Cloudsmith - Repositories - Kurrent (eventstore) - kurrent-latest (kurrent-latest) - kurrentdb

Package Search Help

You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.

Search by package name:
my-package _(implicit)
name:my-package _(explicit)

Search by package filename:
filename:my-package.ext

Search by package tag:
tag:latest

Search by package version:
version:1.0.0 prerelease:true _{(prereleases)}
prerelease:false _{(no prereleases)}

Search by package architecture:
architecture:x86_64

Search by package distribution:
distribution:el

Search by package license:
license:MIT

Search by package format:
format:deb

Search by package status:
status:in_progress

Search by package file checksum:
checksum:5afba

Search by package security status:
severity:critical

Search by package vulnerabilities:
vulnerabilities:>1
vulnerabilities:<1000

Search by # of package downloads:
downloads:>8
downloads:<100

Search by package type:
type:binary
type:source

Search by package size (bytes):
size:>50000
size:<10000

Search by dependency name/version:
dependency:log4j
dependency:log4j=1.0.0
dependency:log4j>1.0.0

Search by uploaded date:
uploaded:>"1 day ago"
uploaded:<"August 14, 2022 EST"

Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY

Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true

Search by repository:
repository:repo-name

Search by last download date:
last_downloaded:<"30 days ago"
last_downloaded:>"August 14, 2022 EST"

Search queries for all Debian-specific (and related) package types

Search by component:
deb_component:unstable

Search queries for all Maven-specific (and related) package types

Search by group ID:
maven_group_id:org.apache

Search queries for all Docker-specific (and related) package types

Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)

Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)

Field type modifiers (depending on the type, you can influence behaviour)

For all queries, you can use:
~foo for negation

For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching

For number/date or version queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal

Need a secure and centralised artifact repository to deliver Alpine, Cargo, CocoaPods, Composer, Conan, Conda, CRAN, Dart, Debian, Docker, Go, Helm, Hex, HuggingFace, LuaRocks, Maven, npm, NuGet, P2, Python, RedHat, Ruby, Swift, Terraform, Vagrant, Raw & More packages?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial

Set Me Up

Public — eventstore (Kurrent) / kurrent-latest

A certifiably-awesome public package repository curated by Kurrent, hosted by Cloudsmith.

kurrentdb 25.1

Download

One-liner (summary)

A certifiably-awesome package curated by trainstation, hosted by Cloudsmith.

Description

A certifiably-awesome package curated by trainstation, hosted by Cloudsmith.

