Cloudsmith - Repositories - demo-docs (demo-docs) - awesome-repo (awesome-repo) - library/httpd

Package Search Help

You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.

Search by package name:
my-package _(implicit)
name:my-package _(explicit)

Search by package filename:
filename:my-package.ext

Search by package tag:
tag:latest

Search by package version:
version:1.0.0 prerelease:true _{(prereleases)}
prerelease:false _{(no prereleases)}

Search by package architecture:
architecture:x86_64

Search by package distribution:
distribution:el

Search by package license:
license:MIT

Search by package format:
format:deb

Search by package status:
status:in_progress

Search by package file checksum:
checksum:5afba

Search by package security status:
severity:critical

Search by package vulnerabilities:
vulnerabilities:>1
vulnerabilities:<1000

Search by # of package downloads:
downloads:>8
downloads:<100

Search by package type:
type:binary
type:source

Search by package size (bytes):
size:>50000
size:<10000

Search by dependency name/version:
dependency:log4j
dependency:log4j=1.0.0
dependency:log4j>1.0.0

Search by uploaded date:
uploaded:>"1 day ago"
uploaded:<"August 14, 2022 EST"

Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY

Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true

Search by repository:
repository:repo-name

Search by last download date:
last_downloaded:<"30 days ago"
last_downloaded:>"August 14, 2022 EST"

Search queries for all Debian-specific (and related) package types

Search by component:
deb_component:unstable

Search queries for all Maven-specific (and related) package types

Search by group ID:
maven_group_id:org.apache

Search queries for all Docker-specific (and related) package types

Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)

Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)

Search queries for all Generic-specific package types

Search by file path:
generic_filepath:path/to/file.txt

Search by directory:
generic_directory:path/to

Field type modifiers (depending on the type, you can influence behaviour)

For all queries, you can use:
~foo for negation

For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching

For number/date or version queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal

Need a secure and centralised artifact repository to deliver Alpine, Cargo, CocoaPods, Composer, Conan, Conda, CRAN, Dart, Debian, Docker, Generic, Go, Helm, Hex, HuggingFace, LuaRocks, Maven, MCP, npm, NuGet, P2, Python, RedHat, Ruby, Swift, Terraform, Vagrant, VSX, Raw & More packages?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial

Set Me Up

Public — demo-docs / awesome-repo

A certifiably-awesome public package repository curated by demo-docs, hosted by Cloudsmith.

Package Policy Violations

This package is in violation of the following policy.

Medium severity CVEs:

A security scan detected a vulnerability with a severity which is not permitted by this policy.

library/httpd 7e9cd1c51fb87ae93f96fb6da7e…

Download

One-liner (summary)

A certifiably-awesome package curated by Cloudsmith, hosted by Cloudsmith.

Description

A certifiably-awesome package curated by Cloudsmith, hosted by Cloudsmith.

License

Unknown

Size

55.4 MB

Downloads

Status	Completed
Checksum (MD5)	b9c48f5180138f59a96c29dd13bbe0f7
Checksum (SHA-1)	e101bcc4c01f1a8f2ebb050e84e5094c23c55c0f
Checksum (SHA-256)	7e9cd1c51fb87ae93f96fb6da7e871f71add8b88ce44285515208274a396ff05
Checksum (SHA-512)	936f7c29266ee831d3b809913609f09fd9787f3fcb642d19fb9766945a3a7478a2…
GPG Signature	Download
GPG Fingerprint	6811684bac0b8895434e97bdd4391b8fb999e537
Storage Region	Dublin, Ireland
Type	Binary (contains binaries and binary artifacts)
Uploaded At	9 months, 3 weeks ago
Uploaded By
Slug Id	libraryhttpd-djxi
Unique Id	uEShkKQ4Ilqd
Version (Raw)	7e9cd1c51fb87ae93f96fb6da7e871f71add8b88ce44285515208274a396ff05
Version (Parsed)	Type: Unknown
	docker-specific metadata
Image Digest	sha256:7e9cd1c51fb87ae93f96fb6da7e871f71add8b88ce44285515208274a396ff05
Config Digest	sha256:0e9710647e32fa711d92eae2983af547b37a00cf62b14f1bff2ccc98ca2ac978
V1 OCI Index Digest	sha256:d108947f167596a1ffa6cdf1861d2fa2ce772cf370627fa4421c56685cc11354
V1 Distribution (Signed) Digest	sha256:e6fd2b67763384b46ad2676c5c363e8782373a32269d6a6bbdcb70fc8be271b0
V2 Distribution List Digest	sha256:a57de0e5b85a29b11b567e50dcc307c496c7782ab116623d2e13230d77263a12
V2 Distribution Digest	sha256:d0bb5fa845aff42c96fb093e6237deeed2e54e6e67d5b60f51b018d4d613942e
V1 Distribution Digest	sha256:423656054e00acc5a773d32358d0dbec7b6bcfb54e984f7d014c84029d2dda00
V1 OCI Digest	sha256:7e9cd1c51fb87ae93f96fb6da7e871f71add8b88ce44285515208274a396ff05
	extended metadata
Manifest Type	V1 OCI
Architecture	arm64
Config	Cmd httpd-foreground Env HTTPD_PATCHES= \| HTTPD_PREFIX=/usr/local/apache2 \| HTTPD_SHA256=88fc236ab99b2864b248de7d49a008ec2afd7551e64dce8b95f58f32f94c46ab \| HTTPD_VERSION=2.4.63 \| PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin Exposed Ports 80/tcp Stop Signal SIGWINCH Working Dir /usr/local/apache2
Created	2025-01-24 00:31:17 UTC
Os	linux

library/httpd c78fcc11e67e79187af22524725569d04c6a8c1…	image ppc64le linux upstream dockerhub SBOMcheck 61.0 MB — 9 months, 3 weeks ago	4
library/httpd fc55fc918d0ae9b4eef2d0a422272ac02361c45…	image 386 linux upstream dockerhub SBOMcheck 56.8 MB — 9 months, 3 weeks ago	3
library/httpd 874ae0f968a117d1dd8ad0edfa56b9936915c60…	image arm linux upstream dockerhub SBOMcheck 49.8 MB — 9 months, 3 weeks ago	3
library/httpd f17299dbd86b0648178d2dd70e3b11239e84f1e…	image arm linux upstream dockerhub SBOMcheck 52.2 MB — 9 months, 3 weeks ago	3
library/httpd 7e9cd1c51fb87ae93f96fb6da7e871f71add8b8…	image arm64 linux dockerhub upstream SBOMcheck 55.4 MB — 9 months, 3 weeks ago	2
library/httpd 5c5f2769f69114de02fd04f32ab0a5f0601003c…	image s390x linux upstream dockerhub SBOMcheck 53.9 MB — 9 months, 3 weeks ago	3
library/httpd 1671f25702615c77006422cddc245cebed52509…	image mips64le linux upstream dockerhub SBOMcheck 55.6 MB — 9 months, 3 weeks ago	3
library/httpd 5a13bdf17fef82b06cf3e8edb833399a0b6544c…	image amd64 linux upstream dockerhub SBOMcheck 55.8 MB — 9 months, 3 weeks ago	4

