|
Bug #1791835: CVE-2017-1000433: Known moderate severity security vulnerability detected in pysaml2 <= 4.5.0
|
 CVE-2017-1000433 |
|
StarlingX
|
Won't fix, assigned to Ken Young
|
|
Bug #1794868: lshell component is not maintained and has pending CVEs
|
CVE-2016-6902
CVE-2016-6903 |
|
StarlingX
|
Won't fix, assigned to Ken Young
|
|
Bug #1796941: CVE-2018-7536: Moderate Django Vulnerability in django.utils.html.urlize()
|
CVE-2018-7536 |
|
StarlingX
|
Won't fix, assigned to Ken Young
|
|
Bug #1801798: CVE-2018-18074: python-requests package may reveal credentials
|
CVE-2018-18074 |
|
StarlingX
|
Fix released, assigned to Ghada Khalil
|
|
Bug #1805759: CVE: CVE-2018-5391: kernel: IP fragment re-assembly allows DOS (FragmentSmack)
|
CVE-2018-5391 |
|
StarlingX
|
Fix released, assigned to Lin Shuicheng
|
|
Bug #1806749: CVE-2018-1002105 Kubernetes priviledge escalation
|
CVE-2018-1002105 |
|
StarlingX
|
Fix released, assigned to Frank Miller
|
|
Bug #1815641: CVE-2019-5736 affecting docker-ce 18.03
|
CVE-2019-5736 |
|
StarlingX
|
Fix released, assigned to Brent Rowsell
|
|
Bug #1820756: CVE-2018-15688: systemd-network does not correctly keep track of a buffer size
|
CVE-2018-15688 |
|
StarlingX
|
Fix released, assigned to Mawrer Amed Ramirez Martinez
|
|
Bug #1820757: CVE-2018-18311: Perl Buffer Overflow
|
CVE-2018-18311 |
|
StarlingX
|
Fix released, assigned to Mawrer Amed Ramirez Martinez
|
|
Bug #1820759: CVE-2018-19115: keepalived has a Heap-based buffer overflow vulnerability
|
CVE-2018-19115 |
|
StarlingX
|
Fix released, assigned to Mawrer Amed Ramirez Martinez
|
|
Bug #1830487: CVEs by modern implementation of the "fill buffer" mechanism
|
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2019-11091 |
|
StarlingX
|
Fix released, assigned to zhao.shuai
|
|
Bug #1836685: CVE: integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs)
|
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479 |
|
StarlingX
|
Fix released, assigned to zhao.shuai
|
|
Bug #1840771: CVE-2018-14618:NTLM buffer overflow via integer overflow
|
CVE-2017-8816
CVE-2018-14618 |
|
StarlingX
|
Fix released, assigned to zhao.shuai
|
|
Bug #1840778: CVE-2019-11811:use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed
|
CVE-2019-11811 |
|
StarlingX
|
Fix released, assigned to zhao.shuai
|
|
Bug #1847817: CVE-2019-14835: kernel: vhost-net: guest to host kernel escape during migration
|
CVE-2019-14835 |
|
StarlingX
|
Fix released, assigned to Robin Lu
|
|
Bug #1849195: CVE-2018-1000076: rubygems: Improper verification of signatures in tarball allows to install mis-signed gem
|
CVE-2018-1000076 |
|
StarlingX
|
Fix released, assigned to Jim Somerville
|
|
Bug #1849197: CVE-2018-12327:ntp: buffer overflow in ntpq and ntpdc
|
CVE-2018-12327 |
|
StarlingX
|
Fix released, assigned to Jim Somerville
|
|
Bug #1849198: CVE-2018-14599: libX11: Off-by-one error in XListExtensions in ListExt.c
|
CVE-2018-14599 |
|
StarlingX
|
Fix released, assigned to Robin Lu
|
|
Bug #1849199: CVE-2018-14600: libX11: Out of Bounds write in XListExtensions in ListExt.c
|
CVE-2018-14600 |
|
StarlingX
|
Fix released, assigned to Robin Lu
|
|
Bug #1849200: CVE-2018-15686: systemd: state injection during daemon-reexec
|
CVE-2018-15686 |
|
StarlingX
|
Fix released, assigned to Jim Somerville
|
|
Bug #1849201: CVE-2018-16402: elfutils: Double-free due to double decompression
|
CVE-2018-16402 |
|
StarlingX
|
Fix released, assigned to Jim Somerville
|
|
Bug #1849202: CVE-2018-19788: polkit: Improper handling of uid
|
CVE-2018-19788 |
|
StarlingX
|
Fix released, assigned to Jim Somerville
|
|
Bug #1849203: CVE-2018-8780: ruby: Unintentional directory traversal by poisoned NULL byte in Dir
|
CVE-2018-8780 |
|
StarlingX
|
Fix released, assigned to Jim Somerville
|
|
Bug #1849204: Fix CVE-2019-0160
|
CVE-2019-0160 |
|
StarlingX
|
Fix released, assigned to Ghada Khalil
|
|
Bug #1849205: CVE-2019-0160: OVMF: overflows with long file names and invalid UDF media
|
CVE-2019-0160 |
|
StarlingX
|
Fix released, assigned to Robin Lu
|
|
Bug #1849206: CVE-2019-11810: kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
|
CVE-2019-11810 |
|
StarlingX
|
Fix released, assigned to Robin Lu
|
|
Bug #1849209: CVE-2019-11811: kernel: use-after-free in IPMI
|
CVE-2019-11811 |
|
StarlingX
|
Fix released, assigned to Robin Lu
|
|
Bug #1849210: CVE-2019-5953: wget: do_conversion() buffer overflow
|
CVE-2019-5953 |
|
StarlingX
|
Fix released, assigned to Jim Somerville
|
|
Bug #1852825: CVE-2019-14287: sudo: can bypass certain policy blacklists
|
CVE-2019-14287 |
|
StarlingX
|
Fix released, assigned to Robin Lu
|
|
Bug #1864763: CVE-2019-10126 / CVE-2019-14895 / CVE-2019-17133 / CVE-2019-14901 / CVE-2019-16746: WiFi Driver Vulnerabilities
|
CVE-2019-10126
CVE-2019-14895
CVE-2019-14901
CVE-2019-16746
CVE-2019-17133 |
|
StarlingX
|
Invalid by Jim Somerville
|
|
Bug #1872979: collectd core dump generated after lock/unlock controller-0
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Eric MacDonald
|
|
Bug #1881425: CVE-2015-2716: expat: Buffer overflow in the XML parser
|
CVE-2015-2716 |
|
StarlingX
|
Fix released, assigned to Poornima Y N
|
|
Bug #1881426: CVE-2018-18751: gettext: double free in default_add_message
|
CVE-2018-18751 |
|
StarlingX
|
Fix released, assigned to Poornima Y N
|
|
Bug #1881428: CVE-2018-5819: glib2: libRaw "parse_sinar_ia()" function can be exploited
|
CVE-2018-5819 |
|
StarlingX
|
Invalid by Poornima Y N
|
|
Bug #1881429: CVE-2019-15916: kernel: memory leak in register_queue_kobjects
|
CVE-2019-15916 |
|
StarlingX
|
Fix released, assigned to Jim Somerville
|
|
Bug #1886064: Upgrades are not able to add new keystone users/services/endpoints
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Andy
|
|
Bug #1887438: Controller-0 Not Ready after force rebooting active controller (Controller-1)
|
CVE-2018-15473
CVE-2019-10160
