb10u9 gnutls: Double free during gnutls_pkcs7_verify
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libgnutls30 CVE-2023-0361 HIGH 3.6.7-4+deb10u7 3.6.7-4+deb10u10 timing side-channel in the TLS RSA key exchange code
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libidn2-0 CVE-2019-12290 HIGH 2.0.5-1+deb10u1 GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) liblzma5 CVE-2022-1271 HIGH 5.2.4-1 5.2.4-1+deb10u1 gzip: arbitrary-file-write vulnerability
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libssl1.1 CVE-2022-1292 CRITICAL 1.1.1d-0+deb10u7 1.1.1n-0+deb10u2 openssl: c_rehash script allows command injection
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libssl1.1 CVE-2022-2068 CRITICAL 1.1.1d-0+deb10u7 1.1.1n-0+deb10u3 openssl: the c_rehash script allows command injection
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libssl1.1 CVE-2022-0778 HIGH 1.1.1d-0+deb10u7 1.1.1d-0+deb10u8 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libssl1.1 CVE-2022-4450 HIGH 1.1.1d-0+deb10u7 1.1.1n-0+deb10u4 double free after calling PEM_read_bio_ex
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libssl1.1 CVE-2023-0215 HIGH 1.1.1d-0+deb10u7 1.1.1n-0+deb10u4 use-after-free following BIO_new_NDEF
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libssl1.1 CVE-2023-0286 HIGH 1.1.1d-0+deb10u7 1.1.1n-0+deb10u4 X.400 address type confusion in X.509 GeneralName
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libssl1.1 CVE-2023-0464 HIGH 1.1.1d-0+deb10u7 Denial of service by excessive resource usage in verifying X509 policy constraints
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libstdc++6 CVE-2018-12886 HIGH 8.3.0-6 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libstdc++6 CVE-2019-15847 HIGH 8.3.0-6 gcc: POWER9 DARN RNG intrinsic produces repeated output
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libsystemd0 CVE-2019-3843 HIGH 241-7~deb10u8 systemd: services with DynamicUser can create SUID/SGID binaries
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libsystemd0 CVE-2019-3844 HIGH 241-7~deb10u8 systemd: services with DynamicUser can get new privileges and create SGID binaries
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libsystemd0 CVE-2023-26604 HIGH 241-7~deb10u8 241-7~deb10u9 systemd: privilege escalation via the less pager
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libtasn1-6 CVE-2021-46848 CRITICAL 4.13-3 4.13-3+deb10u1 libtasn1: Out-of-bound access in ETYPE_OK
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libudev1 CVE-2019-3843 HIGH 241-7~deb10u8 systemd: services with DynamicUser can create SUID/SGID binaries
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libudev1 CVE-2019-3844 HIGH 241-7~deb10u8 systemd: services with DynamicUser can get new privileges and create SGID binaries
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) libudev1 CVE-2023-26604 HIGH 241-7~deb10u8 241-7~deb10u9 systemd: privilege escalation via the less pager
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) perl-base CVE-2020-16156 HIGH 5.28.1-6+deb10u1 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) perl-base CVE-2023-31484 HIGH 5.28.1-6+deb10u1 CPAN.pm before 2.35 does not verify TLS certificates when downloading ...