Last scanned

9 months, 3 weeks ago

Scan result

Vulnerable

Vulnerability count

135

Max. severity

Critical

Target:	uEShkKQ4Ilqd.sbom-cyclonedx.json (debian 12.11)
CRITICAL	CVE-2025-49794: libxml: Heap use after free (UAF) leads to Denial of service (DoS) A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com bugzilla.redhat.com nvd.nist.gov www.cve.org
CRITICAL	CVE-2025-49796: libxml: Type confusion leads to Denial of service (DoS) A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com bugzilla.redhat.com nvd.nist.gov www.cve.org
CRITICAL	CVE-2023-45853: zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API. Package Name: zlib1g Installed Version: 1:1.2.13.dfsg-1 Fixed Version: References: www.openwall.com www.openwall.com access.redhat.com chromium.googlesource.com chromium.googlesource.com github.com github.com github.com github.com github.com lists.debian.org nvd.nist.gov pypi.org security.gentoo.org security.netapp.com security.netapp.com ubuntu.com www.cve.org www.winimage.com
HIGH	CVE-2025-4802: glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo). Package Name: libc-bin Installed Version: 2.36-9+deb12u10 Fixed Version: References: www.openwall.com www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com errata.almalinux.org linux.oracle.com linux.oracle.com nvd.nist.gov sourceware.org sourceware.org sourceware.org ubuntu.com www.cve.org www.openwall.com www.openwall.com
HIGH	CVE-2025-4802: glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo). Package Name: libc6 Installed Version: 2.36-9+deb12u10 Fixed Version: References: www.openwall.com www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com errata.almalinux.org linux.oracle.com linux.oracle.com nvd.nist.gov sourceware.org sourceware.org sourceware.org ubuntu.com www.cve.org www.openwall.com www.openwall.com
HIGH	CVE-2023-52425: expat: parsing large tokens can trigger a denial of service libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. Package Name: libexpat1 Installed Version: 2.5.0-1+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com lists.debian.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
HIGH	CVE-2024-8176: libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. Package Name: libexpat1 Installed Version: 2.5.0-1+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com blog.hartwork.org bugzilla.redhat.com bugzilla.redhat.com bugzilla.suse.com errata.almalinux.org github.com github.com gitlab.alpinelinux.org linux.oracle.com linux.oracle.com nvd.nist.gov security-tracker.debian.org security.netapp.com ubuntu.com ubuntu.com www.cve.org www.kb.cert.org
HIGH	CVE-2025-5222: icu: Stack buffer overflow in the SRBRoot::addTag function A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution. Package Name: libicu72 Installed Version: 72.1-3 Fixed Version: References: access.redhat.com bugzilla.redhat.com lists.debian.org nvd.nist.gov www.cve.org
HIGH	CVE-2023-2953: openldap: null pointer dereference in ber_memalloc_x function A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function. Package Name: libldap-2.5-0 Installed Version: 2.5.13+dfsg-5 Fixed Version: References: seclists.org seclists.org seclists.org access.redhat.com access.redhat.com bugs.openldap.org bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov security.netapp.com support.apple.com support.apple.com support.apple.com ubuntu.com ubuntu.com www.cve.org
HIGH	CVE-2023-2953: openldap: null pointer dereference in ber_memalloc_x function A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function. Package Name: libldap-common Installed Version: 2.5.13+dfsg-5 Fixed Version: References: seclists.org seclists.org seclists.org access.redhat.com access.redhat.com bugs.openldap.org bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov security.netapp.com support.apple.com support.apple.com support.apple.com ubuntu.com ubuntu.com www.cve.org
HIGH	CVE-2024-25062: libxml2: use-after-free in XMLReader An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org gitlab.gnome.org gitlab.gnome.org linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com ubuntu.com www.cve.org
HIGH	CVE-2024-56171: libxml2: Use-After-Free in libxml2 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org gitlab.gnome.org linux.oracle.com linux.oracle.com nvd.nist.gov security.netapp.com ubuntu.com www.cve.org www.openwall.com
HIGH	CVE-2025-24928: libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org gitlab.gnome.org issues.oss-fuzz.com linux.oracle.com linux.oracle.com nvd.nist.gov security.netapp.com ubuntu.com www.cve.org www.openwall.com
HIGH	CVE-2025-27113: libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com gitlab.gnome.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org www.openwall.com
HIGH	CVE-2025-32414: libxml2: Out-of-Bounds Read in libxml2 In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com gitlab.gnome.org linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com ubuntu.com www.cve.org
HIGH	CVE-2025-32415: libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com gitlab.gnome.org nvd.nist.gov ubuntu.com ubuntu.com www.cve.org
HIGH	CVE-2025-49795: libxml: Null pointer dereference leads to Denial of service (DoS) A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com bugzilla.redhat.com nvd.nist.gov www.cve.org
HIGH	CVE-2025-6021: libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com bugzilla.redhat.com nvd.nist.gov www.cve.org
HIGH	CVE-2023-31484: perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. Package Name: perl-base Installed Version: 5.36.0-7+deb12u2 Fixed Version: References: www.openwall.com www.openwall.com www.openwall.com www.openwall.com access.redhat.com access.redhat.com blog.hackeriet.no bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org lists.fedoraproject.org metacpan.org nvd.nist.gov security.netapp.com ubuntu.com ubuntu.com www.cve.org www.openwall.com
MEDIUM	CVE-2024-50602: libexpat: expat: DoS via XML_ResumeParser An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. Package Name: libexpat1 Installed Version: 2.5.0-1+deb12u1 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
MEDIUM	CVE-2025-3576: krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. Package Name: libgssapi-krb5-2 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov ubuntu.com www.cve.org
MEDIUM	CVE-2025-3576: krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. Package Name: libk5crypto3 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov ubuntu.com www.cve.org
MEDIUM	CVE-2025-3576: krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. Package Name: libkrb5-3 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov ubuntu.com www.cve.org
MEDIUM	CVE-2025-3576: krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. Package Name: libkrb5support0 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov ubuntu.com www.cve.org
MEDIUM	CVE-2024-10041: pam: libpam: Libpam vulnerable to read hashed password A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications. Package Name: libpam-modules Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM	CVE-2024-22365: pam: allowing unprivileged user to block another user namespace linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. Package Name: libpam-modules Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com ubuntu.com www.cve.org www.openwall.com
MEDIUM	CVE-2024-10041: pam: libpam: Libpam vulnerable to read hashed password A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications. Package Name: libpam-modules-bin Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM	CVE-2024-22365: pam: allowing unprivileged user to block another user namespace linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. Package Name: libpam-modules-bin Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com ubuntu.com www.cve.org www.openwall.com
MEDIUM	CVE-2024-10041: pam: libpam: Libpam vulnerable to read hashed password A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications. Package Name: libpam-runtime Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM	CVE-2024-22365: pam: allowing unprivileged user to block another user namespace linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. Package Name: libpam-runtime Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com ubuntu.com www.cve.org www.openwall.com
