Cloudsmith - Repositories - Xenit Solutions (xenit) - open-source (open-source) - contentgrid/gateway

Package Search Help

You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.

Search by package name:
my-package _(implicit)
name:my-package _(explicit)

Search by package filename:
my-package.ext _(implicit)
filename:my-package.ext _(explicit)

Search by package tag:
latest _(implicit)
tag:latest _(explicit)

Search by package version:
1.0.0 _(implicit)
version:1.0.0 _(explicit)
prerelease:true _{(prereleases)}
prerelease:false _{(no prereleases)}

Search by package architecture:
architecture:x86_64

Search by package distribution:
distribution:el

Search by package license:
license:MIT

Search by package format:
format:deb

Search by package status:
status:in_progress

Search by package file checksum:
checksum:5afba

Search by package security status:
severity:critical

Search by package vulnerabilities:
vulnerabilities:>1
vulnerabilities:<1000

Search by # of package downloads:
downloads:>8
downloads:<100

Search by package type:
type:binary
type:source

Search by package size (bytes):
size:>50000
size:<10000

Search by dependency name/version:
dependency:log4j
dependency:log4j=1.0.0
dependency:log4j>1.0.0

Search by uploaded date:
uploaded:>"1 day ago"
uploaded:<"August 14, 2022 EST"

Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY

Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true

Search by repository:
repository:repo-name

Search queries for all Debian-specific (and related) package types

Search by component:
deb_component:unstable

Search queries for all Maven-specific (and related) package types

Search by group ID:
maven_group_id:org.apache

Search queries for all Docker-specific (and related) package types

Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)

Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)

Field type modifiers (depending on the type, you can influence behaviour)

For all queries, you can use:
~foo for negation

For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching

For number/date or version queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal

Need a secure and centralised artifact repository to deliver Alpine, Cargo, CocoaPods, Composer, Conan, Conda, CRAN, Dart, Debian, Docker, Go, Helm, Hex, LuaRocks, Maven, npm, NuGet, P2, Python, RedHat, Ruby, Swift, Terraform, Vagrant, Raw & More packages?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial

Set Me Up

Open-Source — xenit (Xenit Solutions) / open-source — GitHub Project

A certifiably-awesome open-source package repository curated by Xenit Solutions, hosted by Cloudsmith.

Note: Packages in this repository are licensed as Apache License 2.0 (dependencies may be licensed differently).

contentgrid/gateway 132f0625a428f1e2278156036fd…

Download

One-liner (summary)

A certifiably-awesome package curated by github, hosted by Cloudsmith.

Description

A certifiably-awesome package curated by github, hosted by Cloudsmith.

