Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Developer
William Hubbs
Packages
264
Stabilization
21
Outdated
59
Pull requests
16
Bugs
279
Security
37
Changelog
Security Bug Reports
dev-lang/lua: Multiple vulnerabilities (CVE-2019-6706, CVE-2020-{15945,15888,15889,24342,24369,24370,24371})
717780 - Assigned to Gentoo Security
sys-cluster/kube-apiserver: webhook redirect vulnerability
813645 - Assigned to Gentoo Security
<app-containers/docker-20.10.9: multiple vulnerabilities
816273 - Assigned to Gentoo Security
<app-containers/docker-cli-20.10.9: May send credentials to non-chosen registry (CVE-2021-41092)
816321 - Assigned to Gentoo Security
<mail-mta/postfix-3.6.3: queue file corruption
822753 - Assigned to Gentoo Security
<app-containers/runc-1.0.2-r1: Access restriction bypass (CVE-2021-43784)
828471 - Assigned to Gentoo Security
<sys-cluster/kubect-1.26.0: lacks escape/meta/control sequence filtering in terminal output
830714 - Assigned to Gentoo Security
dev-lang/lua: UAF leading to sandbox escape
835340 - Assigned to Gentoo Security
<net-vpn/openvpn-2.5.6: potential authentication by-pass with multiple deferred authentication plug-ins
835514 - Assigned to Gentoo Security
<app-containers/containerd-1.5.11: Default inheritable capabilities for linux container should be empty
835917 - Assigned to Gentoo Security
<app-containers/runc-1.1.2: incorrect handling of inheritable capabilities
844085 - Assigned to Gentoo Security
<app-containers/containerd-1.6.8: malicious container memory exhaustion
850124 - Assigned to Gentoo Security
<dev-lang/lua-5.4.6: heap buffer overflow in recursive errors
856463 - Assigned to Gentoo Security
dev-util/wasmer: 'cargo audit' reports one or more bundled CRATES as vulnerable
864079 - Assigned to Gentoo Security
app-containers/docker: supplementary groups mishandling
869407 - Assigned to Gentoo Security
<sys-cluster/kube-apiserver-1.22.14,1.23.11,1.24.5,1.25.1}: SSRF
871741 - Assigned to Gentoo Security
app-containers/docker: Git vulnerability mitigations
877653 - Assigned to Gentoo Security
app-admin/fluentd: remote code execution via crafted JSON payloads
879181 - Assigned to Gentoo Security
<app-metrics/prometheus-2.40.4 app-metrics/prometheus-bin: basic authentication bypass
883637 - Assigned to Gentoo Security
<app-metrics/snmp_exporter-0.24.1: basic authentication bypass
883649 - Assigned to Gentoo Security
<app-metrics/blackbox_exporter-0.24.0: basic authentication bypass
883651 - Assigned to Gentoo Security
<app-metrics/node_exporter-1.5.0: basic authentication bypass
883653 - Assigned to Gentoo Security
<app-containers/containerd-1.6.14: host memory exhaustion
884803 - Assigned to Gentoo Security
<app-metrics/prometheus-2.43.0: security fixes in bundled code
885109 - Assigned to Gentoo Security
<app-containers/docker-20.10.22: multiple vulnerabilities
886509 - Assigned to Gentoo Security
app-metrics/consul_exporter: basic authentication bypass
890162 - Assigned to Gentoo Security
dev-util/gitlab-runner: user jumping vulnerability
891253 - Assigned to Gentoo Security
app-containers/containerd: multiple vulnerabilities
897960 - Assigned to Gentoo Security
<app-containers/runc-1.1.5: Privilege escalation bug
903079 - Assigned to Gentoo Security
app-containers/docker: multiple vulnerabilities
903804 - Assigned to Gentoo Security
dev-lang/lua: heap buffer overread
905319 - Assigned to Gentoo Security
app-containers/docker: vulnerability in bundled buildkit
905336 - Assigned to Gentoo Security
<dev-python/MechanicalSoup-1.3.0: Malicious web server can read arbitrary files on client using file input inside HTML form
909723 - Assigned to Gentoo Security
<dev-lang/go-{1.20.10,1.21.3}: rapid stream resets can cause excessive work
915555 - Assigned to Gentoo Security
<net-vpn/openvpn-2.6.7: Multiple vulnerabilities
917272 - Assigned to Gentoo Security
sys-cluster/kubelet: privilege escalation in windows nodes
918665 - Assigned to Gentoo Security
net-vpn/openvpn: DoS via crafted reset packet
918673 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.