MEDIUM	CVE-2024-10041: pam: libpam: Libpam vulnerable to read hashed password A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications. Package Name: libpam0g Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM	CVE-2024-22365: pam: allowing unprivileged user to block another user namespace linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. Package Name: libpam0g Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com ubuntu.com www.cve.org www.openwall.com
MEDIUM	CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry() NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Package Name: libtinfo6 Installed Version: 6.4-4 Fixed Version: References: access.redhat.com lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
MEDIUM	CVE-2022-49043: libxml: use-after-free in xmlXIncludeAddNode xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com gitlab.gnome.org linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com ubuntu.com www.cve.org
MEDIUM	CVE-2023-39615: libxml2: crafted xml can cause global buffer overflow Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org gitlab.gnome.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM	CVE-2023-45322: libxml2: use-after-free in xmlUnlinkNode() in tree.c libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail." Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: www.openwall.com access.redhat.com gitlab.gnome.org gitlab.gnome.org nvd.nist.gov www.cve.org
MEDIUM	CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry() NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Package Name: ncurses-base Installed Version: 6.4-4 Fixed Version: References: access.redhat.com lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
MEDIUM	CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry() NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Package Name: ncurses-bin Installed Version: 6.4-4 Fixed Version: References: access.redhat.com lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
MEDIUM	CVE-2025-40909: perl: Perl threads have a working directory race condition where file operations may target unintended paths Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. This may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit. The bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6 Package Name: perl-base Installed Version: 5.36.0-7+deb12u2 Fixed Version: References: www.openwall.com www.openwall.com www.openwall.com www.openwall.com www.openwall.com www.openwall.com www.openwall.com access.redhat.com bugs.debian.org github.com github.com github.com github.com nvd.nist.gov perldoc.perl.org www.cve.org www.openwall.com
LOW	CVE-2011-3374: It was found that apt-key in apt, all versions, do not correctly valid ... It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack. Package Name: apt Installed Version: 2.6.1 Fixed Version: References: access.redhat.com bugs.debian.org people.canonical.com seclists.org security-tracker.debian.org snyk.io ubuntu.com
LOW	TEMP-0841856-B18BAF: [Privilege escalation possible to other user than root] Package Name: bash Installed Version: 5.2.15-2+b8 Fixed Version: References:
LOW	CVE-2022-0563: util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. Package Name: bsdutils Installed Version: 1:2.38.1-5+deb12u3 Fixed Version: References: access.redhat.com blog.trailofbits.com lore.kernel.org lore.kernel.org nvd.nist.gov security.gentoo.org security.netapp.com www.cve.org
LOW	CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. Package Name: coreutils Installed Version: 9.1-1 Fixed Version: References: seclists.org www.openwall.com www.openwall.com access.redhat.com lists.apache.org lore.kernel.org mirrors.edge.kernel.org nvd.nist.gov www.cve.org
LOW	CVE-2017-18018: coreutils: race condition vulnerability in chown and chgrp In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. Package Name: coreutils Installed Version: 9.1-1 Fixed Version: References: lists.gnu.org access.redhat.com nvd.nist.gov www.cve.org
LOW	CVE-2025-5278: coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data. Package Name: coreutils Installed Version: 9.1-1 Fixed Version: References: www.openwall.com www.openwall.com www.openwall.com access.redhat.com bugzilla.redhat.com cgit.git.savannah.gnu.org cgit.git.savannah.gnu.org nvd.nist.gov security-tracker.debian.org www.cve.org
LOW	CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. Package Name: gcc-12-base Installed Version: 12.2.0-14+deb12u1 Fixed Version: References: access.redhat.com gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org lists.fedoraproject.org nvd.nist.gov sourceware.org www.cve.org
LOW	CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB. Package Name: gpgv Installed Version: 2.2.40-1.1 Fixed Version: References: access.redhat.com bugzilla.redhat.com dev.gnupg.org dev.gnupg.org marc.info nvd.nist.gov security.netapp.com www.cve.org
LOW	CVE-2025-30258: gnupg: verification DoS due to a malicious subkey in the keyring In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS." Package Name: gpgv Installed Version: 2.2.40-1.1 Fixed Version: References: access.redhat.com dev.gnupg.org dev.gnupg.org lists.gnupg.org nvd.nist.gov ubuntu.com www.cve.org
LOW	CVE-2011-3374: It was found that apt-key in apt, all versions, do not correctly valid ... It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack. Package Name: libapt-pkg6.0 Installed Version: 2.6.1 Fixed Version: References: access.redhat.com bugs.debian.org people.canonical.com seclists.org security-tracker.debian.org snyk.io ubuntu.com
LOW	CVE-2022-0563: util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. Package Name: libblkid1 Installed Version: 2.38.1-5+deb12u3 Fixed Version: References: access.redhat.com blog.trailofbits.com lore.kernel.org lore.kernel.org nvd.nist.gov security.gentoo.org security.netapp.com www.cve.org
LOW	CVE-2010-4756: glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. Package Name: libc-bin Installed Version: 2.36-9+deb12u10 Fixed Version: References: cxib.net securityreason.com securityreason.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com nvd.nist.gov www.cve.org
LOW	CVE-2018-20796: glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227\|)(\\1\\1\|t1\|\\\2537)+' in grep. Package Name: libc-bin Installed Version: 2.36-9+deb12u10 Fixed Version: References: www.securityfocus.com access.redhat.com debbugs.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com support.f5.com www.cve.org
LOW	CVE-2019-1010022: glibc: stack guard protection bypass GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. Package Name: libc-bin Installed Version: 2.36-9+deb12u10 Fixed Version: References: access.redhat.com nvd.nist.gov security-tracker.debian.org sourceware.org sourceware.org ubuntu.com www.cve.org
LOW	CVE-2019-1010023: glibc: running ldd on malicious ELF leads to code execution because of wrong size computation GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. Package Name: libc-bin Installed Version: 2.36-9+deb12u10 Fixed Version: References: www.securityfocus.com access.redhat.com nvd.nist.gov security-tracker.debian.org sourceware.org support.f5.com ubuntu.com www.cve.org
LOW	CVE-2019-1010024: glibc: ASLR bypass using cache of thread stack and heap GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. Package Name: libc-bin Installed Version: 2.36-9+deb12u10 Fixed Version: References: www.securityfocus.com access.redhat.com nvd.nist.gov security-tracker.debian.org sourceware.org support.f5.com support.f5.com ubuntu.com www.cve.org
LOW	CVE-2019-1010025: glibc: information disclosure of heap addresses of pthread_created thread GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability. Package Name: libc-bin Installed Version: 2.36-9+deb12u10 Fixed Version: References: access.redhat.com nvd.nist.gov security-tracker.debian.org sourceware.org support.f5.com support.f5.com ubuntu.com www.cve.org
LOW	CVE-2019-9192: glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\|)(\\1\\1)' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern Package Name:* libc-bin Installed Version: 2.36-9+deb12u10 Fixed Version: References: access.redhat.com nvd.nist.gov sourceware.org support.f5.com www.cve.org
LOW	CVE-2010-4756: glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. Package Name: libc6 Installed Version: 2.36-9+deb12u10 Fixed Version: References: cxib.net securityreason.com securityreason.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com nvd.nist.gov www.cve.org
