Package Search Help

You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.

Search by package name:
my-package (implicit)
name:my-package (explicit)

Search by package filename:
filename:my-package.ext 

Search by package tag:
tag:latest 

Search by package version:
version:1.0.0  prerelease:true (prereleases)
prerelease:false (no prereleases)

Search by package architecture:
architecture:x86_64 

Search by package distribution:
distribution:el 

Search by package license:
license:MIT 

Search by package format:
format:deb 

Search by package status:
status:in_progress 

Search by package file checksum:
checksum:5afba 

Search by package security status:
severity:critical 

Search by package vulnerabilities:
vulnerabilities:>1 
vulnerabilities:<1000 

Search by # of package downloads:
downloads:>8 
downloads:<100 

Search by package type:
type:binary 
type:source 

Search by package size (bytes):
size:>50000 
size:<10000 

Search by dependency name/version:
dependency:log4j 
dependency:log4j=1.0.0 
dependency:log4j>1.0.0 

Search by uploaded date:
uploaded:>"1 day ago" 
uploaded:<"August 14, 2022 EST" 

Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY 

Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true

Search by repository:
repository:repo-name

Search by last download date:
last_downloaded:<"30 days ago" 
last_downloaded:>"August 14, 2022 EST" 

Search queries for all Debian-specific (and related) package types

Search by component:
deb_component:unstable

Search queries for all Maven-specific (and related) package types

Search by group ID:
maven_group_id:org.apache

Search queries for all Docker-specific (and related) package types

Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)

Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)

Search queries for all Generic-specific package types

Search by file path:
generic_filepath:path/to/file.txt

Search by directory:
generic_directory:path/to

Field type modifiers (depending on the type, you can influence behaviour)

For all queries, you can use:
~foo for negation

For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching

For number/date or version queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal

Need a secure and centralised artifact repository to deliver Alpine, Cargo, CocoaPods, Composer, Conan, Conda, CRAN, Dart, Debian, Docker, Generic, Go, Helm, Hex, HuggingFace, LuaRocks, Maven, MCP, npm, NuGet, P2, Python, RedHat, Ruby, Swift, Terraform, Vagrant, VSX, Raw & More packages?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial
 Public eventstore eventstore (Kurrent) / eventstore-preview
Public Previews. Non-production.

Docker logo eventstoredb-ee  24.10.11-experimental-arm64…

One-liner (summary)

A certifiably-awesome package curated by trainstation, hosted by Cloudsmith.

Description

A certifiably-awesome package curated by trainstation, hosted by Cloudsmith.

License

Unknown

Size

267.0 MB

Downloads

7

Status  Completed
Checksum (MD5) f31bc1d59e6c4f1d1e39d7d500a91b20
Checksum (SHA-1) 20686e9711bc23a505c28137791000c65a8f517e
Checksum (SHA-256) 4912a9b37318f21d42f23d2e26a373f13db08d9e1a4025a686fc963b653af73d
Checksum (SHA-512) 7e6dc5799629422a78ba6f583b0a778b8104a298ab9e534e4f624c76d9bec18980…
GPG Signature
GPG Fingerprint 69f6921fcf1795d23d007088efec87a4f8f5849d
Storage Region  Dublin, Ireland
Type  Binary (contains binaries and binary artifacts)
Uploaded At 4 months, 2 weeks ago
Uploaded By Uploaded by trainstation
Slug Id eventstoredb-ee-zjo6
Unique Id QsHQy3ByTMn9
Version (Raw) 24.10.11-experimental-arm64-8.0-jammy
Version (Parsed)
  • Major: 24
  • Minor: 10
  • Patch: 11
  • Pre (Str): experimentalarmjammy
  • Pre (Num Array): 64.8.0
  • Type: SemVer (Strict)
Orig Version (Raw) 4912a9b37318f21d42f23d2e26a373f13db08d9e1a4025a686fc963b653af73d
Orig Version (Parsed)
  • Type: Unknown
  docker-specific metadata
Image Digest sha256:4912a9b37318f21d42f23d2e26a373f13db08d9e1a4025a686fc963b653af73d
Config Digest sha256:ba5af7de000123f45bca121eb996eecd6bab19f5a0a238f704d584e00a046bc4
V1 OCI Index Digest sha256:027742e8a1a5b52a3d3900eab084d179011ede8dcde3fc4aafba6a92fc7c5810
V1 Distribution (Signed) Digest sha256:272577286ca033d2a43ebffb5d9fce8df57f88cd0b1edccaebd318e85ca3ac6d
V1 OCI Digest sha256:41ee0bcbbabcb6598ff6c1827863f53963158fc131530960f913182df3043e71
V2 Distribution List Digest sha256:a1cd118c53d4751c4a3d5c65d3ca9b16bea78476d93d9705de1d00e33ea2316f
V1 Distribution Digest sha256:9eb1584dd47f059b0e8a0ed3cb3c819e785aaaf038540d759fdd94b9a00a74ff
V2 Distribution Digest sha256:4912a9b37318f21d42f23d2e26a373f13db08d9e1a4025a686fc963b653af73d
  extended metadata
Manifest Type V2 Distribution
Architecture arm64
Config
Created 2026-02-23 12:20:00 UTC
Os linux

This package was uploaded with the following V2 Distribution manifest:

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
      "mediaType": "application/vnd.docker.container.image.v1+json",
      "size": 7316,
      "digest": "sha256:2e5f01d032b6dd273dce07bf645db65b3ffc43beb7018189919993a28bf495b9"
   },
   "layers": [
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 28429139,
         "digest": "sha256:63cad55c3df288d1196ec57989cf07832af0307981287d50f7a6da5c5f11391f"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 16630777,
         "digest": "sha256:63182ed30b920e6726adbb58be9d3513b806f7a4f81be49d0333fe58ba73738e"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 3546,
         "digest": "sha256:5091cf0fb4a8f3a4b1baecfdaf264c42b4907ad7a63a138ad0ce4d731ad4aab1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 49184289,
         "digest": "sha256:d5e593f2d839994b04c42739a1c3293f4994e9594fb81a2e5327e5fbd6d9cc4f"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 91939324,
         "digest": "sha256:8209f2418cc5baca34101d368b6f12e9ccc21a4b46d2a5b5200e03f7beec4589"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1824682,
         "digest": "sha256:2eeeacda5771f6eb7294d8651db55a3dfca715e74215ca0b371858399193b971"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1853,
         "digest": "sha256:726057dd3c91bacab571b674b70d153438b9616a6b011d8bf02977ee582e8a58"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 91933749,
         "digest": "sha256:f879f325f34ff7346ea283dfe7583649bed4233a8e83ce444f9b17aefa616a5f"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 194,
         "digest": "sha256:c399d8cd9fbc2f2417ffda808252b80554f211c009bfdcf4b4e15f1c51ea7d4e"
      }
   ]
}
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) ARG RELEASE
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) ARG LAUNCHPAD_BUILD_ARCH
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) LABEL org.opencontainers.image.ref.name=ubuntu
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) LABEL org.opencontainers.image.version=22.04
32 bytes
Digest: sha256:63cad55c3df288d1196ec57989cf07832af0307981287d50f7a6da5c5f11391f
Command: /bin/sh -c #(nop) ADD file:a85469998596adb526225bc2a2ce3f2cd899fb87a09539f6f84d359c6b935769 in /
27.1 MB
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) CMD ["/bin/bash"]
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: ENV APP_UID=1654 ASPNETCORE_HTTP_PORTS=8080 DOTNET_RUNNING_IN_CONTAINER=true
32 bytes
Digest: sha256:63182ed30b920e6726adbb58be9d3513b806f7a4f81be49d0333fe58ba73738e
Command: RUN /bin/sh -c apt-get update && apt-get install -y --no-install-recommends ca-certificates libc6 libgcc-s1 libicu70 libssl3 libstdc++6 tzdata zlib1g && rm -rf /var/lib/apt/lists/* # buildkit
15.9 MB
Digest: sha256:5091cf0fb4a8f3a4b1baecfdaf264c42b4907ad7a63a138ad0ce4d731ad4aab1
Command: RUN /bin/sh -c groupadd --gid=$APP_UID app && useradd --no-log-init --uid=$APP_UID --gid=$APP_UID --create-home app # buildkit
3.5 KB
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: ARG DATABASE_ARCHIVE_DIR=eventstoredb-24.10.11-experimental-ee-linux-arm64.tar.gz
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: ARG UID=1000
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: ARG GID=1000
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: ENV LANGUAGE=en_US:en DEBIAN_FRONTEND=noninteractive ACCEPT_EULA=Y
32 bytes
Digest: sha256:d5e593f2d839994b04c42739a1c3293f4994e9594fb81a2e5327e5fbd6d9cc4f
Command: RUN |3 DATABASE_ARCHIVE_DIR=eventstoredb-24.10.11-experimental-ee-linux-arm64.tar.gz UID=1000 GID=1000 /bin/sh -c apt-get update && apt-get upgrade -y && apt-get clean # buildkit
46.9 MB
Digest: sha256:8209f2418cc5baca34101d368b6f12e9ccc21a4b46d2a5b5200e03f7beec4589
