Wed May 15 07:53:36 2024 UTC (33d)
doc: add some upper bounds


(wiz)
diff -r1.195 -r1.196 pkgsrc/doc/pkg-vulnerabilities
cvs diff -r1.195 -r1.196 pkgsrc/doc/pkg-vulnerabilities (expand / switch to unified diff)

--- pkgsrc/doc/pkg-vulnerabilities 2024/05/14 23:06:15 1.195
+++ pkgsrc/doc/pkg-vulnerabilities 2024/05/15 07:53:36 1.196
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: pkg-vulnerabilities,v 1.195 2024/05/14 23:06:15 wiz Exp $ 1# $NetBSD: pkg-vulnerabilities,v 1.196 2024/05/15 07:53:36 wiz Exp $
2# 2#
3#FORMAT 1.0.0 3#FORMAT 1.0.0
4# 4#
5# Please read "Handling packages with security problems" in the pkgsrc 5# Please read "Handling packages with security problems" in the pkgsrc
6# guide before editing this file. 6# guide before editing this file.
7# 7#
8# Note: NEVER remove entries from this file; this should document *all* 8# Note: NEVER remove entries from this file; this should document *all*
9# known package vulnerabilities so it is entirely appropriate to have 9# known package vulnerabilities so it is entirely appropriate to have
10# multiple entries in this file for a single package, and to contain 10# multiple entries in this file for a single package, and to contain
11# entries for packages which have been removed from pkgsrc. 11# entries for packages which have been removed from pkgsrc.
12# 12#
13# New entries should be added at the end of this file. 13# New entries should be added at the end of this file.
14# 14#
@@ -17092,27 +17092,27 @@ firefox<66.0.1 multiple-vulnerabilities @@ -17092,27 +17092,27 @@ firefox<66.0.1 multiple-vulnerabilities
17092firefox60<60.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/ 17092firefox60<60.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/
17093python27<2.7.17 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 17093python27<2.7.17 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947
17094python34-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 17094python34-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947
17095python35-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 17095python35-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947
17096python36-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 17096python36-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947
17097python37<3.7.4 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 17097python37<3.7.4 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947
17098python27<2.7.17 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 17098python27<2.7.17 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948
17099python34-[0-9]* restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 17099python34-[0-9]* restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948
17100python35-[0-9]* restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 17100python35-[0-9]* restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948
17101python36<3.6.9 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 17101python36<3.6.9 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948
17102python37<3.7.4 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 17102python37<3.7.4 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948
17103ImageMagick6<6.9.10.35 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9956 17103ImageMagick6<6.9.10.35 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9956
17104ImageMagick<7.0.8.35 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9956 17104ImageMagick<7.0.8.35 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9956
17105gitea-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-15192 17105gitea<1.16.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-15192
17106ap24-auth-mellon<0.14.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-3877 17106ap24-auth-mellon<0.14.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-3877
17107ap24-auth-mellon<0.14.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3878 17107ap24-auth-mellon<0.14.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3878
17108xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10018 17108xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10018
17109xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10019 17109xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10019
17110xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10020 17110xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10020
17111xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10021 17111xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10021
17112xpdf-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-10022 17112xpdf-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-10022
17113xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10023 17113xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10023
17114xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10024 17114xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10024
17115xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10025 17115xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10025
17116xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10026 17116xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10026
17117moodle<3.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3808 17117moodle<3.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3808
17118moodle<3.1.16 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-3809 17118moodle<3.1.16 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-3809
@@ -19451,29 +19451,27 @@ libexif<0.6.23 integer-overflow https:// @@ -19451,29 +19451,27 @@ libexif<0.6.23 integer-overflow https://
19451consul>=1.6.0<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12758 19451consul>=1.6.0<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12758
19452consul>=1.4.0<1.6.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-12797 19452consul>=1.4.0<1.6.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-12797
19453consul>=1.4.0<1.6.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-13170 19453consul>=1.4.0<1.6.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-13170
19454consul>=1.2.0<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13250 19454consul>=1.2.0<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13250
19455adobe-flash-player<32.0.0.387 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb20-30.html 19455adobe-flash-player<32.0.0.387 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb20-30.html
19456wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4046 19456wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4046
19457wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4047 19457wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4047
19458wordpress<5.4.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-4048 19458wordpress<5.4.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-4048
19459wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4049 19459wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4049
19460wordpress<5.4.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-4050 19460wordpress<5.4.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-4050
19461upx<3.96 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20805 19461upx<3.96 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20805
19462sane-backends<1.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12867 19462sane-backends<1.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12867
19463py{27,36,37,38}-rsa<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13757 19463py{27,36,37,38}-rsa<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13757
19464grafana-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18624 19464grafana<6.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18623
19465grafana-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18625 
19466grafana-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18623 
19467libvirt>=3.10.0<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10703 19465libvirt>=3.10.0<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10703
19468mediawiki<1.35 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-10959 19466mediawiki<1.35 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-10959
19469qemu<4.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13659 19467qemu<4.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13659
19470qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13754 19468qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13754
19471znc>=1.8.0<1.8.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13775 19469znc>=1.8.0<1.8.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13775
19472ruby{22,24,25,26,27}-websocket-extensions<0.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7663 19470ruby{22,24,25,26,27}-websocket-extensions<0.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7663
19473py{34,35,36,37,38}-django>=2.2<2.2.13 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254 19471py{34,35,36,37,38}-django>=2.2<2.2.13 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254
19474py{34,35,36,37,38}-django>=3.0<3.0.7 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254 19472py{34,35,36,37,38}-django>=3.0<3.0.7 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254
19475py{34,35,36,37,38}-django>=2.2<2.2.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596 19473py{34,35,36,37,38}-django>=2.2<2.2.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596
19476py{34,35,36,37,38}-django>=3.0<3.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596 19474py{34,35,36,37,38}-django>=3.0<3.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596
19477nghttp2<1.41.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11080 19475nghttp2<1.41.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11080
19478grafana>=3.0.1<7.0.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-13379 19476grafana>=3.0.1<7.0.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-13379
19479libjpeg-turbo<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-13790 19477libjpeg-turbo<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-13790
@@ -19998,27 +19996,27 @@ qemu<5.0.0 infinite-loop https://nvd.n @@ -19998,27 +19996,27 @@ qemu<5.0.0 infinite-loop https://nvd.n
19998ruby-oauth-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2016-11086 19996ruby-oauth-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2016-11086
19999tigervnc<1.11.0 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2020-26117 19997tigervnc<1.11.0 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2020-26117
20000mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25812 19998mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25812
20001mediawiki<1.34.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25813 19999mediawiki<1.34.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25813
20002mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25814 20000mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25814
20003mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25815 20001mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25815
20004mediawiki<1.34.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25827 20002mediawiki<1.34.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25827
20005mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25828 20003mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25828
20006mediawiki<1.34.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25869 20004mediawiki<1.34.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25869
20007mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26120 20005mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26120
20008mediawiki<1.34.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-26121 20006mediawiki<1.34.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-26121
20009py{27,36,37,38}-rpyc>=4.1.0<4.1.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16328 20007py{27,36,37,38}-rpyc>=4.1.0<4.1.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16328
20010py{27,36,37,38}-djangorestframework<3.12.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25626 20008py{27,36,37,38}-djangorestframework<3.12.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25626
20011grafana-[0-9]* signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-15216 20009grafana<8.3.1 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-15216
20012vault>=1.5.0<1.5.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25816 20010vault>=1.5.0<1.5.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25816
20013vault>=1.4.0<1.4.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25816 20011vault>=1.4.0<1.4.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25816
20014mantis<2.24.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25288 20012mantis<2.24.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25288
20015mantis<2.24.3 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25781 20013mantis<2.24.3 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25781
20016mantis<2.24.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25830 20014mantis<2.24.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25830
20017py{27,36,37,38}-urllib3<1.25.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26137 20015py{27,36,37,38}-urllib3<1.25.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26137
20018go-jwt-go<4.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-26160 20016go-jwt-go<4.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-26160
20019libproxy<0.4.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26154 20017libproxy<0.4.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26154
20020oniguruma<6.9.6rc1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26159 20018oniguruma<6.9.6rc1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26159
20021apache-ant-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-11979 20019apache-ant-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-11979
20022powerdns<4.3.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-17482 20020powerdns<4.3.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-17482
20023powerdns<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24697 20021powerdns<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24697
20024powerdns<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24698 20022powerdns<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24698
@@ -24911,27 +24909,27 @@ openssl<1.1.1t denial-of-service https:/ @@ -24911,27 +24909,27 @@ openssl<1.1.1t denial-of-service https:/
24911man2html-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-40648 24909man2html-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-40648
24912man2html-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-40647 24910man2html-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-40647
24913bash<5.1.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3715 24911bash<5.1.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3715
24914minetest-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-35978 24912minetest-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-35978
24915less>=566<609 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46663 24913less>=566<609 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46663
24916grub2-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2601 24914grub2-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2601
24917grub2-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-3775 24915grub2-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-3775
24918memcached<1.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37519 24916memcached<1.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37519
24919leptonica<1.80.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38266 24917leptonica<1.80.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38266
24920lepton-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-4104 24918lepton-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-4104
24921binutils<2.40 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-38533 24919binutils<2.40 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-38533
24922binutils<2.40 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4285 24920binutils<2.40 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4285
24923awstats>=7<7.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46391 24921awstats>=7<7.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46391
24924assimp-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-45748 24922assimp<5.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-45748
24925knot<5.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40188 24923knot<5.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40188
24926freeciv>=2.6.7<3.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39047 24924freeciv>=2.6.7<3.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39047
24927modular-xorg-server<21.1.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2319 24925modular-xorg-server<21.1.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2319
24928modular-xorg-server<21.1.4 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-2320 24926modular-xorg-server<21.1.4 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-2320
24929modular-xorg-server<21.1.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-3551 24927modular-xorg-server<21.1.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-3551
24930modular-xorg-server<21.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3550 24928modular-xorg-server<21.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3550
24931modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-46342 24929modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-46342
24932modular-xorg-server<1.20.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-46344 24930modular-xorg-server<1.20.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-46344
24933modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-46343 24931modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-46343
24934modular-xorg-server<1.20.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-46341 24932modular-xorg-server<1.20.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-46341
24935modular-xorg-server<1.20.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-46340 24933modular-xorg-server<1.20.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-46340
24936modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-4283 24934modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-4283
24937git-base<2.38.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39260 24935git-base<2.38.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39260