LOW	CVE-2018-20796: glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227\|)(\\1\\1\|t1\|\\\2537)+' in grep. Package Name: libc6 Installed Version: 2.36-9+deb12u10 Fixed Version: References: www.securityfocus.com access.redhat.com debbugs.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com support.f5.com www.cve.org
LOW	CVE-2019-1010022: glibc: stack guard protection bypass GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. Package Name: libc6 Installed Version: 2.36-9+deb12u10 Fixed Version: References: access.redhat.com nvd.nist.gov security-tracker.debian.org sourceware.org sourceware.org ubuntu.com www.cve.org
LOW	CVE-2019-1010023: glibc: running ldd on malicious ELF leads to code execution because of wrong size computation GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. Package Name: libc6 Installed Version: 2.36-9+deb12u10 Fixed Version: References: www.securityfocus.com access.redhat.com nvd.nist.gov security-tracker.debian.org sourceware.org support.f5.com ubuntu.com www.cve.org
LOW	CVE-2019-1010024: glibc: ASLR bypass using cache of thread stack and heap GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. Package Name: libc6 Installed Version: 2.36-9+deb12u10 Fixed Version: References: www.securityfocus.com access.redhat.com nvd.nist.gov security-tracker.debian.org sourceware.org support.f5.com support.f5.com ubuntu.com www.cve.org
LOW	CVE-2019-1010025: glibc: information disclosure of heap addresses of pthread_created thread GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability. Package Name: libc6 Installed Version: 2.36-9+deb12u10 Fixed Version: References: access.redhat.com nvd.nist.gov security-tracker.debian.org sourceware.org support.f5.com support.f5.com ubuntu.com www.cve.org
LOW	CVE-2019-9192: glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\|)(\\1\\1)' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern Package Name:* libc6 Installed Version: 2.36-9+deb12u10 Fixed Version: References: access.redhat.com nvd.nist.gov sourceware.org support.f5.com www.cve.org
LOW	CVE-2024-2379: curl: QUIC certificate check bypass with wolfSSL libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems. Package Name: libcurl4 Installed Version: 7.88.1-10+deb12u12 Fixed Version: References: seclists.org seclists.org seclists.org www.openwall.com access.redhat.com curl.se curl.se hackerone.com nvd.nist.gov security.netapp.com support.apple.com support.apple.com support.apple.com www.cve.org
LOW	CVE-2025-0725: libcurl: Buffer Overflow in libcurl via zlib Integer Overflow When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow. Package Name: libcurl4 Installed Version: 7.88.1-10+deb12u12 Fixed Version: References: www.openwall.com www.openwall.com www.openwall.com access.redhat.com curl.se curl.se github.com hackerone.com nvd.nist.gov security.netapp.com www.cve.org
LOW	CVE-2023-52426: expat: recursive XML entity expansion vulnerability libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time. Package Name: libexpat1 Installed Version: 2.5.0-1+deb12u1 Fixed Version: References: access.redhat.com cwe.mitre.org github.com github.com lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com www.cve.org
LOW	CVE-2024-28757: expat: XML Entity Expansion libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). Package Name: libexpat1 Installed Version: 2.5.0-1+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org github.com github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. Package Name: libgcc-s1 Installed Version: 12.2.0-14+deb12u1 Fixed Version: References: access.redhat.com gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org lists.fedoraproject.org nvd.nist.gov sourceware.org www.cve.org
LOW	CVE-2018-6829: libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation. Package Name: libgcrypt20 Installed Version: 1.10.1-3 Fixed Version: References: access.redhat.com github.com github.com lists.gnupg.org nvd.nist.gov www.cve.org www.oracle.com
LOW	CVE-2024-2236: libgcrypt: vulnerable to Marvin Attack A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. Package Name: libgcrypt20 Installed Version: 1.10.1-3 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com dev.gnupg.org errata.almalinux.org github.com gitlab.com linux.oracle.com linux.oracle.com lists.gnupg.org nvd.nist.gov www.cve.org
LOW	CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. Package Name: libgnutls30 Installed Version: 3.7.9-2+deb12u4 Fixed Version: References: arcticdog.wordpress.com blog.mozilla.com blogs.technet.com blogs.technet.com curl.haxx.se downloads.asterisk.org ekoparty.org eprint.iacr.org eprint.iacr.org googlechromereleases.blogspot.com isc.sans.edu lists.apple.com lists.apple.com lists.apple.com lists.apple.com lists.apple.com lists.apple.com lists.apple.com lists.opensuse.org lists.opensuse.org lists.opensuse.org lists.opensuse.org marc.info marc.info marc.info marc.info marc.info marc.info my.opera.com osvdb.org rhn.redhat.com rhn.redhat.com secunia.com secunia.com secunia.com secunia.com secunia.com secunia.com secunia.com secunia.com secunia.com secunia.com security.gentoo.org security.gentoo.org support.apple.com support.apple.com support.apple.com support.apple.com support.apple.com support.apple.com technet.microsoft.com vnhacker.blogspot.com www.apcmedia.com www.debian.org www.educatedguesswork.org www.ibm.com www.imperialviolet.org www.insecure.cl www.kb.cert.org www.mandriva.com www.opera.com www.opera.com www.opera.com www.opera.com www.opera.com www.opera.com www.opera.com www.oracle.com www.oracle.com www.oracle.com www.redhat.com www.redhat.com www.securityfocus.com www.securityfocus.com www.securitytracker.com www.securitytracker.com www.securitytracker.com www.securitytracker.com www.ubuntu.com www.us-cert.gov access.redhat.com blogs.oracle.com bugzilla.novell.com bugzilla.redhat.com cert-portal.siemens.com docs.microsoft.com h20564.www2.hp.com hermes.opensuse.org hermes.opensuse.org ics-cert.us-cert.gov linux.oracle.com linux.oracle.com nvd.nist.gov oval.cisecurity.org ubuntu.com www.cve.org
LOW	CVE-2018-5709: krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. Package Name: libgssapi-krb5-2 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com github.com lists.apache.org nvd.nist.gov www.cve.org
LOW	CVE-2024-26458: krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. Package Name: libgssapi-krb5-2 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com mailman.mit.edu nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2024-26461: krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. Package Name: libgssapi-krb5-2 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com mailman.mit.edu nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2020-36325: jansson: out-of-bounds read in json_loads() due to a parsing error An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification Package Name: libjansson4 Installed Version: 2.14-2 Fixed Version: References: access.redhat.com github.com nvd.nist.gov www.cve.org
LOW	CVE-2018-5709: krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. Package Name: libk5crypto3 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com github.com lists.apache.org nvd.nist.gov www.cve.org
LOW	CVE-2024-26458: krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. Package Name: libk5crypto3 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com mailman.mit.edu nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2024-26461: krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. Package Name: libk5crypto3 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com mailman.mit.edu nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2018-5709: krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. Package Name: libkrb5-3 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com github.com lists.apache.org nvd.nist.gov www.cve.org
LOW	CVE-2024-26458: krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. Package Name: libkrb5-3 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com mailman.mit.edu nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2024-26461: krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. Package Name: libkrb5-3 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com mailman.mit.edu nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2018-5709: krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. Package Name: libkrb5support0 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com github.com lists.apache.org nvd.nist.gov www.cve.org