Command: COPY eventstoredb-24.10.11-experimental-ee-linux-arm64.tar.gz /opt/eventstore/ # buildkit
87.7 MB
Digest: sha256:2eeeacda5771f6eb7294d8651db55a3dfca715e74215ca0b371858399193b971
Command: RUN |3 DATABASE_ARCHIVE_DIR=eventstoredb-24.10.11-experimental-ee-linux-arm64.tar.gz UID=1000 GID=1000 /bin/sh -c apt update && apt install -y curl && rm -rf /var/lib/apt/lists/* # buildkit
1.7 MB
Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1
Command: WORKDIR /opt/eventstore
32 bytes
Digest: sha256:726057dd3c91bacab571b674b70d153438b9616a6b011d8bf02977ee582e8a58
Command: RUN |3 DATABASE_ARCHIVE_DIR=eventstoredb-24.10.11-experimental-ee-linux-arm64.tar.gz UID=1000 GID=1000 /bin/sh -c addgroup --gid ${GID} "eventstore" && adduser --disabled-password --gecos "" --ingroup "eventstore" --no-create-home --uid ${UID} "eventstore" # buildkit
1.8 KB
Digest: sha256:f879f325f34ff7346ea283dfe7583649bed4233a8e83ce444f9b17aefa616a5f
Command: RUN |3 DATABASE_ARCHIVE_DIR=eventstoredb-24.10.11-experimental-ee-linux-arm64.tar.gz UID=1000 GID=1000 /bin/sh -c mkdir -p /var/lib/eventstore && mkdir -p /var/log/eventstore && mkdir -p /etc/eventstore && chown -R eventstore:eventstore /opt/eventstore /var/lib/eventstore /var/log/eventstore /etc/eventstore # buildkit
87.7 MB
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: USER eventstore
32 bytes
Digest: sha256:c399d8cd9fbc2f2417ffda808252b80554f211c009bfdcf4b4e15f1c51ea7d4e
Command: RUN |3 DATABASE_ARCHIVE_DIR=eventstoredb-24.10.11-experimental-ee-linux-arm64.tar.gz UID=1000 GID=1000 /bin/sh -c echo "NodeIp: 0.0.0.0\nReplicationIp: 0.0.0.0" >> /etc/eventstore/eventstore.conf # buildkit
194 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: VOLUME [/var/lib/eventstore]
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: VOLUME [/var/log/eventstore]
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: EXPOSE map[1112/tcp:{}]
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: EXPOSE map[1113/tcp:{}]
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: EXPOSE map[2113/tcp:{}]
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: HEALTHCHECK &{["CMD-SHELL" "curl --fail --insecure https://localhost:2113/health/live || curl --fail http://localhost:2113/health/live || exit 1"] "5s" "5s" "0s" "0s" '\x18'}
32 bytes
Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: ENTRYPOINT ["/opt/eventstore/eventstored"]
32 bytes
 Newer Docker logo
eventstoredb-ee
1 Uploaded by trainstation
 Newer Docker logo
eventstoredb-ee
5 Uploaded by trainstation
 Newer Docker logo
eventstoredb-ee
267.5 MB 4 months ago
4 Uploaded by trainstation
  Docker logo
eventstoredb-ee
7 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
8 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
296.2 MB 7 months ago
32 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
266.1 MB 7 months ago
7 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
264.3 MB 7 months ago
4 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
264.3 MB 7 months ago
5 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
9 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
22 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
15 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
8 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
7 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
8 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
8 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
10 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
292.7 MB 1 year ago
101 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
266.4 MB 1 year ago
79 Uploaded by trainstation
 Older Docker logo
eventstoredb-ee
260.2 MB 1 year ago
84 Uploaded by trainstation

