Cloudsmith - Repositories - Xenit Solutions (xenit) - open-source (open-source) - contentgrid/solon

Package Search Help

You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.

Search by package name:
my-package _(implicit)
name:my-package _(explicit)

Search by package filename:
my-package.ext _(implicit)
filename:my-package.ext _(explicit)

Search by package tag:
latest _(implicit)
tag:latest _(explicit)

Search by package version:
1.0.0 _(implicit)
version:1.0.0 _(explicit)
prerelease:true _{(prereleases)}
prerelease:false _{(no prereleases)}

Search by package architecture:
architecture:x86_64

Search by package distribution:
distribution:el

Search by package license:
license:MIT

Search by package format:
format:deb

Search by package status:
status:in_progress

Search by package file checksum:
checksum:5afba

Search by package security status:
severity:critical

Search by package vulnerabilities:
vulnerabilities:>1
vulnerabilities:<1000

Search by # of package downloads:
downloads:>8
downloads:<100

Search by package type:
type:binary
type:source

Search by package size (bytes):
size:>50000
size:<10000

Search by dependency name/version:
dependency:log4j
dependency:log4j=1.0.0
dependency:log4j>1.0.0

Search by uploaded date:
uploaded:>"1 day ago"
uploaded:<"August 14, 2022 EST"

Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY

Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true

Search by repository:
repository:repo-name

Search queries for all Debian-specific (and related) package types

Search by component:
deb_component:unstable

Search queries for all Maven-specific (and related) package types

Search by group ID:
maven_group_id:org.apache

Search queries for all Docker-specific (and related) package types

Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)

Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)

Field type modifiers (depending on the type, you can influence behaviour)

For all queries, you can use:
~foo for negation

For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching

For number/date or version queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal

Need a secure and centralised artifact repository to deliver Alpine, Cargo, CocoaPods, Composer, Conan, Conda, CRAN, Dart, Debian, Docker, Go, Helm, Hex, LuaRocks, Maven, npm, NuGet, P2, Python, RedHat, Ruby, Swift, Terraform, Vagrant, Raw & More packages?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial

Set Me Up

Open-Source — xenit (Xenit Solutions) / open-source — GitHub Project

A certifiably-awesome open-source package repository curated by Xenit Solutions, hosted by Cloudsmith.

Note: Packages in this repository are licensed as Apache License 2.0 (dependencies may be licensed differently).

contentgrid/solon a31cf8818c175ddcfb010678cf2…

Download

One-liner (summary)

A certifiably-awesome package curated by github, hosted by Cloudsmith.

Description

A certifiably-awesome package curated by github, hosted by Cloudsmith.