LOW	CVE-2024-26458: krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. Package Name: libkrb5support0 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com mailman.mit.edu nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2024-26461: krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. Package Name: libkrb5support0 Installed Version: 1.20.1-2+deb12u3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com mailman.mit.edu nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2015-3276: openldap: incorrect multi-keyword mode cipherstring parsing The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors. Package Name: libldap-2.5-0 Installed Version: 2.5.13+dfsg-5 Fixed Version: References: rhn.redhat.com www.oracle.com www.securitytracker.com access.redhat.com bugzilla.redhat.com linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
LOW	CVE-2017-14159: openldap: Privilege escalation via PID file manipulation slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by openldap-initscript. Package Name: libldap-2.5-0 Installed Version: 2.5.13+dfsg-5 Fixed Version: References: www.openldap.org access.redhat.com nvd.nist.gov www.cve.org www.oracle.com
LOW	CVE-2017-17740: openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. Package Name: libldap-2.5-0 Installed Version: 2.5.13+dfsg-5 Fixed Version: References: lists.opensuse.org lists.opensuse.org www.openldap.org access.redhat.com kc.mcafee.com nvd.nist.gov www.cve.org www.oracle.com
LOW	CVE-2020-15719: openldap: Certificate validation incorrectly matches name against CN-ID libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux. Package Name: libldap-2.5-0 Installed Version: 2.5.13+dfsg-5 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com bugs.openldap.org bugzilla.redhat.com kc.mcafee.com nvd.nist.gov www.cve.org www.oracle.com
LOW	CVE-2015-3276: openldap: incorrect multi-keyword mode cipherstring parsing The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors. Package Name: libldap-common Installed Version: 2.5.13+dfsg-5 Fixed Version: References: rhn.redhat.com www.oracle.com www.securitytracker.com access.redhat.com bugzilla.redhat.com linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
LOW	CVE-2017-14159: openldap: Privilege escalation via PID file manipulation slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by openldap-initscript. Package Name: libldap-common Installed Version: 2.5.13+dfsg-5 Fixed Version: References: www.openldap.org access.redhat.com nvd.nist.gov www.cve.org www.oracle.com
LOW	CVE-2017-17740: openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. Package Name: libldap-common Installed Version: 2.5.13+dfsg-5 Fixed Version: References: lists.opensuse.org lists.opensuse.org www.openldap.org access.redhat.com kc.mcafee.com nvd.nist.gov www.cve.org www.oracle.com
LOW	CVE-2020-15719: openldap: Certificate validation incorrectly matches name against CN-ID libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux. Package Name: libldap-common Installed Version: 2.5.13+dfsg-5 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com bugs.openldap.org bugzilla.redhat.com kc.mcafee.com nvd.nist.gov www.cve.org www.oracle.com
LOW	CVE-2022-0563: util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. Package Name: libmount1 Installed Version: 2.38.1-5+deb12u3 Fixed Version: References: access.redhat.com blog.trailofbits.com lore.kernel.org lore.kernel.org nvd.nist.gov security.gentoo.org security.netapp.com www.cve.org
LOW	CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. Package Name: libpcre3 Installed Version: 2:8.39-15 Fixed Version: References: openwall.com www.openwall.com www.openwall.com www.securityfocus.com access.redhat.com lists.apache.org nvd.nist.gov www.cve.org
LOW	CVE-2017-16231: pcre: self-recursive call in match() in pcre_exec.c leads to denial of service In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used Package Name: libpcre3 Installed Version: 2:8.39-15 Fixed Version: References: packetstormsecurity.com seclists.org www.openwall.com www.openwall.com www.openwall.com www.openwall.com www.securityfocus.com access.redhat.com bugs.exim.org nvd.nist.gov www.cve.org
LOW	CVE-2017-7245: pcre: stack-based buffer overflow write in pcre32_copy_substring Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file. Package Name: libpcre3 Installed Version: 2:8.39-15 Fixed Version: References: www.securityfocus.com access.redhat.com access.redhat.com blogs.gentoo.org nvd.nist.gov security.gentoo.org www.cve.org
LOW	CVE-2017-7246: pcre: stack-based buffer overflow write in pcre32_copy_substring Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file. Package Name: libpcre3 Installed Version: 2:8.39-15 Fixed Version: References: www.securityfocus.com access.redhat.com access.redhat.com blogs.gentoo.org nvd.nist.gov security.gentoo.org www.cve.org
LOW	CVE-2019-20838: pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454. Package Name: libpcre3 Installed Version: 2:8.39-15 Fixed Version: References: seclists.org seclists.org access.redhat.com bugs.gentoo.org bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.apache.org nvd.nist.gov support.apple.com support.apple.com ubuntu.com www.cve.org www.pcre.org
LOW	CVE-2022-0563: util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. Package Name: libsmartcols1 Installed Version: 2.38.1-5+deb12u3 Fixed Version: References: access.redhat.com blog.trailofbits.com lore.kernel.org lore.kernel.org nvd.nist.gov security.gentoo.org security.netapp.com www.cve.org
LOW	CVE-2025-27587: OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable ... OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVP_DigestSign API, and then using the private key to extract the K value (nonce) from the signatures. Next, based on the bit size of the extracted nonce, one can compare the signing time of full-sized nonces to signatures that used smaller nonces, via statistical tests. There is a side-channel in the P-364 curve that allows private key extraction (also, there is a dependency between the bit size of K and the size of the side channel). NOTE: This CVE is disputed because the OpenSSL security policy explicitly notes that any side channels which require same physical system to be detected are outside of the threat model for the software. The timing signal is so small that it is infeasible to be detected without having the attacking process running on the same physical system. Package Name: libssl3 Installed Version: 3.0.16-1~deb12u1 Fixed Version: References: github.com github.com github.com minerva.crocs.fi.muni.cz www.cve.org
LOW	CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. Package Name: libstdc++6 Installed Version: 12.2.0-14+deb12u1 Fixed Version: References: access.redhat.com gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org lists.fedoraproject.org nvd.nist.gov sourceware.org www.cve.org
LOW	CVE-2013-4392: systemd: TOCTOU race condition when updating file permissions and SELinux security contexts systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. Package Name: libsystemd0 Installed Version: 252.38-1~deb12u1 Fixed Version: References: bugs.debian.org www.openwall.com access.redhat.com bugzilla.redhat.com nvd.nist.gov www.cve.org
LOW	CVE-2023-31437: An issue was discovered in systemd 253. An attacker can modify a seale ... An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." Package Name: libsystemd0 Installed Version: 252.38-1~deb12u1 Fixed Version: References: github.com github.com github.com
LOW	CVE-2023-31438: An issue was discovered in systemd 253. An attacker can truncate a sea ... An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." Package Name: libsystemd0 Installed Version: 252.38-1~deb12u1 Fixed Version: References: github.com github.com github.com github.com
LOW	CVE-2023-31439: An issue was discovered in systemd 253. An attacker can modify the con ... An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." Package Name: libsystemd0 Installed Version: 252.38-1~deb12u1 Fixed Version: References: github.com github.com github.com github.com
LOW	CVE-2025-6141: gnu-ncurses: ncurses Stack Buffer Overflow A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component. Package Name: libtinfo6 Installed Version: 6.4-4 Fixed Version: References: access.redhat.com invisible-island.net lists.gnu.org lists.gnu.org lists.gnu.org nvd.nist.gov vuldb.com vuldb.com vuldb.com www.cve.org www.gnu.org