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) zlib1g CVE-2022-37434 CRITICAL 1:1.2.11.dfsg-1 1:1.2.11.dfsg-1+deb10u2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
k8s.gcr.io-kube-proxy-v1.20.15 OS k8s.gcr.io/kube-proxy:v1.20.15 (debian 10.10) zlib1g CVE-2018-25032 HIGH 1:1.2.11.dfsg-1 1:1.2.11.dfsg-1+deb10u1 A flaw found in zlib when compressing (not decompressing) certain inputs
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) libcrypto1.1 CVE-2022-4450 HIGH 1.1.1n-r0 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) libcrypto1.1 CVE-2023-0215 HIGH 1.1.1n-r0 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) libcrypto1.1 CVE-2023-0286 HIGH 1.1.1n-r0 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) libcrypto1.1 CVE-2023-0464 HIGH 1.1.1n-r0 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) libssl1.1 CVE-2022-4450 HIGH 1.1.1n-r0 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) libssl1.1 CVE-2023-0215 HIGH 1.1.1n-r0 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) libssl1.1 CVE-2023-0286 HIGH 1.1.1n-r0 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) libssl1.1 CVE-2023-0464 HIGH 1.1.1n-r0 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) ncurses-libs CVE-2022-29458 HIGH 6.3_p20211120-r0 6.3_p20211120-r1 ncurses: segfaulting OOB read
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) ncurses-terminfo-base CVE-2022-29458 HIGH 6.3_p20211120-r0 6.3_p20211120-r1 ncurses: segfaulting OOB read
platform9-hostplumber-v0.3 OS platform9/hostplumber:v0.3 (alpine 3.15.4) zlib CVE-2022-37434 CRITICAL 1.2.12-r0 1.2.12-r2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) libcrypto1.1 CVE-2022-4450 HIGH 1.1.1n-r0 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) libcrypto1.1 CVE-2023-0215 HIGH 1.1.1n-r0 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) libcrypto1.1 CVE-2023-0286 HIGH 1.1.1n-r0 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) libcrypto1.1 CVE-2023-0464 HIGH 1.1.1n-r0 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) libssl1.1 CVE-2022-4450 HIGH 1.1.1n-r0 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) libssl1.1 CVE-2023-0215 HIGH 1.1.1n-r0 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) libssl1.1 CVE-2023-0286 HIGH 1.1.1n-r0 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) libssl1.1 CVE-2023-0464 HIGH 1.1.1n-r0 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) ncurses-libs CVE-2022-29458 HIGH 6.3_p20211120-r0 6.3_p20211120-r1 ncurses: segfaulting OOB read
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) ncurses-terminfo-base CVE-2022-29458 HIGH 6.3_p20211120-r0 6.3_p20211120-r1 ncurses: segfaulting OOB read
platform9-luigi-plugins-v0.3 OS platform9/luigi-plugins:v0.3 (alpine 3.15.4) zlib CVE-2022-37434 CRITICAL 1.2.12-r0 1.2.12-r2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) busybox CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libcrypto1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libcrypto1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libretls CVE-2022-0778 HIGH 3.3.4-r2 3.3.4-r3 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libssl1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libssl1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libssl1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libssl1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) libssl1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) ssl_client CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) zlib CVE-2022-37434 CRITICAL 1.2.11-r3 1.2.12-r2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
platform9-monhelper-v2.0.1 OS platform9/monhelper:v2.0.1 (alpine 3.15.0) zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0 A flaw found in zlib when compressing (not decompressing) certain inputs
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) bind-license CVE-2022-38177 HIGH 32:9.11.4-26.P2.el7_9.9 32:9.11.4-26.P2.el7_9.10 bind: memory leak in ECDSA DNSSEC verification code
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) bind-license CVE-2022-38178 HIGH 32:9.11.4-26.P2.el7_9.9 32:9.11.4-26.P2.el7_9.10 bind: memory leaks in EdDSA DNSSEC verification code
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) expat CVE-2022-25235 HIGH 2.1.0-12.el7 2.1.0-14.el7_9 Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) expat CVE-2022-25236 HIGH 2.1.0-12.el7 2.1.0-14.el7_9 prefix] attribute values can lead to arbitrary code execution
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) expat CVE-2022-25315 HIGH 2.1.0-12.el7 2.1.0-14.el7_9 Integer overflow in storeRawNames()
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) expat CVE-2022-40674 HIGH 2.1.0-12.el7 2.1.0-15.el7_9 a use-after-free in the doContent function in xmlparse.c
