Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Developer
Zac Medico
Packages
181
Stabilization
5
Outdated
36
Pull requests
4
Bugs
195
Security
28
Changelog
Security Bug Reports
<sys-apps/flatpak-1.10.2: Sandbox break (CVE-2021-21381)
775365 - Assigned to Gentoo Security
app-text/podofo: multiple vulnerabilities (CVE-2020-{18971,18972}, CVE-2021-{30469,30470,30471,30472})
782706 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
795312 - Assigned to Gentoo Security
<sys-apps/flatpak-{1.10.5,1.12.1}: sandbox bypass (CVE-2021-41133)
816951 - Assigned to Gentoo Security
<app-containers/podman-3.4.3: insufficient network isolation
829896 - Assigned to Gentoo Security
www-apps/chromedriver-bin: CSRF to code execution
833160 - Assigned to Gentoo Security
<www-servers/caddy-2.5.2: oob read allows for DoS
860147 - Assigned to Gentoo Security
app-shells/nushell: 'cargo audit' reports one or more bundled CRATES as vulnerable
864031 - Assigned to Gentoo Security
dev-lang/starlark-rust: 'cargo audit' reports one or more bundled CRATES as vulnerable
864043 - Assigned to Gentoo Security
<app-containers/podman-4.3.0: incorrect handling of supplementary groups
870931 - Assigned to Gentoo Security
<app-containers/docker-registry-2.8.1: multiple vulnerabilities
872410 - Assigned to Zac Medico
app-containers/buildah: multiple vulnerabilities
884859 - Assigned to Gentoo Security
<app-admin/consul-1.14.3: DoS via Go http server vulnerability
885997 - Assigned to Gentoo Security
<app-containers/podman-4.5.0: arbitrary host file access
896372 - Assigned to Gentoo Security
app-text/podofo: heap buffer overread
904939 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
905089 - Assigned to Gentoo Security
net-dns/coredns: multiple vulnerabilities
905301 - Assigned to Gentoo Security
<app-text/editorconfig-core-c-0.12.6: arbitrary stack write
905308 - Assigned to Gentoo Security
app-text/podofo: multiple vulnerabilities
906105 - Assigned to Gentoo Security
<dev-db/etcd-3.4.26: key name disclosure
906656 - Assigned to Gentoo Security
<app-admin/consul-1.15.3: multiple vulnerabilities
907925 - Assigned to Gentoo Security
<app-admin/consul-1.15.7: multiple vulnerabilities
917614 - Assigned to Gentoo Security
<www-servers/caddy-2.7.5: http/2 rapid reset vulnerability
918413 - Assigned to Gentoo Security
<dev-db/etcd-3.4.28: http/2 rapid reset vulnerability
918419 - Assigned to Gentoo Security
<app-admin/vault-1.14.5: multiple vulnerabilities
918420 - Assigned to Gentoo Security
<app-text/calibre-5.44.0-r3: local file inclusion vulnerability
918429 - Assigned to Gentoo Security
<dev-python/aiohttp-3.8.0: inconsistent interpretation of the http protocol
918541 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
918550 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.