License

Unknown

Size

364.3 MB

Downloads

776

Tags

image amd64 linux 25.1.0-x64-8.0-jammy 64565ee6-7682-4567-… 25.1.0 latest

Status	Completed
Checksum (MD5)	f47e01d24b32d47d196b5e179033f912
Checksum (SHA-1)	1841259d1f1c7cf0b3f71f353ee16e6fee285ec2
Checksum (SHA-256)	965a58cf9993447df5f5f196d88cc0dce70a10634f5614d95420116553a20fd5
Checksum (SHA-512)	6f509a416dede5e0a607d91457f78e9a86289f4897c43dda87595795cbb7c22ee1…
GPG Signature	Download
GPG Fingerprint	02a89004460aa252035d6b7d094442d90ad50bcd
Storage Region	Dublin, Ireland
Type	Binary (contains binaries and binary artifacts)
Uploaded At	1 week, 2 days ago
Uploaded By
Slug Id	kurrentdb-27wf
Unique Id	UYsaCMva47AX
Version (Raw)	25.1
Version (Parsed)	Major: 25 Minor: 1 Type: SemVer (Compat)
Orig Version (Raw)	965a58cf9993447df5f5f196d88cc0dce70a10634f5614d95420116553a20fd5
Orig Version (Parsed)	Type: Unknown
	docker-specific metadata
Image Digest	sha256:965a58cf9993447df5f5f196d88cc0dce70a10634f5614d95420116553a20fd5
Config Digest	sha256:e9847eb384e35d8abbbe94ee8b5e9ab20b8f6f28cdd245b1b8ff03fca5278a67
V1 OCI Index Digest	sha256:fdd74504b41517d1843a182171f565dda7d5a925c59fbd957112664cf9d294df
V1 Distribution (Signed) Digest	sha256:7ef47c7ebdd489d3ca537ad5029a4951a9fc0399c115777e851cbb8da42ba2a1
V1 OCI Digest	sha256:2cde964673d62f7124a701ae0f72eefd578685108e3f0ccc4ebe177ae994496d
V2 Distribution List Digest	sha256:fa545ab5f532f4fd045b0a7a56af17eb3e64791a523112fadee7b2aba3b50875
V1 Distribution Digest	sha256:4f5d3bb20b910675610109e1e5db0adf85e7325214fb7b80ed191db8ee53460b
V2 Distribution Digest	sha256:965a58cf9993447df5f5f196d88cc0dce70a10634f5614d95420116553a20fd5
	extended metadata
Manifest Type	V2 Distribution
Architecture	amd64
Config	Entrypoint /opt/kurrentdb/kurrentd Env ACCEPT_EULA=Y \| APP_UID=1654 \| ASPNETCORE_HTTP_PORTS=8080 \| DEBIAN_FRONTEND=noninteractive \| DOTNET_RUNNING_IN_CONTAINER=true \| LANGUAGE=en_US:en \| PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin Exposed Ports 1112/tcp \| 1113/tcp \| 2113/tcp Healthcheck Interval 5000000000 Retries 24 Test CMD-SHELL \| curl --fail --insecure https://localhost:2113/health/live \|\| curl --fail http://localhost:2113/health/live \|\| exit 1 Timeout 5000000000 Labels 'org.opencontainers.image.version' '22.04' Labels 'org.opencontainers.image.ref.name' 'ubuntu' User kurrent Volumes /var/lib/kurrentdb \| /var/log/kurrentdb Working Dir /opt/kurrentdb
Created	2025-10-15 14:01:55 UTC
Os	linux

This package was uploaded with the following V2 Distribution manifest:

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
      "mediaType": "application/vnd.docker.container.image.v1+json",
      "size": 7110,
      "digest": "sha256:e14a9299cd1ca96b8fa95b1ac8ab0dbeffd16b8a3144860ab6fd21a0db895bfa"
   },
   "layers": [
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 30447951,
         "digest": "sha256:63e5bc7682b85ae57a1221210f64d62e7a90b0a30f19af4ca734b8242ae49d63"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 16704199,
         "digest": "sha256:49551f4d50adba938ac33adced61360260890930ec8015aa00da72c07252c702"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 3521,
         "digest": "sha256:9452b0c4326ea47dd578ae1b11a36d2e16402bf8dc4bcd7adfdda4b5dfe2a4d0"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 47198430,
         "digest": "sha256:8fad6d7e28055be8a0898753e517d26ff8f5b84d672dfdefdd2cb0da9b12481c"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 142892226,
         "digest": "sha256:9196b3c853d2be33fc92dbd90422cc83a7a517723ee1cd06268acb80f0c884f3"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1825798,
         "digest": "sha256:79279866a8cf7d6ba5f0b5b185a47a5a8edb73cfb58469205b33a56ee65722de"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1840,
         "digest": "sha256:b87f6acda86a3195882c2e66bb9d0cd74db3ba0d6408992f929184ad40956f43"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 142888015,
         "digest": "sha256:1189a60f6d6790f373bcc8df676d2789fbb0747438608846df996e172063001f"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 192,
         "digest": "sha256:a8f3416bba0367436c5206281357714a432cad843ce3670690b34d92c24d98d6"
      }
   ]
}

	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: /bin/sh -c #(nop) ARG RELEASE	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: /bin/sh -c #(nop) ARG LAUNCHPAD_BUILD_ARCH	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: /bin/sh -c #(nop) LABEL org.opencontainers.image.ref.name=ubuntu	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: /bin/sh -c #(nop) LABEL org.opencontainers.image.version=22.04	32 bytes
	Digest: sha256:63e5bc7682b85ae57a1221210f64d62e7a90b0a30f19af4ca734b8242ae49d63 Command: /bin/sh -c #(nop) ADD file:d025507456f1d7d19195885b1c02a346454d60c9348cbd3be92431f2d7e2666e in /	29.0 MB
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: /bin/sh -c #(nop) CMD ["/bin/bash"]	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV APP_UID=1654 ASPNETCORE_HTTP_PORTS=8080 DOTNET_RUNNING_IN_CONTAINER=true	32 bytes
	Digest: sha256:49551f4d50adba938ac33adced61360260890930ec8015aa00da72c07252c702 Command: RUN /bin/sh -c apt-get update && apt-get install -y --no-install-recommends ca-certificates libc6 libgcc-s1 libicu70 libssl3 libstdc++6 tzdata zlib1g && rm -rf /var/lib/apt/lists/* # buildkit	15.9 MB
	Digest: sha256:9452b0c4326ea47dd578ae1b11a36d2e16402bf8dc4bcd7adfdda4b5dfe2a4d0 Command: RUN /bin/sh -c groupadd --gid=$APP_UID app && useradd --no-log-init --uid=$APP_UID --gid=$APP_UID --create-home app # buildkit	3.4 KB
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ARG DATABASE_ARCHIVE_DIR=kurrentdb-25.1.0-linux-x64.tar.gz	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ARG UID=1000	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ARG GID=1000	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV LANGUAGE=en_US:en DEBIAN_FRONTEND=noninteractive ACCEPT_EULA=Y	32 bytes
	Digest: sha256:8fad6d7e28055be8a0898753e517d26ff8f5b84d672dfdefdd2cb0da9b12481c Command: RUN \|3 DATABASE_ARCHIVE_DIR=kurrentdb-25.1.0-linux-x64.tar.gz UID=1000 GID=1000 /bin/sh -c apt-get update && apt-get upgrade -y && apt-get clean # buildkit	45.0 MB
	Digest: sha256:9196b3c853d2be33fc92dbd90422cc83a7a517723ee1cd06268acb80f0c884f3 Command: COPY kurrentdb-25.1.0-linux-x64.tar.gz /opt/kurrentdb/ # buildkit	136.3 MB
	Digest: sha256:79279866a8cf7d6ba5f0b5b185a47a5a8edb73cfb58469205b33a56ee65722de Command: RUN \|3 DATABASE_ARCHIVE_DIR=kurrentdb-25.1.0-linux-x64.tar.gz UID=1000 GID=1000 /bin/sh -c apt update && apt install -y curl && rm -rf /var/lib/apt/lists/* # buildkit	1.7 MB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: WORKDIR /opt/kurrentdb	32 bytes
	Digest: sha256:b87f6acda86a3195882c2e66bb9d0cd74db3ba0d6408992f929184ad40956f43 Command: RUN \|3 DATABASE_ARCHIVE_DIR=kurrentdb-25.1.0-linux-x64.tar.gz UID=1000 GID=1000 /bin/sh -c addgroup --gid ${GID} "kurrent" && adduser --disabled-password --gecos "" --ingroup "kurrent" --no-create-home --uid ${UID} "kurrent" # buildkit	1.8 KB
	Digest: sha256:1189a60f6d6790f373bcc8df676d2789fbb0747438608846df996e172063001f Command: RUN \|3 DATABASE_ARCHIVE_DIR=kurrentdb-25.1.0-linux-x64.tar.gz UID=1000 GID=1000 /bin/sh -c mkdir -p /var/lib/kurrentdb && mkdir -p /var/log/kurrentdb && mkdir -p /etc/kurrentdb && chown -R kurrent:kurrent /opt/kurrentdb /var/lib/kurrentdb /var/log/kurrentdb /etc/kurrentdb # buildkit	136.3 MB
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: USER kurrent	32 bytes
	Digest: sha256:a8f3416bba0367436c5206281357714a432cad843ce3670690b34d92c24d98d6 Command: RUN \|3 DATABASE_ARCHIVE_DIR=kurrentdb-25.1.0-linux-x64.tar.gz UID=1000 GID=1000 /bin/sh -c echo "NodeIp: 0.0.0.0\nReplicationIp: 0.0.0.0" >> /etc/kurrentdb/kurrentdb.conf # buildkit	192 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: VOLUME [/var/lib/kurrentdb]	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: VOLUME [/var/log/kurrentdb]	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: EXPOSE map[1112/tcp:{}]	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: EXPOSE map[1113/tcp:{}]	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: EXPOSE map[2113/tcp:{}]	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: HEALTHCHECK &{["CMD-SHELL" "curl --fail --insecure https://localhost:2113/health/live \|\| curl --fail http://localhost:2113/health/live \|\| exit 1"] "5s" "5s" "0s" "0s" '\x18'}	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENTRYPOINT ["/opt/kurrentdb/kurrentd"]	32 bytes

	kurrentdb 25.1	image amd64 linux 25.1.0-x64-8.0-jammy 64565ee6-7682-4567-… 25.1.0 latest 364.3 MB — 1 week, 2 days ago	776
Older	kurrentdb 25.0.1	image amd64 linux 25.0.1-x64-8.0-jammy 65fc4013-6f2b-434f-… 25.0 333.4 MB — 5 months ago	10610
Older	kurrentdb 25.0.0	image amd64 linux 25.0.0-x64-8.0-jammy 1f96d4a4-834d-490f-… 332.1 MB — 6 months, 4 weeks ago	1907

Only packages within the same repository are displayed. The current package you're viewing is highlighted.

Last scanned

1 week, 2 days ago

Scan result

Vulnerable

Vulnerability count

Max. severity

Medium

Target:	UYsaCMva47AX.sbom-cyclonedx.json (ubuntu 22.04)
MEDIUM	CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020 A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. Package Name: libpam-modules Installed Version: 1.4.0-11ubuntu2.6 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM	CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020 A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. Package Name: libpam-modules-bin Installed Version: 1.4.0-11ubuntu2.6 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM	CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020 A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. Package Name: libpam-runtime Installed Version: 1.4.0-11ubuntu2.6 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM	CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020 A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. Package Name: libpam0g Installed Version: 1.4.0-11ubuntu2.6 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org
MEDIUM	CVE-2025-45582: tar: Tar path traversal GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of "Member name contains '..'" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain "x -> ../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which "tar xf" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each "tar xf" in its Security Rules of Thumb; however, third-party advice leads users to run "tar xf" more than once into the same directory. Package Name: tar Installed Version: 1.34+dfsg-1ubuntu0.1.22.04.2 Fixed Version: References: access.redhat.com github.com lists.gnu.org nvd.nist.gov www.cve.org www.gnu.org www.gnu.org www.gnu.org www.gnu.org
LOW	CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. Package Name: coreutils Installed Version: 8.32-4.1ubuntu1.2 Fixed Version: References: seclists.org www.openwall.com www.openwall.com access.redhat.com lists.apache.org lore.kernel.org mirrors.edge.kernel.org nvd.nist.gov www.cve.org
LOW	CVE-2025-0167: When asked to use a `.netrc` file for credentials and to follow HT ... When asked to use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance. Package Name: curl Installed Version: 7.81.0-1ubuntu1.21 Fixed Version: References: curl.se curl.se hackerone.com nvd.nist.gov security.netapp.com www.cve.org
LOW	CVE-2025-9086: curl: libcurl: Curl out of bounds read for cookie path 1. A cookie is set using the `secure` keyword for `https://target` 2. curl is redirected to or otherwise made to speak with `http://target` (same hostname, but using clear text HTTP) using the same cookie set 3. The same cookie name is set - but with just a slash as path (`path='/'`). Since this site is not secure, the cookie should just be ignored. 4. A bug in the path comparison logic makes curl read outside a heap buffer boundary The bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path. The presumed and correct behavior would be to plainly ignore the second set of the cookie since it was already set as secure on a secure host so overriding it on an insecure host should not be okay. Package Name: curl Installed Version: 7.81.0-1ubuntu1.21 Fixed Version: References: access.redhat.com curl.se curl.se github.com hackerone.com nvd.nist.gov www.cve.org
LOW	CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. Package Name: gcc-12-base Installed Version: 12.3.0-1ubuntu1~22.04.2 Fixed Version: References: access.redhat.com gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org lists.fedoraproject.org nvd.nist.gov sourceware.org www.cve.org
LOW	CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB. Package Name: gpgv Installed Version: 2.2.27-3ubuntu2.4 Fixed Version: References: access.redhat.com bugzilla.redhat.com dev.gnupg.org dev.gnupg.org marc.info nvd.nist.gov security.netapp.com www.cve.org
LOW	CVE-2025-0167: When asked to use a `.netrc` file for credentials and to follow HT ... When asked to use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance. Package Name: libcurl4 Installed Version: 7.81.0-1ubuntu1.21 Fixed Version: References: curl.se curl.se hackerone.com nvd.nist.gov security.netapp.com www.cve.org
LOW	CVE-2025-9086: curl: libcurl: Curl out of bounds read for cookie path 1. A cookie is set using the `secure` keyword for `https://target` 2. curl is redirected to or otherwise made to speak with `http://target` (same hostname, but using clear text HTTP) using the same cookie set 3. The same cookie name is set - but with just a slash as path (`path='/'`). Since this site is not secure, the cookie should just be ignored. 4. A bug in the path comparison logic makes curl read outside a heap buffer boundary The bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site override the contents of the secure cookie, contrary to expectations and depending on the memory contents immediately following the single-byte allocation that holds the path. The presumed and correct behavior would be to plainly ignore the second set of the cookie since it was already set as secure on a secure host so overriding it on an insecure host should not be okay. Package Name: libcurl4 Installed Version: 7.81.0-1ubuntu1.21 Fixed Version: References: access.redhat.com curl.se curl.se github.com hackerone.com nvd.nist.gov www.cve.org
LOW	CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. Package Name: libgcc-s1 Installed Version: 12.3.0-1ubuntu1~22.04.2 Fixed Version: References: access.redhat.com gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org lists.fedoraproject.org nvd.nist.gov sourceware.org www.cve.org
LOW	CVE-2024-2236: libgcrypt: vulnerable to Marvin Attack A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. Package Name: libgcrypt20 Installed Version: 1.9.4-3ubuntu3 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com dev.gnupg.org errata.almalinux.org github.com gitlab.com linux.oracle.com linux.oracle.com lists.gnupg.org nvd.nist.gov www.cve.org
LOW	CVE-2025-5222: icu: Stack buffer overflow in the SRBRoot::addTag function A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution. Package Name: libicu70 Installed Version: 70.1-2 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov www.cve.org
LOW	CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry() NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Package Name: libncurses6 Installed Version: 6.3-2ubuntu0.1 Fixed Version: References: access.redhat.com lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry() NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Package Name: libncursesw6 Installed Version: 6.3-2ubuntu0.1 Fixed Version: References: access.redhat.com lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2022-41409: pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input. Package Name: libpcre2-8-0 Installed Version: 10.39-3ubuntu0.1 Fixed Version: References: access.redhat.com github.com github.com github.com nvd.nist.gov www.cve.org
LOW	CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. Package Name: libpcre3 Installed Version: 2:8.39-13ubuntu0.22.04.1 Fixed Version: References: openwall.com www.openwall.com www.openwall.com www.securityfocus.com access.redhat.com lists.apache.org nvd.nist.gov www.cve.org
LOW	CVE-2025-8114: : NULL Pointer Dereference in libssh KEX Session ID Calculation A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash. Package Name: libssh-4 Installed Version: 0.9.6-2ubuntu0.22.04.4 Fixed Version: References: access.redhat.com bugzilla.redhat.com nvd.nist.gov www.cve.org www.libssh.org
LOW	CVE-2024-41996: openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key. Package Name: libssl3 Installed Version: 3.0.2-0ubuntu1.20 Fixed Version: References: access.redhat.com dheatattack.gitlab.io dheatattack.gitlab.io gist.github.com github.com github.com nvd.nist.gov openssl-library.org www.cve.org
LOW	CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. Package Name: libstdc++6 Installed Version: 12.3.0-1ubuntu1~22.04.2 Fixed Version: References: access.redhat.com gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org gcc.gnu.org lists.fedoraproject.org nvd.nist.gov sourceware.org www.cve.org
LOW	CVE-2023-7008: systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records. Package Name: libsystemd0 Installed Version: 249.11-0ubuntu3.17 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com www.cve.org
LOW	CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry() NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Package Name: libtinfo6 Installed Version: 6.3-2ubuntu0.1 Fixed Version: References: access.redhat.com lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2023-7008: systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records. Package Name: libudev1 Installed Version: 249.11-0ubuntu3.17 Fixed Version: References: access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com www.cve.org
LOW	CVE-2022-4899: zstd: mysql: buffer overrun in util.c A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun. Package Name: libzstd1 Installed Version: 1.4.8+dfsg-3build1 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org github.com github.com github.com github.com github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com security.netapp.com www.cve.org
LOW	CVE-2023-29383: shadow: Improper input validation in shadow-utils package utility chfn In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account. Package Name: login Installed Version: 1:4.8.1-2ubuntu2.2 Fixed Version: References: access.redhat.com github.com github.com nvd.nist.gov www.cve.org www.trustwave.com www.trustwave.com
LOW	CVE-2024-56433: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid. Package Name: login Installed Version: 1:4.8.1-2ubuntu2.2 Fixed Version: References: access.redhat.com github.com github.com github.com nvd.nist.gov www.cve.org
LOW	CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry() NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Package Name: ncurses-base Installed Version: 6.3-2ubuntu0.1 Fixed Version: References: access.redhat.com lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry() NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Package Name: ncurses-bin Installed Version: 6.3-2ubuntu0.1 Fixed Version: References: access.redhat.com lists.fedoraproject.org lists.gnu.org lists.gnu.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org
LOW	CVE-2024-41996: openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key. Package Name: openssl Installed Version: 3.0.2-0ubuntu1.20 Fixed Version: References: access.redhat.com dheatattack.gitlab.io dheatattack.gitlab.io gist.github.com github.com github.com nvd.nist.gov openssl-library.org www.cve.org
LOW	CVE-2023-29383: shadow: Improper input validation in shadow-utils package utility chfn In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account. Package Name: passwd Installed Version: 1:4.8.1-2ubuntu2.2 Fixed Version: References: access.redhat.com github.com github.com nvd.nist.gov www.cve.org www.trustwave.com www.trustwave.com
LOW	CVE-2024-56433: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid. Package Name: passwd Installed Version: 1:4.8.1-2ubuntu2.2 Fixed Version: References: access.redhat.com github.com github.com github.com nvd.nist.gov www.cve.org

You can embed a badge in another website that shows this or the latest version of this package.

To embed the badge for this specific package version, use the following:

[![This version of 'kurrentdb' @ Cloudsmith](https://api.cloudsmith.com/v1/badges/version/eventstore/kurrent-latest/docker/kurrentdb/25.1/a=amd64;xpo=linux/?render=true)](https://cloudsmith.io/~eventstore/repos/kurrent-latest/packages/detail/docker/kurrentdb/965a58cf9993447df5f5f196d88cc0dce70a10634f5614d95420116553a20fd5/a=amd64;xpo=linux/)

|This version of 'kurrentdb' @ Cloudsmith|
.. |This version of 'kurrentdb' @ Cloudsmith| image:: https://api.cloudsmith.com/v1/badges/version/eventstore/kurrent-latest/docker/kurrentdb/25.1/a=amd64;xpo=linux/?render=true
   :target: https://cloudsmith.io/~eventstore/repos/kurrent-latest/packages/detail/docker/kurrentdb/965a58cf9993447df5f5f196d88cc0dce70a10634f5614d95420116553a20fd5/a=amd64;xpo=linux/

image::https://api.cloudsmith.com/v1/badges/version/eventstore/kurrent-latest/docker/kurrentdb/25.1/a=amd64;xpo=linux/?render=true[link="https://cloudsmith.io/~eventstore/repos/kurrent-latest/packages/detail/docker/kurrentdb/965a58cf9993447df5f5f196d88cc0dce70a10634f5614d95420116553a20fd5/a=amd64;xpo=linux/",title="This version of 'kurrentdb' @ Cloudsmith"]

<a href="https://cloudsmith.io/~eventstore/repos/kurrent-latest/packages/detail/docker/kurrentdb/965a58cf9993447df5f5f196d88cc0dce70a10634f5614d95420116553a20fd5/a=amd64;xpo=linux/"><img src="https://api.cloudsmith.com/v1/badges/version/eventstore/kurrent-latest/docker/kurrentdb/25.1/a=amd64;xpo=linux/?render=true" alt="This version of 'kurrentdb' @ Cloudsmith" /></a>

rendered as:

To embed the badge for the latest package version, use the following:

[![Latest version of 'kurrentdb' @ Cloudsmith](https://api.cloudsmith.com/v1/badges/version/eventstore/kurrent-latest/docker/kurrentdb/latest/a=amd64;xpo=linux/?render=true&show_latest=true)](https://cloudsmith.io/~eventstore/repos/kurrent-latest/packages/detail/docker/kurrentdb/latest/a=amd64;xpo=linux/)

|Latest version of 'kurrentdb' @ Cloudsmith|
.. |Latest version of 'kurrentdb' @ Cloudsmith| image:: https://api.cloudsmith.com/v1/badges/version/eventstore/kurrent-latest/docker/kurrentdb/latest/a=amd64;xpo=linux/?render=true&show_latest=true
   :target: https://cloudsmith.io/~eventstore/repos/kurrent-latest/packages/detail/docker/kurrentdb/latest/a=amd64;xpo=linux/

image::https://api.cloudsmith.com/v1/badges/version/eventstore/kurrent-latest/docker/kurrentdb/latest/a=amd64;xpo=linux/?render=true&show_latest=true[link="https://cloudsmith.io/~eventstore/repos/kurrent-latest/packages/detail/docker/kurrentdb/latest/a=amd64;xpo=linux/",title="Latest version of 'kurrentdb' @ Cloudsmith"]

<a href="https://cloudsmith.io/~eventstore/repos/kurrent-latest/packages/detail/docker/kurrentdb/latest/a=amd64;xpo=linux/"><img src="https://api.cloudsmith.com/v1/badges/version/eventstore/kurrent-latest/docker/kurrentdb/latest/a=amd64;xpo=linux/?render=true&show_latest=true" alt="Latest version of 'kurrentdb' @ Cloudsmith" /></a>

rendered as:

These instructions assume you have setup the repository first (or read it).

To pull kurrentdb @ reference/tag latest:

docker pull docker.cloudsmith.io/eventstore/kurrent-latest/kurrentdb:latest

To refer to this image after pulling in a Dockerfile, specify the following:

FROM docker.cloudsmith.io/eventstore/kurrent-latest/kurrentdb:latest

Note: You should replace latest with an alternative reference to pull, such as: 25.1, 25.1.0, 64565ee6-7682-4567-b02e-dbd107f0f95d and 25.1.0-x64-8.0-jammy.

Still stuck? Need help? Don't panic. Just contact us for help (even if you're not a customer).

Previous Version: 25.0.1

Next Version

kurrentdb 25.1

One-liner (summary)

Description

License

Size

Downloads

Tags

kurrentdb

kurrentdb

kurrentdb

Last scanned

Scan result

Vulnerability count

Max. severity

CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020

CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020

CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020

CVE-2025-8941: linux-pam: Incomplete fix for CVE-2025-6020

CVE-2025-45582: tar: Tar path traversal

CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot

CVE-2025-0167: When asked to use a `.netrc` file for credentials **and** to follow HT ...

CVE-2025-9086: curl: libcurl: Curl out of bounds read for cookie path

CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets

CVE-2025-0167: When asked to use a `.netrc` file for credentials **and** to follow HT ...

CVE-2025-9086: curl: libcurl: Curl out of bounds read for cookie path

CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

CVE-2024-2236: libgcrypt: vulnerable to Marvin Attack

CVE-2025-5222: icu: Stack buffer overflow in the SRBRoot::addTag function

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

CVE-2022-41409: pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c

CVE-2025-8114: : NULL Pointer Dereference in libssh KEX Session ID Calculation

CVE-2024-41996: openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

CVE-2022-27943: binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

CVE-2023-7008: systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

CVE-2023-7008: systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

CVE-2022-4899: zstd: mysql: buffer overrun in util.c

CVE-2023-29383: shadow: Improper input validation in shadow-utils package utility chfn

CVE-2024-56433: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

CVE-2023-50495: ncurses: segmentation fault via _nc_wrap_entry()

CVE-2024-41996: openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

CVE-2023-29383: shadow: Improper input validation in shadow-utils package utility chfn

CVE-2024-56433: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

CVE-2025-0167: When asked to use a `.netrc` file for credentials and to follow HT ...

CVE-2025-0167: When asked to use a `.netrc` file for credentials and to follow HT ...