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) glib2 CVE-2015-8385 HIGH 2.56.1-9.el7_9 pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) glib2 CVE-2016-3191 HIGH 2.56.1-9.el7_9 pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13; 10.22/12)
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) gzip CVE-2022-1271 HIGH 1.5-10.el7 1.5-11.el7_9 gzip: arbitrary-file-write vulnerability
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) krb5-libs CVE-2022-42898 HIGH 1.15.1-51.el7_9 1.15.1-55.el7_9 krb5: integer overflow vulnerabilities in PAC parsing
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) nss CVE-2023-0767 HIGH 3.67.0-4.el7_9 3.79.0-5.el7_9 nss: Arbitrary memory write via PKCS 12
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) nss-sysinit CVE-2023-0767 HIGH 3.67.0-4.el7_9 3.79.0-5.el7_9 nss: Arbitrary memory write via PKCS 12
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) nss-tools CVE-2023-0767 HIGH 3.67.0-4.el7_9 3.79.0-5.el7_9 nss: Arbitrary memory write via PKCS 12
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) openssl-libs CVE-2022-0778 HIGH 1:1.0.2k-24.el7_9 1:1.0.2k-25.el7_9 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) openssl-libs CVE-2023-0286 HIGH 1:1.0.2k-24.el7_9 1:1.0.2k-26.el7_9 X.400 address type confusion in X.509 GeneralName
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) python CVE-2023-24329 HIGH 2.7.5-90.el7 urllib.parse url blocklisting bypass
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) python-libs CVE-2023-24329 HIGH 2.7.5-90.el7 urllib.parse url blocklisting bypass
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) systemd CVE-2022-2526 HIGH 219-78.el7_9.5 219-78.el7_9.7 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) systemd-libs CVE-2022-2526 HIGH 219-78.el7_9.5 219-78.el7_9.7 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) xz CVE-2022-1271 HIGH 5.2.2-1.el7 5.2.2-2.el7_9 gzip: arbitrary-file-write vulnerability
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) xz-libs CVE-2022-1271 HIGH 5.2.2-1.el7 5.2.2-2.el7_9 gzip: arbitrary-file-write vulnerability
platform9-multus-v3.7.2-pmk-1 OS platform9/multus:v3.7.2-pmk-1 (centos 7.9.2009) zlib CVE-2018-25032 HIGH 1.2.7-19.el7_9 1.2.7-20.el7_9 A flaw found in zlib when compressing (not decompressing) certain inputs
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) bsdutils CVE-2016-2779 HIGH 1:2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) dpkg CVE-2022-1664 CRITICAL 1.18.25 1.18.26 Dpkg::Source::Archive in dpkg; the Debian package management system; b ...
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) e2fslibs CVE-2022-1304 HIGH 1.43.4-2+deb9u2 e2fsprogs: out-of-bounds read/write via crafted filesystem
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) e2fsprogs CVE-2022-1304 HIGH 1.43.4-2+deb9u2 e2fsprogs: out-of-bounds read/write via crafted filesystem
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) gcc-6-base CVE-2018-12886 HIGH 6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) gpgv CVE-2018-1000858 HIGH 2.1.18-8~deb9u4 gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) gzip CVE-2022-1271 HIGH 1.6-5+b1 1.6-5+deb9u1 gzip: arbitrary-file-write vulnerability
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libblkid1 CVE-2016-2779 HIGH 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libbz2-1.0 CVE-2019-12900 CRITICAL 1.0.6-8.1 bzip2: out-of-bounds write in function BZ2_decompress
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libcomerr2 CVE-2022-1304 HIGH 1.43.4-2+deb9u2 e2fsprogs: out-of-bounds read/write via crafted filesystem
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libdb5.3 CVE-2019-8457 CRITICAL 5.3.28-12+deb9u1 sqlite: heap out-of-bound read in function rtreenode()
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libfdisk1 CVE-2016-2779 HIGH 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libgcc1 CVE-2018-12886 HIGH 1:6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libgcrypt20 CVE-2021-33560 HIGH 1.7.6-2+deb9u4 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) liblzma5 CVE-2022-1271 HIGH 5.2.2-1.2+b1 5.2.2-1.2+deb9u1 gzip: arbitrary-file-write vulnerability
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libmount1 CVE-2016-2779 HIGH 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libncursesw5 CVE-2022-29458 HIGH 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libsmartcols1 CVE-2016-2779 HIGH 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libss2 CVE-2022-1304 HIGH 1.43.4-2+deb9u2 e2fsprogs: out-of-bounds read/write via crafted filesystem
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libstdc++6 CVE-2018-12886 HIGH 6.3.0-18+deb9u1 gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libsystemd0 CVE-2019-3843 HIGH 232-25+deb9u13 systemd: services with DynamicUser can create SUID/SGID binaries