License

Unknown

Size

142.0 MB

Downloads

Tags

image amd64 linux

Status	Completed
GPG Signature	Download
Storage Region	Frankfurt, Germany
Type	Binary (contains binaries and binary artifacts)
Uploaded At	1 year, 7 months ago
Uploaded By
Slug Id	contentgridgateway-MUn
Unique Id	q3mxqbmIj5Vu
Version (Raw)	132f0625a428f1e2278156036fd1b3d42bab1be31b3a41ea61620bdd6151df2d
Version (Parsed)	Type: Unknown
	docker-specific metadata
Image Digest	sha256:132f0625a428f1e2278156036fd1b3d42bab1be31b3a41ea61620bdd6151df2d
Config Digest	sha256:e79aaa2f13dc4bbf849f01563facd4cc64815a37f4f5655b3e6d081c3e361ad2
V1 OCI Index Digest	sha256:d1173cb135ee41a947487dd0703e0117cc602444c9f61697eb03a1135dd7f57a
V1 Distribution (Signed) Digest	sha256:c9dbda8844c0052a19f7f93c8ffd1a036a38a7b1a2eb2326278d1bf587b7bd0d
V1 OCI Digest	sha256:ea603e23ce3f90fc61a4f7a13c2f4329d44e031001b047591930730e7676f67c
V2 Distribution List Digest	sha256:5af72f0d73847b7974bbeb7cecf68c93a5d1b398a215984e270b9bd1b08f5555
V1 Distribution Digest	sha256:d826e677f943aff771b11e93a9933875eb42056712d8d323d6811e67e6c401e2
V2 Distribution Digest	sha256:132f0625a428f1e2278156036fd1b3d42bab1be31b3a41ea61620bdd6151df2d
	extended metadata
Manifest Type	V2 Distribution
Architecture	amd64
Config	Entrypoint /cnb/process/web Env CNB_APP_DIR=/workspace \| CNB_DEPRECATION_MODE=quiet \| CNB_LAYERS_DIR=/layers \| CNB_PLATFORM_API=0.10 \| PATH=/cnb/process:/cnb/lifecycle:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin Labels 'org.springframework.boot.version' '3.0.2' Labels 'io.buildpacks.stack.released' '2023-01-25T20:40:48Z' Labels 'io.paketo.stack.packages' '[{"name":"adduser","version":"3.116ubuntu1","arch":"all","source":{"name":""},"summary":"add and remove users and groups"},{"name":"apt","version":"1.6.14","arch":"amd64","source":{"name":""},"summary":"commandline package manager"},{"name":"base-files","' Labels 'io.buildpacks.build.metadata' '{"buildpacks":[{"id":"paketo-buildpacks/ca-certificates","version":"3.5.1","homepage":"https://github.com/paketo-buildpacks/ca-certificates"},{"id":"paketo-buildpacks/bellsoft-liberica","version":"9.10.1","homepage":"https://github.com/paketo-buildpacks/b' Labels 'io.buildpacks.lifecycle.metadata' '{"app":[{"sha":"sha256:6903c8d2300ffadab99f11f4dfadcb98b0f84f4d0f2c972ce8762638c90266e1"},{"sha":"sha256:c228c1bcc9a8e476ee66fe1bbb316ee0d4d64d4b8e880490b24b177f86ebca24"},{"sha":"sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"},{' Labels 'io.buildpacks.project.metadata' '{}' Labels 'io.buildpacks.stack.description' 'ubuntu:bionic with some common dependencies like tzdata and openssl' Labels 'io.buildpacks.stack.distro.name' 'ubuntu' Labels 'io.buildpacks.stack.distro.version' '18.04' Labels 'io.buildpacks.stack.homepage' 'https://github.com/paketo-buildpacks/bionic-base-stack' Labels 'io.buildpacks.stack.id' 'io.buildpacks.stacks.bionic' Labels 'io.buildpacks.stack.maintainer' 'Paketo Buildpacks' Labels 'io.buildpacks.stack.metadata' '{}' Labels 'io.buildpacks.stack.mixins' '["libss2","libyaml-0-2","dpkg","libpam-runtime","sed","libunistring2","tzdata","libselinux1","sensible-utils","tar","adduser","debconf","liblz4-1","locales","base-passwd","grep","gzip","libhogweed4","libc-bin","libc6","libdebconfclient0","libprocps6","ini' User 1000:1000 Working Dir /workspace
Created	1980-01-01 00:00:01 UTC
Os	linux

This package was uploaded with the following V2 Distribution manifest:

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
      "mediaType": "application/vnd.docker.container.image.v1+json",
      "size": 29850,
      "digest": "sha256:1fab91f96f6ce33872242aa32f414792037a5e9a25cd45d0dbeeca4f63b09cbd"
   },
   "layers": [
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 26711442,
         "digest": "sha256:a055bf07b5b05332897ea9a464c5e76a507fafe72fa21370d3fccaf07d55f360"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 236,
         "digest": "sha256:c5ab91a3cb0a601506d61995413152fe269d10684076af85671cf1b7fe267c31"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 270,
         "digest": "sha256:258233266f61f4f0309f4d37b0783e08f2dc176b85a068387b5c81f9a405a752"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 8810590,
         "digest": "sha256:6610453d7ce80040e678ca995ea1f0cc98e10a2de3f957e776611c52eda49c60"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 459,
         "digest": "sha256:00b9119a1d6beca3b5522caf1fdfd7b3fce586257b784f20c09e4b6d5ab48a6c"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 766,
         "digest": "sha256:f13d4e0c8f7985b7eec3810b23e5e354df40600c9a88c25a04aa85cb06c970ae"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 404,
         "digest": "sha256:ea938feb6968f6b4dbfad30c9b124c506b6570783fe3c6ba181f2e0db2138901"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1421491,
         "digest": "sha256:0d8c6a34061683ca800c28a825174fd07e0334e4880e98d5c48bf0ab1389a78a"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1563137,
         "digest": "sha256:607ff8c8fc1860da043a061ff2921e369ac7eed25f02a89da9a48bf4822380d1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 376,
         "digest": "sha256:5c96df4fa74419241e670f997779d09d61ea9e9a79d6450bf6369070d8025b10"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 53522181,
         "digest": "sha256:23c77fd875426c6a2cf35c691f4e25658582b2625e7ea64efc7a440f407a16fe"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 273,
         "digest": "sha256:9ad49796e8f672ade2af8037e0414d838adef5393d21a72ebb3af34a88a08c31"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 734400,
         "digest": "sha256:9a732b858e23616aee8a480d76d125dff7c03a92f3e424ec02437b4d6816998b"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 54041,
         "digest": "sha256:c3bb63ae433b788c45d616b3608a358ff9a30ca35c1e15c8cbd7465abaf93c42"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 260,
         "digest": "sha256:e2fea22f3a9e23981400ba7e992df5cdd3b0a9b7733fa4fb0d93fc40afadbd13"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 308049,
         "digest": "sha256:87d0a77b8eeb3eda315fc9c15d6a797d8fa2e982497b1e2c32336f4698965859"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 54644252,
         "digest": "sha256:23b2999f1bc1c9fc12465899344a381ba74ffd8654d0a7b4382200e7b99bb330"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 82231,
         "digest": "sha256:3e77481814105c8c5e8a4b07a8992c8d9f698c9d52428ccf8523eacdcd498aaf"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 39052,
         "digest": "sha256:52e03e2fdbc952d06ea28af1ded2abeddc3cc5286c81dfa1ea8bde552180c84f"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1020813,
         "digest": "sha256:a63762fd8da48b2050e1117972128ff59a89d9e2f1d1ac431b905857b2b19f35"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 571,
         "digest": "sha256:3e08b43283bca0141215f65a28fdf7f4f0390be881030f8dee93099c301eb4e5"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 198,
         "digest": "sha256:3a4cb709502c02c84a45e39cabd30b603b73e8e6428ab1b92d49d401da8e71be"
      }
   ]
}

	Digest: sha256:a055bf07b5b05332897ea9a464c5e76a507fafe72fa21370d3fccaf07d55f360 Command: /bin/sh NOP	25.5 MB
	Digest: sha256:c5ab91a3cb0a601506d61995413152fe269d10684076af85671cf1b7fe267c31 Command: /bin/sh NOP	236 bytes
	Digest: sha256:258233266f61f4f0309f4d37b0783e08f2dc176b85a068387b5c81f9a405a752 Command: /bin/sh NOP	270 bytes
	Digest: sha256:6610453d7ce80040e678ca995ea1f0cc98e10a2de3f957e776611c52eda49c60 Command: /bin/sh NOP	8.4 MB
	Digest: sha256:00b9119a1d6beca3b5522caf1fdfd7b3fce586257b784f20c09e4b6d5ab48a6c Command: /bin/sh NOP	459 bytes
	Digest: sha256:f13d4e0c8f7985b7eec3810b23e5e354df40600c9a88c25a04aa85cb06c970ae Command: /bin/sh NOP	766 bytes
	Digest: sha256:ea938feb6968f6b4dbfad30c9b124c506b6570783fe3c6ba181f2e0db2138901 Command: /bin/sh NOP	404 bytes
	Digest: sha256:0d8c6a34061683ca800c28a825174fd07e0334e4880e98d5c48bf0ab1389a78a Command: /bin/sh NOP	1.4 MB
	Digest: sha256:607ff8c8fc1860da043a061ff2921e369ac7eed25f02a89da9a48bf4822380d1 Command: /bin/sh NOP	1.5 MB
	Digest: sha256:5c96df4fa74419241e670f997779d09d61ea9e9a79d6450bf6369070d8025b10 Command: /bin/sh NOP	376 bytes
	Digest: sha256:23c77fd875426c6a2cf35c691f4e25658582b2625e7ea64efc7a440f407a16fe Command: /bin/sh NOP	51.0 MB
	Digest: sha256:9ad49796e8f672ade2af8037e0414d838adef5393d21a72ebb3af34a88a08c31 Command: /bin/sh NOP	273 bytes
	Digest: sha256:9a732b858e23616aee8a480d76d125dff7c03a92f3e424ec02437b4d6816998b Command: /bin/sh NOP	717.2 KB
	Digest: sha256:c3bb63ae433b788c45d616b3608a358ff9a30ca35c1e15c8cbd7465abaf93c42 Command: /bin/sh NOP	52.8 KB
	Digest: sha256:e2fea22f3a9e23981400ba7e992df5cdd3b0a9b7733fa4fb0d93fc40afadbd13 Command: /bin/sh NOP	260 bytes
	Digest: sha256:87d0a77b8eeb3eda315fc9c15d6a797d8fa2e982497b1e2c32336f4698965859 Command: /bin/sh NOP	300.8 KB
	Digest: sha256:23b2999f1bc1c9fc12465899344a381ba74ffd8654d0a7b4382200e7b99bb330 Command: /bin/sh NOP	52.1 MB
	Digest: sha256:3e77481814105c8c5e8a4b07a8992c8d9f698c9d52428ccf8523eacdcd498aaf Command: /bin/sh NOP	80.3 KB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: /bin/sh NOP	32 bytes
	Digest: sha256:52e03e2fdbc952d06ea28af1ded2abeddc3cc5286c81dfa1ea8bde552180c84f Command: /bin/sh NOP	38.1 KB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: /bin/sh NOP	32 bytes
	Digest: sha256:a63762fd8da48b2050e1117972128ff59a89d9e2f1d1ac431b905857b2b19f35 Command: /bin/sh NOP	996.9 KB
	Digest: sha256:3e08b43283bca0141215f65a28fdf7f4f0390be881030f8dee93099c301eb4e5 Command: /bin/sh NOP	571 bytes
	Digest: sha256:3a4cb709502c02c84a45e39cabd30b603b73e8e6428ab1b92d49d401da8e71be Command: /bin/sh NOP	198 bytes

