Created
March 18, 2020 02:50
-
-
Save wzhliang/6754c0dcdb7d38688c7678049f36a197 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
+---------+------------------+----------+-------------------+---------------+--------------------------------+ | |
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | | |
+---------+------------------+----------+-------------------+---------------+--------------------------------+ | |
| bzip2 | CVE-2019-12900 | HIGH | 1.0.6-r6 | 1.0.6-r7 | bzip2: out-of-bounds write in | | |
| | | | | | function BZ2_decompress | | |
+---------+------------------+ +-------------------+---------------+--------------------------------+ | |
| expat | CVE-2018-20843 | | 2.2.6-r0 | 2.2.7-r0 | expat: large number of colons | | |
| | | | | | in input makes parser consume | | |
| | | | | | high amount... | | |
+ +------------------+----------+ +---------------+--------------------------------+ | |
| | CVE-2019-15903 | MEDIUM | | 2.2.7-r1 | expat: heap-based buffer | | |
| | | | | | over-read via crafted XML | | |
| | | | | | input | | |
+---------+------------------+----------+-------------------+---------------+--------------------------------+ | |
| musl | CVE-2019-14697 | HIGH | 1.1.20-r4 | 1.1.20-r5 | musl libc through 1.1.23 | | |
| | | | | | has an x87 floating-point | | |
| | | | | | stack adjustment imbalance, | | |
| | | | | | related... | | |
+---------+------------------+----------+-------------------+---------------+--------------------------------+ | |
| openssl | CVE-2019-1543 | MEDIUM | 1.1.1a-r1 | 1.1.1b-r1 | openssl: ChaCha20-Poly1305 | | |
| | | | | | with long nonces | | |
+ +------------------+ + +---------------+--------------------------------+ | |
| | CVE-2019-1549 | | | 1.1.1d-r0 | openssl: information | | |
| | | | | | disclosure in fork() | | |
+ +------------------+ + +---------------+--------------------------------+ | |
| | CVE-2019-1551 | | | 1.1.1d-r2 | openssl: Integer overflow in | | |
| | | | | | RSAZ modular exponentiation on | | |
| | | | | | x86_64 | | |
+ +------------------+ + +---------------+--------------------------------+ | |
| | CVE-2019-1563 | | | 1.1.1d-r0 | openssl: information | | |
| | | | | | disclosure in PKCS7_dataDecode | | |
| | | | | | and CMS_decrypt_set1_pkey | | |
+ +------------------+----------+ + +--------------------------------+ | |
| | CVE-2019-1547 | LOW | | | openssl: side-channel weak | | |
| | | | | | encryption vulnerability | | |
+---------+------------------+----------+-------------------+---------------+--------------------------------+ | |
| sqlite | CVE-2019-8457 | HIGH | 3.26.0-r3 | 3.28.0-r0 | sqlite: heap out-of-bound read | | |
| | | | | | in function rtreenode() | | |
+ +------------------+----------+ +---------------+--------------------------------+ | |
| | CVE-2019-16168 | MEDIUM | | 3.28.0-r1 | sqlite: division by zero in | | |
| | | | | | whereLoopAddBtreeIndex in | | |
| | | | | | sqlite3.c | | |
+ +------------------+ + +---------------+--------------------------------+ | |
| | CVE-2019-19242 | | | 3.28.0-r2 | sqlite: SQL injection in | | |
| | | | | | sqlite3ExprCodeTarget in | | |
| | | | | | expr.c | | |
+ +------------------+ + +---------------+--------------------------------+ | |
| | CVE-2019-5018 | | | 3.28.0-r0 | sqlite: use-after-free in | | |
| | | | | | window function leading to | | |
| | | | | | remote code execution | | |
+---------+------------------+----------+-------------------+---------------+--------------------------------+ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment