Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Developer
Zac Medico
Packages
188
Stabilization
21
Outdated
40
Pull requests
5
Bugs
211
Security
24
Changelog
Security Bug Reports
app-text/podofo: multiple vulnerabilities (CVE-2020-{18971,18972}, CVE-2021-{30469,30470,30471,30472})
782706 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
795312 - Assigned to Gentoo Security
www-apps/chromedriver-bin: CSRF to code execution
833160 - Assigned to Gentoo Security
<www-servers/caddy-2.5.2: oob read allows for DoS
860147 - Assigned to Gentoo Security
app-shells/nushell: 'cargo audit' reports one or more bundled CRATES as vulnerable
864031 - Assigned to Gentoo Security
dev-lang/starlark-rust: 'cargo audit' reports one or more bundled CRATES as vulnerable
864043 - Assigned to Gentoo Security
<app-containers/docker-registry-2.8.1: multiple vulnerabilities
872410 - Assigned to Gentoo Security
app-containers/buildah: multiple vulnerabilities
884859 - Assigned to Gentoo Security
app-text/podofo: heap buffer overread
904939 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
905089 - Assigned to Gentoo Security
net-dns/coredns: multiple vulnerabilities
905301 - Assigned to Gentoo Security
<app-text/editorconfig-core-c-0.12.6: arbitrary stack write
905308 - Assigned to Gentoo Security
<dev-db/etcd-3.4.26: key name disclosure
906656 - Assigned to Gentoo Security
<app-admin/consul-1.15.3: multiple vulnerabilities
907925 - Assigned to Gentoo Security
<app-admin/consul-1.15.7: multiple vulnerabilities
917614 - Assigned to Gentoo Security
<www-servers/caddy-2.7.5: http/2 rapid reset vulnerability
918413 - Assigned to Gentoo Security
<dev-db/etcd-3.4.28: http/2 rapid reset vulnerability
918419 - Assigned to Gentoo Security
<app-admin/vault-1.14.5: multiple vulnerabilities
918420 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
918550 - Assigned to Gentoo Security
<app-admin/vault-1.14.8: denial of service via large HTTP requests
920177 - Assigned to Gentoo Security
<app-admin/consul-1.15.10: multiple vulnerabilities in bundled envoy
925030 - Assigned to Gentoo Security
<sys-apps/flatpak-{1.14.6,1.12.9}: Sandbox escape via RequestBackground portal
930202 - Assigned to Gentoo Security
<app-containers/podman-5.0.3: unexpected authenticated registry access
936573 - Assigned to Gentoo Security
<sys-apps/flatpak-1.4.10: Access to files outside sandbox for apps using persistent= (--persist)
937936 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.