CVE-2019-16056
CVE-2019-18634
CVE-2019-6470
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Chris Friesen
|
|
Bug #1887677: stx-openstack: etcd 1MB size limit will prevent scaling up openstack workers
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Angie Wang
|
|
Bug #1892768: Containerd config needs a jinja template
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Carmen Rata
|
|
Bug #1893669: swact is not triggered after killing dnsmasq process within 90 seconds
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Bin Qian
|
|
Bug #1894870: etcd instance not secured
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to zhipeng liu
|
|
Bug #1895555: OAM IP change needs double lock/unlock controllers for IPV6 system
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Andre Kantek
|
|
Bug #1900920: pods do not get restarted in an AIO-DX system
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Douglas Henrique Koerich
|
|
Bug #1901449: DC: rbd mounted devices becomes read only after enabling https on system controller
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Bob Church
|
|
Bug #1902149: CVE-2019-5482: curl: heap overflow in TFTP
|
CVE-2019-5482 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1902993: CVE-2017-12652: libpng: does not check length of chunks
|
CVE-2017-12652 |
|
StarlingX
|
Fix released, assigned to Michel Thebeau [WIND]
|
|
Bug #1902995: CVE-2019-12450: glib2: file_copy_fallback does not restrict file permissions
|
CVE-2019-12450 |
|
StarlingX
|
Fix released, assigned to Michel Thebeau [WIND]
|
|
Bug #1902997: CVE-2018-20843: expat: XML input leads to high RAM and CPU
|
CVE-2018-20843 |
|
StarlingX
|
Fix released, assigned to Michel Thebeau [WIND]
|
|
Bug #1903994: Retain more puppet log files to help with debugging
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Lu Yao Chen
|
|
Bug #1904739: kubernetes-nat rule not applied on controller following DOR
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Andy
|
|
Bug #1904885: Failure to connect to registry.local due to DNS resolution issues
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Jerry Sun
|
|
Bug #1906470: CVE-2019-11068: libxslt: bypass of protection mechanism
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1906471: CVE-2019-17006: nss: crypto primitives missing length checks
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1907678: New pip resolver breaks tox for some repos
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Al Bailey
|
|
Bug #1908088: stx-tools: yum fails in Docker with misleading error messages
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Davlet Panech
|
|
Bug #1908297: populate_downloads.sh doesn't clean/backup old content
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Scott Little
|
|
Bug #1910130: Build of 'compile' layer fails due to missing python3 dependencies
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Don Penney
|
|
Bug #1912139: CVE-2018-19519: tcpdump: a stack-based buffer over-read
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #1912682: tools: Dockerfile: yum install silently ignores errors
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Davlet Panech
|
|
Bug #1914291: Failure changing kube-apiserver parameters
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Jerry Sun
|
|
Bug #1915050: IPv6: All hosts remain offline after booting off the controller-0
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-18634
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6470
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #1915864: Nodes are in unuseble state. Possible typo "'NoneType' object has no attribute 'startswith'"
|
CVE-2018-12404
CVE-2019-11745 |
|
StarlingX
|
Invalid by Zhixiong Chi
|
|
Bug #1915951: Shared NIC: System doesn't retain the rate-limit config when a pod is deleted
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Steven Webster
|
|
Bug #1916620: Worker fails reboot recovery due to SRIOV timeout
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Douglas Henrique Koerich
|
|
Bug #1916946: CVE-2021-3156 sudo privilege escalation
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1917229: worker runtime config missed system.yaml hiera
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to John Kung
|
|
Bug #1917308: Stx-openstack apply-fail after swact standby controller, lock, unlock standby controller
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Gustavo Santos
|
|
Bug #1917781: Controller-0 showing disabled/offline in dm while it is unlocked/available in sysinv
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Mihnea Saracin
|
|
Bug #1917864: bash: shell commands are no longer logged to /var/log/bash.log
|
CVE-2019-10160
CVE-2019-16056
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #1917901: tb.sh create fails on rmdir /var/lib/mock
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Scott Little
|
|
Bug #1918139: On AIO hosts, kuberenetes is starting before key resources are initialized
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Bin Qian
|
|
Bug #1918154: CVE-2020-10878: perl: perl before 5.30.3 has an integer overflow
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1918477: download_mirror.sh is slow
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Scott Little
|
|
Bug #1919274: Adding bare-metal Ceph storage backend at runtime fails
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Bob Church
|
|
Bug #1919276: Bare-metal Ceph Metadata servers are not started by the Ceph runtime manifests
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Bob Church
|
|
Bug #1920024: linuxsoft.cern.ch is no longer responding
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Scott Little
|
|
Bug #1920245: drbd filesystems not resized during bootstrap
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to David Sullivan
|
|