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libsystemd0 CVE-2019-3844 HIGH 232-25+deb9u13 systemd: services with DynamicUser can get new privileges and create SGID binaries
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libsystemd0 CVE-2020-1712 HIGH 232-25+deb9u13 232-25+deb9u14 systemd: use-after-free when asynchronous polkit queries are performed
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libtinfo5 CVE-2022-29458 HIGH 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libudev1 CVE-2019-3843 HIGH 232-25+deb9u13 systemd: services with DynamicUser can create SUID/SGID binaries
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libudev1 CVE-2019-3844 HIGH 232-25+deb9u13 systemd: services with DynamicUser can get new privileges and create SGID binaries
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libudev1 CVE-2020-1712 HIGH 232-25+deb9u13 232-25+deb9u14 systemd: use-after-free when asynchronous polkit queries are performed
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) libuuid1 CVE-2016-2779 HIGH 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) mount CVE-2016-2779 HIGH 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) ncurses-base CVE-2022-29458 HIGH 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) ncurses-bin CVE-2022-29458 HIGH 6.0+20161126-1+deb9u2 ncurses: segfaulting OOB read
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) perl-base CVE-2020-16156 HIGH 5.24.1-3+deb9u7 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) util-linux CVE-2016-2779 HIGH 2.29.2-1+deb9u1 util-linux: runuser tty hijack via TIOCSTI ioctl
platform9-node-feature-discovery-v0.6.0-pmk-1 OS platform9/node-feature-discovery:v0.6.0-pmk-1 (debian 9.13) zlib1g CVE-2018-25032 HIGH 1:1.2.8.dfsg-5 1:1.2.8.dfsg-5+deb9u1 A flaw found in zlib when compressing (not decompressing) certain inputs
platform9-pf9-addon-operator-3.2.3 OS platform9/pf9-addon-operator:3.2.3 (alpine 3.11.13) zlib CVE-2022-37434 CRITICAL 1.2.11-r3 1.2.11-r4 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) busybox CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libcrypto1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libcrypto1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libretls CVE-2022-0778 HIGH 3.3.4-r2 3.3.4-r3 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libssl1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libssl1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libssl1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libssl1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) libssl1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) ssl_client CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) zlib CVE-2022-37434 CRITICAL 1.2.11-r3 1.2.12-r2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
platform9-pf9-sentry-1.0.1 OS platform9/pf9-sentry:1.0.1 (alpine 3.15.0) zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0 A flaw found in zlib when compressing (not decompressing) certain inputs
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) busybox CVE-2022-28391 HIGH 1.34.1-r4 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) expat CVE-2022-40674 HIGH 2.4.5-r0 2.4.9-r0 a use-after-free in the doContent function in xmlparse.c
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) expat CVE-2022-43680 HIGH 2.4.5-r0 2.5.0-r0 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) krb5-libs CVE-2022-42898 HIGH 1.19.2-r4 1.19.4-r0 krb5: integer overflow vulnerabilities in PAC parsing
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libcom_err CVE-2022-1304 HIGH 1.46.4-r0 1.46.6-r0 e2fsprogs: out-of-bounds read/write via crafted filesystem
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libcrypto1.1 CVE-2022-0778 HIGH 1.1.1l-r8 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libcrypto1.1 CVE-2022-4450 HIGH 1.1.1l-r8 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libcrypto1.1 CVE-2023-0215 HIGH 1.1.1l-r8 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libcrypto1.1 CVE-2023-0286 HIGH 1.1.1l-r8 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libcrypto1.1 CVE-2023-0464 HIGH 1.1.1l-r8 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libretls CVE-2022-0778 HIGH 3.3.4-r2 3.3.4-r3 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libssl1.1 CVE-2022-0778 HIGH 1.1.1l-r8 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libssl1.1 CVE-2022-4450 HIGH 1.1.1l-r8 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libssl1.1 CVE-2023-0215 HIGH 1.1.1l-r8 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libssl1.1 CVE-2023-0286 HIGH 1.1.1l-r8 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libssl1.1 CVE-2023-0464 HIGH 1.1.1l-r8 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libtirpc CVE-2021-46828 HIGH 1.3.2-r0 1.3.2-r1 libtirpc: DoS vulnerability with lots of connections