LOW	CVE-2013-4392: systemd: TOCTOU race condition when updating file permissions and SELinux security contexts systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. Package Name: libudev1 Installed Version: 252.38-1~deb12u1 Fixed Version: References: bugs.debian.org www.openwall.com access.redhat.com bugzilla.redhat.com nvd.nist.gov www.cve.org
LOW	CVE-2023-31437: An issue was discovered in systemd 253. An attacker can modify a seale ... An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." Package Name: libudev1 Installed Version: 252.38-1~deb12u1 Fixed Version: References: github.com github.com github.com
LOW	CVE-2023-31438: An issue was discovered in systemd 253. An attacker can truncate a sea ... An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." Package Name: libudev1 Installed Version: 252.38-1~deb12u1 Fixed Version: References: github.com github.com github.com github.com
LOW	CVE-2023-31439: An issue was discovered in systemd 253. An attacker can modify the con ... An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." Package Name: libudev1 Installed Version: 252.38-1~deb12u1 Fixed Version: References: github.com github.com github.com github.com
LOW	CVE-2022-0563: util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. Package Name: libuuid1 Installed Version: 2.38.1-5+deb12u3 Fixed Version: References: access.redhat.com blog.trailofbits.com lore.kernel.org lore.kernel.org nvd.nist.gov security.gentoo.org security.netapp.com www.cve.org
LOW	CVE-2024-34459: libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com gitlab.gnome.org gitlab.gnome.org gitlab.gnome.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov ubuntu.com ubuntu.com www.cve.org
LOW	CVE-2025-6170: libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections. Package Name: libxml2 Installed Version: 2.9.14+dfsg-1.3~deb12u1 Fixed Version: References: access.redhat.com bugzilla.redhat.com nvd.nist.gov www.cve.org
LOW	CVE-2007-5686: initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers. Package Name: login Installed Version: 1:4.13+dfsg1-1+deb12u1 Fixed Version: References: secunia.com www.securityfocus.com www.securityfocus.com www.securityfocus.com www.vupen.com issues.rpath.com
LOW	CVE-2024-56433: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid. Package Name: login Installed Version: 1:4.13+dfsg1-1+deb12u1 Fixed Version: References: access.redhat.com github.com github.com github.com nvd.nist.gov www.cve.org
LOW	TEMP-0628843-DBAD28: [more related to CVE-2005-4890] Package Name: login Installed Version: 1:4.13+dfsg1-1+deb12u1 Fixed Version: References:
LOW	CVE-2022-0563: util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. Package Name: mount Installed Version: 2.38.1-5+deb12u3 Fixed Version: References: access.redhat.com blog.trailofbits.com lore.kernel.org lore.kernel.org nvd.nist.gov security.gentoo.org security.netapp.com www.cve.org
LOW	CVE-2025-6141: gnu-ncurses: ncurses Stack Buffer Overflow A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component. Package Name: ncurses-base Installed Version: 6.4-4 Fixed Version: References: access.redhat.com invisible-island.net lists.gnu.org lists.gnu.org lists.gnu.org nvd.nist.gov vuldb.com vuldb.com vuldb.com www.cve.org www.gnu.org
LOW	CVE-2025-6141: gnu-ncurses: ncurses Stack Buffer Overflow A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component. Package Name: ncurses-bin Installed Version: 6.4-4 Fixed Version: References: access.redhat.com invisible-island.net lists.gnu.org lists.gnu.org lists.gnu.org nvd.nist.gov vuldb.com vuldb.com vuldb.com www.cve.org www.gnu.org
LOW	CVE-2025-27587: OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable ... OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVP_DigestSign API, and then using the private key to extract the K value (nonce) from the signatures. Next, based on the bit size of the extracted nonce, one can compare the signing time of full-sized nonces to signatures that used smaller nonces, via statistical tests. There is a side-channel in the P-364 curve that allows private key extraction (also, there is a dependency between the bit size of K and the size of the side channel). NOTE: This CVE is disputed because the OpenSSL security policy explicitly notes that any side channels which require same physical system to be detected are outside of the threat model for the software. The timing signal is so small that it is infeasible to be detected without having the attacking process running on the same physical system. Package Name: openssl Installed Version: 3.0.16-1~deb12u1 Fixed Version: References: github.com github.com github.com minerva.crocs.fi.muni.cz www.cve.org
LOW	CVE-2007-5686: initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers. Package Name: passwd Installed Version: 1:4.13+dfsg1-1+deb12u1 Fixed Version: References: secunia.com www.securityfocus.com www.securityfocus.com www.securityfocus.com www.vupen.com issues.rpath.com
LOW	CVE-2024-56433: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid. Package Name: passwd Installed Version: 1:4.13+dfsg1-1+deb12u1 Fixed Version: References: access.redhat.com github.com github.com github.com nvd.nist.gov www.cve.org
LOW	TEMP-0628843-DBAD28: [more related to CVE-2005-4890] Package Name: passwd Installed Version: 1:4.13+dfsg1-1+deb12u1 Fixed Version: References:
LOW	CVE-2011-4116: perl: File:: Temp insecure temporary file handling _is_safe in the File::Temp module for Perl does not properly handle symlinks. Package Name: perl-base Installed Version: 5.36.0-7+deb12u2 Fixed Version: References: www.openwall.com www.openwall.com access.redhat.com github.com nvd.nist.gov rt.cpan.org seclists.org www.cve.org
LOW	CVE-2023-31486: http-tiny: insecure TLS cert default HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. Package Name: perl-base Installed Version: 5.36.0-7+deb12u2 Fixed Version: References: www.openwall.com www.openwall.com www.openwall.com www.openwall.com access.redhat.com access.redhat.com blog.hackeriet.no bugzilla.redhat.com errata.almalinux.org github.com hackeriet.github.io linux.oracle.com linux.oracle.com nvd.nist.gov security.netapp.com www.cve.org www.openwall.com www.openwall.com www.reddit.com
LOW	TEMP-0517018-A83CE6: [sysvinit: no-root option in expert installer exposes locally exploitable security flaw] Package Name: sysvinit-utils Installed Version: 3.06-4 Fixed Version: References:
LOW	CVE-2005-2541: tar: does not properly warn the user when extracting setuid or setgid files Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges. Package Name: tar Installed Version: 1.34+dfsg-1.2+deb12u1 Fixed Version: References: marc.info access.redhat.com lists.apache.org nvd.nist.gov www.cve.org
LOW	TEMP-0290435-0B57B5: [tar's rmt command may have undesired side effects] Package Name: tar Installed Version: 1.34+dfsg-1.2+deb12u1 Fixed Version: References:
LOW	CVE-2022-0563: util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. Package Name: util-linux Installed Version: 2.38.1-5+deb12u3 Fixed Version: References: access.redhat.com blog.trailofbits.com lore.kernel.org lore.kernel.org nvd.nist.gov security.gentoo.org security.netapp.com www.cve.org
LOW	CVE-2022-0563: util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. Package Name: util-linux-extra Installed Version: 2.38.1-5+deb12u3 Fixed Version: References: access.redhat.com blog.trailofbits.com lore.kernel.org lore.kernel.org nvd.nist.gov security.gentoo.org security.netapp.com www.cve.org
UNKNOWN	CVE-2025-6020: A flaw was found in linux-pam. The module pam_namespace may use access ... A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. Package Name: libpam-modules Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com bugzilla.redhat.com
UNKNOWN	CVE-2025-6020: A flaw was found in linux-pam. The module pam_namespace may use access ... A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. Package Name: libpam-modules-bin Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com bugzilla.redhat.com
UNKNOWN	CVE-2025-6020: A flaw was found in linux-pam. The module pam_namespace may use access ... A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. Package Name: libpam-runtime Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com bugzilla.redhat.com
UNKNOWN	CVE-2025-6020: A flaw was found in linux-pam. The module pam_namespace may use access ... A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. Package Name: libpam0g Installed Version: 1.5.2-6+deb12u1 Fixed Version: References: www.openwall.com access.redhat.com bugzilla.redhat.com