Bug #1923458: basearch not always set
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Scott Little
|
|
Bug #1923510: admin endpoint certificate overwritten by expired copy
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Bin Qian
|
|
Bug #1923665: No LLDP information available for Fortville i40e NIC
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Cole Walker
|
|
Bug #1923879: crash kernel fails to boot with ice network hw
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Jim Somerville
|
|
Bug #1924209: Storage-0 went offline due to NIC driver continuousely failed to allocate memory
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #1924579: armada-api container not using the correct user
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Marcus Secato
|
|
Bug #1924686: systemd excessively reads mountinfo and udev in dense container environments
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #1924691: systemd sends tons of useless PropertiesChanged messages when a mount happens
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-18634
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6470
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #1926172: Fail to run unit tests with pepe8/flake8
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Chuck Short
|
|
Bug #1926366: Two unlocks required when converting a single-nic system to enable SR-IOV on the underlying interface
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Steven Webster
|
|
Bug #1926372: CVE-2021-26937 screen segfault
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1926591: Unlock fails after restore when trying to resize docker-lv fs
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Mihnea Saracin
|
|
Bug #1926987: Download_mirror.sh fails on 'flockflock'
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Scott Little
|
|
Bug #1927137: Docker build env fails on git-review
|
CVE-2016-10739
CVE-2017-6519
CVE-2018-10360
CVE-2018-1116
CVE-2018-1122
CVE-2018-12404
CVE-2018-1312
CVE-2018-13139
CVE-2018-14348
CVE-2018-14498
CVE-2018-15473
CVE-2018-17199
CVE-2018-18384
CVE-2018-19519
CVE-2018-4700
CVE-2018-5741
CVE-2018-5742
CVE-2018-5743
CVE-2018-8905
CVE-2019-0220
CVE-2019-10160
CVE-2019-10218
CVE-2019-11068
CVE-2019-11745
CVE-2019-12735
CVE-2019-13232
CVE-2019-13734
CVE-2019-16056
CVE-2019-17006
CVE-2019-3813
CVE-2019-3880
CVE-2019-5482
CVE-2019-6477
CVE-2019-9636
CVE-2019-9924
CVE-2019-9948
CVE-2020-0549
CVE-2020-10772
CVE-2020-10878
CVE-2020-12049
CVE-2020-12663
CVE-2020-5208
CVE-2020-6851
CVE-2020-8112
CVE-2020-8617
CVE-2021-26937 |
|
StarlingX
|
Fix released, assigned to Scott Little
|
|
Bug #1927153: intel-fpga/intel-gpu/intel-qat: docker images build errors
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Davlet Panech
|
|
Bug #1927224: AIO-SX migration to AIO-DX failed on standalone system
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Pedro Henrique Linhares
|
|
Bug #1927275: AIO-SX reboots after change OAM ip address
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Andre Kantek
|
|
Bug #1927515: ETCD poor latency performance and failure under load
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Jim Gauld
|
|
Bug #1927730: Secure boot via pxeboot fails with updated grub2
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Don Penney
|
|
Bug #1927758: AIO-SX failed to come up due to sriov rate limit config failures in puppet
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Steven Webster
|
|
Bug #1927762: AIO-SX failed to start up after unlock due to lvm_global_filter.
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Mihnea Saracin
|
|
Bug #1928018: AIO-SX: armada pod stuck in Unknown after host-lock/unlock
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Angie Wang
|
|
Bug #1928135: During upgrade activation, system controller swact and activation failed
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Jessica Castelino
|
|
Bug #1928141: AIO-SX upgrade_platform playbook fails waiting for armada-api pod
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Dan Voiculeasa
|
|
Bug #1928353: Bad behaving pod not well separated from the platform
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Dan Voiculeasa
|
|
Bug #1928934: Storage-services loss of redundancy after lock/unlock of standby controller
|
CVE-2018-15473
CVE-2019-18634
CVE-2019-6470
CVE-2020-13817
CVE-2020-15705
CVE-2020-15707
CVE-2021-3156 |
|
StarlingX
|
Fix released, assigned to Mihnea Saracin
|
|
Bug #1933263: pxeboot_setup.sh copies wrong grubx64.efi
|
CVE-2020-15705 |
|
StarlingX
|
Fix released, assigned to Don Penney
|
|
Bug #1945997: CVE-2021-31535 libX11: missing request length checks
|
CVE-2021-31535 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1947610: CVE-2020-29573: glibc buffer overflow
|
CVE-2019-25013
CVE-2020-10029
CVE-2020-29573 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1954718: CVE-2016-4658 libxml2: Use after free via namespace node in XPointer ranges
|
CVE-2016-4658 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1954722: CVE-2018-25011 / CVE-2020-36328 / CVE-2020-36329: libwebp multiple CVEs
|
CVE-2018-25011
CVE-2020-36328
CVE-2020-36329 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1957929: CVE-2021-43527: nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)
|
CVE-2021-43527 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1960087: CVE-2021-4034 polkit privilege escalation
|
CVE-2021-4034 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1960765: CVE-2021-26691 / CVE-2021-39275 / CVE-2021-44790: apache / httpd multiple CVEs
|
CVE-2021-26691
CVE-2021-39275
CVE-2021-44790
CVE-2022-22720 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1964842: CVE-2021-44142 / CVE-2020-25717 / CVE-2020-25719: samba multiple CVEs
|
CVE-2020-25717
CVE-2020-25719
