Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Developer
Sam James
Packages
251
Stabilization
19
Outdated
31
Pull requests
19
Bugs
268
Security
31
Changelog
Security Bug Reports
dev-libs/crypto++: vulnerable to private key recovery (CVE-2019-14318)
702930 - Assigned to Gentoo Security
dev-libs/libtomcrypt: Out of bounds read (CVE-2019-17362)
761412 - Assigned to Gentoo Security
<sys-fs/zfs-2.2.0: ipv6 access control confusion (CVE-2013-20001)
770337 - Assigned to Gentoo Security
net-analyzer/fail2ban: code exection via malicious whois responses (CVE-2021-32749)
802513 - Assigned to Gentoo Security
<dev-libs/botan-2.18.2: ElGamal plaintext recovery (CVE-2021-40529)
811906 - Assigned to Gentoo Security
<dev-libs/crypto++-8.6.0: ElGamal plaintext recovery (CVE-2021-40530)
811915 - Assigned to Gentoo Security
dev-db/redis: integer overflow via bundled hiredis
821346 - Assigned to Gentoo Security
<dev-lang/duktape-2.7.0: segmentation fault in duk_push_tval
831659 - Assigned to Gentoo Security
dev-util/git-delta: 'cargo audit' reports one or more bundled CRATES as vulnerable
864064 - Assigned to Gentoo Security
<dev-libs/botan-2.19.3: OCSP response falsification
881529 - Assigned to Gentoo Security
<net-irc/ergo-2.11.1: Websocket denial of service issue
891803 - Assigned to Gentoo Security
<app-forensics/aflplusplus-4.06c: code execution via untrusted CWD
897924 - Assigned to Gentoo Security
<dev-db/redis-7.0.10: Specially crafted MSETNX command can lead to assertion and denial-of-service
902501 - Assigned to Gentoo Security
dev-python/redis: multiple vulnerabilities
903137 - Assigned to Gentoo Security
<net-analyzer/tcpdump-4.99.4: OOB write in SMB decoder
904041 - Assigned to Gentoo Security
<net-misc/iperf-3.14: Denial of service vulnerability
910083 - Assigned to Gentoo Security
<dev-db/redis-{6.2.13, 7.0.12}: Multiple vulnerabilities
910191 - Assigned to Gentoo Security
<dev-db/redis-{7.0.13, 7.2.1}: Redis SORT_RO may bypass ACL configuration
913741 - Assigned to Gentoo Security
<dev-libs/libtommath-1.2.1: Integer overflow
913880 - Assigned to Gentoo Security
<dev-db/redis-{6.2.14,7.0.14,7.2.2}: Redis Unix-domain socket may be exposed with the wrong permissions for a short time window
915989 - Assigned to Gentoo Security
<net-vpn/tor-0.4.8.9: Denial of service for onion services
917142 - Assigned to Gentoo Security
net-irc/unrealircd: denial-of-service by sending an oversized packet
920264 - Assigned to Gentoo Security
dev-libs/crypto++: multiple vulnerabilities
920284 - Assigned to Gentoo Security
<dev-db/redis-{7.0.15,7.2.4}: Buffer resizing issue leading to heap overflow and potential RCE
921662 - Assigned to Gentoo Security
<sys-libs/pam-1.6.1: local denial of service vulnerability in `pam_namespace.so`
922397 - Assigned to Gentoo Security
<dev-util/diffoscope-257: Information disclosure vulnerability when diffing GPG artifacts
924883 - Assigned to Gentoo Security
<dev-libs/botan-{2.19.4, 3.3.0}: Denial of service via ECC parameters
925147 - Assigned to Gentoo Security
<sys-fs/zfs-2.2.3: Bundled old Lua is vulnerable to CVE-2020-24370
925290 - Assigned to Gentoo Security
<dev-libs/libxml2-{2.11.8, 2.12.7}: Buffer overread with xmllint --htmlout
931977 - Assigned to Gentoo Security
<app-crypt/sequoia-chameleon-gnupg-0.10.1: Denial of service
935384 - Assigned to Gentoo Security
<net-irc/ergo-2.13.1: exploitable deadlock leading to denial of service
936197 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.