| Bug | Description | Note |
|---|
| CVE-2022-3261 | A flaw was found in OpenStack. Multiple components show plain-text pas ... | check, unclear which OpenStack components affected, from https://bugzilla.redhat.com/show_bug.cgi?id=2128834 |
| CVE-2022-23538 | github.com/sylabs/scs-library-client is the Go client for the Singular ... | check details, might as well affect golang-github-apptainer-container-library-client |
| CVE-2022-48570 | Crypto++ through 8.4 contains a timing side channel in ECDSA signature ... | check details on upstream fix (in 8.4?) |
| CVE-2023-26044 | react/http is an event-driven, streaming HTTP client and server implem ... | check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected |
| CVE-2023-37543 | Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for ... | check details once GHSA-4x82-8w8m-w8hj accessible, 1.2.6 does not seem correct, reporter claims 1.2.25 wich is not released |
| CVE-2023-41915 | OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to ... | to be checked if affects the embedded copy for openmpi |