Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Developer
William Hubbs
Packages
250
Stabilization
15
Outdated
57
Pull requests
14
Bugs
285
Security
37
Changelog
Security Bug Reports
app-containers/umoci: host file overwrite
780582 - Assigned to Gentoo Security
sys-cluster/kube-apiserver: webhook redirect vulnerability
813645 - Assigned to Gentoo Security
<app-containers/docker-20.10.9: multiple vulnerabilities
816273 - Assigned to Gentoo Security
<app-containers/docker-cli-20.10.9: May send credentials to non-chosen registry (CVE-2021-41092)
816321 - Assigned to Gentoo Security
<mail-mta/postfix-3.6.3: queue file corruption
822753 - Assigned to Gentoo Security
<app-containers/runc-1.0.2-r1: Access restriction bypass (CVE-2021-43784)
828471 - Assigned to Gentoo Security
<sys-cluster/kubectl-1.26.0: lacks escape/meta/control sequence filtering in terminal output
830714 - Assigned to Gentoo Security
<net-vpn/openvpn-2.5.6: potential authentication by-pass with multiple deferred authentication plug-ins
835514 - Assigned to Gentoo Security
<app-containers/runc-1.1.2: incorrect handling of inheritable capabilities
844085 - Assigned to Gentoo Security
dev-util/wasmer: 'cargo audit' reports one or more bundled CRATES as vulnerable
864079 - Assigned to Gentoo Security
<app-containers/docker-20.10.22: supplementary groups mishandling
869407 - Assigned to Gentoo Security
<app-containers/docker-20.10.22: Git vulnerability mitigations
877653 - Assigned to Gentoo Security
<app-metrics/prometheus-2.40.4 app-metrics/prometheus-bin: basic authentication bypass
883637 - Assigned to Gentoo Security
<app-metrics/blackbox_exporter-0.24.0: basic authentication bypass
883651 - Assigned to Gentoo Security
<app-metrics/node_exporter-1.5.0: basic authentication bypass
883653 - Assigned to Gentoo Security
<app-metrics/prometheus-2.43.0: security fixes in bundled code
885109 - Assigned to Gentoo Security
<app-containers/docker-20.10.22: multiple vulnerabilities
886509 - Assigned to Gentoo Security
app-metrics/consul_exporter: basic authentication bypass
890162 - Assigned to Gentoo Security
dev-util/gitlab-runner: user jumping vulnerability
891253 - Assigned to Gentoo Security
app-containers/containerd: multiple vulnerabilities
897960 - Assigned to Gentoo Security
<app-containers/runc-1.1.5: Privilege escalation bug
903079 - Assigned to Gentoo Security
<app-containers/docker-23.0.3: multiple vulnerabilities
903804 - Assigned to Gentoo Security
app-containers/docker: vulnerability in bundled buildkit
905336 - Assigned to Gentoo Security
<dev-python/MechanicalSoup-1.3.0: Malicious web server can read arbitrary files on client using file input inside HTML form
909723 - Assigned to Gentoo Security
<net-vpn/openvpn-2.6.7: Multiple vulnerabilities
917272 - Assigned to Gentoo Security
net-vpn/openvpn: DoS via crafted reset packet
918673 - Assigned to Gentoo Security
sys-cluster/kube-apiserver: authentication bypass vulnerability
919131 - Assigned to Gentoo Security
<dev-lang/go-{1.20.12,1.21.5}: multiple vulnerabilities
919310 - Assigned to Gentoo Security
<mail-mta/postfix-3.8.4: SMTP smuggling
920509 - Assigned to Gentoo Security
<app-containers/runc-1.1.12: container breakout attack
923434 - Assigned to Gentoo Security
app-containers/docker: multiple vulnerabilities
925022 - Assigned to Gentoo Security
sys-cluster/nomad: multiple vulnerabilities
925029 - Assigned to Gentoo Security
dev-go/protobuf-go: infinite loop with certain forms of invalid JSON
926531 - Assigned to Gentoo Security
<net-libs/nodejs-{18.20.1,20.12.1}: multiple vulnerabilities
928532 - Assigned to Gentoo Security
<dev-lang/go-{1.21.9,1.22.2}: HTTP/2 CONTINUATION frames can be utilized for DoS attacks
928539 - Assigned to Gentoo Security
<dev-lang/go-{1.21.10,1.22.3}: malformed DNS message can cause infinite loop
931602 - Assigned to Gentoo Security
<app-containers/skopeo-1.15.1 affected by CVE-2024-3727 allowing unexpected authenticated registry accesses
932453 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.