CVE-2021-44142 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1969362: CVE-2021-45960 / CVE-2022-22822 / CVE-2022-22823 / CVE-2022-22824 / CVE-2022-23852 / CVE-2022-25235 / CVE-2022-25236 / CVE-2022-25315: expat multiple CVEs
|
CVE-2021-45960
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-23852
CVE-2022-25235
CVE-2022-25236
CVE-2022-25315 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1969363: CVE-2022-22720: httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling
|
CVE-2021-26691
CVE-2021-39275
CVE-2021-44790
CVE-2022-22720 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1969605: CVE: CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
|
CVE-2022-0435
CVE-2022-0847 |
|
StarlingX
|
Fix released, assigned to Jiping Ma
|
|
Bug #1969993: CVE-2022-23307: log4j: Unsafe deserialization flaw in Chainsaw log viewer
|
CVE-2022-23307 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1975755: CVE-2022-23990: expat: integer overflow in the doProlog function
|
CVE-2022-23990 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1982723: Debian: CVE-2022-29155: openldap: OpenLDAP SQL injection
|
CVE-2022-29155 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #1985885: Debian: CVE-2022-28615 / CVE-2022-29404 / CVE-2022-30522 / CVE-2022-31813: apache2: A flaw was found in the mod_proxy module of httpd
|
CVE-2022-28615
CVE-2022-29404
CVE-2022-30522
CVE-2022-31813 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #1986485: Debian: CVE-2022-27404: freetype: Some commits can cause heap buffer overflows
|
CVE-2022-1664
CVE-2022-27404
CVE-2022-27405
CVE-2022-27406 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #1986486: Debian: CVE-2022-1664:dpkg package is prone to a directory traversal vulnerability
|
CVE-2022-1664 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #1987927: CVE: CVE-2021-3177 - python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
|
CVE-2019-20907
CVE-2020-26116
CVE-2021-3177
CVE-2022-0391 |
|
StarlingX
|
Fix released, assigned to Joe Slater
|
|
Bug #1994096: Debian CVE: CVE-2021-22945/CVE-2022-27781/CVE-2022-32207: curl: multiple CVEs
|
CVE-2021-22945
CVE-2022-27781
CVE-2022-32207 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #1994099: Debian CVE: CVE-2022-2795 / CVE-2022-3080 / CVE-2022-38177 / CVE-2022-38178: bind9: multiple CVEs
|
CVE-2022-2795
CVE-2022-3080
CVE-2022-38177
CVE-2022-38178 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #1994105: Debian CVE-2022-1586 / CVE-2022-1587: pcre2: multiple CVEs
|
CVE-2022-1586
CVE-2022-1587 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #1994107: Debian CVE-2022-40674: expat: a use-after-free in the doContent function
|
CVE-2022-40674 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #1994108: Debian CVE-2022-37434 / CVE-2018-25032 : zlib: multiple CVEs
|
CVE-2018-25032
CVE-2022-37434 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #1994109: Debian CVE-2021-46828: libtirpc: lead to an svc_run infinite loop
|
CVE-2021-46828
CVE-2022-46828 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #1994110: Debian CVE-2022-1552: postgresql: xecute arbitrary SQL functions under a superuser identity
|
CVE-2022-1552
CVE-2022-2509 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #1994111: Debian CVE-2022-32744 / CVE-2022-2031: samba: multiple CVEs
|
CVE-2022-2031
CVE-2022-32744 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #1994112: Debian CVE-2022-2509: libgnutls30: a double free error
|
CVE-2022-2509 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #1994113: Debian CVE-2022-1271: gzip: overwrite an attacker's content to an arbitrary attacker-selected file
|
CVE-2022-1271 |
|
StarlingX
|
Fix released, assigned to ZhangXiao
|
|
Bug #1994115: Debian CVE-2022-26353: qemu: memory leakage
|
CVE-2022-26353 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #1996015: [Debian] CVE: CVE-2022-1012/CVE-2022-36946/CVE-2022-3621/CVE-2022-3649/CVE-2022-3594: kernel: multiple CVEs
|
CVE-2022-1012
CVE-2022-3594
CVE-2022-3621
CVE-2022-3649
CVE-2022-36946 |
|
StarlingX
|
Fix released, assigned to Jiping Ma
|
|
Bug #1997194: [Debian] CVE: CVE-2022-43680: libexpat: XML_ExternalEntityParserCreate in out-of-memory
|
CVE-2022-43680 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #1997197: [Debian] CVE: CVE-2022-40617: strongswan: remote attackers to cause a denial of service
|
CVE-2022-40617 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #1997198: [Debian] CVE: CVE-2022-41323/CVE-2022-34265/CVE-2022-28347/CVE-2022-28346/CVE-2022-23833: python3-django: multiple CVEs
|
CVE-2022-23833
CVE-2022-28346
CVE-2022-28347
CVE-2022-34265
CVE-2022-41323 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #1997327: [Debian] CVE: CVE-2022-37797: lighttpd : null pointer dereference
|
CVE-2022-37797 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #1997328: [Debian] CVE: CVE-2022-2928: isc-dhcp : overflow and cause the server to abort
|
CVE-2022-2928
CVE-2022-2929 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #1999358: [Debian] CVE: CVE-2022-41556/CVE-2022-30780: Lighttpd : multiple CVEs Edit
|
CVE-2022-30780
CVE-2022-41556 |
|
StarlingX
|
Won't fix, assigned to Yue Tao
|
|
Bug #1999991: [Debian] CVE: CVE-2022-40303: libxml2: leading to a segmentation fault
|
CVE-2022-40303 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2002269: [Debian] CVE: CVE-2022-42898: krb5: integer overflows.
|
CVE-2022-42898 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2002277: [Debian] CVE: CVE-2022-47629/CVE-2022-3515: libksba : integer overflow vulnerability.
|
CVE-2022-3515
CVE-2022-47629 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2002279: [Debian] CVE: CVE-2021-46848: libtasn1 : an ETYPE_OK off-by-one
|
CVE-2021-46848 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2002280: [Debian] CVE: CVE-2022-3643/CVE-2022-3524: kernel: multiple CVEs
|
CVE-2022-3524
CVE-2022-3643 |
|
StarlingX
|
Fix released, assigned to Jiping Ma
|
|
Bug #2002281: [Debian] CVE: CVE-2021-46669/CVE-2022-27376/CVE-2022-27377...CVE-2022-32089/CVE-2022-32091: mariadb: multiple CVEs
|
CVE-2021-46669
CVE-2022-27376
CVE-2022-27377
CVE-2022-27378
CVE-2022-27379
CVE-2022-27380
CVE-2022-27381
CVE-2022-27382
CVE-2022-27383
CVE-2022-27384
CVE-2022-27385
CVE-2022-27386
CVE-2022-27387
CVE-2022-27444
CVE-2022-27445
CVE-2022-27446
CVE-2022-27447
CVE-2022-27448
CVE-2022-27449
CVE-2022-27451
CVE-2022-27452
CVE-2022-27455
CVE-2022-27456
CVE-2022-27457
CVE-2022-27458
CVE-2022-32081
CVE-2022-32082
CVE-2022-32083
CVE-2022-32084
CVE-2022-32085
CVE-2022-32086
CVE-2022-32087
CVE-2022-32088
CVE-2022-32089
CVE-2022-32091 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #2006409: [Debian] CVE: CVE-2022-4337 / CVE-2022-4338: openvswitch: multiple CVEs
|
CVE-2022-4337
CVE-2022-4338 |
|
StarlingX
|
Fix released, assigned to Yue Tao
|
|
Bug #2006410: [Debian] CVE: CVE-2022-3094 / CVE-2022-3736 / CVE-2022-3924: bind: multiple CVEs
|
CVE-2022-3094
CVE-2022-3736
CVE-2022-3924 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2006412: [Debian] CVE: CVE-2022-32221/CVE-2022-43552: curl: multi CVEs
|
CVE-2022-32221
CVE-2022-43552 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2009332: [Debian] CVE: CVE-2023-23916: curl: An allocation of resources without limits or throttling vulnerability
|
CVE-2023-23916 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2009333: [Debian] CVE: CVE-2022-25147: apr-util: Integer Overflow or Wraparound vulnerability
|
CVE-2022-25147 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2009334: [Debian] CVE: CVE-2023-25725: haproxy : may allow a bypass of access control
|
CVE-2023-0056
CVE-2023-25725 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2009336: [Debian] CVE: CVE-2022-4450/CVE-2023-0215: openssl: multi CVEs
|
CVE-2022-2097
CVE-2022-4304
CVE-2022-4450
CVE-2023-0215
CVE-2023-0286 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2009723: build-tools: latest git in debian bullseye causes docker build errors
|
CVE-2023-22490 |
|
StarlingX
|
Fix released, assigned to Davlet Panech
|
|
Bug #2012865: [Debian] CVE: CVE-2006-20001/CVE-2023-25690/CVE-2022-36760/CVE-2022-37436/CVE-2023-27522: apache2: multi CVEs
|
CVE-2006-20001
CVE-2022-36760
CVE-2022-37436
CVE-2023-25690
CVE-2023-27522 |
|
StarlingX
|
Fix released, assigned to ZhangXiao
|
|
Bug #2012866: [Debian] CVE: CVE-2022-24963: apr: Integer Overflow or Wraparound vulnerability
|
CVE-2022-24963 |
|
StarlingX
|
Fix released, assigned to ZhangXiao
|
|
Bug #2012868: [Debian] CVE: CVE-2022-38725: syslog-ng: An integer overflow in the RFC3164 parser
|
CVE-2022-38725 |
|
StarlingX
|
Fix released, assigned to ZhangXiao
|
|
Bug #2013012: [Debian] CVE: CVE-2022-42333 xen: x86/HVM pinned cache attributes mis-handling
|
CVE-2022-42333 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2015711: [Debian] CVE: CVE-2022-4379: kernel: A use-after-free vulnerability
|
CVE-2022-4379 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2018636: [Debian]: CVE: CVE-2022-37026: erlang a Client Authentication Bypass in certain client-certification situations
|
CVE-2022-37026 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2018637: [Debian]: CVE-2022-3204/CVE-2022-30698/CVE-2022-30699: unbound multiple CVEs
|
CVE-2022-30698
CVE-2022-30699
CVE-2022-3204 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2018638: [Debian]: CVE: CVE-2022-4904: c-ares arbitrary length stack overflow
|
CVE-2022-4904 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2018639: [Debian]: CVE: CVE-2022-21797: python3-joblib: Arbitrary Code Execution
|
CVE-2022-21797 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2018640: [Debian] CVE: CVE-2023-1668: openvswitch incorrect handling of other IP packets with a != 0
|
CVE-2023-1668 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2018641: [Debian]: CVE: CVE-2021-43612: lldpd an out-of-bounds heap read via short SONMP packets
|
CVE-2021-43612 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2020638: [Debian] CVE: CVE-2022-24761: python3-waitress: Inconsistent Interpretation of HTTP Requests
|
CVE-2022-24761 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2020639: [Debian] CVE: CVE-2021-30560: libxslt: use-after-free in xsltApplyTemplates
|
CVE-2021-30560 |
|
StarlingX
|
Fix released (unassigned)
|
|
Bug #2020720: [Debian] CVE: CVE-2022-41973/CVE-2022-41974: multipath-tools: multiple CVEs
|
CVE-2022-41973
CVE-2022-41974 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2020722: [Debian] CVE: CVE-2023-0767: nss: result in execution of arbitrary code
|
CVE-2023-0767 |
|
StarlingX
|
Fix released (unassigned)
|
|
Bug #2020724: Debian]: CVE: CVE-2023-0361: gnutls: e able to decrypt the application data exchanged over that connection
|
CVE-2023-0361 |
|
StarlingX
|
Fix released (unassigned)
|
|
Bug #2020726: [Debian] CVE: CVE-2023-22809: sudo: allowing a local attacker to append arbitrary entries
|
CVE-2023-22809 |
|
StarlingX
|
Fix released (unassigned)
|
|
Bug #2020727: [Debian] CVE: CVE-2022-44638: pixman: an out-of-bounds write
|
CVE-2022-44638 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2020729: [Debian] CVE: CVE-2022-24805/CVE-2022-24806/.../CVE-2022-24810: net-snmp: multiple
|
CVE-2022-24805
CVE-2022-24806
CVE-2022-24807
CVE-2022-24808
CVE-2022-24809
CVE-2022-24810 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2020730: [Debian] CVE: CVE-2022-2601/CVE-2022-3775: grub2: multiple CVEs
|
CVE-2022-2601
CVE-2022-3775 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2020732: [Debian] CVE: CVE-2023-0836: haproxy: 5 bytes left uninitialized in the connection buffer
|
CVE-2023-0836 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2020741: [Debian] CVE: CVE-2023-1667/CVE-2023-2283: libssh: multiple CVEs
|
CVE-2023-1667
CVE-2023-2283 |
|
StarlingX
|
Fix released (unassigned)
|
|
Bug #2020742: [Debian] CVE: CVE-2023-2454/CVE-2023-2455/CVE-2022-2625: postgresql: multiple CVEs
|
CVE-2022-2625
CVE-2023-2454
CVE-2023-2455 |
|
StarlingX
|
Fix released (unassigned)
|
|
Bug #2021447: [Debian] Medium CVE: CVE-2021-3468: avahi: trigger an infinite loop
|
CVE-2021-3468 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2021448: [Debian] Medium CVE: CVE-2022-3821/CVE-2022-4415: systemd: multiple CVEs
|
CVE-2022-3821
CVE-2022-4415 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2021462: [Debian] Medium CVE: CVE-2023-28484/CVE-2023-29469: libxml2: multiple CVEs
|
CVE-2023-28484
CVE-2023-29469 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2021465: [Debian] Medium CVE: CVE-2022-42010/CVE-2022-42011/CVE-2022-42012: dbus: multiple CVEs
|
CVE-2022-42010
CVE-2022-42011
CVE-2022-42012 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2021469: [Debian] Medium CVE: CVE-2022-3100: barbican: an access policy bypass via a query string
|
CVE-2022-3100 |
|
StarlingX
|
Fix released, assigned to ZhangXiao
|
|
Bug #2021470: [Debian] Medium CVE: CVE-2021-3502: avahi: a local attacker to crash the avahi service
|
CVE-2021-3502 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2021473: [Debian] Medium CVE: CVE-2022-1348: logrotate: allowing an unprivileged user to lock the state file
|
CVE-2022-1348 |
|
StarlingX
|
Fix released, assigned to ZhangXiao
|
|
Bug #2021475: [Debian] Medium CVE: CVE-2022-34903: gnupg2: allows signature forgery via injection into the status line
|
CVE-2022-34903 |
|
StarlingX
|
Fix released, assigned to ZhangXiao
|
|
Bug #2021476: [Debian] CVE: CVE-2022-38223: w3m: an attacker to cause Denial of Service
|
CVE-2022-38223 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2021477: [Debian] CVE: CVE-2022-29458: ncurses: an out-of-bounds read
|
CVE-2022-29458 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2021482: [Debian] High CVE: CVE-2022-2255: mod-wsgi: pass the X-Client-IP header to the target WSGI application
|
CVE-2022-2255 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2021536: [Debian] High CVE: CVE-2022-25308/CVE-2022-25309/CVE-2022-25310: fribidi: multiple CVEs
|
CVE-2022-25308
CVE-2022-25309
CVE-2022-25310 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2021541: [Debian] High CVE: CVE-2022-0135: virglrenderer a denial of service or possible code execution
|
CVE-2022-0135 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2021544: [Debian] High CVE: CVE-2021-3999: glibc: An off-by-one buffer overflow and underflow
|
CVE-2021-3999 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2021546: [Debian] High CVE: CVE-2021-38155: keystone: nformation disclosure during account locking
|
CVE-2021-38155 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2021548: [Debian] High CVE: CVE-2022-22707: lighttpd: a stack-based buffer overflow
|
CVE-2022-22707 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2021927: [Debian] CVE:CVE-2023-32233/CVE-2023-31436/CVE-2023-2513/CVE-2023-1859/CVE-2023-2156/CVE-2023-34256: kernel: multiple CVEs
|
CVE-2023-1859
CVE-2023-2156
CVE-2023-2513
CVE-2023-31436
CVE-2023-32233
CVE-2023-34256 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2022017: [Debian] High CVE: CVE-2023-0464/CVE-2023-0465/CVE-2023-0466/CVE-2023-2650: openssl: multiple CVEs
|
CVE-2023-0464
CVE-2023-0465
CVE-2023-0466
CVE-2023-2650 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2022018: [Debian] High CVE: CVE-2023-2253: docker-registry: denial of service by a crafted malicious
|
CVE-2023-2253 |
|
StarlingX
|
Fix released, assigned to ZhangXiao
|
|
Bug #2025013: [Debian] High CVE: CVE-2023-2828/CVE-2023-2911: bind: multiple CVEs
|
CVE-2023-2828
CVE-2023-2911 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2025014: [Debian] High CVE: CVE-2023-3138: libx11: a buffer overflow
|
CVE-2023-3138 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2025015: [Debian] High CVE: CVE-2023-31130/CVE-2023-32067: c-ares: multiple CVEs
|
CVE-2023-31130
CVE-2023-32067 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2025123: [Debian] High CVE: CVE-2023-3090/CVE-2023-3212/CVE-2023-35788/CVE-2023-3141/CVE-2023-3111/CVE-2023-3338/CVE-2023-2124/CVE-2023-3609: kernel: multiple CVEs
|
CVE-2023-2124
CVE-2023-3090
CVE-2023-3111
CVE-2023-3141
CVE-2023-3212
CVE-2023-3338
CVE-2023-35788
CVE-2023-3609 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2026664: [Debian] High CVE: CVE-2023-30861 flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header
|
CVE-2023-30861 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2029210: [Debian] High CVE: CVE-2023-38403 iperf3: integer overflow and heap corruption
|
CVE-2023-38403 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2029211: [Debian] High CVE: CVE-2023-4004/CVE-2023-31248/CVE-2023-35001/CVE-2023-3117/CVE-2023-3611/CVE-2023-3610/CVE-2023-3776/CVE-2023-3390/CVE-2023-2898/CVE-2023-3863/CVE-2023-20593/CVE-2023-4132 kernel: multiple CVEs
|
CVE-2023-20593
CVE-2023-2898
CVE-2023-3117
CVE-2023-31248
CVE-2023-3390
CVE-2023-35001
CVE-2023-3610
CVE-2023-3611
CVE-2023-3776
CVE-2023-3863
CVE-2023-4004
CVE-2023-4132 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2030472: [Debian] High CVE: CVE-2023-36053/CVE-2023-23969/CVE-2023-24580/CVE-2023-31047 python-django: multiple CVEs
|
CVE-2023-23969
CVE-2023-24580
CVE-2023-31047
CVE-2023-36053 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2030473: [Debian] High CVE: CVE-2023-23934/CVE-2023-25577 python-werkzeug: multiple CVEs
|
CVE-2023-23934
CVE-2023-25577 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2033580: [Debian] High CVE: CVE-2023-37328 gst-plugins-base1.0: Heap-based buffer overflow
|
CVE-2023-37328 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2033581: [Debian] Critical CVE: CVE-2021-32292 json-c: a stack-buffer-overflow
|
CVE-2021-32292 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2034117: [Debian] High CVE: CVE-2022-48554 file: an stack-based buffer over-read