Last scanned

4 months, 2 weeks ago

Scan result

Vulnerable

Vulnerability count

20

Max. severity

Medium
Target: QsHQy3ByTMn9.sbom-cyclonedx.json (ubuntu 22.04)
MEDIUM

CVE-2025-68972: gnupg: GnuPG: Signature bypass via form feed character in signed messages

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.

Package Name: gpgv
Installed Version: 2.2.27-3ubuntu2.5
Fixed Version:

References: access.redhat.com gpg.fail media.ccc.de news.ycombinator.com nvd.nist.gov www.cve.org
MEDIUM

CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

Package Name: libpam-modules
Installed Version: 1.4.0-11ubuntu2.6
Fixed Version:

References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM

CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

Package Name: libpam-modules-bin
Installed Version: 1.4.0-11ubuntu2.6
Fixed Version:

References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM

CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

Package Name: libpam-runtime
Installed Version: 1.4.0-11ubuntu2.6
Fixed Version:

References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM

CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

Package Name: libpam0g
Installed Version: 1.4.0-11ubuntu2.6
Fixed Version:

References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM

CVE-2025-45582: tar: Tar path traversal

GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of "Member name contains '..'" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain "x -> ../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which "tar xf" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each "tar xf" in its Security Rules of Thumb; however, third-party advice leads users to run "tar xf" more than once into the same directory.

Package Name: tar
Installed Version: 1.34+dfsg-1ubuntu0.1.22.04.2
Fixed Version:

References: www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com lists.gnu.org nvd.nist.gov www.cve.org www.gnu.org www.gnu.org www.gnu.org www.gnu.org
LOW

CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot

chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

Package Name: coreutils
Installed Version: 8.32-4.1ubuntu1.2
Fixed Version:

References: seclists.org www.openwall.com www.openwall.com access.redhat.com lists.apache.org lore.kernel.org mirrors.edge.kernel.org nvd.nist.gov www.cve.org
LOW

CVE-2025-0167: When asked to use a `.netrc` file for credentials **and** to follow HT ...

When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance.

Package Name: curl
Installed Version: 7.81.0-1ubuntu1.21
Fixed Version:

References: curl.se curl.se hackerone.com nvd.nist.gov security.netapp.com www.cve.org
LOW

CVE-2025-14524: When an OAuth2 bearer token is used for an HTTP(S) transfer, and that ...

When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host.

Package Name: curl
Installed Version: 7.81.0-1ubuntu1.21
Fixed Version:

References: www.openwall.com curl.se curl.se hackerone.com www.cve.org
LOW

CVE-2025-15079: When doing SSH-based transfers using either SCP or SFTP, and setting t ...

When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts *not present* in the specified file if they were added as recognized in the libssh *global* known_hosts file.

Package Name: curl
Installed Version: 7.81.0-1ubuntu1.21
Fixed Version:

References: www.openwall.com curl.se curl.se hackerone.com www.cve.org
LOW

CVE-2025-15224: When doing SSH-based transfers using either SCP or SFTP, and asked to ...

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent.

Package Name: curl
Installed Version: 7.81.0-1ubuntu1.21
Fixed Version:

References: www.openwall.com curl.se curl.se hackerone.com www.cve.org
LOW

CVE-2025-9086: curl: libcurl: Curl out of bounds read for cookie path

1. A cookie is set using the `secure` keyword for `https://target` 2. curl is redirected to or otherwise made to speak with `http://target` (same hostname, but using clear text HTTP) using the same cookie set 3. The same cookie name is set - but with just a slash as path (`path=\"/\",`). Since this site is not secure, the cookie *should* just be ignored. 4. A bug in the path comparison logic makes curl read outside a heap buffer boundary The bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path. The presumed and correct behavior would be to plainly ignore the second set of the cookie since it was already set as secure on a secure host so overriding it on an insecure host should not be okay.

