Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Developer
Zac Medico
Packages
188
Stabilization
18
Outdated
44
Pull requests
5
Bugs
214
Security
27
Changelog
Security Bug Reports
app-text/podofo: multiple vulnerabilities (CVE-2020-{18971,18972}, CVE-2021-{30469,30470,30471,30472})
782706 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
795312 - Assigned to Gentoo Security
www-apps/chromedriver-bin: CSRF to code execution
833160 - Assigned to Gentoo Security
<www-servers/caddy-2.5.2: oob read allows for DoS
860147 - Assigned to Gentoo Security
app-shells/nushell: 'cargo audit' reports one or more bundled CRATES as vulnerable
864031 - Assigned to Gentoo Security
dev-lang/starlark-rust: 'cargo audit' reports one or more bundled CRATES as vulnerable
864043 - Assigned to Gentoo Security
<app-containers/docker-registry-2.8.1: multiple vulnerabilities
872410 - Assigned to Gentoo Security
app-containers/buildah: multiple vulnerabilities
884859 - Assigned to Gentoo Security
app-text/podofo: heap buffer overread
904939 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
905089 - Assigned to Gentoo Security
net-dns/coredns: multiple vulnerabilities
905301 - Assigned to Gentoo Security
<dev-db/etcd-3.4.26: key name disclosure
906656 - Assigned to Gentoo Security
<app-admin/consul-1.15.3: multiple vulnerabilities
907925 - Assigned to Gentoo Security
<app-admin/consul-1.15.7: multiple vulnerabilities
917614 - Assigned to Gentoo Security
<www-servers/caddy-2.7.5: http/2 rapid reset vulnerability
918413 - Assigned to Gentoo Security
<dev-db/etcd-3.4.28: http/2 rapid reset vulnerability
918419 - Assigned to Gentoo Security
<app-admin/vault-1.14.5: multiple vulnerabilities
918420 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
918550 - Assigned to Gentoo Security
<app-admin/vault-1.14.8: denial of service via large HTTP requests
920177 - Assigned to Gentoo Security
<app-admin/consul-1.15.10: multiple vulnerabilities in bundled envoy
925030 - Assigned to Gentoo Security
<app-containers/podman-5.0.3: unexpected authenticated registry access
936573 - Assigned to Gentoo Security
<app-containers/podman-5.2.4: improper input validation
941217 - Assigned to Gentoo Security
app-containers/containers-common: improper file path handling when FIPS mode is enabled
941218 - Assigned to Gentoo Security
<app-containers/podman-5.2.5: symlink traversal can result in denial of service via OOM
942556 - Assigned to Gentoo Security
<app-containers/buildah-1.37.5; symlink traversal can result in denial of service via OOM
942557 - Assigned to Gentoo Security
app-containers/cri-o: symlink traversal can result in denial of service via OOM
942558 - Assigned to Gentoo Security
<app-containers/containers-storage-1.55.1: symlink traversal can result in denial of service via OOM
942559 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.