| Bug | Description | Note |
|---|
| CVE-2016-20013 | sha256crypt and sha512crypt through 0.6 allow attackers to cause a den ... | check, several sources (busybox, sssd, dietlibc, php*, ...) do embed an implentation of the code, but only track those with security impact |
| CVE-2021-3800 | A flaw was found in glib before version 2.63.6. Due to random charset ... | check completeness |
| CVE-2021-27853 | Layer 2 network filtering capabilities such as IPv6 RA guard or ARP in ... | check, potentially needs to be tracked for src:linux |
| CVE-2021-27854 | Layer 2 network filtering capabilities such as IPv6 RA guard can be by ... | check, potentially needs to be tracked for src:linux |
| CVE-2021-27861 | Layer 2 network filtering capabilities such as IPv6 RA guard can be by ... | check, potentially needs to be tracked for src:linux |
| CVE-2021-27862 | Layer 2 network filtering capabilities such as IPv6 RA guard can be by ... | check, potentially needs to be tracked for src:linux |
| CVE-2021-32862 | The GitHub Security Lab discovered sixteen ways to exploit a cross-sit ... | check details, schould affect src:nbconvert |
| CVE-2021-33235 | Buffer overflow vulnerability in write_node in htmldoc through 1.9.11 ... | clarify duplicate assignment with assigning CNA |
| CVE-2021-33236 | Buffer Overflow vulnerability in write_header in htmldoc through 1.9.1 ... | clarify duplicate assignment with assigning CNA |
| CVE-2021-37819 | PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite loop ... | check impact on other sources embedding lowagie/text/pdf/PdfReader.java |
| CVE-2022-3854 | possible DoS issue in ceph URL processing on RGW backends | check details, none provided in RHBZ#2139925 |
| CVE-2022-3920 | HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filt ... | check if affecting versions before 1.13.0 |
| CVE-2022-4144 | QXL: qxl_phys2virt unsafe address translation can lead to out-of-bounds read | check details |
| CVE-2022-23459 | Jsonxx or Json++ is a JSON parser, writer and reader written in C++. I ... | check - numerous jsonxx repositories exist on github |
| CVE-2022-23460 | Jsonxx or Json++ is a JSON parser, writer and reader written in C++. I ... | check - numerous jsonxx repositories exist on github |
| CVE-2022-23639 | crossbeam-utils provides atomics, synchronization primitives, scoped t ... | check, crossbeam-utils are vendored in various other sources, in particular rustc to be checked |
| CVE-2022-37454 | The Keccak XKCP SHA-3 reference implementation before fdc6fef has an i ... | check affected packages |
| CVE-2022-41854 | Those using Snakeyaml to parse untrusted YAML files may be vulnerable ... | check details |
| CVE-2022-41882 | The Nextcloud Desktop Client is a tool to synchronize files from Nextc ... | check details, is owncloud-client similarly affected? |
| CVE-2022-42920 | Apache Commons BCEL has a number of APIs that would normally only allo ... | check with the assigning CNAs which one to retain if confirmed to be handled as duplicate and move CVE-2022-34169 to Apache Xalan Java XSLT use of BCEL only. |
| CVE-2022-45136 | ** UNSUPPORTED WHEN ASSIGNED ** Apache Jena SDB 3.17.0 and earlier is ... | check correctness/details if src:apache-jena affected |