Package statistics are no longer available on cloudsmith.io. Please visit our new web app to access this feature.

These instructions assume you have setup the repository first (or read it).

To pull library/httpd @ reference/tag sha256:7e9cd1c51fb87ae93f96fb6da7e871f71add8b88ce44285515208274a396ff05:

docker pull docker.cloudsmith.io/demo-docs/awesome-repo/library/httpd@sha256:7e9cd1c51fb87ae93f96fb6da7e871f71add8b88ce44285515208274a396ff05

You can also pull the latest version of this image (if it exists):

docker pull docker.cloudsmith.io/demo-docs/awesome-repo/library/httpd:latest

To refer to this image after pulling in a Dockerfile, specify the following:

FROM docker.cloudsmith.io/demo-docs/awesome-repo/library/httpd@sha256:7e9cd1c51fb87ae93f96fb6da7e871f71add8b88ce44285515208274a396ff05

Still stuck? Need help? Don't panic. Just contact us for help (even if you're not a customer).

Previous Version: 5c5f2769f69114de02f…

Next Version: f17299dbd86b0648178…

	Digest: sha256:34ef2a75627f6089e01995bfd3b3786509bbdc7cfb4dbc804b642e195340dbc9 Command: # debian.sh --arch 'arm64' out/ 'bookworm' '@1749513600'	26.8 MB
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV HTTPD_PREFIX=/usr/local/apache2	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin	32 bytes
	Digest: sha256:16d638f8637c1f0a5dbcc1407a5039292a511c6b5060f29a11b4b062d9473f8e Command: RUN /bin/sh -c mkdir -p "$HTTPD_PREFIX" && chown www-data:www-data "$HTTPD_PREFIX" # buildkit	145 bytes
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: WORKDIR /usr/local/apache2	32 bytes
	Digest: sha256:40c8b19516e7bde6c90489518a34fe3cd6d7ecc9f2450c7e8035c0132c17dffe Command: RUN /bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends ca-certificates libaprutil1-ldap libldap-common ; rm -rf /var/lib/apt/lists/* # buildkit	3.8 MB
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV HTTPD_VERSION=2.4.63	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV HTTPD_SHA256=88fc236ab99b2864b248de7d49a008ec2afd7551e64dce8b95f58f32f94c46ab	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV HTTPD_PATCHES=	32 bytes
	Digest: sha256:01a469b89e8b6e4351ca3faf8ce81241b469d10a4af4e6274a294c48ee6f2d41 Command: RUN /bin/sh -c set -eux; savedAptMark="$(apt-mark showmanual)"; apt-get update; apt-get install -y --no-install-recommends bzip2 dpkg-dev gcc gnupg libapr1-dev libaprutil1-dev libbrotli-dev libcurl4-openssl-dev libjansson-dev liblua5.2-dev libnghttp2-dev libpcre3-dev libssl-dev libxml2-dev make patch wget zlib1g-dev ; rm -r /var/lib/apt/lists/; ddist() { local f="$1"; shift; local distFile="$1"; shift; local success=; local distUrl=; for distUrl in https://dlcdn.apache.org/ https://archive.apache.org/dist/ ; do if wget -O "$f" "$distUrl$distFile" && [ -s "$f" ]; then success=1; break; fi; done; [ -n "$success" ]; }; ddist 'httpd.tar.bz2' "httpd/httpd-$HTTPD_VERSION.tar.bz2"; echo "$HTTPD_SHA256 httpd.tar.bz2" \| sha256sum -c -; ddist 'httpd.tar.bz2.asc' "httpd/httpd-$HTTPD_VERSION.tar.bz2.asc"; export GNUPGHOME="$(mktemp -d)"; for key in DE29FB3971E71543FD2DC049508EAEC5302DA568 13155B0E9E634F42BF6C163FDDBA64BA2C312D2F 8B39757B1D8A994DF2433ED58B3A601F08C975E5 31EE1A81B8D066548156D37B7D6DBFD1F08E012A A10208FEC3152DD7C0C9B59B361522D782AB7BD1 3DE024AFDA7A4B15CB6C14410F81AA8AB0D5F771 EB138C6AF0FC691001B16D93344A844D751D7F27 CBA5A7C21EC143314C41393E5B968010E04F9A89 3C016F2B764621BB549C66B516A96495E2226795 937FB3994A242BA9BF49E93021454AF0CC8B0F7E EAD1359A4C0F2D37472AAF28F55DF0293A4E7AC9 4C1EADADB4EF5007579C919C6635B6C0DE885DD3 01E475360FCCF1D0F24B9D145D414AE1E005C9CB 92CCEF0AA7DD46AC3A0F498BCA6939748103A37E D395C7573A68B9796D38C258153FA0CD75A67692 FA39B617B61493FD283503E7EED1EA392261D073 984FB3350C1D5C7A3282255BB31B213D208F5064 FE7A49DAA875E890B4167F76CCB2EB46E76CF6D0 39F6691A0ECF0C50E8BB849CF78875F642721F00 29A2BA848177B73878277FA475CAA2A3F39B3750 120A8667241AEDD4A78B46104C042818311A3DE5 453510BDA6C5855624E009236D0BC73A40581837 0DE5C55C6BF3B2352DABB89E13249B4FEC88A0BF 7CDBED100806552182F98844E8E7E00B4DAA1988 A8BA9617EF3BCCAC3B29B869EDB105896F9522D8 3E6AC004854F3A7F03566B592FF06894E55B0D0E 5B5181C2C0AB13E59DA3F7A3EC582EB639FF092C A93D62ECC3C8EA12DB220EC934EA76E6791485A8 65B2D44FE74BD5E3DE3AC3F082781DE46D5954FA 8935926745E1CE7E3ED748F6EC99EE267EB5F61A E3480043595621FE56105F112AB12A7ADC55C003 93525CFCF6FDFFB3FD9700DD5A4B10AE43B56A27 C55AB7B9139EB2263CD1AABC19B033D1760C227B 26F51EF9A82F4ACB43F1903ED377C9E7D1944C66 ; do gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; done; gpg --batch --verify httpd.tar.bz2.asc httpd.tar.bz2; gpgconf --kill all; rm -rf "$GNUPGHOME" httpd.tar.bz2.asc; mkdir -p src; tar -xf httpd.tar.bz2 -C src --strip-components=1; rm httpd.tar.bz2; cd src; patches() { while [ "$#" -gt 0 ]; do local patchFile="$1"; shift; local patchSha256="$1"; shift; ddist "$patchFile" "httpd/patches/apply_to_$HTTPD_VERSION/$patchFile"; echo "$patchSha256 $patchFile" \| sha256sum -c -; patch -p0 < "$patchFile"; rm -f "$patchFile"; done; }; patches $HTTPD_PATCHES; gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; CFLAGS="$(dpkg-buildflags --get CFLAGS)"; CPPFLAGS="$(dpkg-buildflags --get CPPFLAGS)"; LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; ./configure --build="$gnuArch" --prefix="$HTTPD_PREFIX" --enable-mods-shared=reallyall --enable-mpms-shared=all --enable-pie CFLAGS="-pipe $CFLAGS" CPPFLAGS="$CPPFLAGS" LDFLAGS="-Wl,--as-needed $LDFLAGS" ; make -j "$(nproc)"; make install; cd ..; rm -r src man manual; sed -ri -e 's!^(\sCustomLog)\s+\S+!\1 /proc/self/fd/1!g' -e 's!^(\sErrorLog)\s+\S+!\1 /proc/self/fd/2!g' -e 's!^(\sTransferLog)\s+\S+!\1 /proc/self/fd/1!g' -e 's!^(\sUser)\s+daemon\s$!\1 www-data!g' -e 's!^(\sGroup)\s+daemon\s$!\1 www-data!g' "$HTTPD_PREFIX/conf/httpd.conf" "$HTTPD_PREFIX/conf/extra/httpd-ssl.conf" ; grep -E '^\sUser www-data$' "$HTTPD_PREFIX/conf/httpd.conf"; grep -E '^\sGroup www-data$' "$HTTPD_PREFIX/conf/httpd.conf"; apt-mark auto '.' > /dev/null; [ -z "$savedAptMark" ] \|\| apt-mark manual $savedAptMark; find /usr/local -type f -executable -exec ldd '{}' ';' \| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); printf "%s\n", so }' \| sort -u \| xargs -r dpkg-query --search \| cut -d: -f1 \| sort -u \| xargs -r apt-mark manual ; apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; httpd -v # buildkit	24.8 MB
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: STOPSIGNAL SIGWINCH	32 bytes
	Digest: sha256:553e9c24f63976dcc35c0b5f6b17591b253828dc7b8cfdbf4696a2228466ee1b Command: COPY httpd-foreground /usr/local/bin/ # buildkit	293 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: EXPOSE map[80/tcp:{}]	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: CMD ["httpd-foreground"]	32 bytes