|
CVE-2022-48554 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2034119: [Debian] High CVE: CVE-2021-3695/CVE-2021-3696/CVE-2021-3697/CVE-2022-28733/CVE-2022-28734/CVE-2022-28735/CVE-2022-28736 grub2: multiple CVEs
|
CVE-2021-3695
CVE-2021-3696
CVE-2021-3697
CVE-2022-28733
CVE-2022-28734
CVE-2022-28735
CVE-2022-28736 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2036311: [Debian] High CVE: CVE-2023-3777/CVE-2023-4015/CVE-2023-4208/CVE-2023-4206/CVE-2023-4207/CVE-2023-3772/CVE-2022-45887/CVE-2022-45886/CVE-2022-45919/CVE-2023-3773/CVE-2023-21400 kernel: multiple CVEs
|
CVE-2022-39189
CVE-2022-40982
CVE-2022-4269
CVE-2022-45886
CVE-2022-45887
CVE-2022-45919
CVE-2023-0160
CVE-2023-1206
CVE-2023-1380
CVE-2023-2002
CVE-2023-20588
CVE-2023-21255
CVE-2023-21400
CVE-2023-2163
CVE-2023-2269
CVE-2023-31084
CVE-2023-3268
CVE-2023-3389
CVE-2023-34256
CVE-2023-34319
CVE-2023-35823
CVE-2023-35824
CVE-2023-35828
CVE-2023-35829
CVE-2023-3772
CVE-2023-3773
CVE-2023-3777
CVE-2023-4015
CVE-2023-40283
CVE-2023-4128
CVE-2023-4147
CVE-2023-4194
CVE-2023-4206
CVE-2023-4207
CVE-2023-4208
CVE-2023-4273 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2036491: [Debian] High CVE: CVE-2023-2002/CVE-2023-21255/CVE-2023-2269/CVE-2023-31084/CVE-2023-3268/CVE-2023-3389/CVE-2023-34319/CVE-2023-4194/CVE-2023-4147/CVE-2023-4273/CVE-2022-40982/CVE-2023-4128/CVE-2023-40283/CVE-2023-1206/CVE-2023-0160 kernel: multiple CVEs
|
CVE-2022-39189
CVE-2022-40982
CVE-2022-4269
CVE-2022-45886
CVE-2022-45887
CVE-2022-45919
CVE-2023-0160
CVE-2023-1206
CVE-2023-1380
CVE-2023-2002
CVE-2023-20588
CVE-2023-21255
CVE-2023-21400
CVE-2023-2163
CVE-2023-2269
CVE-2023-31084
CVE-2023-3268
CVE-2023-3389
CVE-2023-34256
CVE-2023-34319
CVE-2023-35823
CVE-2023-35824
CVE-2023-35828
CVE-2023-35829
CVE-2023-3772
CVE-2023-3773
CVE-2023-3777
CVE-2023-4015
CVE-2023-40283
CVE-2023-4128
CVE-2023-4147
CVE-2023-4194
CVE-2023-4206
CVE-2023-4207
CVE-2023-4208
CVE-2023-4273 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2037162: [Debian] High CVE: CVE-2023-3341/CVE-2023-4236 bind9: multiple CVEs
|
CVE-2023-3341
CVE-2023-4236 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2037481: [Debian] Critical CVE: CVE-2023-41910 lldpd: an out-of-bounds read on heap memory
|
CVE-2023-41910 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2038707: [Debian] High CVE: CVE-2023-43785/CVE-2023-43786/CVE-2023-43787 libx11
|
CVE-2023-43785
CVE-2023-43786
CVE-2023-43787 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2038708: [Debian] High CVE: CVE-2023-4911 glibc
|
CVE-2023-4911 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2038710: [Debian] High CVE: CVE-2023-42755/CVE-2023-42752/CVE-2023-4622/CVE-2023-37453/CVE-2023-42753/CVE-2023-4623/CVE-2023-4921 kernel: multiple CVEs
|
CVE-2022-45884
CVE-2023-31084
CVE-2023-31085
CVE-2023-3389
CVE-2023-37453
CVE-2023-39189
CVE-2023-39192
CVE-2023-39193
CVE-2023-39194
CVE-2023-4244
CVE-2023-42752
CVE-2023-42753
CVE-2023-42754
CVE-2023-42755
CVE-2023-42756
CVE-2023-45871
CVE-2023-4622
CVE-2023-4623
CVE-2023-4921
CVE-2023-5197 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2038742: [Debian] Critical CVE: CVE-2023-4692/CVE-2023-4693 grub2: multiple CVEs
|
CVE-2023-4692
CVE-2023-4693 |
|
StarlingX
|
Fix released, assigned to Li Zhou
|
|
Bug #2038793: [Debian] High CVE: CVE-2021-38185 cpio: integer overflow that triggers an out-of-bounds heap write
|
CVE-2021-38185 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2038794: [Debian] Critical CVE: CVE-2023-38408 openssh: an insufficiently trustworthy search path
|
CVE-2023-38408 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2038795: [Debian] High CVE: CVE-2023-36054 krb5: a remote authenticated user can trigger a kadmind crash
|
CVE-2023-36054 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2038796: [Debian] High CVE: CVE-2023-4504/CVE-2023-32324/CVE-2023-32360/CVE-2023-34241 cups: multiple CVEs
|
CVE-2023-32324
CVE-2023-32360
CVE-2023-34241
CVE-2023-4504 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2038877: [Debian] High CVE: CVE-2023-27533/CVE-2023-27534/CVE-2023-27535/CVE-2023-27536/CVE-2023-27538/CVE-2023-28321/CVE-2023-28322 curl: multiple CVEs
|
CVE-2023-27533
CVE-2023-27534
CVE-2023-27535
CVE-2023-27536
CVE-2023-27538
CVE-2023-28321
CVE-2023-28322
CVE-2023-38545
CVE-2023-38546 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2038878: [Debian] High CVE: CVE-2023-34969 dbus: dbus-daemon crash under some circumstances
|
CVE-2023-34969 |
|
StarlingX
|
Fix released, assigned to hqbai
|
|
Bug #2038879: [Debian] High CVE: CVE-2021-23336/CVE-2022-0391/CVE-2022-48560/CVE-2022-48565/CVE-2022-48566/CVE-2023-24329/CVE-2023-40217 python2.7: multiple CVEs
|
CVE-2021-23336
CVE-2022-0391
CVE-2022-48560
CVE-2022-48565
CVE-2022-48566
CVE-2023-24329
CVE-2023-40217 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2038880: [Debian] High CVE: CVE-2022-45582 horizon: Open Redirect vulnerability
|
CVE-2022-45582 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2038881: [Debian] High CVE: CVE-2023-29491 ncurses: trigger security-relevant memory corruption
|
CVE-2023-29491 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2038882: [Debian] High CVE: CVE-2017-16516/CVE-2022-24795/CVE-2023-33460 yajl: multiple CVEs
|
CVE-2017-16516
CVE-2022-24795
CVE-2023-33460 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2038884: [Debian] High CVE: CVE-2019-6706/CVE-2020-24370 lua5.3: multiple CVEs
|
CVE-2019-6706
CVE-2020-24370 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2038885: [Debian] High CVE: CVE-2023-35936 pandoc: an arbitrary file write vulnerability
|
CVE-2023-35936 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2038888: [Debian] High CVE: CVE-2020-14394/CVE-2021-20196/.../CVE-2023-3301/CVE-2023-3354 qemu: multiple CVEs
|
CVE-2020-14394
CVE-2021-20196
CVE-2021-20203
CVE-2021-3507
CVE-2021-3930
CVE-2022-0216
CVE-2023-0330
CVE-2023-1544
CVE-2023-3180
CVE-2023-3301
CVE-2023-3354 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2042977: Mitigate CVE-2022-4886, CVE-2023-5043 and CVE-2023-5044 for ingress-nginx
|
CVE-2022-4886
CVE-2023-5044 |
|
StarlingX
|
Fix released, assigned to Reinildes Oliveira
|
|
Bug #2043434: [Debian] [Medium] CVE: CVE-2022-2929: isc-dhcp : server to run out of memory
|
CVE-2022-2928
CVE-2022-2929 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2043435: [Debian] High CVE: CVE-2023-5868/CVE-2023-5869/CVE-2023-5870/CVE-2023-39417 postgresql-13 : multiple CVEs
|
CVE-2023-39417
CVE-2023-5868
CVE-2023-5869
CVE-2023-5870 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2043947: [Debian] High CVE: CVE-2023-35827/CVE-2023-5717/CVE-2023-5178/CVE-2023-46813 kernel: multiple CVEs
|
CVE-2023-34324
CVE-2023-35827
CVE-2023-39197
CVE-2023-46813
CVE-2023-46862
CVE-2023-4881
CVE-2023-5178
CVE-2023-51780
CVE-2023-51781
CVE-2023-51782
CVE-2023-5717
CVE-2023-6121
CVE-2023-6176
CVE-2023-6531
CVE-2023-6546
CVE-2023-6817
CVE-2023-6931
CVE-2023-6932 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2044204: [Debian] Critical CVE: CVE-2023-41913 strongswan: potential buffer overflow
|
CVE-2023-41913 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2045522: [Debian] High CVE: CVE-2023-46118 rabbitmq-server - denial of service (DoS) attacks
|
CVE-2023-46118 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2045544: [Debian] High CVE: CVE-2023-44487 nghttp2 - denial of service
|
CVE-2023-44487 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2047185: [Debian] High CVE: CVE-2023-45866 bluez: permit an unauthenticated Peripheral role
|
CVE-2023-45866 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2047315: [Debian] Critical CVE: CVE-2023-51384/CVE-2023-28531/CVE-2023-48795/CVE-2023-51385/CVE-2021-41617 openssh : multiple CVEs
|
CVE-2021-41617
CVE-2023-28531
CVE-2023-48795
CVE-2023-51384
CVE-2023-51385 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2047316: [Debian] High CVE: CVE-2023-46218 curl: a mixed case flaw
|
CVE-2023-46218 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2047673: [Debian] Medium CVE: CVE-2023-6004/CVE-2023-6918/CVE-2023-48795 libssh : multiple CVEs
|
CVE-2023-48795
CVE-2023-6004
CVE-2023-6918 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2047674: [Debian] High CVE: CVE-2023-40225/CVE-2023-45539 haproxy : multiple CVEs
|
CVE-2023-40225
CVE-2023-45539 |
|
StarlingX
|
Fix released, assigned to Zhixiong Chi
|
|
Bug #2052923: [Debian] Medium CVE: CVE-2022-31160 jqueryui: potentially vulnerable to cross-site scripting
|
CVE-2022-31160 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2052924: [Debian] High CVE: CVE-2023-29499/CVE-2023-32611/CVE-2023-32665 glib2.0 : multiple CVEs
|
CVE-2023-29499
CVE-2023-32611
CVE-2023-32665 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2052926: [Debian] Medium CVE: CVE-2022-48303/CVE-2023-39804 tar : multiple CVEs
|
CVE-2022-48303
CVE-2023-39804 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2052927: [Debian] High CVE: CVE-2023-47038 perl: buffer overflow in a heap allocated buffer
|
CVE-2023-47038 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2054273: [Debian] Medium CVE: CVE-2023-48733 edk2 OS-resident attacker to bypass Secure Boot
|
CVE-2023-48733 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2054274: [Debian] High CVE: CVE-2024-0985 postgresql-13 execute arbitrary SQL functions as the command issuer
|
CVE-2024-0985 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2054275: [Debian] High CVE: CVE-2023-4408/CVE-2023-5517/.../CVE-2023-50868/CVE-2023-6516 bind9 : multiple CVEs
|
CVE-2023-4408
CVE-2023-50387
CVE-2023-50868
CVE-2023-5517
CVE-2023-5679
CVE-2023-6516 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2054276: [Debian] Medium CVE: CVE-2023-50387/CVE-2023-50868 unbound : multiple CVEs
|
CVE-2023-50387
CVE-2023-50868 |
|
StarlingX
|
Fix released, assigned to Peng Zhang
|
|
Bug #2057487: [Debian] Medium CVE: CVE-2023-5981 gnutls28: timing side-channel in the RSA-PSK authentication
|
CVE-2023-5981 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2057488: [Debian] High CVE: CVE-2024-24806 libuv1: Improper Domain Lookup that potentially leads to SSRF attacks
|
CVE-2024-24806 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2057984: [Debian] High CVE: CVE-2023-3966/CVE-2023-5366/CVE-2024-22563 openvswitch : multiple CVEs
|
CVE-2023-3966
CVE-2023-5366
CVE-2024-22563 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2058868: [Debian] High CVE: CVE-2022-2127/CVE-2022-3437/CVE-2023-34966/CVE-2023-34967/CVE-2023-34968 samba : multiple CVEs
|
CVE-2022-2127
CVE-2022-3437
CVE-2023-34966
CVE-2023-34967
CVE-2023-34968
CVE-2023-4091 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2059877: [Debian] Medium CVE: CVE-2024-28085 util-linux
|
CVE-2024-28085 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2063187: [Debian] High CVE: CVE-2023-31122/CVE-2023-38709/.../CVE-2024-24795/CVE-2024-27316 apache2 : multiple CVEs
|
CVE-2023-31122
CVE-2023-38709
CVE-2023-43622
CVE-2023-45802
CVE-2024-24795
CVE-2024-27316 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2063188: [Debian] Medium CVE: CVE-2024-2961 glibc
|
CVE-2024-2961 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2064862: [Debian] Critical CVE: CVE-2024-33599/CVE-2024-33600/CVE-2024-33601/CVE-2024-33602 glibc : multiple CVEs
|
CVE-2024-33599
CVE-2024-33600
CVE-2024-33601
CVE-2024-33602 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2064863: [Debian] High CVE: CVE-2022-48624/CVE-2024-32487 less : multiple CVEs
|
CVE-2022-48624
CVE-2024-32487 |
|
StarlingX
|
Fix released, assigned to Wentao Zhang
|
|
Bug #2065130: [Debian] Medium CVE: CVE-2024-34397 glib2.0
|
CVE-2024-34397 |
|
StarlingX
|
Fix released (unassigned)
|