License

Unknown

Size

128.5 MB

Downloads

Tags

image amd64 linux

Status	Completed
GPG Signature	Download
Storage Region	Frankfurt, Germany
Type	Binary (contains binaries and binary artifacts)
Uploaded At	1 year, 9 months ago
Uploaded By
Slug Id	contentgridsolon-cDR
Unique Id	PhFzKWMxIxIQ
Version (Raw)	a31cf8818c175ddcfb010678cf285eeb93aba8c4144b29e29284da8e60c2856c
Version (Parsed)	Type: Unknown
	docker-specific metadata
Image Digest	sha256:a31cf8818c175ddcfb010678cf285eeb93aba8c4144b29e29284da8e60c2856c
Config Digest	sha256:0eeca543079586666f91bff52d3301205b2ea068a8bfe4129ae79cdd0eb522eb
V1 OCI Index Digest	sha256:1f82e87ee4cbb5fa09c94aaebcc45e89afc9130f11b105af9d245cf3f48da8d8
V1 Distribution (Signed) Digest	sha256:29acd1406aef575d33098ad34ba60fccfd571d82ff8dbc71e8e9d7f2d51df798
V1 OCI Digest	sha256:acff014abdc3a40623ce2aaa519e7a11f72c62e33bd8a5333c34686f08943755
V2 Distribution List Digest	sha256:c66cdbde78f27b14e1f480ce6753f89a801066ea399f9576d3f305352313b984
V1 Distribution Digest	sha256:645a2f02d0dd87facda80fb5cc83f978947bd3e76caf8fd6f16246d2d562855d
V2 Distribution Digest	sha256:a31cf8818c175ddcfb010678cf285eeb93aba8c4144b29e29284da8e60c2856c
	extended metadata
Manifest Type	V2 Distribution
Architecture	amd64
Config	Entrypoint /cnb/process/web Env CNB_APP_DIR=/workspace \| CNB_DEPRECATION_MODE=quiet \| CNB_LAYERS_DIR=/layers \| CNB_PLATFORM_API=0.9 \| PATH=/cnb/process:/cnb/lifecycle:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin Labels 'org.springframework.boot.version' '2.7.4' Labels 'io.buildpacks.stack.released' '2022-11-23T15:31:36Z' Labels 'io.paketo.stack.packages' '[{"name":"adduser","version":"3.116ubuntu1","arch":"all","source":{"name":""},"summary":"add and remove users and groups"},{"name":"apt","version":"1.6.14","arch":"amd64","source":{"name":""},"summary":"commandline package manager"},{"name":"base-files","' Labels 'io.buildpacks.build.metadata' '{"buildpacks":[{"id":"paketo-buildpacks/ca-certificates","version":"3.5.0","homepage":"https://github.com/paketo-buildpacks/ca-certificates"},{"id":"paketo-buildpacks/bellsoft-liberica","version":"9.10.0","homepage":"https://github.com/paketo-buildpacks/b' Labels 'io.buildpacks.lifecycle.metadata' '{"app":[{"sha":"sha256:cad1bb61a8cd4d5850ff03339b2dc4b43437205df1db4885c1c3c1c35c4b5c54"},{"sha":"sha256:a258d333203171b7ab72537f4bf60896e7df648a268e66314416303702db90f7"},{"sha":"sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"},{' Labels 'io.buildpacks.project.metadata' '{}' Labels 'io.buildpacks.stack.description' 'ubuntu:bionic with some common dependencies like tzdata and openssl' Labels 'io.buildpacks.stack.distro.name' 'ubuntu' Labels 'io.buildpacks.stack.distro.version' '18.04' Labels 'io.buildpacks.stack.homepage' 'https://github.com/paketo-buildpacks/bionic-base-stack' Labels 'io.buildpacks.stack.id' 'io.buildpacks.stacks.bionic' Labels 'io.buildpacks.stack.maintainer' 'Paketo Buildpacks' Labels 'io.buildpacks.stack.metadata' '{}' Labels 'io.buildpacks.stack.mixins' '["libc6","libexpat1","libuuid1","procps","libgcc1","libpam-runtime","libgmp10","libunistring2","dash","fdisk","libselinux1","e2fsprogs","libudev1","base-files","adduser","debconf","grep","libaudit-common","libsepol1","libzstd1","libaudit1","libbz2-1.0","l' User 1000:1000 Working Dir /workspace
Created	1980-01-01 00:00:01 UTC
Os	linux

This package was uploaded with the following V2 Distribution manifest:

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
      "mediaType": "application/vnd.docker.container.image.v1+json",
      "size": 29838,
      "digest": "sha256:a573f2aeed71600d9a6cfedb89c133034983d5f9f31fb6e6322152430f31935c"
   },
   "layers": [
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 26712500,
         "digest": "sha256:a404e54162968593b8d92b571f3cdd673e4c9eab5d9be28d7c494595c0aa6682"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 236,
         "digest": "sha256:84cb8c6b1e023415d27a2a0794a44018cb4d53edb1c7377635feea8e13be53f0"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 268,
         "digest": "sha256:b487731c1812c6fe6d4aff4a264779d1a12fad802a7121fcf27ef280a5541f19"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 8451296,
         "digest": "sha256:5b1120c866bb51bd1526183088804830cd7de3b0d14c1005f5a3f5c45b0b3b3d"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 459,
         "digest": "sha256:1f9aebb08ac1e8d4eefacda60341781c54d11b51dd1f2de919bc2f88ae831b8a"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 767,
         "digest": "sha256:5840aee001c27189b05b856bb7a8955b0f329ecefda8f35faf89f615140a7a7a"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 405,
         "digest": "sha256:3f28dd8683f3043367cf8931a2dfc4d723639335982f27d2a48e41b3c1c41773"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1420893,
         "digest": "sha256:f04e4d7882511415610eed1ebd114738996aff12ec655f4dfae7a3dc7336ece7"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1562059,
         "digest": "sha256:11efeb34359412182839f6c35c47d6fb3ccbce0d0fec0d0426a6aa426fe4c4b5"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 376,
         "digest": "sha256:5c96df4fa74419241e670f997779d09d61ea9e9a79d6450bf6369070d8025b10"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 53527555,
         "digest": "sha256:d6ddef23198189790286a6a4998783c47bdb2af2b3c73f284dd03cbedb8ce74e"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 273,
         "digest": "sha256:9ad49796e8f672ade2af8037e0414d838adef5393d21a72ebb3af34a88a08c31"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 733723,
         "digest": "sha256:793d20539ea1fc9a2baf8eef494a2534f2ba528cc3a94f3b174f72ad2db65f83"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 53897,
         "digest": "sha256:02897775ee3531663c8b2fe10b1319cc0aa216e4ae97584c837ae470eb907aa0"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 260,
         "digest": "sha256:956200cea8a0fdb4a2b3b7e0582034c46f2e205019c0d7b1625863e1ce5f3af4"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 60260,
         "digest": "sha256:b6aad3a24eb2071dea8f540e72e92f30e83ba70d91b9f5af08efaec427ab294c"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 41141230,
         "digest": "sha256:58f9183dc80d37e267ebb30a5b2148a1304e3c2b0f107bce2b9144e19cb6553a"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 86407,
         "digest": "sha256:d536624bf987b6f0c73fd6f68927dcd96d766764410d1cbb93e8e010483b9d9b"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 16750,
         "digest": "sha256:f7583f9cdd6dc6308e3d34e4d6f678da091eba21bb910ef4ff8f8f902cf17368"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 995058,
         "digest": "sha256:6e1739b9b3fbb9fdb79c94e539c87d1c764fd8ea848babde1365d70921770ce0"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 569,
         "digest": "sha256:8be351508c38b08ef5354e8db5b6a71d6485f6da01930e08fc65713876f64f6d"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 198,
         "digest": "sha256:3a4cb709502c02c84a45e39cabd30b603b73e8e6428ab1b92d49d401da8e71be"
      }
   ]
}

	Digest: sha256:a404e54162968593b8d92b571f3cdd673e4c9eab5d9be28d7c494595c0aa6682 Command: /bin/sh NOP	25.5 MB
	Digest: sha256:84cb8c6b1e023415d27a2a0794a44018cb4d53edb1c7377635feea8e13be53f0 Command: /bin/sh NOP	236 bytes
	Digest: sha256:b487731c1812c6fe6d4aff4a264779d1a12fad802a7121fcf27ef280a5541f19 Command: /bin/sh NOP	268 bytes
	Digest: sha256:5b1120c866bb51bd1526183088804830cd7de3b0d14c1005f5a3f5c45b0b3b3d Command: /bin/sh NOP	8.1 MB
	Digest: sha256:1f9aebb08ac1e8d4eefacda60341781c54d11b51dd1f2de919bc2f88ae831b8a Command: /bin/sh NOP	459 bytes
	Digest: sha256:5840aee001c27189b05b856bb7a8955b0f329ecefda8f35faf89f615140a7a7a Command: /bin/sh NOP	767 bytes
	Digest: sha256:3f28dd8683f3043367cf8931a2dfc4d723639335982f27d2a48e41b3c1c41773 Command: /bin/sh NOP	405 bytes
	Digest: sha256:f04e4d7882511415610eed1ebd114738996aff12ec655f4dfae7a3dc7336ece7 Command: /bin/sh NOP	1.4 MB
	Digest: sha256:11efeb34359412182839f6c35c47d6fb3ccbce0d0fec0d0426a6aa426fe4c4b5 Command: /bin/sh NOP	1.5 MB
	Digest: sha256:5c96df4fa74419241e670f997779d09d61ea9e9a79d6450bf6369070d8025b10 Command: /bin/sh NOP	376 bytes
	Digest: sha256:d6ddef23198189790286a6a4998783c47bdb2af2b3c73f284dd03cbedb8ce74e Command: /bin/sh NOP	51.0 MB
	Digest: sha256:9ad49796e8f672ade2af8037e0414d838adef5393d21a72ebb3af34a88a08c31 Command: /bin/sh NOP	273 bytes
	Digest: sha256:793d20539ea1fc9a2baf8eef494a2534f2ba528cc3a94f3b174f72ad2db65f83 Command: /bin/sh NOP	716.5 KB
	Digest: sha256:02897775ee3531663c8b2fe10b1319cc0aa216e4ae97584c837ae470eb907aa0 Command: /bin/sh NOP	52.6 KB
	Digest: sha256:956200cea8a0fdb4a2b3b7e0582034c46f2e205019c0d7b1625863e1ce5f3af4 Command: /bin/sh NOP	260 bytes
	Digest: sha256:b6aad3a24eb2071dea8f540e72e92f30e83ba70d91b9f5af08efaec427ab294c Command: /bin/sh NOP	58.8 KB
	Digest: sha256:58f9183dc80d37e267ebb30a5b2148a1304e3c2b0f107bce2b9144e19cb6553a Command: /bin/sh NOP	39.2 MB
	Digest: sha256:d536624bf987b6f0c73fd6f68927dcd96d766764410d1cbb93e8e010483b9d9b Command: /bin/sh NOP	84.4 KB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: /bin/sh NOP	32 bytes
	Digest: sha256:f7583f9cdd6dc6308e3d34e4d6f678da091eba21bb910ef4ff8f8f902cf17368 Command: /bin/sh NOP	16.4 KB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: /bin/sh NOP	32 bytes
	Digest: sha256:6e1739b9b3fbb9fdb79c94e539c87d1c764fd8ea848babde1365d70921770ce0 Command: /bin/sh NOP	971.7 KB
	Digest: sha256:8be351508c38b08ef5354e8db5b6a71d6485f6da01930e08fc65713876f64f6d Command: /bin/sh NOP	569 bytes
	Digest: sha256:3a4cb709502c02c84a45e39cabd30b603b73e8e6428ab1b92d49d401da8e71be Command: /bin/sh NOP	198 bytes

contentgrid/solon ff5ad36d9338423a253b4092261e4177d92905f…	image amd64 linux 133.2 MB — 1 year, 6 months ago	1
contentgrid/solon bc95406be8ef99beb5b012ac40731c05a37d3c0…	image amd64 linux 133.2 MB — 1 year, 6 months ago	0
contentgrid/solon ba3f554e74389d93473c23f040fdee05fae1278…	image amd64 linux 128.5 MB — 1 year, 9 months ago	6
contentgrid/solon a59c20429237711ce1c64966cb12d0c88315c21…	image amd64 linux 128.5 MB — 1 year, 10 months ago	1
contentgrid/solon a31cf8818c175ddcfb010678cf285eeb93aba8c…	image amd64 linux 128.5 MB — 1 year, 9 months ago	3
contentgrid/solon 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 133.0 MB — 1 year, 6 months ago	2
contentgrid/solon 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 133.0 MB — 1 year, 6 months ago	2
contentgrid/solon 094dafd8fd222f75e01688872239c83473df17a…	image amd64 linux 129.6 MB — 1 year, 6 months ago	2
contentgrid/solon 810af5802e7d3b63c416c40e8e9706a73238e95…	image amd64 linux 128.5 MB — 1 year, 9 months ago	1
contentgrid/solon 749d850c19cc28b22adc166866c04e76a556809…	image amd64 linux 128.5 MB — 1 year, 9 months ago	1
contentgrid/solon 0b32a96d706fd186e782b8da4249501e64fbc09…	image amd64 linux 128.5 MB — 1 year, 10 months ago	0

Only packages within the same repository are displayed. The current package you're viewing is highlighted.

Last scanned

1 year, 9 months ago

Scan result

Vulnerable

Vulnerability count

Max. severity

High

Target:	. (ubuntu 18.04)
MEDIUM	CVE-2022-3715: bash: a heap-buffer-overflow in valid_parameter_transform A flaw was found in the bash package, where a heap-buffer overflow can occur in valid_parameter_transform. This issue may lead to memory problems. Package Name: bash Installed Version: 4.4.18-2ubuntu1.3 Fixed Version: References: access.redhat.com cve.mitre.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: gcc-8-base Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: libgcc1 Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: libstdc++6 Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2022-3821: systemd: buffer overrun in format_timespan() function. An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. Package Name: libsystemd0 Installed Version: 237-3ubuntu10.56 Fixed Version: References: access.redhat.com bugzilla.redhat.com cve.mitre.org github.com github.com github.com lists.fedoraproject.org nvd.nist.gov
MEDIUM	CVE-2022-3821: systemd: buffer overrun in format_timespan() function. An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. Package Name: libudev1 Installed Version: 237-3ubuntu10.56 Fixed Version: References: access.redhat.com bugzilla.redhat.com cve.mitre.org github.com github.com github.com lists.fedoraproject.org nvd.nist.gov
MEDIUM	CVE-2022-42800 This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A user may be able to cause unexpected app termination or arbitrary code execution. Package Name: zlib1g Installed Version: 1:1.2.11.dfsg-0ubuntu2.2 Fixed Version: References: cve.mitre.org support.apple.com support.apple.com support.apple.com support.apple.com support.apple.com support.apple.com
LOW	CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. Package Name: coreutils Installed Version: 8.28-1ubuntu1 Fixed Version: References: seclists.org www.openwall.com www.openwall.com access.redhat.com cve.mitre.org lists.apache.org lore.kernel.org nvd.nist.gov
LOW	CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets No description is available for this CVE. Package Name: gpgv Installed Version: 2.2.4-1ubuntu1.6 Fixed Version: References: access.redhat.com cve.mitre.org marc.info
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2018-16868: gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade any TLS connections to a vulnerable server. Package Name: libgnutls30 Installed Version: 3.5.18-1ubuntu1.6 Fixed Version: References: cat.eyalro.net lists.opensuse.org lists.opensuse.org www.securityfocus.com access.redhat.com bugzilla.redhat.com cve.mitre.org
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. Package Name: libpcre3 Installed Version: 2:8.39-9ubuntu0.1 Fixed Version: References: openwall.com www.securityfocus.com access.redhat.com cve.mitre.org lists.apache.org
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: locales Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: locales Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: locales Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Package Name: login Installed Version: 1:4.5-1ubuntu2.3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com cve.mitre.org github.com github.com lists.apache.org security-tracker.debian.org security.gentoo.org
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com access.redhat.com access.redhat.com cve.mitre.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Package Name: passwd Installed Version: 1:4.5-1ubuntu2.3 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com cve.mitre.org github.com github.com lists.apache.org security-tracker.debian.org security.gentoo.org
Target:	Java
HIGH	CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1 Package Name: com.fasterxml.jackson.core:jackson-databind Installed Version: 2.13.4 Fixed Version: 2.12.7.1, 2.13.4.1 References: access.redhat.com bugs.chromium.org cve.mitre.org github.com github.com github.com github.com github.com github.com github.com nvd.nist.gov security.gentoo.org www.debian.org
HIGH	CVE-2022-25857: snakeyaml: Denial of Service due to missing nested depth limitation for collections The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections. Package Name: org.yaml:snakeyaml Installed Version: 1.30 Fixed Version: 1.31 References: access.redhat.com access.redhat.com access.redhat.com bitbucket.org bitbucket.org bugzilla.redhat.com errata.almalinux.org github.com github.com linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov security.snyk.io
MEDIUM	CVE-2022-31684: reactor-netty-http: Log request headers in some cases of invalid HTTP requests Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled. Package Name: io.projectreactor.netty:reactor-netty-http Installed Version: 1.0.23 Fixed Version: 1.0.24 References: access.redhat.com github.com nvd.nist.gov tanzu.vmware.com
MEDIUM	CVE-2022-38749: snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. Package Name: org.yaml:snakeyaml Installed Version: 1.30 Fixed Version: 1.31 References: access.redhat.com bitbucket.org bugs.chromium.org github.com lists.debian.org nvd.nist.gov
MEDIUM	CVE-2022-38750: snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. Package Name: org.yaml:snakeyaml Installed Version: 1.30 Fixed Version: 1.31 References: access.redhat.com bitbucket.org bugs.chromium.org github.com lists.debian.org nvd.nist.gov
MEDIUM	CVE-2022-38751: snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. Package Name: org.yaml:snakeyaml Installed Version: 1.30 Fixed Version: 1.31 References: access.redhat.com bitbucket.org bitbucket.org bugs.chromium.org github.com lists.debian.org nvd.nist.gov
MEDIUM	CVE-2022-38752: snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. Package Name: org.yaml:snakeyaml Installed Version: 1.30 Fixed Version: 1.32 References: access.redhat.com bitbucket.org bugs.chromium.org github.com nvd.nist.gov
MEDIUM	CVE-2022-41854: Those using Snakeyaml to parse untrusted YAML files may be vulnerable ... Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack. Package Name: org.yaml:snakeyaml Installed Version: 1.30 Fixed Version: References: bitbucket.org bitbucket.org bugs.chromium.org github.com nvd.nist.gov

These instructions assume you have setup the repository first (or read it).

To pull contentgrid/solon @ reference/tag sha256:a31cf8818c175ddcfb010678cf285eeb93aba8c4144b29e29284da8e60c2856c:

docker pull open-source.docker.xenit.eu/contentgrid/solon@sha256:a31cf8818c175ddcfb010678cf285eeb93aba8c4144b29e29284da8e60c2856c

You can also pull the latest version of this image (if it exists):

docker pull open-source.docker.xenit.eu/contentgrid/solon:latest

To refer to this image after pulling in a Dockerfile, specify the following:

FROM open-source.docker.xenit.eu/contentgrid/solon@sha256:a31cf8818c175ddcfb010678cf285eeb93aba8c4144b29e29284da8e60c2856c

Still stuck? Need help? Don't panic. Just contact us for help (even if you're not a customer).

Previous Version: 0.0.1-SNAPSHOT

Next Version: a59c20429237711ce1c…

contentgrid/solon a31cf8818c175ddcfb010678cf2…

One-liner (summary)

Description

License

Size

Downloads

Tags

Last scanned

Scan result

Vulnerability count

Max. severity

CVE-2022-3715: bash: a heap-buffer-overflow in valid_parameter_transform

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2022-3821: systemd: buffer overrun in format_timespan() function.

CVE-2022-3821: systemd: buffer overrun in format_timespan() function.

CVE-2022-42800

CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot

CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2018-16868: gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees

CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

CVE-2022-25857: snakeyaml: Denial of Service due to missing nested depth limitation for collections

CVE-2022-31684: reactor-netty-http: Log request headers in some cases of invalid HTTP requests

CVE-2022-38749: snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

CVE-2022-38750: snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

CVE-2022-38751: snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

CVE-2022-38752: snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

CVE-2022-41854: Those using Snakeyaml to parse untrusted YAML files may be vulnerable ...