Package Name: curl
Installed Version: 7.81.0-1ubuntu1.21
Fixed Version:

References: www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com curl.se curl.se cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com hackerone.com linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov www.cve.org
LOW

CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.

Package Name: gcc-12-base
Installed Version: 12.3.0-1ubuntu1~22.04.2
Fixed Version:

References: access.redhat.com gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org lists.fedoraproject.org nvd.nist.gov sourceware.org www.cve.org
LOW

CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets

GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.

Package Name: gpgv
Installed Version: 2.2.27-3ubuntu2.5
Fixed Version:

References: access.redhat.com bugzilla.redhat.com dev.gnupg.org dev.gnupg.org marc.info nvd.nist.gov security.netapp.com www.cve.org
LOW

CVE-2025-0167: When asked to use a `.netrc` file for credentials **and** to follow HT ...

When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance.

Package Name: libcurl4
Installed Version: 7.81.0-1ubuntu1.21
Fixed Version:

References: curl.se curl.se hackerone.com nvd.nist.gov security.netapp.com www.cve.org
LOW

CVE-2025-14524: When an OAuth2 bearer token is used for an HTTP(S) transfer, and that ...

When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host.

Package Name: libcurl4
Installed Version: 7.81.0-1ubuntu1.21
Fixed Version:

References: www.openwall.com curl.se curl.se hackerone.com www.cve.org
LOW

CVE-2025-15079: When doing SSH-based transfers using either SCP or SFTP, and setting t ...

When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts *not present* in the specified file if they were added as recognized in the libssh *global* known_hosts file.

Package Name: libcurl4
Installed Version: 7.81.0-1ubuntu1.21
Fixed Version:

References: www.openwall.com curl.se curl.se hackerone.com www.cve.org
LOW

CVE-2025-15224: When doing SSH-based transfers using either SCP or SFTP, and asked to ...

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent.

Package Name: libcurl4
Installed Version: 7.81.0-1ubuntu1.21
Fixed Version:

References: www.openwall.com curl.se curl.se hackerone.com www.cve.org
LOW

CVE-2025-9086: curl: libcurl: Curl out of bounds read for cookie path

1. A cookie is set using the `secure` keyword for `https://target` 2. curl is redirected to or otherwise made to speak with `http://target` (same hostname, but using clear text HTTP) using the same cookie set 3. The same cookie name is set - but with just a slash as path (`path=\"/\",`). Since this site is not secure, the cookie *should* just be ignored. 4. A bug in the path comparison logic makes curl read outside a heap buffer boundary The bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path. The presumed and correct behavior would be to plainly ignore the second set of the cookie since it was already set as secure on a secure host so overriding it on an insecure host should not be okay.

Package Name: libcurl4
Installed Version: 7.81.0-1ubuntu1.21
Fixed Version:

References: www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com curl.se curl.se cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com hackerone.com linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov www.cve.org
LOW

CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.

Package Name: libgcc-s1
Installed Version: 12.3.0-1ubuntu1~22.04.2
Fixed Version:

References: access.redhat.com gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org lists.fedoraproject.org nvd.nist.gov sourceware.org www.cve.org
LOW

CVE-2024-2236: libgcrypt: vulnerable to Marvin Attack

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

Package Name: libgcrypt20
Installed Version: 1.9.4-3ubuntu3
Fixed Version:

References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org dev.gnupg.org errata.almalinux.org errata.rockylinux.org github.com gitlab.com linux.oracle.com linux.oracle.com lists.gnupg.org nvd.nist.gov www.cve.org
LOW

CVE-2025-5222: icu: Stack buffer overflow in the SRBRoot::addTag function

A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.

Package Name: libicu70
Installed Version: 70.1-2
Fixed Version:

References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov www.cve.org
LOW

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().

Package Name: libncurses6
Installed Version: 6.3-2ubuntu0.1
Fixed Version:

References: access.redhat.com lists.fedoraproject.org lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().

Package Name: libncursesw6
Installed Version: 6.3-2ubuntu0.1
Fixed Version:

References: access.redhat.com lists.fedoraproject.org lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW

CVE-2022-41409: pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.

Package Name: libpcre2-8-0
Installed Version: 10.39-3ubuntu0.1
Fixed Version:

References: access.redhat.com github.com github.com github.com nvd.nist.gov www.cve.org
LOW

CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

Package Name: libpcre3
Installed Version: 2:8.39-13ubuntu0.22.04.1
Fixed Version:

References: openwall.com www.openwall.com www.openwall.com www.securityfocus.com access.redhat.com lists.apache.org nvd.nist.gov www.cve.org
LOW

CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.

Package Name: libstdc++6
Installed Version: 12.3.0-1ubuntu1~22.04.2
Fixed Version:

References: access.redhat.com gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org lists.fedoraproject.org nvd.nist.gov sourceware.org www.cve.org
LOW

CVE-2023-7008: systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

Package Name: libsystemd0
Installed Version: 249.11-0ubuntu3.17
Fixed Version:

References: access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com lists.debian.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com www.cve.org
LOW

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().

Package Name: libtinfo6
Installed Version: 6.3-2ubuntu0.1
Fixed Version:

References: access.redhat.com lists.fedoraproject.org lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW

CVE-2023-7008: systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

Package Name: libudev1
Installed Version: 249.11-0ubuntu3.17
Fixed Version:

References: access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com lists.debian.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com www.cve.org
LOW

CVE-2022-4899: zstd: mysql: buffer overrun in util.c

A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.

Package Name: libzstd1
Installed Version: 1.4.8+dfsg-3build1
Fixed Version:

References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com github.com github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com security.netapp.com www.cve.org
LOW

CVE-2023-29383: shadow: Improper input validation in shadow-utils package utility chfn

In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.

Package Name: login
Installed Version: 1:4.8.1-2ubuntu2.2
Fixed Version:

References: access.redhat.com github.com github.com lists.debian.org nvd.nist.gov www.cve.org www.trustwave.com www.trustwave.com
LOW

CVE-2024-56433: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.

Package Name: login
Installed Version: 1:4.8.1-2ubuntu2.2
Fixed Version:

References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
LOW

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().

Package Name: ncurses-base
Installed Version: 6.3-2ubuntu0.1
Fixed Version:

References: access.redhat.com lists.fedoraproject.org lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().

Package Name: ncurses-bin
Installed Version: 6.3-2ubuntu0.1
Fixed Version:

References: access.redhat.com lists.fedoraproject.org lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW

CVE-2023-29383: shadow: Improper input validation in shadow-utils package utility chfn

In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.

Package Name: passwd
Installed Version: 1:4.8.1-2ubuntu2.2
Fixed Version:

References: access.redhat.com github.com github.com lists.debian.org nvd.nist.gov www.cve.org www.trustwave.com www.trustwave.com
LOW

CVE-2024-56433: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.

Package Name: passwd
Installed Version: 1:4.8.1-2ubuntu2.2
Fixed Version:

References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org

You can embed a badge in another website that shows this or the latest version of this package.

To embed the badge for this specific package version, use the following:

[![This version of 'eventstoredb-ee' @ Cloudsmith](https://api.cloudsmith.com/v1/badges/version/eventstore/eventstore-preview/docker/eventstoredb-ee/24.10.11-experimental-arm64-8.0-jammy/a=arm64;xpo=linux/?render=true)](https://cloudsmith.io/~eventstore/repos/eventstore-preview/packages/detail/docker/eventstoredb-ee/4912a9b37318f21d42f23d2e26a373f13db08d9e1a4025a686fc963b653af73d/a=arm64;xpo=linux/)
|This version of 'eventstoredb-ee' @ Cloudsmith|
.. |This version of 'eventstoredb-ee' @ Cloudsmith| image:: https://api.cloudsmith.com/v1/badges/version/eventstore/eventstore-preview/docker/eventstoredb-ee/24.10.11-experimental-arm64-8.0-jammy/a=arm64;xpo=linux/?render=true
   :target: https://cloudsmith.io/~eventstore/repos/eventstore-preview/packages/detail/docker/eventstoredb-ee/4912a9b37318f21d42f23d2e26a373f13db08d9e1a4025a686fc963b653af73d/a=arm64;xpo=linux/
image::https://api.cloudsmith.com/v1/badges/version/eventstore/eventstore-preview/docker/eventstoredb-ee/24.10.11-experimental-arm64-8.0-jammy/a=arm64;xpo=linux/?render=true[link="https://cloudsmith.io/~eventstore/repos/eventstore-preview/packages/detail/docker/eventstoredb-ee/4912a9b37318f21d42f23d2e26a373f13db08d9e1a4025a686fc963b653af73d/a=arm64;xpo=linux/",title="This version of 'eventstoredb-ee' @ Cloudsmith"]
<a href="https://cloudsmith.io/~eventstore/repos/eventstore-preview/packages/detail/docker/eventstoredb-ee/4912a9b37318f21d42f23d2e26a373f13db08d9e1a4025a686fc963b653af73d/a=arm64;xpo=linux/"><img src="https://api.cloudsmith.com/v1/badges/version/eventstore/eventstore-preview/docker/eventstoredb-ee/24.10.11-experimental-arm64-8.0-jammy/a=arm64;xpo=linux/?render=true" alt="This version of 'eventstoredb-ee' @ Cloudsmith" /></a>

rendered as: This version of 'eventstoredb-ee' @ Cloudsmith

To embed the badge for the latest package version, use the following:

[![Latest version of 'eventstoredb-ee' @ Cloudsmith](https://api.cloudsmith.com/v1/badges/version/eventstore/eventstore-preview/docker/eventstoredb-ee/latest/a=arm64;xpo=linux/?render=true&show_latest=true)](https://cloudsmith.io/~eventstore/repos/eventstore-preview/packages/detail/docker/eventstoredb-ee/latest/a=arm64;xpo=linux/)
|Latest version of 'eventstoredb-ee' @ Cloudsmith|
.. |Latest version of 'eventstoredb-ee' @ Cloudsmith| image:: https://api.cloudsmith.com/v1/badges/version/eventstore/eventstore-preview/docker/eventstoredb-ee/latest/a=arm64;xpo=linux/?render=true&show_latest=true
   :target: https://cloudsmith.io/~eventstore/repos/eventstore-preview/packages/detail/docker/eventstoredb-ee/latest/a=arm64;xpo=linux/
image::https://api.cloudsmith.com/v1/badges/version/eventstore/eventstore-preview/docker/eventstoredb-ee/latest/a=arm64;xpo=linux/?render=true&show_latest=true[link="https://cloudsmith.io/~eventstore/repos/eventstore-preview/packages/detail/docker/eventstoredb-ee/latest/a=arm64;xpo=linux/",title="Latest version of 'eventstoredb-ee' @ Cloudsmith"]
<a href="https://cloudsmith.io/~eventstore/repos/eventstore-preview/packages/detail/docker/eventstoredb-ee/latest/a=arm64;xpo=linux/"><img src="https://api.cloudsmith.com/v1/badges/version/eventstore/eventstore-preview/docker/eventstoredb-ee/latest/a=arm64;xpo=linux/?render=true&show_latest=true" alt="Latest version of 'eventstoredb-ee' @ Cloudsmith" /></a>

rendered as: Latest version of 'eventstoredb-ee' @ Cloudsmith

These instructions assume you have setup the repository first (or read it).

To pull eventstoredb-ee @ reference/tag 6b25e2e6-c91e-4dcf-9fa4-1313526ae236:

docker pull docker.eventstore.com/eventstore-preview/eventstoredb-ee:6b25e2e6-c91e-4dcf-9fa4-1313526ae236

You can also pull the latest version of this image (if it exists):

docker pull docker.eventstore.com/eventstore-preview/eventstoredb-ee:latest

To refer to this image after pulling in a Dockerfile, specify the following:

FROM docker.eventstore.com/eventstore-preview/eventstoredb-ee:6b25e2e6-c91e-4dcf-9fa4-1313526ae236

Note: You should replace 6b25e2e6-c91e-4dcf-9fa4-1313526ae236 with an alternative reference to pull, such as: 24.10.11-experimental-arm64-8.0-jammy.

Top