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) libtirpc-conf CVE-2021-46828 HIGH 1.3.2-r0 1.3.2-r1 libtirpc: DoS vulnerability with lots of connections
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) ncurses-libs CVE-2022-29458 HIGH 6.3_p20211120-r0 6.3_p20211120-r1 ncurses: segfaulting OOB read
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) ncurses-terminfo-base CVE-2022-29458 HIGH 6.3_p20211120-r0 6.3_p20211120-r1 ncurses: segfaulting OOB read
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) ssl_client CVE-2022-28391 HIGH 1.34.1-r4 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) xz-libs CVE-2022-1271 HIGH 5.2.5-r0 5.2.5-r1 gzip: arbitrary-file-write vulnerability
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) zlib CVE-2022-37434 CRITICAL 1.2.11-r3 1.2.12-r2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
platform9-python-3.10-alpine3.15 OS platform9/python:3.10-alpine3.15 (alpine 3.15.0) zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0 A flaw found in zlib when compressing (not decompressing) certain inputs
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) busybox CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libcrypto1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libcrypto1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libretls CVE-2022-0778 HIGH 3.3.4-r2 3.3.4-r3 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libssl1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libssl1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libssl1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libssl1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) libssl1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) ssl_client CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) zlib CVE-2022-37434 CRITICAL 1.2.11-r3 1.2.12-r2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
platform9-sriov-cni-v2.6.2-pmk-1 OS platform9/sriov-cni:v2.6.2-pmk-1 (alpine 3.15.0) zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0 A flaw found in zlib when compressing (not decompressing) certain inputs
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) busybox CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libcrypto1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libcrypto1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libcrypto1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libretls CVE-2022-0778 HIGH 3.3.4-r2 3.3.4-r3 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libssl1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libssl1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libssl1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libssl1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) libssl1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) ssl_client CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) zlib CVE-2022-37434 CRITICAL 1.2.11-r3 1.2.12-r2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
platform9-sriov-network-device-plugin-v3.3.2-pmk-1 OS platform9/sriov-network-device-plugin:v3.3.2-pmk-1 (alpine 3.15.0) zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0 A flaw found in zlib when compressing (not decompressing) certain inputs
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) busybox CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libcrypto1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libcrypto1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libcrypto1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libcrypto1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libcrypto1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libretls CVE-2022-0778 HIGH 3.3.4-r2 3.3.4-r3 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libssl1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libssl1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libssl1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libssl1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) libssl1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) ssl_client CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) zlib CVE-2022-37434 CRITICAL 1.2.11-r3 1.2.12-r2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
platform9-whereabouts-v0.4.8 OS platform9/whereabouts:v0.4.8 (alpine 3.15.0) zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0 A flaw found in zlib when compressing (not decompressing) certain inputs
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) bash CVE-2022-3715 HIGH 5.1-2+b3 a heap-buffer-overflow in valid_parameter_transform
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) dpkg CVE-2022-1664 CRITICAL 1.20.9 1.20.10 Dpkg::Source::Archive in dpkg; the Debian package management system; b ...
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) e2fsprogs CVE-2022-1304 HIGH 1.46.2-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) gzip CVE-2022-1271 HIGH 1.10-4 1.10-4+deb11u1 gzip: arbitrary-file-write vulnerability
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libc-bin CVE-2021-33574 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: mq_notify does not handle separately allocated thread attributes
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libc-bin CVE-2022-23218 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libc-bin CVE-2022-23219 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libc-bin CVE-2021-3999 HIGH 2.31-13 2.31-13+deb11u4 glibc: Off-by-one buffer overflow/underflow in getcwd()
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libc6 CVE-2021-33574 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: mq_notify does not handle separately allocated thread attributes
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libc6 CVE-2022-23218 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libc6 CVE-2022-23219 CRITICAL 2.31-13 2.31-13+deb11u3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libc6 CVE-2021-3999 HIGH 2.31-13 2.31-13+deb11u4 glibc: Off-by-one buffer overflow/underflow in getcwd()
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libcom-err2 CVE-2022-1304 HIGH 1.46.2-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libdb5.3 CVE-2019-8457 CRITICAL 5.3.28+dfsg1-0.8 sqlite: heap out-of-bound read in function rtreenode()
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libext2fs2 CVE-2022-1304 HIGH 1.46.2-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libgcrypt20 CVE-2021-33560 HIGH 1.8.7-6 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libgmp10 CVE-2021-43618 HIGH 2:6.2.1+dfsg-1 2:6.2.1+dfsg-1+deb11u1 Integer overflow and resultant buffer overflow via crafted input
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libgnutls30 CVE-2022-2509 HIGH 3.7.1-5 3.7.1-5+deb11u2 gnutls: Double free during gnutls_pkcs7_verify
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libgnutls30 CVE-2023-0361 HIGH 3.7.1-5 3.7.1-5+deb11u3 timing side-channel in the TLS RSA key exchange code
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libgssapi-krb5-2 CVE-2022-42898 HIGH 1.18.3-6 1.18.3-6+deb11u3 krb5: integer overflow vulnerabilities in PAC parsing
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libk5crypto3 CVE-2022-42898 HIGH 1.18.3-6 1.18.3-6+deb11u3 krb5: integer overflow vulnerabilities in PAC parsing
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libkrb5-3 CVE-2022-42898 HIGH 1.18.3-6 1.18.3-6+deb11u3 krb5: integer overflow vulnerabilities in PAC parsing
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libkrb5support0 CVE-2022-42898 HIGH 1.18.3-6 1.18.3-6+deb11u3 krb5: integer overflow vulnerabilities in PAC parsing
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) liblzma5 CVE-2022-1271 HIGH 5.2.5-2 5.2.5-2.1~deb11u1 gzip: arbitrary-file-write vulnerability
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libpcre2-8-0 CVE-2022-1586 CRITICAL 10.36-2 10.36-2+deb11u1 pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libpcre2-8-0 CVE-2022-1587 CRITICAL 10.36-2 10.36-2+deb11u1 pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libss2 CVE-2022-1304 HIGH 1.46.2-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2022-1292 CRITICAL 1.1.1k-1+deb11u1 1.1.1n-0+deb11u2 openssl: c_rehash script allows command injection
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2022-2068 CRITICAL 1.1.1k-1+deb11u1 1.1.1n-0+deb11u3 openssl: the c_rehash script allows command injection
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2022-0778 HIGH 1.1.1k-1+deb11u1 1.1.1k-1+deb11u2 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2022-4450 HIGH 1.1.1k-1+deb11u1 1.1.1n-0+deb11u4 double free after calling PEM_read_bio_ex
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2023-0215 HIGH 1.1.1k-1+deb11u1 1.1.1n-0+deb11u4 use-after-free following BIO_new_NDEF
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2023-0286 HIGH 1.1.1k-1+deb11u1 1.1.1n-0+deb11u4 X.400 address type confusion in X.509 GeneralName
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libssl1.1 CVE-2023-0464 HIGH 1.1.1k-1+deb11u1 Denial of service by excessive resource usage in verifying X509 policy constraints
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libtasn1-6 CVE-2021-46848 CRITICAL 4.16.0-2 4.16.0-2+deb11u1 libtasn1: Out-of-bound access in ETYPE_OK
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libtinfo6 CVE-2022-29458 HIGH 6.2+20201114-2 6.2+20201114-2+deb11u1 ncurses: segfaulting OOB read
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libtinfo6 CVE-2023-29491 HIGH 6.2+20201114-2 Local users can trigger security-relevant memory corruption via malformed data
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libtirpc-common CVE-2021-46828 HIGH 1.3.1-1 1.3.1-1+deb11u1 libtirpc: DoS vulnerability with lots of connections
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libtirpc3 CVE-2021-46828 HIGH 1.3.1-1 1.3.1-1+deb11u1 libtirpc: DoS vulnerability with lots of connections
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) libzstd1 CVE-2022-4899 HIGH 1.4.8+dfsg-2.1 buffer overrun in util.c
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) logsave CVE-2022-1304 HIGH 1.46.2-2 e2fsprogs: out-of-bounds read/write via crafted filesystem
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) ncurses-base CVE-2022-29458 HIGH 6.2+20201114-2 6.2+20201114-2+deb11u1 ncurses: segfaulting OOB read
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) ncurses-base CVE-2023-29491 HIGH 6.2+20201114-2 Local users can trigger security-relevant memory corruption via malformed data
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) ncurses-bin CVE-2022-29458 HIGH 6.2+20201114-2 6.2+20201114-2+deb11u1 ncurses: segfaulting OOB read
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) ncurses-bin CVE-2023-29491 HIGH 6.2+20201114-2 Local users can trigger security-relevant memory corruption via malformed data
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) perl-base CVE-2020-16156 HIGH 5.32.1-4+deb11u1 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) perl-base CVE-2023-31484 HIGH 5.32.1-4+deb11u1 CPAN.pm before 2.35 does not verify TLS certificates when downloading ...
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) zlib1g CVE-2022-37434 CRITICAL 1:1.2.11.dfsg-2 1:1.2.11.dfsg-2+deb11u2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
quay.io-coreos-etcd-v3.4.18 OS quay.io/coreos/etcd:v3.4.18 (debian 11.0) zlib1g CVE-2018-25032 HIGH 1:1.2.11.dfsg-2 1:1.2.11.dfsg-2+deb11u1 A flaw found in zlib when compressing (not decompressing) certain inputs
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) busybox CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libcrypto1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libcrypto1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libcrypto1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libcrypto1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libcrypto1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libretls CVE-2022-0778 HIGH 3.3.4-r2 3.3.4-r3 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libssl1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libssl1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libssl1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libssl1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) libssl1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) ssl_client CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) zlib CVE-2022-37434 CRITICAL 1.2.11-r3 1.2.12-r2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
quay.io-metallb-controller-v0.9.7 OS quay.io/metallb/controller:v0.9.7 (alpine 3.15.0) zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0 A flaw found in zlib when compressing (not decompressing) certain inputs
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) busybox CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libcrypto1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libcrypto1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libcrypto1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libcrypto1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libcrypto1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libretls CVE-2022-0778 HIGH 3.3.4-r2 3.3.4-r3 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libssl1.1 CVE-2022-0778 HIGH 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libssl1.1 CVE-2022-4450 HIGH 1.1.1l-r7 1.1.1t-r0 double free after calling PEM_read_bio_ex
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libssl1.1 CVE-2023-0215 HIGH 1.1.1l-r7 1.1.1t-r0 use-after-free following BIO_new_NDEF
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libssl1.1 CVE-2023-0286 HIGH 1.1.1l-r7 1.1.1t-r0 X.400 address type confusion in X.509 GeneralName
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) libssl1.1 CVE-2023-0464 HIGH 1.1.1l-r7 1.1.1t-r2 Denial of service by excessive resource usage in verifying X509 policy constraints
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) ssl_client CVE-2022-28391 HIGH 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) zlib CVE-2022-37434 CRITICAL 1.2.11-r3 1.2.12-r2 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
quay.io-metallb-speaker-v0.9.7 OS quay.io/metallb/speaker:v0.9.7 (alpine 3.15.0) zlib CVE-2018-25032 HIGH 1.2.11-r3 1.2.12-r0 A flaw found in zlib when compressing (not decompressing) certain inputs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment