Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Developer
William Hubbs
Packages
241
Stabilization
8
Outdated
52
Pull requests
23
Bugs
255
Security
22
Changelog
Security Bug Reports
sys-cluster/kube-apiserver: webhook redirect vulnerability
813645 - Assigned to Gentoo Security
<app-containers/docker-cli-20.10.9: May send credentials to non-chosen registry (CVE-2021-41092)
816321 - Assigned to Gentoo Security
<mail-mta/postfix-3.6.3: queue file corruption
822753 - Assigned to Gentoo Security
<app-metrics/prometheus-2.40.4 app-metrics/prometheus-bin: basic authentication bypass
883637 - Assigned to Gentoo Security
<app-metrics/node_exporter-1.5.0: basic authentication bypass
883653 - Assigned to Gentoo Security
<app-metrics/prometheus-2.43.0: security fixes in bundled code
885109 - Assigned to Gentoo Security
app-metrics/consul_exporter: basic authentication bypass
890162 - Assigned to Gentoo Security
dev-util/gitlab-runner: user jumping vulnerability
891253 - Assigned to Gentoo Security
<net-vpn/openvpn-2.6.7: Multiple vulnerabilities
917272 - Assigned to Gentoo Security
net-vpn/openvpn: DoS via crafted reset packet
918673 - Assigned to Gentoo Security
sys-cluster/kube-apiserver: authentication bypass vulnerability
919131 - Assigned to Gentoo Security
<mail-mta/postfix-3.8.4: SMTP smuggling
920509 - Assigned to Gentoo Security
sys-cluster/nomad: multiple vulnerabilities
925029 - Assigned to Gentoo Security
dev-go/protobuf-go: infinite loop with certain forms of invalid JSON
926531 - Assigned to Gentoo Security
<app-containers/skopeo-1.15.1: unexpected authenticated registry accesses
932453 - Assigned to Gentoo Security
<net-vpn/openvpn-2.6.12: multiple vulnerabilities
938533 - Assigned to Gentoo Security
<dev-libs/dotconf-1.4.1: Multiple vulnerabilities
939831 - Assigned to Gentoo Security
<dev-lang/go-1.22.11, <dev-lang/go-1.23.5: multiple vulnerabilities
948232 - Assigned to Gentoo Security
<net-libs/nodejs-{18.20.6,20.18.2,22.13.1}: multiple vulnerabilities
948514 - Assigned to Gentoo Security
<dev-lang/go-1.22.12,1.23.6}: crypto/elliptic: timing sidechannel for P-256 on ppc64le
949405 - Assigned to Gentoo Security
<net-vpn/openvpn-2.6.14: Possible DoS (CVE-2025-2704)
953118 - Assigned to Gentoo Security
<dev-lang/go-1.24.3: os: Root permits access to parent directory
955613 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.