Medium severity CVEs:

library/httpd 7e9cd1c51fb87ae93f96fb6da7e…

One-liner (summary)

Description

License

Size

Downloads

Tags

Last scanned

Scan result

Vulnerability count

Max. severity

CVE-2025-49794: libxml: Heap use after free (UAF) leads to Denial of service (DoS)

CVE-2025-49796: libxml: Type confusion leads to Denial of service (DoS)

CVE-2023-45853: zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6

CVE-2025-4802: glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

CVE-2025-4802: glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

CVE-2023-52425: expat: parsing large tokens can trigger a denial of service

CVE-2024-8176: libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat

CVE-2025-5222: icu: Stack buffer overflow in the SRBRoot::addTag function

CVE-2023-2953: openldap: null pointer dereference in ber_memalloc_x function

CVE-2023-2953: openldap: null pointer dereference in ber_memalloc_x function

CVE-2024-25062: libxml2: use-after-free in XMLReader

CVE-2024-56171: libxml2: Use-After-Free in libxml2

CVE-2025-24928: libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2

CVE-2025-27113: libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch

CVE-2025-32414: libxml2: Out-of-Bounds Read in libxml2

CVE-2025-32415: libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

CVE-2025-49795: libxml: Null pointer dereference leads to Denial of service (DoS)

CVE-2025-6021: libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

CVE-2023-31484: perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS

CVE-2024-50602: libexpat: expat: DoS via XML_ResumeParser

CVE-2025-3576: krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

CVE-2025-3576: krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

CVE-2025-3576: krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

CVE-2025-3576: krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

CVE-2024-10041: pam: libpam: Libpam vulnerable to read hashed password

CVE-2024-22365: pam: allowing unprivileged user to block another user namespace

CVE-2024-10041: pam: libpam: Libpam vulnerable to read hashed password

CVE-2024-22365: pam: allowing unprivileged user to block another user namespace

CVE-2024-10041: pam: libpam: Libpam vulnerable to read hashed password

CVE-2024-22365: pam: allowing unprivileged user to block another user namespace

CVE-2024-10041: pam: libpam: Libpam vulnerable to read hashed password

CVE-2024-22365: pam: allowing unprivileged user to block another user namespace

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

CVE-2022-49043: libxml: use-after-free in xmlXIncludeAddNode

CVE-2023-39615: libxml2: crafted xml can cause global buffer overflow

CVE-2023-45322: libxml2: use-after-free in xmlUnlinkNode() in tree.c

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

CVE-2025-40909: perl: Perl threads have a working directory race condition where file operations may target unintended paths

CVE-2011-3374: It was found that apt-key in apt, all versions, do not correctly valid ...

TEMP-0841856-B18BAF: [Privilege escalation possible to other user than root]

CVE-2022-0563: util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline

CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot

CVE-2017-18018: coreutils: race condition vulnerability in chown and chgrp

CVE-2025-5278: coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification

CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets

CVE-2025-30258: gnupg: verification DoS due to a malicious subkey in the keyring

CVE-2011-3374: It was found that apt-key in apt, all versions, do not correctly valid ...

CVE-2022-0563: util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline

CVE-2010-4756: glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions

CVE-2018-20796: glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c

CVE-2019-1010022: glibc: stack guard protection bypass

CVE-2019-1010023: glibc: running ldd on malicious ELF leads to code execution because of wrong size computation

CVE-2019-1010024: glibc: ASLR bypass using cache of thread stack and heap

CVE-2019-1010025: glibc: information disclosure of heap addresses of pthread_created thread

CVE-2019-9192: glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c

CVE-2010-4756: glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions

CVE-2018-20796: glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c

CVE-2019-1010022: glibc: stack guard protection bypass

CVE-2019-1010023: glibc: running ldd on malicious ELF leads to code execution because of wrong size computation

CVE-2019-1010024: glibc: ASLR bypass using cache of thread stack and heap

CVE-2019-1010025: glibc: information disclosure of heap addresses of pthread_created thread

CVE-2019-9192: glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c

CVE-2024-2379: curl: QUIC certificate check bypass with wolfSSL

CVE-2025-0725: libcurl: Buffer Overflow in libcurl via zlib Integer Overflow

CVE-2023-52426: expat: recursive XML entity expansion vulnerability

CVE-2024-28757: expat: XML Entity Expansion