Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Maintainer-Needed
Packages
2123
Stabilization
32
Outdated
378
Pull requests
29
Bugs
2259
Security
75
Changelog
Security Bug Reports
app-text/groonga: privilege escalation via PID file manipulation
630758 - Assigned to Gentoo Security
media-libs/libwmf: Flawed malloc implementation allowing denial of service (CVE-2016-9011)
724532 - Assigned to Gentoo Security
app-text/xpdf: Multiple vulnerabilities (CVE-2020-{24996,24999})
740260 - Assigned to Gentoo Security
<media-gfx/pngcheck-3.0.2: Multiple vulnerabilities (CVE-2020-27818)
759013 - Assigned to Gentoo Security
<dev-db/sqlcipher-4.5.1: use after free leading to DoS (CVE-2020-27207)
760690 - Assigned to Gentoo Security
dev-libs/xerces-c: XML parser contains a use-after-free error triggered during the scanning of external DTDs
770763 - Assigned to Gentoo Security
<net-irc/scrollz-2.3.1: ReDoS vulnerability
777987 - Assigned to Gentoo Security
dev-util/cflow: Use-after-free vulnerability (CVE-2020-23856)
790842 - Assigned to Gentoo Security
net-dns/avahi: multiple DoS vulnerabilities
793953 - Assigned to Gentoo Security
dev-db/percona-server: multiple vulnerabilities
803635 - Assigned to Gentoo Security
<www-client/lynx-2.9.0_pre9: cleartext credential transmission (CVE-2021-38165)
807073 - Assigned to Gentoo Security
<dev-libs/libxls-1.6.3: null pointer dereferences
821517 - Assigned to Gentoo Security
<media-gfx/nomacs-3.16.0: buffer overflow via crafted MNG file
822996 - Assigned to Gentoo Security
net-dialup/accel-ppp: multiple vulnerabilities
833455 - Assigned to Gentoo Security
<net-misc/httpie-3.2.1: multiple vulnerabilities
834801 - Assigned to Gentoo Security
<app-admin/keepass-2.56: logs plaintext password
835074 - Assigned to Gentoo Security
media-gfx/dcraw: integer overflow via malicious x3f
839366 - Assigned to Gentoo Security
<media-gfx/chafa-1.10.2: null pointer dereference
841881 - Assigned to Gentoo Security
dev-lang/squirrel: multiple vulnerabilities
843155 - Assigned to Gentoo Security
<app-text/halibut-1.3: multiple vulnerabilities
847985 - Assigned to Gentoo Security
app-text/xpdf: multiple vulnerabilities ("fixed in xpdf-5")
856475 - Assigned to Gentoo Security
<net-misc/gsasl-2.0.1: Out of bounds read
858848 - Assigned to Gentoo Security
app-shells/squirrelsh: multiple vulnerabilities via bundled dev-lang/squirrel
861806 - Assigned to Gentoo Security
app-benchmarks/hyperfine: 'cargo audit' reports one or more bundled CRATES as vulnerable
863998 - Assigned to Gentoo Security
app-shells/mcfly: 'cargo audit' reports one or more bundled CRATES as vulnerable
864028 - Assigned to Gentoo Security
dev-util/bingrep: 'cargo audit' reports one or more bundled CRATES as vulnerable
864052 - Assigned to Gentoo Security
<www-client/w3m-20230121: oob write
865249 - Assigned to Gentoo Security
net-dns/dnrd: multiple vulnerabilities
865251 - Assigned to Gentoo Security
<media-gfx/pngcheck-3.0.3: global buffer overflow
866233 - Assigned to Gentoo Security
<www-servers/varnish-7.1.2: multiple vulnerabilities
880627 - Assigned to Gentoo Security
app-text/xpdf: multiple vulnerabilities
881351 - Assigned to Gentoo Security
<www-apache/mod_security-2.9.7, <dev-libs/modsecurity-3.0.9: multiple vulnerabilities
891777 - Assigned to Gentoo Security
<media-libs/libheif-1.15.2: buffer overflow
897904 - Assigned to Gentoo Security
www-apache/mod_gnutls: incorrect timeout handling leads to excessive resource consumption
897906 - Assigned to Gentoo Security
app-text/htmltidy: arbitrary code execution
897952 - Assigned to Gentoo Security
<dev-libs/confuse-3.3-r2: Heap buffer overflow
901089 - Assigned to Gentoo Security
<net-libs/libyang-2.1.55: null pointer dereferences
903756 - Assigned to Gentoo Security
dev-debug/edb-debugger: denial of service vulnerability
903803 - Assigned to Gentoo Security
app-text/xpdf: multiple vulnerabilities
905207 - Assigned to Gentoo Security
net-im/rocketchat-desktop-bin: multiple vulnerabilities
906108 - Assigned to Gentoo Security
<net-dns/maradns-3.5.0036: integer underflow vulnerability
906113 - Assigned to Gentoo Security
<dev-libs/log4cxx-1.2.0[odbc]: SQL injection
906115 - Assigned to Gentoo Security
dev-util/cflow: stack overflow
906713 - Assigned to Gentoo Security
<app-admin/sysstat-12.6.2-r1: incomplete fix for CVE-2022-39377
907121 - Assigned to Gentoo Security
net-mail/imapsync: insecure tmp directory usage
907935 - Assigned to Gentoo Security
net-im/rocketchat-desktop-bin: multiple vulnerabilities
908039 - Assigned to Gentoo Security
<app-admin/keepass-2.56: password disclosure via memory dump
908040 - Assigned to Gentoo Security
dev-lang/mono: nuget credential leak
908612 - Assigned to Gentoo Security
<app-backup/borgbackup-1.2.6: Archive spoofing vulnerability
913407 - Assigned to Gentoo Security
<net-misc/ntpsec-1.2.2a: Crash with NTS if NTS is disabled
914427 - Assigned to Gentoo Security
<www-apache/modsecurity-crs-3.3.5: Content-Type confusion
916319 - Assigned to Gentoo Security
<www-servers/varnish-7.5.0: http/2 rapid reset vulnerability
918416 - Assigned to Gentoo Security
dev-java/sbt{,-bin}: arbitrary file overwrite
918428 - Assigned to Gentoo Security
<media-gfx/gifsicle-1.94: floating point exception DoS
918436 - Assigned to Gentoo Security
app-admin/graylog: multiple vulnerabilities
918542 - Assigned to Gentoo Security
<media-gfx/zbar-0.23.93: multiple vulnerabilities
918543 - Assigned to Gentoo Security
www-client/w3m: multiple vulnerabilities
918564 - Assigned to Gentoo Security
<media-gfx/librecad-2.2.0.2: multiple vulnerabilities
918609 - Assigned to Gentoo Security
dev-libs/zziplib: invalid memory access
918624 - Assigned to Gentoo Security
<net-ftp/proftpd-1.3.8b: terrapin vulnerability
920385 - Assigned to Gentoo Security
<www-client/httrack-3.49.5 httrack's bundle of zlib Minizip affected by CVE-2023-45853
923035 - Assigned to Gentoo Security
<app-containers/apptainer-1.3.0: two DoS vulnerabilities in the bundled library jose
928121 - Assigned to Gentoo Security
mail-filter/amavisd-new: email parsing vulnerability
934140 - Assigned to Gentoo Security
<app-containers/apptainer-1.3.2: unexpected authenticated registry access vulnerability in bundled library containers/image
934141 - Assigned to Gentoo Security
media-libs/cimg: memory leak
939029 - Assigned to Gentoo Security
net-misc/cgminer: Multiple vulnerabilities
939031 - Assigned to Gentoo Security
net-analyzer/suricata: multiple vulnerabilities
939049 - Assigned to Gentoo Security
<net-dns/avahi-0.9_rc2: Avahi Wide-Area DNS Predictable Transaction IDs
947638 - Assigned to Gentoo Security
<sys-auth/pam_u2f-1.3.2: Partial Authentication Bypass
948201 - Assigned to Gentoo Security
<www-servers/nginx-1.26.3: SNI allowed to reuse SSL sessions in a different virtual server
949354 - Assigned to Gentoo Security
<net-mail/cyrus-imapd-3.4.9: authenticated attackers can cause unbounded memory allocation
953911 - Assigned to Gentoo Security
<media-libs/libheif-1.19.7: Multiple vulnerabilities
954132 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.
Packages