contentgrid/gateway f0a6f35fc7e786657154290b711151232dcb88f…	image amd64 linux 141.9 MB — 1 year, 5 months ago	2
contentgrid/gateway 196e4d0bfb2f74928ed4ee6291f421b4facd299…	image amd64 linux 141.9 MB — 1 year, 5 months ago	1
contentgrid/gateway 275e6d54737744dc2b7c6b39c702a4cd9d9269e…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway 70801a6959f99cb04df2fa29fa74fd3083b6969…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway b324a37931f317760d1e8c93231adeed26e2b02…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway 7f4384afbe1b9ea989ed1b31da3c1f2e8bc7e75…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway ffc4c1e3c3f61683f9497d90ce69063dd2583a7…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway a0436bd0f76a5d0e10e673937233e60c1a4c4df…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway 8cb86a0f86943cc3f9f80c1db78293e070424a5…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway 4474d2078f23bab17cefde1d42bbd0f8e84c4fc…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway 287310777575b37cfbbf93cadee24ca6934ecc4…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway f69bf54b57fdec007686de24703960ed3dc9211…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway 43407e948480998d27316696abe249d46b63326…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway 9f18985412983bf08e6a79cd1e7707021dc55eb…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway 238e33e2b4f55984431187fc21831482b00a19d…	image amd64 linux 141.9 MB — 1 year, 5 months ago	0
contentgrid/gateway af0b86ab470f432a40c8ed321975e78ab2d6b73…	image amd64 linux 142.1 MB — 1 year, 5 months ago	1
contentgrid/gateway 132f0625a428f1e2278156036fd1b3d42bab1be…	image amd64 linux 142.0 MB — 1 year, 7 months ago	2
contentgrid/gateway 0.4.0-SNAPSHOT	image amd64 linux SNAPSHOT 142.0 MB — 1 year, 5 months ago	1268
contentgrid/gateway 1038d78730173c5fd72661f5f31b25ff0e09efa…	image amd64 linux 137.9 MB — 1 year, 7 months ago	0
contentgrid/gateway 0c472281bedb2a79927f154d4e1ee2da0708fc2…	image amd64 linux 136.8 MB — 1 year, 9 months ago	0

Only packages within the same repository are displayed. The current package you're viewing is highlighted.

Last scanned

1 year, 7 months ago

Scan result

Vulnerable

Vulnerability count

Max. severity

Medium

Target:	. (ubuntu 18.04)
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: gcc-8-base Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: libgcc1 Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: libstdc++6 Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2022-3821: systemd: buffer overrun in format_timespan() function An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. Package Name: libsystemd0 Installed Version: 237-3ubuntu10.56 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org github.com github.com github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org nvd.nist.gov
MEDIUM	CVE-2022-3821: systemd: buffer overrun in format_timespan() function An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. Package Name: libudev1 Installed Version: 237-3ubuntu10.56 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org github.com github.com github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org nvd.nist.gov
LOW	CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. Package Name: coreutils Installed Version: 8.28-1ubuntu1 Fixed Version: References: seclists.org www.openwall.com www.openwall.com access.redhat.com cve.mitre.org lists.apache.org lore.kernel.org nvd.nist.gov
LOW	CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets No description is available for this CVE. Package Name: gpgv Installed Version: 2.2.4-1ubuntu1.6 Fixed Version: References: access.redhat.com cve.mitre.org marc.info
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2022-28321 The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream. Package Name: libpam-modules Installed Version: 1.1.8-3.6ubuntu2.18.04.3 Fixed Version: 1.1.8-3.6ubuntu2.18.04.4 References: download.opensuse.org bugzilla.suse.com cve.mitre.org github.com ubuntu.com www.suse.com
LOW	CVE-2022-28321 The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream. Package Name: libpam-modules-bin Installed Version: 1.1.8-3.6ubuntu2.18.04.3 Fixed Version: 1.1.8-3.6ubuntu2.18.04.4 References: download.opensuse.org bugzilla.suse.com cve.mitre.org github.com ubuntu.com www.suse.com
LOW	CVE-2022-28321 The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream. Package Name: libpam-runtime Installed Version: 1.1.8-3.6ubuntu2.18.04.3 Fixed Version: 1.1.8-3.6ubuntu2.18.04.4 References: download.opensuse.org bugzilla.suse.com cve.mitre.org github.com ubuntu.com www.suse.com
LOW	CVE-2022-28321 The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream. Package Name: libpam0g Installed Version: 1.1.8-3.6ubuntu2.18.04.3 Fixed Version: 1.1.8-3.6ubuntu2.18.04.4 References: download.opensuse.org bugzilla.suse.com cve.mitre.org github.com ubuntu.com www.suse.com
LOW	CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. Package Name: libpcre3 Installed Version: 2:8.39-9ubuntu0.1 Fixed Version: References: openwall.com www.securityfocus.com access.redhat.com cve.mitre.org lists.apache.org
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Package Name: login Installed Version: 1:4.5-1ubuntu2.5 Fixed Version: References: access.redhat.com access.redhat.com bugs.launchpad.net bugzilla.redhat.com cve.mitre.org github.com github.com lists.apache.org security-tracker.debian.org security.gentoo.org ubuntu.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Package Name: passwd Installed Version: 1:4.5-1ubuntu2.5 Fixed Version: References: access.redhat.com access.redhat.com bugs.launchpad.net bugzilla.redhat.com cve.mitre.org github.com github.com lists.apache.org security-tracker.debian.org security.gentoo.org ubuntu.com ubuntu.com
Target:	layers/paketo-buildpacks_bellsoft-liberica/helper/helper
MEDIUM	CVE-2022-41717: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. Package Name: golang.org/x/net Installed Version: v0.2.0 Fixed Version: 0.4.0 References: access.redhat.com github.com go.dev go.dev go.dev groups.google.com nvd.nist.gov pkg.go.dev

These instructions assume you have setup the repository first (or read it).

To pull contentgrid/gateway @ reference/tag sha256:132f0625a428f1e2278156036fd1b3d42bab1be31b3a41ea61620bdd6151df2d:

docker pull open-source.docker.xenit.eu/contentgrid/gateway@sha256:132f0625a428f1e2278156036fd1b3d42bab1be31b3a41ea61620bdd6151df2d

You can also pull the latest version of this image (if it exists):

docker pull open-source.docker.xenit.eu/contentgrid/gateway:latest

To refer to this image after pulling in a Dockerfile, specify the following:

FROM open-source.docker.xenit.eu/contentgrid/gateway@sha256:132f0625a428f1e2278156036fd1b3d42bab1be31b3a41ea61620bdd6151df2d

Still stuck? Need help? Don't panic. Just contact us for help (even if you're not a customer).

Previous Version: 0.4.0-SNAPSHOT

Next Version: af0b86ab470f432a40c…

contentgrid/gateway 132f0625a428f1e2278156036fd…

One-liner (summary)

Description

License

Size

Downloads

Tags

Last scanned

Scan result

Vulnerability count

Max. severity

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2022-3821: systemd: buffer overrun in format_timespan() function

CVE-2022-3821: systemd: buffer overrun in format_timespan() function

CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot

CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2022-28321

CVE-2022-28321

CVE-2022-28321

CVE-2022-28321

CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees

CVE-2022-41717: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests