github.com/argoproj/argo-cd/v2@v2.10.5/docs/snyk/v2.6.15/quay.io_argoproj_argocd_v2.6.15.html (about) 1 <!DOCTYPE html> 2 <html lang="en"> 3 4 <head> 5 <meta http-equiv="Content-type" content="text/html; charset=utf-8"> 6 <meta http-equiv="Content-Language" content="en-us"> 7 <meta name="viewport" content="width=device-width, initial-scale=1.0"> 8 <meta http-equiv="X-UA-Compatible" content="IE=edge"> 9 <title>Snyk test report</title> 10 <meta name="description" content="48 known vulnerabilities found in 168 vulnerable dependency paths."> 11 <base target="_blank"> 12 <link rel="icon" type="image/png" href="https://res.cloudinary.com/snyk/image/upload/v1468845142/favicon/favicon.png" 13 sizes="194x194"> 14 <link rel="shortcut icon" href="https://res.cloudinary.com/snyk/image/upload/v1468845142/favicon/favicon.ico"> 15 <style type="text/css"> 16 17 body { 18 -moz-font-feature-settings: "pnum"; 19 -webkit-font-feature-settings: "pnum"; 20 font-variant-numeric: proportional-nums; 21 display: flex; 22 flex-direction: column; 23 font-feature-settings: "pnum"; 24 font-size: 100%; 25 line-height: 1.5; 26 min-height: 100vh; 27 -webkit-text-size-adjust: 100%; 28 margin: 0; 29 padding: 0; 30 background-color: #F5F5F5; 31 font-family: 'Arial', 'Helvetica', Calibri, sans-serif; 32 } 33 34 h1, 35 h2, 36 h3, 37 h4, 38 h5, 39 h6 { 40 font-weight: 500; 41 } 42 43 a, 44 a:link, 45 a:visited { 46 border-bottom: 1px solid #4b45a9; 47 text-decoration: none; 48 color: #4b45a9; 49 } 50 51 a:hover, 52 a:focus, 53 a:active { 54 border-bottom: 1px solid #4b45a9; 55 } 56 57 hr { 58 border: none; 59 margin: 1em 0; 60 border-top: 1px solid #c5c5c5; 61 } 62 63 ul { 64 padding: 0 1em; 65 margin: 1em 0; 66 } 67 68 code { 69 background-color: #EEE; 70 color: #333; 71 padding: 0.25em 0.5em; 72 border-radius: 0.25em; 73 } 74 75 pre { 76 background-color: #333; 77 font-family: monospace; 78 padding: 0.5em 1em 0.75em; 79 border-radius: 0.25em; 80 font-size: 14px; 81 } 82 83 pre code { 84 padding: 0; 85 background-color: transparent; 86 color: #fff; 87 } 88 89 a code { 90 border-radius: .125rem .125rem 0 0; 91 padding-bottom: 0; 92 color: #4b45a9; 93 } 94 95 a[href^="http://"]:after, 96 a[href^="https://"]:after { 97 background-image: linear-gradient(transparent,transparent),url("data:image/svg+xml,%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%20viewBox%3D%220%200%20112%20109%22%3E%3Cg%20id%3D%22Page-1%22%20fill%3D%22none%22%20fill-rule%3D%22evenodd%22%3E%3Cg%20id%3D%22link-external%22%3E%3Cg%20id%3D%22arrow%22%3E%3Cpath%20id%3D%22Line%22%20stroke%3D%22%234B45A9%22%20stroke-width%3D%2215%22%20d%3D%22M88.5%2021l-43%2042.5%22%20stroke-linecap%3D%22square%22%2F%3E%3Cpath%20id%3D%22Triangle%22%20fill%3D%22%234B45A9%22%20d%3D%22M111.2%200v50L61%200z%22%2F%3E%3C%2Fg%3E%3Cpath%20id%3D%22square%22%20fill%3D%22%234B45A9%22%20d%3D%22M66%2015H0v94h94V44L79%2059v35H15V30h36z%22%2F%3E%3C%2Fg%3E%3C%2Fg%3E%3C%2Fsvg%3E"); 98 background-repeat: no-repeat; 99 background-size: .75rem; 100 content: ""; 101 display: inline-block; 102 height: .75rem; 103 margin-left: .25rem; 104 width: .75rem; 105 } 106 107 108 /* Layout */ 109 110 [class*=layout-container] { 111 margin: 0 auto; 112 max-width: 71.25em; 113 padding: 1.9em 1.3em; 114 position: relative; 115 } 116 .layout-container--short { 117 padding-top: 0; 118 padding-bottom: 0; 119 max-width: 48.75em; 120 } 121 122 .layout-container--short:after { 123 display: block; 124 content: ""; 125 clear: both; 126 } 127 128 /* Header */ 129 130 .header { 131 padding-bottom: 1px; 132 } 133 134 .paths { 135 margin-left: 8px; 136 } 137 .header-wrap { 138 display: flex; 139 flex-direction: row; 140 justify-content: space-between; 141 padding-top: 2em; 142 } 143 .project__header { 144 background-color: #4b45a9; 145 color: #fff; 146 margin-bottom: -1px; 147 padding-top: 1em; 148 padding-bottom: 0.25em; 149 border-bottom: 2px solid #BBB; 150 } 151 152 .project__header__title { 153 overflow-wrap: break-word; 154 word-wrap: break-word; 155 word-break: break-all; 156 margin-bottom: .1em; 157 margin-top: 0; 158 } 159 160 .timestamp { 161 float: right; 162 clear: none; 163 margin-bottom: 0; 164 } 165 166 .meta-counts { 167 clear: both; 168 display: block; 169 flex-wrap: wrap; 170 justify-content: space-between; 171 margin: 0 0 1.5em; 172 color: #fff; 173 clear: both; 174 font-size: 1.1em; 175 } 176 177 .meta-count { 178 display: block; 179 flex-basis: 100%; 180 margin: 0 1em 1em 0; 181 float: left; 182 padding-right: 1em; 183 border-right: 2px solid #fff; 184 } 185 186 .meta-count:last-child { 187 border-right: 0; 188 padding-right: 0; 189 margin-right: 0; 190 } 191 192 /* Card */ 193 194 .card { 195 background-color: #fff; 196 border: 1px solid #c5c5c5; 197 border-radius: .25rem; 198 margin: 0 0 2em 0; 199 position: relative; 200 min-height: 40px; 201 padding: 1.5em; 202 } 203 204 .card .label { 205 background-color: #767676; 206 border: 2px solid #767676; 207 color: white; 208 padding: 0.25rem 0.75rem; 209 font-size: 0.875rem; 210 text-transform: uppercase; 211 display: inline-block; 212 margin: 0; 213 border-radius: 0.25rem; 214 } 215 216 .card .label__text { 217 vertical-align: text-top; 218 font-weight: bold; 219 } 220 221 .card .label--critical { 222 background-color: #AB1A1A; 223 border-color: #AB1A1A; 224 } 225 226 .card .label--high { 227 background-color: #CE5019; 228 border-color: #CE5019; 229 } 230 231 .card .label--medium { 232 background-color: #D68000; 233 border-color: #D68000; 234 } 235 236 .card .label--low { 237 background-color: #88879E; 238 border-color: #88879E; 239 } 240 241 .severity--low { 242 border-color: #88879E; 243 } 244 245 .severity--medium { 246 border-color: #D68000; 247 } 248 249 .severity--high { 250 border-color: #CE5019; 251 } 252 253 .severity--critical { 254 border-color: #AB1A1A; 255 } 256 257 .card--vuln { 258 padding-top: 4em; 259 } 260 261 .card--vuln .label { 262 left: 0; 263 position: absolute; 264 top: 1.1em; 265 padding-left: 1.9em; 266 padding-right: 1.9em; 267 border-radius: 0 0.25rem 0.25rem 0; 268 } 269 270 .card--vuln .card__section h2 { 271 font-size: 22px; 272 margin-bottom: 0.5em; 273 } 274 275 .card--vuln .card__section p { 276 margin: 0 0 0.5em 0; 277 } 278 279 .card--vuln .card__meta { 280 padding: 0 0 0 1em; 281 margin: 0; 282 font-size: 1.1em; 283 } 284 285 .card .card__meta__paths { 286 font-size: 0.9em; 287 } 288 289 .card--vuln .card__title { 290 font-size: 28px; 291 margin-top: 0; 292 } 293 294 .card--vuln .card__cta p { 295 margin: 0; 296 text-align: right; 297 } 298 299 .source-panel { 300 clear: both; 301 display: flex; 302 justify-content: flex-start; 303 flex-direction: column; 304 align-items: flex-start; 305 padding: 0.5em 0; 306 width: fit-content; 307 } 308 309 310 311 </style> 312 <style type="text/css"> 313 .metatable { 314 text-size-adjust: 100%; 315 -webkit-font-smoothing: antialiased; 316 -webkit-box-direction: normal; 317 color: inherit; 318 font-feature-settings: "pnum"; 319 box-sizing: border-box; 320 background: transparent; 321 border: 0; 322 font: inherit; 323 font-size: 100%; 324 margin: 0; 325 outline: none; 326 padding: 0; 327 text-align: left; 328 text-decoration: none; 329 vertical-align: baseline; 330 z-index: auto; 331 margin-top: 12px; 332 border-collapse: collapse; 333 border-spacing: 0; 334 font-variant-numeric: tabular-nums; 335 max-width: 51.75em; 336 } 337 338 tbody { 339 text-size-adjust: 100%; 340 -webkit-font-smoothing: antialiased; 341 -webkit-box-direction: normal; 342 color: inherit; 343 font-feature-settings: "pnum"; 344 border-collapse: collapse; 345 border-spacing: 0; 346 box-sizing: border-box; 347 background: transparent; 348 border: 0; 349 font: inherit; 350 font-size: 100%; 351 margin: 0; 352 outline: none; 353 padding: 0; 354 text-align: left; 355 text-decoration: none; 356 vertical-align: baseline; 357 z-index: auto; 358 display: flex; 359 flex-wrap: wrap; 360 } 361 362 .meta-row { 363 text-size-adjust: 100%; 364 -webkit-font-smoothing: antialiased; 365 -webkit-box-direction: normal; 366 color: inherit; 367 font-feature-settings: "pnum"; 368 border-collapse: collapse; 369 border-spacing: 0; 370 box-sizing: border-box; 371 background: transparent; 372 border: 0; 373 font: inherit; 374 font-size: 100%; 375 outline: none; 376 text-align: left; 377 text-decoration: none; 378 vertical-align: baseline; 379 z-index: auto; 380 display: flex; 381 align-items: start; 382 border-top: 1px solid #d3d3d9; 383 padding: 8px 0 0 0; 384 border-bottom: none; 385 margin: 8px; 386 width: 47.75%; 387 } 388 389 .meta-row-label { 390 text-size-adjust: 100%; 391 -webkit-font-smoothing: antialiased; 392 -webkit-box-direction: normal; 393 font-feature-settings: "pnum"; 394 border-collapse: collapse; 395 border-spacing: 0; 396 color: #4c4a73; 397 box-sizing: border-box; 398 background: transparent; 399 border: 0; 400 font: inherit; 401 margin: 0; 402 outline: none; 403 text-decoration: none; 404 z-index: auto; 405 align-self: start; 406 flex: 1; 407 font-size: 1rem; 408 line-height: 1.5rem; 409 padding: 0; 410 text-align: left; 411 vertical-align: top; 412 text-transform: none; 413 letter-spacing: 0; 414 } 415 416 .meta-row-value { 417 text-size-adjust: 100%; 418 -webkit-font-smoothing: antialiased; 419 -webkit-box-direction: normal; 420 color: inherit; 421 font-feature-settings: "pnum"; 422 border-collapse: collapse; 423 border-spacing: 0; 424 word-break: break-word; 425 box-sizing: border-box; 426 background: transparent; 427 border: 0; 428 font: inherit; 429 font-size: 100%; 430 margin: 0; 431 outline: none; 432 padding: 0; 433 text-align: right; 434 text-decoration: none; 435 vertical-align: baseline; 436 z-index: auto; 437 } 438 </style> 439 </head> 440 441 <body class="section-projects"> 442 <main class="layout-stacked"> 443 <div class="layout-stacked__header header"> 444 <header class="project__header"> 445 <div class="layout-container"> 446 <a class="brand" href="https://snyk.io" title="Snyk"> 447 <svg width="68px" height="35px" viewBox="0 0 68 35" version="1.1" xmlns="http://www.w3.org/2000/svg" role="img"> 448 <title>Snyk - Open Source Security</title> 449 <g stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> 450 <g fill="#fff"> 451 <path d="M5.732,27.278 C3.445,27.278 1.589,26.885 0,26.124 L0.483,22.472 C2.163,23.296 4.056,23.689 5.643,23.689 C6.801,23.689 7.563,23.295 7.563,22.599 C7.563,20.594 0.333,21.076 0.333,15.839 C0.333,12.491 3.407,10.729 7.259,10.729 C9.179,10.729 11.161,11.249 12.444,11.704 L11.924,15.294 C10.577,14.774 8.747,14.291 7.222,14.291 C6.282,14.291 5.518,14.621 5.518,15.231 C5.518,17.208 12.903,16.815 12.903,21.925 C12.903,25.325 9.877,27.277 5.733,27.277 L5.732,27.278 Z M25.726,26.936 L25.726,17.894 C25.726,15.827 24.811,14.85 23.069,14.85 C22.219,14.85 21.329,15.09 20.719,15.46 L20.719,26.936 L15.352,26.936 L15.352,11.262 L20.602,10.83 L20.474,13.392 L20.652,13.392 C21.784,11.87 23.702,10.716 25.992,10.716 C28.736,10.716 31.112,12.416 31.112,16.436 L31.112,26.936 L25.724,26.936 L25.726,26.936 Z M61.175,26.936 L56.879,19.479 L56.446,19.479 L56.446,26.935 L51.082,26.935 L51.082,8.37 L56.447,0 L56.447,17.323 C57.515,16.017 61.112,11.059 61.112,11.059 L67.732,11.059 L61.454,17.689 L67.949,26.95 L61.175,26.95 L61.175,26.938 L61.175,26.936 Z M44.13,11.11 L41.93,18.262 C41.5,19.606 41.08,22.079 41.08,22.079 C41.08,22.079 40.75,19.516 40.292,18.172 L37.94,11.108 L31.928,11.108 L38.462,26.935 C37.572,29.04 36.199,30.815 34.369,30.815 C34.039,30.815 33.709,30.802 33.389,30.765 L31.255,34.061 C31.928,34.441 33.212,34.835 34.737,34.835 C38.703,34.835 41.359,31.627 43.215,26.885 L49.443,11.108 L44.132,11.108 L44.13,11.11 Z"></path> 452 </g> 453 </g> 454 </svg> 455 </a> 456 <div class="header-wrap"> 457 <h1 class="project__header__title">Snyk test report</h1> 458 459 <p class="timestamp">October 29th 2023, 12:28:36 am (UTC+00:00)</p> 460 </div> 461 <div class="source-panel"> 462 <span>Scanned the following paths:</span> 463 <ul> 464 <li class="paths">quay.io/argoproj/argocd:v2.6.15/argoproj/argocd (deb)</li><li class="paths">quay.io/argoproj/argocd:v2.6.15/argoproj/argo-cd/v2 (gomodules)</li><li class="paths">quay.io/argoproj/argocd:v2.6.15/kustomize/kustomize/v4 (gomodules)</li><li class="paths">quay.io/argoproj/argocd:v2.6.15/helm/v3 (gomodules)</li><li class="paths">quay.io/argoproj/argocd:v2.6.15/git-lfs/git-lfs (gomodules)</li> 465 </ul> 466 </div> 467 468 <div class="meta-counts"> 469 <div class="meta-count"><span>48</span> <span>known vulnerabilities</span></div> 470 <div class="meta-count"><span>168 vulnerable dependency paths</span></div> 471 <div class="meta-count"><span>2063</span> <span>dependencies</span></div> 472 </div><!-- .meta-counts --> 473 </div><!-- .layout-container--short --> 474 </header><!-- .project__header --> 475 </div><!-- .layout-stacked__header --> 476 477 <div class="layout-container" style="padding-top: 35px;"> 478 <div class="cards--vuln filter--patch filter--ignore"> 479 <div class="card card--vuln disclosure--not-new severity--high" data-snyk-test="high"> 480 <h2 class="card__title">Denial of Service (DoS)</h2> 481 <div class="card__section"> 482 483 <div class="label label--high"> 484 <span class="label__text">high severity</span> 485 </div> 486 487 <hr/> 488 489 <ul class="card__meta"> 490 <li class="card__meta__item"> 491 Package Manager: golang 492 </li> 493 <li class="card__meta__item"> 494 Vulnerable module: 495 496 gopkg.in/yaml.v3 497 </li> 498 499 <li class="card__meta__item">Introduced through: 500 501 sigs.k8s.io/kustomize/kustomize/v4@* and gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b 502 503 </li> 504 </ul> 505 506 <hr/> 507 508 509 <h3 class="card__section__title">Detailed paths</h3> 510 511 <ul class="card__meta__paths"> 512 <li> 513 <span class="list-paths__item__introduced"><em>Introduced through</em>: 514 sigs.k8s.io/kustomize/kustomize/v4@* 515 <span class="list-paths__item__arrow">›</span> 516 gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b 517 518 </span> 519 520 </li> 521 </ul><!-- .list-paths --> 522 523 </div><!-- .card__section --> 524 525 <hr/> 526 <!-- Overview --> 527 <h2 id="overview">Overview</h2> 528 <p><a href="https://github.com/go-yaml/yaml">gopkg.in/yaml.v3</a> is a YAML support package for the Go language.</p> 529 <p>Affected versions of this package are vulnerable to Denial of Service (DoS) via the <code>Unmarshal</code> function, which causes the program to crash when attempting to deserialize invalid input.</p> 530 <h2 id="poc">PoC</h2> 531 <pre><code class="language-golang">package main 532 533 import ( 534 "gopkg.in/yaml.v3" 535 ) 536 537 func main() { 538 var t interface{} 539 yaml.Unmarshal([]byte("0: [:!00 \xef"), &t) 540 } 541 </code></pre> 542 <h2 id="details">Details</h2> 543 <p>Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.</p> 544 <p>Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.</p> 545 <p>One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.</p> 546 <p>When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.</p> 547 <p>Two common types of DoS vulnerabilities:</p> 548 <ul> 549 <li><p>High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, <a href="SNYK-JAVA-COMMONSFILEUPLOAD-30082">commons-fileupload:commons-fileupload</a>.</p> 550 </li> 551 <li><p>Crash - An attacker sending crafted requests that could cause the system to crash. For Example, <a href="https://snyk.io/vuln/npm:ws:20171108">npm <code>ws</code> package</a></p> 552 </li> 553 </ul> 554 <h2 id="remediation">Remediation</h2> 555 <p>Upgrade <code>gopkg.in/yaml.v3</code> to version 3.0.0 or higher.</p> 556 <h2 id="references">References</h2> 557 <ul> 558 <li><a href="https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754">GitHub Commit</a></li> 559 <li><a href="https://github.com/go-yaml/yaml/issues/666">GitHub Issue</a></li> 560 </ul> 561 562 <hr/> 563 564 <div class="cta card__cta"> 565 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOPKGINYAMLV3-2841557">More about this vulnerability</a></p> 566 </div> 567 568 </div><!-- .card --> 569 <div class="card card--vuln disclosure--not-new severity--high" data-snyk-test="high"> 570 <h2 class="card__title">NULL Pointer Dereference</h2> 571 <div class="card__section"> 572 573 <div class="label label--high"> 574 <span class="label__text">high severity</span> 575 </div> 576 577 <hr/> 578 579 <ul class="card__meta"> 580 <li class="card__meta__item"> 581 Package Manager: golang 582 </li> 583 <li class="card__meta__item"> 584 Vulnerable module: 585 586 gopkg.in/yaml.v3 587 </li> 588 589 <li class="card__meta__item">Introduced through: 590 591 sigs.k8s.io/kustomize/kustomize/v4@* and gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b 592 593 </li> 594 </ul> 595 596 <hr/> 597 598 599 <h3 class="card__section__title">Detailed paths</h3> 600 601 <ul class="card__meta__paths"> 602 <li> 603 <span class="list-paths__item__introduced"><em>Introduced through</em>: 604 sigs.k8s.io/kustomize/kustomize/v4@* 605 <span class="list-paths__item__arrow">›</span> 606 gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b 607 608 </span> 609 610 </li> 611 </ul><!-- .list-paths --> 612 613 </div><!-- .card__section --> 614 615 <hr/> 616 <!-- Overview --> 617 <h2 id="overview">Overview</h2> 618 <p><a href="https://github.com/go-yaml/yaml">gopkg.in/yaml.v3</a> is a YAML support package for the Go language.</p> 619 <p>Affected versions of this package are vulnerable to NULL Pointer Dereference when parsing <code>#\n-\n-\n0</code> via the <code>parserc.go</code> parser.</p> 620 <h2 id="poc">PoC</h2> 621 <pre><code class="language-golang">package main 622 623 import ( 624 "gopkg.in/yaml.v3" 625 ) 626 627 func main() { 628 var t interface{} 629 yaml.Unmarshal([]byte("#\n-\n-\n0"), &t) 630 } 631 </code></pre> 632 <h2 id="remediation">Remediation</h2> 633 <p>Upgrade <code>gopkg.in/yaml.v3</code> to version 3.0.1 or higher.</p> 634 <h2 id="references">References</h2> 635 <ul> 636 <li><a href="https://github.com/go-yaml/yaml/commit/f6f7691b1fdeb513f56608cd2c32c51f8194bf51">GitHub Commit</a></li> 637 <li><a href="https://github.com/go-yaml/yaml/issues/665">GitHub Issue</a></li> 638 </ul> 639 640 <hr/> 641 642 <div class="cta card__cta"> 643 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOPKGINYAMLV3-2952714">More about this vulnerability</a></p> 644 </div> 645 646 </div><!-- .card --> 647 <div class="card card--vuln disclosure--not-new severity--high" data-snyk-test="high"> 648 <h2 class="card__title">Denial of Service (DoS)</h2> 649 <div class="card__section"> 650 651 <div class="label label--high"> 652 <span class="label__text">high severity</span> 653 </div> 654 655 <hr/> 656 657 <ul class="card__meta"> 658 <li class="card__meta__item"> 659 Package Manager: golang 660 </li> 661 <li class="card__meta__item"> 662 Vulnerable module: 663 664 google.golang.org/grpc 665 </li> 666 667 <li class="card__meta__item">Introduced through: 668 669 github.com/argoproj/argo-cd/v2@* and google.golang.org/grpc@v1.51.0 670 671 </li> 672 </ul> 673 674 <hr/> 675 676 677 <h3 class="card__section__title">Detailed paths</h3> 678 679 <ul class="card__meta__paths"> 680 <li> 681 <span class="list-paths__item__introduced"><em>Introduced through</em>: 682 github.com/argoproj/argo-cd/v2@* 683 <span class="list-paths__item__arrow">›</span> 684 google.golang.org/grpc@v1.51.0 685 686 </span> 687 688 </li> 689 </ul><!-- .list-paths --> 690 691 </div><!-- .card__section --> 692 693 <hr/> 694 <!-- Overview --> 695 <h2 id="overview">Overview</h2> 696 <p><a href="https://pkg.go.dev/google.golang.org/grpc">google.golang.org/grpc</a> is a Go implementation of gRPC</p> 697 <p>Affected versions of this package are vulnerable to Denial of Service (DoS) in the implementation of the HTTP/2 protocol. An attacker can cause a denial of service (including via DDoS) by rapidly resetting many streams through request cancellation.</p> 698 <h2 id="remediation">Remediation</h2> 699 <p>Upgrade <code>google.golang.org/grpc</code> to version 1.56.3, 1.57.1, 1.58.3 or higher.</p> 700 <h2 id="references">References</h2> 701 <ul> 702 <li><a href="https://github.com/helidon-io/helidon/commit/58f43670086e530750c7cb74b0bec92bf5189c79">Github Commit</a></li> 703 <li><a href="https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49">GitHub Commit</a></li> 704 <li><a href="https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e">GitHub Commit</a></li> 705 <li><a href="https://github.com/eclipse/jetty.project/commit/dbb94514dc9d3fb21fe92080f57c314e7e06a148">GitHub Commit</a></li> 706 <li><a href="https://github.com/gravitational/teleport/commit/15f34f927a45130408eb16ed09af5620270d4d1f">GitHub Commit</a></li> 707 <li><a href="https://github.com/kubernetes/apimachinery/commit/be9188050914374ee8128239e5a2e5998d7897f5">GitHub Commit</a></li> 708 <li><a href="https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61">GitHub Commit</a></li> 709 <li><a href="https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832">GitHub Commit</a></li> 710 <li><a href="https://github.com/operator-framework/operator-lifecycle-manager/commit/9ec03f07f942dc9cef736957fa152e39157d6e13">GitHub Commit</a></li> 711 <li><a href="https://snyk.io/blog/find-fix-http-2-rapid-reset-zero-day-vulnerability-cve-2023-44487/">Snyk Blog</a></li> 712 <li><a href="https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/">Vulnerability Discovery</a></li> 713 <li><a href="https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack">Vulnerability Explanation</a></li> 714 <li><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">CISA - Known Exploited Vulnerabilities</a></li> 715 </ul> 716 717 <hr/> 718 719 <div class="cta card__cta"> 720 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOOGLEGOLANGORGGRPC-5953328">More about this vulnerability</a></p> 721 </div> 722 723 </div><!-- .card --> 724 <div class="card card--vuln disclosure--not-new severity--high" data-snyk-test="high"> 725 <h2 class="card__title">Denial of Service (DoS)</h2> 726 <div class="card__section"> 727 728 <div class="label label--high"> 729 <span class="label__text">high severity</span> 730 </div> 731 732 <hr/> 733 734 <ul class="card__meta"> 735 <li class="card__meta__item"> 736 Package Manager: golang 737 </li> 738 <li class="card__meta__item"> 739 Vulnerable module: 740 741 golang.org/x/net/http2/hpack 742 </li> 743 744 <li class="card__meta__item">Introduced through: 745 746 sigs.k8s.io/kustomize/kustomize/v4@* and golang.org/x/net/http2/hpack@v0.0.0-20220127200216-cd36cc0744dd 747 748 </li> 749 </ul> 750 751 <hr/> 752 753 754 <h3 class="card__section__title">Detailed paths</h3> 755 756 <ul class="card__meta__paths"> 757 <li> 758 <span class="list-paths__item__introduced"><em>Introduced through</em>: 759 sigs.k8s.io/kustomize/kustomize/v4@* 760 <span class="list-paths__item__arrow">›</span> 761 golang.org/x/net/http2/hpack@v0.0.0-20220127200216-cd36cc0744dd 762 763 </span> 764 765 </li> 766 <li> 767 <span class="list-paths__item__introduced"><em>Introduced through</em>: 768 helm.sh/helm/v3@* 769 <span class="list-paths__item__arrow">›</span> 770 golang.org/x/net/http2/hpack@v0.0.0-20220722155237-a158d28d115b 771 772 </span> 773 774 </li> 775 </ul><!-- .list-paths --> 776 777 </div><!-- .card__section --> 778 779 <hr/> 780 <!-- Overview --> 781 <h2 id="overview">Overview</h2> 782 <p>Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the <code>HPACK</code> decoder.</p> 783 <h2 id="details">Details</h2> 784 <p>Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.</p> 785 <p>Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.</p> 786 <p>One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.</p> 787 <p>When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.</p> 788 <p>Two common types of DoS vulnerabilities:</p> 789 <ul> 790 <li><p>High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, <a href="SNYK-JAVA-COMMONSFILEUPLOAD-30082">commons-fileupload:commons-fileupload</a>.</p> 791 </li> 792 <li><p>Crash - An attacker sending crafted requests that could cause the system to crash. For Example, <a href="https://snyk.io/vuln/npm:ws:20171108">npm <code>ws</code> package</a></p> 793 </li> 794 </ul> 795 <h2 id="remediation">Remediation</h2> 796 <p>Upgrade <code>golang.org/x/net/http2/hpack</code> to version 0.7.0 or higher.</p> 797 <h2 id="references">References</h2> 798 <ul> 799 <li><a href="https://github.com/golang/go/commit/97fe3a23b68dd2df748f2369827aeab2420e0930">GitHub Commit</a></li> 800 <li><a href="https://github.com/golang/net/commit/8e2b117aee74f6b86c207a808b0255de45c0a18a">GitHub Commit</a></li> 801 <li><a href="https://github.com/golang/go/issues/57855">GitHub Issue</a></li> 802 <li><a href="https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E">Google Groups Forum</a></li> 803 </ul> 804 805 <hr/> 806 807 <div class="cta card__cta"> 808 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2HPACK-3358253">More about this vulnerability</a></p> 809 </div> 810 811 </div><!-- .card --> 812 <div class="card card--vuln disclosure--not-new severity--high" data-snyk-test="high"> 813 <h2 class="card__title">Denial of Service (DoS)</h2> 814 <div class="card__section"> 815 816 <div class="label label--high"> 817 <span class="label__text">high severity</span> 818 </div> 819 820 <hr/> 821 822 <ul class="card__meta"> 823 <li class="card__meta__item"> 824 Package Manager: golang 825 </li> 826 <li class="card__meta__item"> 827 Vulnerable module: 828 829 golang.org/x/net/http2 830 </li> 831 832 <li class="card__meta__item">Introduced through: 833 834 github.com/argoproj/argo-cd/v2@* and golang.org/x/net/http2@v0.11.0 835 836 </li> 837 </ul> 838 839 <hr/> 840 841 842 <h3 class="card__section__title">Detailed paths</h3> 843 844 <ul class="card__meta__paths"> 845 <li> 846 <span class="list-paths__item__introduced"><em>Introduced through</em>: 847 github.com/argoproj/argo-cd/v2@* 848 <span class="list-paths__item__arrow">›</span> 849 golang.org/x/net/http2@v0.11.0 850 851 </span> 852 853 </li> 854 <li> 855 <span class="list-paths__item__introduced"><em>Introduced through</em>: 856 helm.sh/helm/v3@* 857 <span class="list-paths__item__arrow">›</span> 858 golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b 859 860 </span> 861 862 </li> 863 </ul><!-- .list-paths --> 864 865 </div><!-- .card__section --> 866 867 <hr/> 868 <!-- Overview --> 869 <h2 id="overview">Overview</h2> 870 <p><a href="https://pkg.go.dev/golang.org/x/net@v0.0.0-20211209100829-84cba5454caf/http2#section-readme">golang.org/x/net/http2</a> is a work-in-progress HTTP/2 implementation for Go.</p> 871 <p>Affected versions of this package are vulnerable to Denial of Service (DoS) in the implementation of the HTTP/2 protocol. An attacker can cause a denial of service (including via DDoS) by rapidly resetting many streams through request cancellation.</p> 872 <h2 id="remediation">Remediation</h2> 873 <p>Upgrade <code>golang.org/x/net/http2</code> to version 0.17.0 or higher.</p> 874 <h2 id="references">References</h2> 875 <ul> 876 <li><a href="https://github.com/helidon-io/helidon/commit/58f43670086e530750c7cb74b0bec92bf5189c79">Github Commit</a></li> 877 <li><a href="https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49">GitHub Commit</a></li> 878 <li><a href="https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e">GitHub Commit</a></li> 879 <li><a href="https://github.com/eclipse/jetty.project/commit/dbb94514dc9d3fb21fe92080f57c314e7e06a148">GitHub Commit</a></li> 880 <li><a href="https://github.com/gravitational/teleport/commit/15f34f927a45130408eb16ed09af5620270d4d1f">GitHub Commit</a></li> 881 <li><a href="https://github.com/kubernetes/apimachinery/commit/be9188050914374ee8128239e5a2e5998d7897f5">GitHub Commit</a></li> 882 <li><a href="https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61">GitHub Commit</a></li> 883 <li><a href="https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832">GitHub Commit</a></li> 884 <li><a href="https://github.com/operator-framework/operator-lifecycle-manager/commit/9ec03f07f942dc9cef736957fa152e39157d6e13">GitHub Commit</a></li> 885 <li><a href="https://snyk.io/blog/find-fix-http-2-rapid-reset-zero-day-vulnerability-cve-2023-44487/">Snyk Blog</a></li> 886 <li><a href="https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/">Vulnerability Discovery</a></li> 887 <li><a href="https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack">Vulnerability Explanation</a></li> 888 <li><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">CISA - Known Exploited Vulnerabilities</a></li> 889 </ul> 890 891 <hr/> 892 893 <div class="cta card__cta"> 894 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2-5953327">More about this vulnerability</a></p> 895 </div> 896 897 </div><!-- .card --> 898 <div class="card card--vuln disclosure--not-new severity--high" data-snyk-test="high"> 899 <h2 class="card__title">Denial of Service</h2> 900 <div class="card__section"> 901 902 <div class="label label--high"> 903 <span class="label__text">high severity</span> 904 </div> 905 906 <hr/> 907 908 <ul class="card__meta"> 909 <li class="card__meta__item"> 910 Package Manager: golang 911 </li> 912 <li class="card__meta__item"> 913 Vulnerable module: 914 915 golang.org/x/net/http2 916 </li> 917 918 <li class="card__meta__item">Introduced through: 919 920 helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b 921 922 </li> 923 </ul> 924 925 <hr/> 926 927 928 <h3 class="card__section__title">Detailed paths</h3> 929 930 <ul class="card__meta__paths"> 931 <li> 932 <span class="list-paths__item__introduced"><em>Introduced through</em>: 933 helm.sh/helm/v3@* 934 <span class="list-paths__item__arrow">›</span> 935 golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b 936 937 </span> 938 939 </li> 940 </ul><!-- .list-paths --> 941 942 </div><!-- .card__section --> 943 944 <hr/> 945 <!-- Overview --> 946 <h2 id="overview">Overview</h2> 947 <p><a href="https://pkg.go.dev/golang.org/x/net@v0.0.0-20211209100829-84cba5454caf/http2#section-readme">golang.org/x/net/http2</a> is a work-in-progress HTTP/2 implementation for Go.</p> 948 <p>Affected versions of this package are vulnerable to Denial of Service as an <code>HTTP/2</code> connection can hang during closing if a shutdown was preempted by a fatal error.</p> 949 <h2 id="remediation">Remediation</h2> 950 <p>Upgrade <code>golang.org/x/net/http2</code> to version 0.0.0-20220906165146-f3363e06e74c, 1.18.6, 1.19.1 or higher.</p> 951 <h2 id="references">References</h2> 952 <ul> 953 <li><a href="https://github.com/golang/net/commit/f3363e06e74cdc304618bf31d898b78590103527">GitHub Commit</a></li> 954 <li><a href="https://github.com/golang/go/issues/54658">GitHub Issues</a></li> 955 </ul> 956 957 <hr/> 958 959 <div class="cta card__cta"> 960 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2-3028257">More about this vulnerability</a></p> 961 </div> 962 963 </div><!-- .card --> 964 <div class="card card--vuln disclosure--not-new severity--high" data-snyk-test="high"> 965 <h2 class="card__title">Denial of Service (DoS)</h2> 966 <div class="card__section"> 967 968 <div class="label label--high"> 969 <span class="label__text">high severity</span> 970 </div> 971 972 <hr/> 973 974 <ul class="card__meta"> 975 <li class="card__meta__item"> 976 Package Manager: golang 977 </li> 978 <li class="card__meta__item"> 979 Vulnerable module: 980 981 golang.org/x/net/http2 982 </li> 983 984 <li class="card__meta__item">Introduced through: 985 986 helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b 987 988 </li> 989 </ul> 990 991 <hr/> 992 993 994 <h3 class="card__section__title">Detailed paths</h3> 995 996 <ul class="card__meta__paths"> 997 <li> 998 <span class="list-paths__item__introduced"><em>Introduced through</em>: 999 helm.sh/helm/v3@* 1000 <span class="list-paths__item__arrow">›</span> 1001 golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b 1002 1003 </span> 1004 1005 </li> 1006 </ul><!-- .list-paths --> 1007 1008 </div><!-- .card__section --> 1009 1010 <hr/> 1011 <!-- Overview --> 1012 <h2 id="overview">Overview</h2> 1013 <p><a href="https://pkg.go.dev/golang.org/x/net@v0.0.0-20211209100829-84cba5454caf/http2#section-readme">golang.org/x/net/http2</a> is a work-in-progress HTTP/2 implementation for Go.</p> 1014 <p>Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the <code>HPACK</code> decoder.</p> 1015 <h2 id="details">Details</h2> 1016 <p>Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.</p> 1017 <p>Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.</p> 1018 <p>One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.</p> 1019 <p>When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.</p> 1020 <p>Two common types of DoS vulnerabilities:</p> 1021 <ul> 1022 <li><p>High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, <a href="SNYK-JAVA-COMMONSFILEUPLOAD-30082">commons-fileupload:commons-fileupload</a>.</p> 1023 </li> 1024 <li><p>Crash - An attacker sending crafted requests that could cause the system to crash. For Example, <a href="https://snyk.io/vuln/npm:ws:20171108">npm <code>ws</code> package</a></p> 1025 </li> 1026 </ul> 1027 <h2 id="remediation">Remediation</h2> 1028 <p>Upgrade <code>golang.org/x/net/http2</code> to version 0.7.0 or higher.</p> 1029 <h2 id="references">References</h2> 1030 <ul> 1031 <li><a href="https://github.com/golang/go/commit/97fe3a23b68dd2df748f2369827aeab2420e0930">GitHub Commit</a></li> 1032 <li><a href="https://github.com/golang/net/commit/8e2b117aee74f6b86c207a808b0255de45c0a18a">GitHub Commit</a></li> 1033 <li><a href="https://github.com/golang/go/issues/57855">GitHub Issue</a></li> 1034 <li><a href="https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E">Google Groups Forum</a></li> 1035 </ul> 1036 1037 <hr/> 1038 1039 <div class="cta card__cta"> 1040 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2-3323837">More about this vulnerability</a></p> 1041 </div> 1042 1043 </div><!-- .card --> 1044 <div class="card card--vuln disclosure--not-new severity--high" data-snyk-test="high"> 1045 <h2 class="card__title">Out-of-bounds Write</h2> 1046 <div class="card__section"> 1047 1048 <div class="label label--high"> 1049 <span class="label__text">high severity</span> 1050 </div> 1051 1052 <hr/> 1053 1054 <ul class="card__meta"> 1055 <li class="card__meta__item"> 1056 Package Manager: ubuntu:22.04 1057 </li> 1058 <li class="card__meta__item"> 1059 Vulnerable module: 1060 1061 glibc/libc-bin 1062 </li> 1063 1064 <li class="card__meta__item">Introduced through: 1065 1066 docker-image|quay.io/argoproj/argocd@v2.6.15 and glibc/libc-bin@2.35-0ubuntu3.1 1067 1068 </li> 1069 </ul> 1070 1071 <hr/> 1072 1073 1074 <h3 class="card__section__title">Detailed paths</h3> 1075 1076 <ul class="card__meta__paths"> 1077 <li> 1078 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1079 docker-image|quay.io/argoproj/argocd@v2.6.15 1080 <span class="list-paths__item__arrow">›</span> 1081 glibc/libc-bin@2.35-0ubuntu3.1 1082 1083 </span> 1084 1085 </li> 1086 <li> 1087 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1088 docker-image|quay.io/argoproj/argocd@v2.6.15 1089 <span class="list-paths__item__arrow">›</span> 1090 glibc/libc6@2.35-0ubuntu3.1 1091 1092 </span> 1093 1094 </li> 1095 </ul><!-- .list-paths --> 1096 1097 </div><!-- .card__section --> 1098 1099 <hr/> 1100 <!-- Overview --> 1101 <h2 id="nvd-description">NVD Description</h2> 1102 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>glibc</code> package and not the <code>glibc</code> package as distributed by <code>Ubuntu</code>.</em> 1103 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 1104 <p>A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.</p> 1105 <h2 id="remediation">Remediation</h2> 1106 <p>Upgrade <code>Ubuntu:22.04</code> <code>glibc</code> to version 2.35-0ubuntu3.4 or higher.</p> 1107 <h2 id="references">References</h2> 1108 <ul> 1109 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-4911">ADVISORY</a></li> 1110 <li><a href="https://access.redhat.com/security/cve/CVE-2023-4911">secalert@redhat.com</a></li> 1111 <li><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2238352">secalert@redhat.com</a></li> 1112 <li><a href="https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt">secalert@redhat.com</a></li> 1113 <li><a href="https://www.qualys.com/cve-2023-4911/">secalert@redhat.com</a></li> 1114 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/03/2">secalert@redhat.com</a></li> 1115 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/03/3">secalert@redhat.com</a></li> 1116 <li><a href="https://www.debian.org/security/2023/dsa-5514">secalert@redhat.com</a></li> 1117 <li><a href="https://security.gentoo.org/glsa/202310-03">secalert@redhat.com</a></li> 1118 <li><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/">secalert@redhat.com</a></li> 1119 <li><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/">secalert@redhat.com</a></li> 1120 <li><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/">secalert@redhat.com</a></li> 1121 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/05/1">secalert@redhat.com</a></li> 1122 <li><a href="https://access.redhat.com/errata/RHSA-2023:5453">secalert@redhat.com</a></li> 1123 <li><a href="https://access.redhat.com/errata/RHSA-2023:5454">secalert@redhat.com</a></li> 1124 <li><a href="https://access.redhat.com/errata/RHSA-2023:5455">secalert@redhat.com</a></li> 1125 <li><a href="https://access.redhat.com/errata/RHSA-2023:5476">secalert@redhat.com</a></li> 1126 <li><a href="http://seclists.org/fulldisclosure/2023/Oct/11">secalert@redhat.com</a></li> 1127 <li><a href="http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html">secalert@redhat.com</a></li> 1128 <li><a href="https://security.netapp.com/advisory/ntap-20231013-0006/">secalert@redhat.com</a></li> 1129 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/13/11">secalert@redhat.com</a></li> 1130 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/14/3">secalert@redhat.com</a></li> 1131 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/14/5">secalert@redhat.com</a></li> 1132 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/14/6">secalert@redhat.com</a></li> 1133 </ul> 1134 1135 <hr/> 1136 1137 <div class="cta card__cta"> 1138 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-GLIBC-5927362">More about this vulnerability</a></p> 1139 </div> 1140 1141 </div><!-- .card --> 1142 <div class="card card--vuln disclosure--not-new severity--high" data-snyk-test="high"> 1143 <h2 class="card__title">Directory Traversal</h2> 1144 <div class="card__section"> 1145 1146 <div class="label label--high"> 1147 <span class="label__text">high severity</span> 1148 </div> 1149 1150 <hr/> 1151 1152 <ul class="card__meta"> 1153 <li class="card__meta__item"> 1154 Package Manager: golang 1155 </li> 1156 <li class="card__meta__item"> 1157 Vulnerable module: 1158 1159 github.com/cyphar/filepath-securejoin 1160 </li> 1161 1162 <li class="card__meta__item">Introduced through: 1163 1164 github.com/argoproj/argo-cd/v2@* and github.com/cyphar/filepath-securejoin@v0.2.3 1165 1166 </li> 1167 </ul> 1168 1169 <hr/> 1170 1171 1172 <h3 class="card__section__title">Detailed paths</h3> 1173 1174 <ul class="card__meta__paths"> 1175 <li> 1176 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1177 github.com/argoproj/argo-cd/v2@* 1178 <span class="list-paths__item__arrow">›</span> 1179 github.com/cyphar/filepath-securejoin@v0.2.3 1180 1181 </span> 1182 1183 </li> 1184 <li> 1185 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1186 helm.sh/helm/v3@* 1187 <span class="list-paths__item__arrow">›</span> 1188 github.com/cyphar/filepath-securejoin@v0.2.3 1189 1190 </span> 1191 1192 </li> 1193 </ul><!-- .list-paths --> 1194 1195 </div><!-- .card__section --> 1196 1197 <hr/> 1198 <!-- Overview --> 1199 <h2 id="overview">Overview</h2> 1200 <p>Affected versions of this package are vulnerable to Directory Traversal via the <code>filepath.FromSlash()</code> function, allwoing attackers to generate paths that were outside of the provided <code>rootfs</code>.</p> 1201 <p><strong>Note:</strong> 1202 This vulnerability is only exploitable on Windows OS.</p> 1203 <h2 id="details">Details</h2> 1204 <p>A Directory Traversal attack (also known as path traversal) aims to access files and directories that are stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and its variations, or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system, including application source code, configuration, and other critical system files.</p> 1205 <p>Directory Traversal vulnerabilities can be generally divided into two types:</p> 1206 <ul> 1207 <li><strong>Information Disclosure</strong>: Allows the attacker to gain information about the folder structure or read the contents of sensitive files on the system.</li> 1208 </ul> 1209 <p><code>st</code> is a module for serving static files on web pages, and contains a <a href="https://snyk.io/vuln/npm:st:20140206">vulnerability of this type</a>. In our example, we will serve files from the <code>public</code> route.</p> 1210 <p>If an attacker requests the following URL from our server, it will in turn leak the sensitive private key of the root user.</p> 1211 <pre><code>curl http://localhost:8080/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/root/.ssh/id_rsa 1212 </code></pre> 1213 <p><strong>Note</strong> <code>%2e</code> is the URL encoded version of <code>.</code> (dot).</p> 1214 <ul> 1215 <li><strong>Writing arbitrary files</strong>: Allows the attacker to create or replace existing files. This type of vulnerability is also known as <code>Zip-Slip</code>.</li> 1216 </ul> 1217 <p>One way to achieve this is by using a malicious <code>zip</code> archive that holds path traversal filenames. When each filename in the zip archive gets concatenated to the target extraction folder, without validation, the final path ends up outside of the target folder. If an executable or a configuration file is overwritten with a file containing malicious code, the problem can turn into an arbitrary code execution issue quite easily.</p> 1218 <p>The following is an example of a <code>zip</code> archive with one benign file and one malicious file. Extracting the malicious file will result in traversing out of the target folder, ending up in <code>/root/.ssh/</code> overwriting the <code>authorized_keys</code> file:</p> 1219 <pre><code>2018-04-15 22:04:29 ..... 19 19 good.txt 1220 2018-04-15 22:04:42 ..... 20 20 ../../../../../../root/.ssh/authorized_keys 1221 </code></pre> 1222 <h2 id="remediation">Remediation</h2> 1223 <p>Upgrade <code>github.com/cyphar/filepath-securejoin</code> to version 0.2.4 or higher.</p> 1224 <h2 id="references">References</h2> 1225 <ul> 1226 <li><a href="https://github.com/cyphar/filepath-securejoin/commit/c121231e1276e11049547bee5ce68d5a2cfe2d9b">GitHub Commit</a></li> 1227 <li><a href="https://github.com/cyphar/filepath-securejoin/pull/9">GitHub PR</a></li> 1228 <li><a href="https://github.com/cyphar/filepath-securejoin/releases/tag/v0.2.4">GitHub Release</a></li> 1229 </ul> 1230 1231 <hr/> 1232 1233 <div class="cta card__cta"> 1234 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCYPHARFILEPATHSECUREJOIN-5889602">More about this vulnerability</a></p> 1235 </div> 1236 1237 </div><!-- .card --> 1238 <div class="card card--vuln disclosure--not-new severity--high" data-snyk-test="high"> 1239 <h2 class="card__title">Out-of-bounds Write</h2> 1240 <div class="card__section"> 1241 1242 <div class="label label--high"> 1243 <span class="label__text">high severity</span> 1244 </div> 1245 1246 <hr/> 1247 1248 <ul class="card__meta"> 1249 <li class="card__meta__item"> 1250 Package Manager: ubuntu:22.04 1251 </li> 1252 <li class="card__meta__item"> 1253 Vulnerable module: 1254 1255 curl/libcurl3-gnutls 1256 </li> 1257 1258 <li class="card__meta__item">Introduced through: 1259 1260 1261 docker-image|quay.io/argoproj/argocd@v2.6.15, git@1:2.34.1-1ubuntu1.10 and others 1262 </li> 1263 </ul> 1264 1265 <hr/> 1266 1267 1268 <h3 class="card__section__title">Detailed paths</h3> 1269 1270 <ul class="card__meta__paths"> 1271 <li> 1272 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1273 docker-image|quay.io/argoproj/argocd@v2.6.15 1274 <span class="list-paths__item__arrow">›</span> 1275 git@1:2.34.1-1ubuntu1.10 1276 <span class="list-paths__item__arrow">›</span> 1277 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 1278 1279 </span> 1280 1281 </li> 1282 </ul><!-- .list-paths --> 1283 1284 </div><!-- .card__section --> 1285 1286 <hr/> 1287 <!-- Overview --> 1288 <h2 id="nvd-description">NVD Description</h2> 1289 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>curl</code> package and not the <code>curl</code> package as distributed by <code>Ubuntu</code>.</em> 1290 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 1291 <p>This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy 1292 handshake.</p> 1293 <p>When curl is asked to pass along the host name to the SOCKS5 proxy to allow 1294 that to resolve the address instead of it getting done by curl itself, the 1295 maximum length that host name can be is 255 bytes.</p> 1296 <p>If the host name is detected to be longer, curl switches to local name 1297 resolving and instead passes on the resolved address only. Due to this bug, 1298 the local variable that means "let the host resolve the name" could get the 1299 wrong value during a slow SOCKS5 handshake, and contrary to the intention, 1300 copy the too long host name to the target buffer instead of copying just the 1301 resolved address there.</p> 1302 <p>The target buffer being a heap based buffer, and the host name coming from the 1303 URL that curl has been told to operate with.</p> 1304 <h2 id="remediation">Remediation</h2> 1305 <p>Upgrade <code>Ubuntu:22.04</code> <code>curl</code> to version 7.81.0-1ubuntu1.14 or higher.</p> 1306 <h2 id="references">References</h2> 1307 <ul> 1308 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-38545">ADVISORY</a></li> 1309 <li><a href="https://curl.se/docs/CVE-2023-38545.html">support@hackerone.com</a></li> 1310 <li><a href="https://security.netapp.com/advisory/ntap-20231027-0009/">support@hackerone.com</a></li> 1311 <li><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/">support@hackerone.com</a></li> 1312 </ul> 1313 1314 <hr/> 1315 1316 <div class="cta card__cta"> 1317 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-CURL-5960738">More about this vulnerability</a></p> 1318 </div> 1319 1320 </div><!-- .card --> 1321 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 1322 <h2 class="card__title">CVE-2020-22916</h2> 1323 <div class="card__section"> 1324 1325 <div class="label label--medium"> 1326 <span class="label__text">medium severity</span> 1327 </div> 1328 1329 <hr/> 1330 1331 <ul class="card__meta"> 1332 <li class="card__meta__item"> 1333 Package Manager: ubuntu:22.04 1334 </li> 1335 <li class="card__meta__item"> 1336 Vulnerable module: 1337 1338 xz-utils/liblzma5 1339 </li> 1340 1341 <li class="card__meta__item">Introduced through: 1342 1343 docker-image|quay.io/argoproj/argocd@v2.6.15 and xz-utils/liblzma5@5.2.5-2ubuntu1 1344 1345 </li> 1346 </ul> 1347 1348 <hr/> 1349 1350 1351 <h3 class="card__section__title">Detailed paths</h3> 1352 1353 <ul class="card__meta__paths"> 1354 <li> 1355 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1356 docker-image|quay.io/argoproj/argocd@v2.6.15 1357 <span class="list-paths__item__arrow">›</span> 1358 xz-utils/liblzma5@5.2.5-2ubuntu1 1359 1360 </span> 1361 1362 </li> 1363 </ul><!-- .list-paths --> 1364 1365 </div><!-- .card__section --> 1366 1367 <hr/> 1368 <!-- Overview --> 1369 <h2 id="nvd-description">NVD Description</h2> 1370 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>xz-utils</code> package and not the <code>xz-utils</code> package as distributed by <code>Ubuntu</code>.</em> 1371 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 1372 <p>** DISPUTED ** An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase.</p> 1373 <h2 id="remediation">Remediation</h2> 1374 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>xz-utils</code>.</p> 1375 <h2 id="references">References</h2> 1376 <ul> 1377 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-22916">ADVISORY</a></li> 1378 <li><a href="https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability">cve@mitre.org</a></li> 1379 <li><a href="https://tukaani.org/xz/">cve@mitre.org</a></li> 1380 <li><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2234987">cve@mitre.org</a></li> 1381 <li><a href="https://bugzilla.suse.com/show_bug.cgi?id=1214590">cve@mitre.org</a></li> 1382 <li><a href="https://github.com/tukaani-project/xz/issues/61">cve@mitre.org</a></li> 1383 <li><a href="https://security-tracker.debian.org/tracker/CVE-2020-22916">cve@mitre.org</a></li> 1384 <li><a href="http://web.archive.org/web/20230918084612/https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability">cve@mitre.org</a></li> 1385 </ul> 1386 1387 <hr/> 1388 1389 <div class="cta card__cta"> 1390 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-XZUTILS-5854647">More about this vulnerability</a></p> 1391 </div> 1392 1393 </div><!-- .card --> 1394 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 1395 <h2 class="card__title">Out-of-bounds Write</h2> 1396 <div class="card__section"> 1397 1398 <div class="label label--medium"> 1399 <span class="label__text">medium severity</span> 1400 </div> 1401 1402 <hr/> 1403 1404 <ul class="card__meta"> 1405 <li class="card__meta__item"> 1406 Package Manager: ubuntu:22.04 1407 </li> 1408 <li class="card__meta__item"> 1409 Vulnerable module: 1410 1411 perl/perl-modules-5.34 1412 </li> 1413 1414 <li class="card__meta__item">Introduced through: 1415 1416 1417 docker-image|quay.io/argoproj/argocd@v2.6.15, git@1:2.34.1-1ubuntu1.10 and others 1418 </li> 1419 </ul> 1420 1421 <hr/> 1422 1423 1424 <h3 class="card__section__title">Detailed paths</h3> 1425 1426 <ul class="card__meta__paths"> 1427 <li> 1428 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1429 docker-image|quay.io/argoproj/argocd@v2.6.15 1430 <span class="list-paths__item__arrow">›</span> 1431 git@1:2.34.1-1ubuntu1.10 1432 <span class="list-paths__item__arrow">›</span> 1433 perl@5.34.0-3ubuntu1.2 1434 <span class="list-paths__item__arrow">›</span> 1435 perl/perl-modules-5.34@5.34.0-3ubuntu1.2 1436 1437 </span> 1438 1439 </li> 1440 <li> 1441 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1442 docker-image|quay.io/argoproj/argocd@v2.6.15 1443 <span class="list-paths__item__arrow">›</span> 1444 git@1:2.34.1-1ubuntu1.10 1445 <span class="list-paths__item__arrow">›</span> 1446 perl@5.34.0-3ubuntu1.2 1447 <span class="list-paths__item__arrow">›</span> 1448 perl/libperl5.34@5.34.0-3ubuntu1.2 1449 <span class="list-paths__item__arrow">›</span> 1450 perl/perl-modules-5.34@5.34.0-3ubuntu1.2 1451 1452 </span> 1453 1454 </li> 1455 <li> 1456 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1457 docker-image|quay.io/argoproj/argocd@v2.6.15 1458 <span class="list-paths__item__arrow">›</span> 1459 git@1:2.34.1-1ubuntu1.10 1460 <span class="list-paths__item__arrow">›</span> 1461 perl@5.34.0-3ubuntu1.2 1462 <span class="list-paths__item__arrow">›</span> 1463 perl/libperl5.34@5.34.0-3ubuntu1.2 1464 1465 </span> 1466 1467 </li> 1468 <li> 1469 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1470 docker-image|quay.io/argoproj/argocd@v2.6.15 1471 <span class="list-paths__item__arrow">›</span> 1472 git@1:2.34.1-1ubuntu1.10 1473 <span class="list-paths__item__arrow">›</span> 1474 perl@5.34.0-3ubuntu1.2 1475 1476 </span> 1477 1478 </li> 1479 <li> 1480 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1481 docker-image|quay.io/argoproj/argocd@v2.6.15 1482 <span class="list-paths__item__arrow">›</span> 1483 perl/perl-base@5.34.0-3ubuntu1.2 1484 1485 </span> 1486 1487 </li> 1488 </ul><!-- .list-paths --> 1489 1490 </div><!-- .card__section --> 1491 1492 <hr/> 1493 <!-- Overview --> 1494 <h2 id="nvd-description">NVD Description</h2> 1495 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>perl</code> package and not the <code>perl</code> package as distributed by <code>Ubuntu</code>.</em> 1496 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 1497 <p>In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.</p> 1498 <h2 id="remediation">Remediation</h2> 1499 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>perl</code>.</p> 1500 <h2 id="references">References</h2> 1501 <ul> 1502 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-48522">ADVISORY</a></li> 1503 <li><a href="https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345">cve@mitre.org</a></li> 1504 <li><a href="https://security.netapp.com/advisory/ntap-20230915-0008/">cve@mitre.org</a></li> 1505 </ul> 1506 1507 <hr/> 1508 1509 <div class="cta card__cta"> 1510 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-PERL-5854824">More about this vulnerability</a></p> 1511 </div> 1512 1513 </div><!-- .card --> 1514 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 1515 <h2 class="card__title">CVE-2023-5363</h2> 1516 <div class="card__section"> 1517 1518 <div class="label label--medium"> 1519 <span class="label__text">medium severity</span> 1520 </div> 1521 1522 <hr/> 1523 1524 <ul class="card__meta"> 1525 <li class="card__meta__item"> 1526 Package Manager: ubuntu:22.04 1527 </li> 1528 <li class="card__meta__item"> 1529 Vulnerable module: 1530 1531 openssl/libssl3 1532 </li> 1533 1534 <li class="card__meta__item">Introduced through: 1535 1536 docker-image|quay.io/argoproj/argocd@v2.6.15 and openssl/libssl3@3.0.2-0ubuntu1.10 1537 1538 </li> 1539 </ul> 1540 1541 <hr/> 1542 1543 1544 <h3 class="card__section__title">Detailed paths</h3> 1545 1546 <ul class="card__meta__paths"> 1547 <li> 1548 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1549 docker-image|quay.io/argoproj/argocd@v2.6.15 1550 <span class="list-paths__item__arrow">›</span> 1551 openssl/libssl3@3.0.2-0ubuntu1.10 1552 1553 </span> 1554 1555 </li> 1556 <li> 1557 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1558 docker-image|quay.io/argoproj/argocd@v2.6.15 1559 <span class="list-paths__item__arrow">›</span> 1560 cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 1561 <span class="list-paths__item__arrow">›</span> 1562 openssl/libssl3@3.0.2-0ubuntu1.10 1563 1564 </span> 1565 1566 </li> 1567 <li> 1568 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1569 docker-image|quay.io/argoproj/argocd@v2.6.15 1570 <span class="list-paths__item__arrow">›</span> 1571 libfido2/libfido2-1@1.10.0-1 1572 <span class="list-paths__item__arrow">›</span> 1573 openssl/libssl3@3.0.2-0ubuntu1.10 1574 1575 </span> 1576 1577 </li> 1578 <li> 1579 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1580 docker-image|quay.io/argoproj/argocd@v2.6.15 1581 <span class="list-paths__item__arrow">›</span> 1582 openssh/openssh-client@1:8.9p1-3ubuntu0.3 1583 <span class="list-paths__item__arrow">›</span> 1584 openssl/libssl3@3.0.2-0ubuntu1.10 1585 1586 </span> 1587 1588 </li> 1589 <li> 1590 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1591 docker-image|quay.io/argoproj/argocd@v2.6.15 1592 <span class="list-paths__item__arrow">›</span> 1593 ca-certificates@20230311ubuntu0.22.04.1 1594 <span class="list-paths__item__arrow">›</span> 1595 openssl@3.0.2-0ubuntu1.10 1596 <span class="list-paths__item__arrow">›</span> 1597 openssl/libssl3@3.0.2-0ubuntu1.10 1598 1599 </span> 1600 1601 </li> 1602 <li> 1603 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1604 docker-image|quay.io/argoproj/argocd@v2.6.15 1605 <span class="list-paths__item__arrow">›</span> 1606 git@1:2.34.1-1ubuntu1.10 1607 <span class="list-paths__item__arrow">›</span> 1608 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 1609 <span class="list-paths__item__arrow">›</span> 1610 libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 1611 <span class="list-paths__item__arrow">›</span> 1612 openssl/libssl3@3.0.2-0ubuntu1.10 1613 1614 </span> 1615 1616 </li> 1617 <li> 1618 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1619 docker-image|quay.io/argoproj/argocd@v2.6.15 1620 <span class="list-paths__item__arrow">›</span> 1621 adduser@3.118ubuntu5 1622 <span class="list-paths__item__arrow">›</span> 1623 shadow/passwd@1:4.8.1-2ubuntu2.1 1624 <span class="list-paths__item__arrow">›</span> 1625 pam/libpam-modules@1.4.0-11ubuntu2.3 1626 <span class="list-paths__item__arrow">›</span> 1627 libnsl/libnsl2@1.3.0-2build2 1628 <span class="list-paths__item__arrow">›</span> 1629 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 1630 <span class="list-paths__item__arrow">›</span> 1631 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 1632 <span class="list-paths__item__arrow">›</span> 1633 krb5/libkrb5-3@1.19.2-2ubuntu0.2 1634 <span class="list-paths__item__arrow">›</span> 1635 openssl/libssl3@3.0.2-0ubuntu1.10 1636 1637 </span> 1638 1639 </li> 1640 <li> 1641 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1642 docker-image|quay.io/argoproj/argocd@v2.6.15 1643 <span class="list-paths__item__arrow">›</span> 1644 openssl@3.0.2-0ubuntu1.10 1645 1646 </span> 1647 1648 </li> 1649 <li> 1650 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1651 docker-image|quay.io/argoproj/argocd@v2.6.15 1652 <span class="list-paths__item__arrow">›</span> 1653 ca-certificates@20230311ubuntu0.22.04.1 1654 <span class="list-paths__item__arrow">›</span> 1655 openssl@3.0.2-0ubuntu1.10 1656 1657 </span> 1658 1659 </li> 1660 </ul><!-- .list-paths --> 1661 1662 </div><!-- .card__section --> 1663 1664 <hr/> 1665 <!-- Overview --> 1666 <h2 id="nvd-description">NVD Description</h2> 1667 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>openssl</code> package and not the <code>openssl</code> package as distributed by <code>Ubuntu</code>.</em> 1668 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 1669 <p>Issue summary: A bug has been identified in the processing of key and 1670 initialisation vector (IV) lengths. This can lead to potential truncation 1671 or overruns during the initialisation of some symmetric ciphers.</p> 1672 <p>Impact summary: A truncation in the IV can result in non-uniqueness, 1673 which could result in loss of confidentiality for some cipher modes.</p> 1674 <p>When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or 1675 EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after 1676 the key and IV have been established. Any alterations to the key length, 1677 via the "keylen" parameter or the IV length, via the "ivlen" parameter, 1678 within the OSSL_PARAM array will not take effect as intended, potentially 1679 causing truncation or overreading of these values. The following ciphers 1680 and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.</p> 1681 <p>For the CCM, GCM and OCB cipher modes, truncation of the IV can result in 1682 loss of confidentiality. For example, when following NIST's SP 800-38D 1683 section 8.2.1 guidance for constructing a deterministic IV for AES in 1684 GCM mode, truncation of the counter portion could lead to IV reuse.</p> 1685 <p>Both truncations and overruns of the key and overruns of the IV will 1686 produce incorrect results and could, in some cases, trigger a memory 1687 exception. However, these issues are not currently assessed as security 1688 critical.</p> 1689 <p>Changing the key and/or IV lengths is not considered to be a common operation 1690 and the vulnerable API was recently introduced. Furthermore it is likely that 1691 application developers will have spotted this problem during testing since 1692 decryption would fail unless both peers in the communication were similarly 1693 vulnerable. For these reasons we expect the probability of an application being 1694 vulnerable to this to be quite low. However if an application is vulnerable then 1695 this issue is considered very serious. For these reasons we have assessed this 1696 issue as Moderate severity overall.</p> 1697 <p>The OpenSSL SSL/TLS implementation is not affected by this issue.</p> 1698 <p>The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because 1699 the issue lies outside of the FIPS provider boundary.</p> 1700 <p>OpenSSL 3.1 and 3.0 are vulnerable to this issue.</p> 1701 <h2 id="remediation">Remediation</h2> 1702 <p>Upgrade <code>Ubuntu:22.04</code> <code>openssl</code> to version 3.0.2-0ubuntu1.12 or higher.</p> 1703 <h2 id="references">References</h2> 1704 <ul> 1705 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-5363">ADVISORY</a></li> 1706 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/24/1">openssl-security@openssl.org</a></li> 1707 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d">openssl-security@openssl.org</a></li> 1708 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee">openssl-security@openssl.org</a></li> 1709 <li><a href="https://www.debian.org/security/2023/dsa-5532">openssl-security@openssl.org</a></li> 1710 <li><a href="https://www.openssl.org/news/secadv/20231024.txt">openssl-security@openssl.org</a></li> 1711 <li><a href="https://security.netapp.com/advisory/ntap-20231027-0010/">openssl-security@openssl.org</a></li> 1712 </ul> 1713 1714 <hr/> 1715 1716 <div class="cta card__cta"> 1717 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-OPENSSL-6032358">More about this vulnerability</a></p> 1718 </div> 1719 1720 </div><!-- .card --> 1721 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 1722 <h2 class="card__title">Out-of-bounds Read</h2> 1723 <div class="card__section"> 1724 1725 <div class="label label--medium"> 1726 <span class="label__text">medium severity</span> 1727 </div> 1728 1729 <hr/> 1730 1731 <ul class="card__meta"> 1732 <li class="card__meta__item"> 1733 Package Manager: ubuntu:22.04 1734 </li> 1735 <li class="card__meta__item"> 1736 Vulnerable module: 1737 1738 libx11/libx11-data 1739 </li> 1740 1741 <li class="card__meta__item">Introduced through: 1742 1743 docker-image|quay.io/argoproj/argocd@v2.6.15 and libx11/libx11-data@2:1.7.5-1ubuntu0.2 1744 1745 </li> 1746 </ul> 1747 1748 <hr/> 1749 1750 1751 <h3 class="card__section__title">Detailed paths</h3> 1752 1753 <ul class="card__meta__paths"> 1754 <li> 1755 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1756 docker-image|quay.io/argoproj/argocd@v2.6.15 1757 <span class="list-paths__item__arrow">›</span> 1758 libx11/libx11-data@2:1.7.5-1ubuntu0.2 1759 1760 </span> 1761 1762 </li> 1763 <li> 1764 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1765 docker-image|quay.io/argoproj/argocd@v2.6.15 1766 <span class="list-paths__item__arrow">›</span> 1767 libx11/libx11-6@2:1.7.5-1ubuntu0.2 1768 <span class="list-paths__item__arrow">›</span> 1769 libx11/libx11-data@2:1.7.5-1ubuntu0.2 1770 1771 </span> 1772 1773 </li> 1774 <li> 1775 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1776 docker-image|quay.io/argoproj/argocd@v2.6.15 1777 <span class="list-paths__item__arrow">›</span> 1778 libx11/libx11-6@2:1.7.5-1ubuntu0.2 1779 1780 </span> 1781 1782 </li> 1783 <li> 1784 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1785 docker-image|quay.io/argoproj/argocd@v2.6.15 1786 <span class="list-paths__item__arrow">›</span> 1787 libxext/libxext6@2:1.3.4-1build1 1788 <span class="list-paths__item__arrow">›</span> 1789 libx11/libx11-6@2:1.7.5-1ubuntu0.2 1790 1791 </span> 1792 1793 </li> 1794 <li> 1795 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1796 docker-image|quay.io/argoproj/argocd@v2.6.15 1797 <span class="list-paths__item__arrow">›</span> 1798 libxmu/libxmuu1@2:1.1.3-3 1799 <span class="list-paths__item__arrow">›</span> 1800 libx11/libx11-6@2:1.7.5-1ubuntu0.2 1801 1802 </span> 1803 1804 </li> 1805 <li> 1806 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1807 docker-image|quay.io/argoproj/argocd@v2.6.15 1808 <span class="list-paths__item__arrow">›</span> 1809 xauth@1:1.1-1build2 1810 <span class="list-paths__item__arrow">›</span> 1811 libx11/libx11-6@2:1.7.5-1ubuntu0.2 1812 1813 </span> 1814 1815 </li> 1816 </ul><!-- .list-paths --> 1817 1818 </div><!-- .card__section --> 1819 1820 <hr/> 1821 <!-- Overview --> 1822 <h2 id="nvd-description">NVD Description</h2> 1823 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>libx11</code> package and not the <code>libx11</code> package as distributed by <code>Ubuntu</code>.</em> 1824 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 1825 <p>A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.</p> 1826 <h2 id="remediation">Remediation</h2> 1827 <p>Upgrade <code>Ubuntu:22.04</code> <code>libx11</code> to version 2:1.7.5-1ubuntu0.3 or higher.</p> 1828 <h2 id="references">References</h2> 1829 <ul> 1830 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-43785">ADVISORY</a></li> 1831 <li><a href="https://access.redhat.com/security/cve/CVE-2023-43785">secalert@redhat.com</a></li> 1832 <li><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2242252">secalert@redhat.com</a></li> 1833 </ul> 1834 1835 <hr/> 1836 1837 <div class="cta card__cta"> 1838 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-LIBX11-5927337">More about this vulnerability</a></p> 1839 </div> 1840 1841 </div><!-- .card --> 1842 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 1843 <h2 class="card__title">Loop with Unreachable Exit Condition ('Infinite Loop')</h2> 1844 <div class="card__section"> 1845 1846 <div class="label label--medium"> 1847 <span class="label__text">medium severity</span> 1848 </div> 1849 1850 <hr/> 1851 1852 <ul class="card__meta"> 1853 <li class="card__meta__item"> 1854 Package Manager: ubuntu:22.04 1855 </li> 1856 <li class="card__meta__item"> 1857 Vulnerable module: 1858 1859 libx11/libx11-data 1860 </li> 1861 1862 <li class="card__meta__item">Introduced through: 1863 1864 docker-image|quay.io/argoproj/argocd@v2.6.15 and libx11/libx11-data@2:1.7.5-1ubuntu0.2 1865 1866 </li> 1867 </ul> 1868 1869 <hr/> 1870 1871 1872 <h3 class="card__section__title">Detailed paths</h3> 1873 1874 <ul class="card__meta__paths"> 1875 <li> 1876 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1877 docker-image|quay.io/argoproj/argocd@v2.6.15 1878 <span class="list-paths__item__arrow">›</span> 1879 libx11/libx11-data@2:1.7.5-1ubuntu0.2 1880 1881 </span> 1882 1883 </li> 1884 <li> 1885 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1886 docker-image|quay.io/argoproj/argocd@v2.6.15 1887 <span class="list-paths__item__arrow">›</span> 1888 libx11/libx11-6@2:1.7.5-1ubuntu0.2 1889 <span class="list-paths__item__arrow">›</span> 1890 libx11/libx11-data@2:1.7.5-1ubuntu0.2 1891 1892 </span> 1893 1894 </li> 1895 <li> 1896 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1897 docker-image|quay.io/argoproj/argocd@v2.6.15 1898 <span class="list-paths__item__arrow">›</span> 1899 libx11/libx11-6@2:1.7.5-1ubuntu0.2 1900 1901 </span> 1902 1903 </li> 1904 <li> 1905 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1906 docker-image|quay.io/argoproj/argocd@v2.6.15 1907 <span class="list-paths__item__arrow">›</span> 1908 libxext/libxext6@2:1.3.4-1build1 1909 <span class="list-paths__item__arrow">›</span> 1910 libx11/libx11-6@2:1.7.5-1ubuntu0.2 1911 1912 </span> 1913 1914 </li> 1915 <li> 1916 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1917 docker-image|quay.io/argoproj/argocd@v2.6.15 1918 <span class="list-paths__item__arrow">›</span> 1919 libxmu/libxmuu1@2:1.1.3-3 1920 <span class="list-paths__item__arrow">›</span> 1921 libx11/libx11-6@2:1.7.5-1ubuntu0.2 1922 1923 </span> 1924 1925 </li> 1926 <li> 1927 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1928 docker-image|quay.io/argoproj/argocd@v2.6.15 1929 <span class="list-paths__item__arrow">›</span> 1930 xauth@1:1.1-1build2 1931 <span class="list-paths__item__arrow">›</span> 1932 libx11/libx11-6@2:1.7.5-1ubuntu0.2 1933 1934 </span> 1935 1936 </li> 1937 </ul><!-- .list-paths --> 1938 1939 </div><!-- .card__section --> 1940 1941 <hr/> 1942 <!-- Overview --> 1943 <h2 id="nvd-description">NVD Description</h2> 1944 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>libx11</code> package and not the <code>libx11</code> package as distributed by <code>Ubuntu</code>.</em> 1945 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 1946 <p>A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.</p> 1947 <h2 id="remediation">Remediation</h2> 1948 <p>Upgrade <code>Ubuntu:22.04</code> <code>libx11</code> to version 2:1.7.5-1ubuntu0.3 or higher.</p> 1949 <h2 id="references">References</h2> 1950 <ul> 1951 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-43786">ADVISORY</a></li> 1952 <li><a href="https://access.redhat.com/security/cve/CVE-2023-43786">secalert@redhat.com</a></li> 1953 <li><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2242253">secalert@redhat.com</a></li> 1954 </ul> 1955 1956 <hr/> 1957 1958 <div class="cta card__cta"> 1959 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-LIBX11-5927424">More about this vulnerability</a></p> 1960 </div> 1961 1962 </div><!-- .card --> 1963 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 1964 <h2 class="card__title">Integer Overflow or Wraparound</h2> 1965 <div class="card__section"> 1966 1967 <div class="label label--medium"> 1968 <span class="label__text">medium severity</span> 1969 </div> 1970 1971 <hr/> 1972 1973 <ul class="card__meta"> 1974 <li class="card__meta__item"> 1975 Package Manager: ubuntu:22.04 1976 </li> 1977 <li class="card__meta__item"> 1978 Vulnerable module: 1979 1980 libx11/libx11-data 1981 </li> 1982 1983 <li class="card__meta__item">Introduced through: 1984 1985 docker-image|quay.io/argoproj/argocd@v2.6.15 and libx11/libx11-data@2:1.7.5-1ubuntu0.2 1986 1987 </li> 1988 </ul> 1989 1990 <hr/> 1991 1992 1993 <h3 class="card__section__title">Detailed paths</h3> 1994 1995 <ul class="card__meta__paths"> 1996 <li> 1997 <span class="list-paths__item__introduced"><em>Introduced through</em>: 1998 docker-image|quay.io/argoproj/argocd@v2.6.15 1999 <span class="list-paths__item__arrow">›</span> 2000 libx11/libx11-data@2:1.7.5-1ubuntu0.2 2001 2002 </span> 2003 2004 </li> 2005 <li> 2006 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2007 docker-image|quay.io/argoproj/argocd@v2.6.15 2008 <span class="list-paths__item__arrow">›</span> 2009 libx11/libx11-6@2:1.7.5-1ubuntu0.2 2010 <span class="list-paths__item__arrow">›</span> 2011 libx11/libx11-data@2:1.7.5-1ubuntu0.2 2012 2013 </span> 2014 2015 </li> 2016 <li> 2017 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2018 docker-image|quay.io/argoproj/argocd@v2.6.15 2019 <span class="list-paths__item__arrow">›</span> 2020 libx11/libx11-6@2:1.7.5-1ubuntu0.2 2021 2022 </span> 2023 2024 </li> 2025 <li> 2026 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2027 docker-image|quay.io/argoproj/argocd@v2.6.15 2028 <span class="list-paths__item__arrow">›</span> 2029 libxext/libxext6@2:1.3.4-1build1 2030 <span class="list-paths__item__arrow">›</span> 2031 libx11/libx11-6@2:1.7.5-1ubuntu0.2 2032 2033 </span> 2034 2035 </li> 2036 <li> 2037 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2038 docker-image|quay.io/argoproj/argocd@v2.6.15 2039 <span class="list-paths__item__arrow">›</span> 2040 libxmu/libxmuu1@2:1.1.3-3 2041 <span class="list-paths__item__arrow">›</span> 2042 libx11/libx11-6@2:1.7.5-1ubuntu0.2 2043 2044 </span> 2045 2046 </li> 2047 <li> 2048 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2049 docker-image|quay.io/argoproj/argocd@v2.6.15 2050 <span class="list-paths__item__arrow">›</span> 2051 xauth@1:1.1-1build2 2052 <span class="list-paths__item__arrow">›</span> 2053 libx11/libx11-6@2:1.7.5-1ubuntu0.2 2054 2055 </span> 2056 2057 </li> 2058 </ul><!-- .list-paths --> 2059 2060 </div><!-- .card__section --> 2061 2062 <hr/> 2063 <!-- Overview --> 2064 <h2 id="nvd-description">NVD Description</h2> 2065 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>libx11</code> package and not the <code>libx11</code> package as distributed by <code>Ubuntu</code>.</em> 2066 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 2067 <p>A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.</p> 2068 <h2 id="remediation">Remediation</h2> 2069 <p>Upgrade <code>Ubuntu:22.04</code> <code>libx11</code> to version 2:1.7.5-1ubuntu0.3 or higher.</p> 2070 <h2 id="references">References</h2> 2071 <ul> 2072 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-43787">ADVISORY</a></li> 2073 <li><a href="https://access.redhat.com/security/cve/CVE-2023-43787">secalert@redhat.com</a></li> 2074 <li><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2242254">secalert@redhat.com</a></li> 2075 </ul> 2076 2077 <hr/> 2078 2079 <div class="cta card__cta"> 2080 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-LIBX11-5927448">More about this vulnerability</a></p> 2081 </div> 2082 2083 </div><!-- .card --> 2084 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2085 <h2 class="card__title">Access of Uninitialized Pointer</h2> 2086 <div class="card__section"> 2087 2088 <div class="label label--medium"> 2089 <span class="label__text">medium severity</span> 2090 </div> 2091 2092 <hr/> 2093 2094 <ul class="card__meta"> 2095 <li class="card__meta__item"> 2096 Package Manager: ubuntu:22.04 2097 </li> 2098 <li class="card__meta__item"> 2099 Vulnerable module: 2100 2101 krb5/libk5crypto3 2102 </li> 2103 2104 <li class="card__meta__item">Introduced through: 2105 2106 docker-image|quay.io/argoproj/argocd@v2.6.15 and krb5/libk5crypto3@1.19.2-2ubuntu0.2 2107 2108 </li> 2109 </ul> 2110 2111 <hr/> 2112 2113 2114 <h3 class="card__section__title">Detailed paths</h3> 2115 2116 <ul class="card__meta__paths"> 2117 <li> 2118 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2119 docker-image|quay.io/argoproj/argocd@v2.6.15 2120 <span class="list-paths__item__arrow">›</span> 2121 krb5/libk5crypto3@1.19.2-2ubuntu0.2 2122 2123 </span> 2124 2125 </li> 2126 <li> 2127 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2128 docker-image|quay.io/argoproj/argocd@v2.6.15 2129 <span class="list-paths__item__arrow">›</span> 2130 adduser@3.118ubuntu5 2131 <span class="list-paths__item__arrow">›</span> 2132 shadow/passwd@1:4.8.1-2ubuntu2.1 2133 <span class="list-paths__item__arrow">›</span> 2134 pam/libpam-modules@1.4.0-11ubuntu2.3 2135 <span class="list-paths__item__arrow">›</span> 2136 libnsl/libnsl2@1.3.0-2build2 2137 <span class="list-paths__item__arrow">›</span> 2138 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 2139 <span class="list-paths__item__arrow">›</span> 2140 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 2141 <span class="list-paths__item__arrow">›</span> 2142 krb5/libk5crypto3@1.19.2-2ubuntu0.2 2143 2144 </span> 2145 2146 </li> 2147 <li> 2148 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2149 docker-image|quay.io/argoproj/argocd@v2.6.15 2150 <span class="list-paths__item__arrow">›</span> 2151 adduser@3.118ubuntu5 2152 <span class="list-paths__item__arrow">›</span> 2153 shadow/passwd@1:4.8.1-2ubuntu2.1 2154 <span class="list-paths__item__arrow">›</span> 2155 pam/libpam-modules@1.4.0-11ubuntu2.3 2156 <span class="list-paths__item__arrow">›</span> 2157 libnsl/libnsl2@1.3.0-2build2 2158 <span class="list-paths__item__arrow">›</span> 2159 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 2160 <span class="list-paths__item__arrow">›</span> 2161 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 2162 <span class="list-paths__item__arrow">›</span> 2163 krb5/libkrb5-3@1.19.2-2ubuntu0.2 2164 <span class="list-paths__item__arrow">›</span> 2165 krb5/libk5crypto3@1.19.2-2ubuntu0.2 2166 2167 </span> 2168 2169 </li> 2170 <li> 2171 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2172 docker-image|quay.io/argoproj/argocd@v2.6.15 2173 <span class="list-paths__item__arrow">›</span> 2174 krb5/libkrb5-3@1.19.2-2ubuntu0.2 2175 2176 </span> 2177 2178 </li> 2179 <li> 2180 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2181 docker-image|quay.io/argoproj/argocd@v2.6.15 2182 <span class="list-paths__item__arrow">›</span> 2183 adduser@3.118ubuntu5 2184 <span class="list-paths__item__arrow">›</span> 2185 shadow/passwd@1:4.8.1-2ubuntu2.1 2186 <span class="list-paths__item__arrow">›</span> 2187 pam/libpam-modules@1.4.0-11ubuntu2.3 2188 <span class="list-paths__item__arrow">›</span> 2189 libnsl/libnsl2@1.3.0-2build2 2190 <span class="list-paths__item__arrow">›</span> 2191 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 2192 <span class="list-paths__item__arrow">›</span> 2193 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 2194 <span class="list-paths__item__arrow">›</span> 2195 krb5/libkrb5-3@1.19.2-2ubuntu0.2 2196 2197 </span> 2198 2199 </li> 2200 <li> 2201 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2202 docker-image|quay.io/argoproj/argocd@v2.6.15 2203 <span class="list-paths__item__arrow">›</span> 2204 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 2205 2206 </span> 2207 2208 </li> 2209 <li> 2210 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2211 docker-image|quay.io/argoproj/argocd@v2.6.15 2212 <span class="list-paths__item__arrow">›</span> 2213 openssh/openssh-client@1:8.9p1-3ubuntu0.3 2214 <span class="list-paths__item__arrow">›</span> 2215 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 2216 2217 </span> 2218 2219 </li> 2220 <li> 2221 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2222 docker-image|quay.io/argoproj/argocd@v2.6.15 2223 <span class="list-paths__item__arrow">›</span> 2224 git@1:2.34.1-1ubuntu1.10 2225 <span class="list-paths__item__arrow">›</span> 2226 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 2227 <span class="list-paths__item__arrow">›</span> 2228 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 2229 2230 </span> 2231 2232 </li> 2233 <li> 2234 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2235 docker-image|quay.io/argoproj/argocd@v2.6.15 2236 <span class="list-paths__item__arrow">›</span> 2237 git@1:2.34.1-1ubuntu1.10 2238 <span class="list-paths__item__arrow">›</span> 2239 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 2240 <span class="list-paths__item__arrow">›</span> 2241 libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 2242 <span class="list-paths__item__arrow">›</span> 2243 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 2244 2245 </span> 2246 2247 </li> 2248 <li> 2249 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2250 docker-image|quay.io/argoproj/argocd@v2.6.15 2251 <span class="list-paths__item__arrow">›</span> 2252 adduser@3.118ubuntu5 2253 <span class="list-paths__item__arrow">›</span> 2254 shadow/passwd@1:4.8.1-2ubuntu2.1 2255 <span class="list-paths__item__arrow">›</span> 2256 pam/libpam-modules@1.4.0-11ubuntu2.3 2257 <span class="list-paths__item__arrow">›</span> 2258 libnsl/libnsl2@1.3.0-2build2 2259 <span class="list-paths__item__arrow">›</span> 2260 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 2261 <span class="list-paths__item__arrow">›</span> 2262 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 2263 2264 </span> 2265 2266 </li> 2267 <li> 2268 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2269 docker-image|quay.io/argoproj/argocd@v2.6.15 2270 <span class="list-paths__item__arrow">›</span> 2271 krb5/libkrb5support0@1.19.2-2ubuntu0.2 2272 2273 </span> 2274 2275 </li> 2276 </ul><!-- .list-paths --> 2277 2278 </div><!-- .card__section --> 2279 2280 <hr/> 2281 <!-- Overview --> 2282 <h2 id="nvd-description">NVD Description</h2> 2283 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>krb5</code> package and not the <code>krb5</code> package as distributed by <code>Ubuntu</code>.</em> 2284 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 2285 <p>lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.</p> 2286 <h2 id="remediation">Remediation</h2> 2287 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>krb5</code>.</p> 2288 <h2 id="references">References</h2> 2289 <ul> 2290 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-36054">ADVISORY</a></li> 2291 <li><a href="https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd">cve@mitre.org</a></li> 2292 <li><a href="https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final">cve@mitre.org</a></li> 2293 <li><a href="https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final">cve@mitre.org</a></li> 2294 <li><a href="https://web.mit.edu/kerberos/www/advisories/">cve@mitre.org</a></li> 2295 <li><a href="https://security.netapp.com/advisory/ntap-20230908-0004/">cve@mitre.org</a></li> 2296 <li><a href="https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html">cve@mitre.org</a></li> 2297 </ul> 2298 2299 <hr/> 2300 2301 <div class="cta card__cta"> 2302 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-KRB5-5838335">More about this vulnerability</a></p> 2303 </div> 2304 2305 </div><!-- .card --> 2306 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2307 <h2 class="card__title">Improper Input Validation</h2> 2308 <div class="card__section"> 2309 2310 <div class="label label--medium"> 2311 <span class="label__text">medium severity</span> 2312 </div> 2313 2314 <hr/> 2315 2316 <ul class="card__meta"> 2317 <li class="card__meta__item"> 2318 Package Manager: golang 2319 </li> 2320 <li class="card__meta__item"> 2321 Vulnerable module: 2322 2323 golang.org/x/text/language 2324 </li> 2325 2326 <li class="card__meta__item">Introduced through: 2327 2328 sigs.k8s.io/kustomize/kustomize/v4@* and golang.org/x/text/language@v0.3.7 2329 2330 </li> 2331 </ul> 2332 2333 <hr/> 2334 2335 2336 <h3 class="card__section__title">Detailed paths</h3> 2337 2338 <ul class="card__meta__paths"> 2339 <li> 2340 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2341 sigs.k8s.io/kustomize/kustomize/v4@* 2342 <span class="list-paths__item__arrow">›</span> 2343 golang.org/x/text/language@v0.3.7 2344 2345 </span> 2346 2347 </li> 2348 <li> 2349 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2350 helm.sh/helm/v3@* 2351 <span class="list-paths__item__arrow">›</span> 2352 golang.org/x/text/language@v0.3.7 2353 2354 </span> 2355 2356 </li> 2357 </ul><!-- .list-paths --> 2358 2359 </div><!-- .card__section --> 2360 2361 <hr/> 2362 <!-- Overview --> 2363 <h2 id="overview">Overview</h2> 2364 <p>Affected versions of this package are vulnerable to Improper Input Validation due to the parser being, by design, exposed to untrusted user input, which can be leveraged to force a program to consume significant time parsing <code>Accept-Language</code> headers.</p> 2365 <h2 id="remediation">Remediation</h2> 2366 <p>Upgrade <code>golang.org/x/text/language</code> to version 0.3.8 or higher.</p> 2367 <h2 id="references">References</h2> 2368 <ul> 2369 <li><a href="https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c">GitHub Commit</a></li> 2370 <li><a href="https://github.com/golang/go/issues/56152">GitHub Issue</a></li> 2371 <li><a href="https://github.com/golang/text/releases/tag/v0.3.8">GitHub Release</a></li> 2372 <li><a href="https://groups.google.com/g/golang-dev/c/qfPIly0X7aU">Google Groups Forum</a></li> 2373 <li><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2134010">RedHat Bugzilla Bug</a></li> 2374 </ul> 2375 2376 <hr/> 2377 2378 <div class="cta card__cta"> 2379 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOLANGORGXTEXTLANGUAGE-3043869">More about this vulnerability</a></p> 2380 </div> 2381 2382 </div><!-- .card --> 2383 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2384 <h2 class="card__title">Incorrect Privilege Assignment</h2> 2385 <div class="card__section"> 2386 2387 <div class="label label--medium"> 2388 <span class="label__text">medium severity</span> 2389 </div> 2390 2391 <hr/> 2392 2393 <ul class="card__meta"> 2394 <li class="card__meta__item"> 2395 Package Manager: golang 2396 </li> 2397 <li class="card__meta__item"> 2398 Vulnerable module: 2399 2400 golang.org/x/sys/unix 2401 </li> 2402 2403 <li class="card__meta__item">Introduced through: 2404 2405 helm.sh/helm/v3@* and golang.org/x/sys/unix@v0.0.0-20220722155257-8c9f86f7a55f 2406 2407 </li> 2408 </ul> 2409 2410 <hr/> 2411 2412 2413 <h3 class="card__section__title">Detailed paths</h3> 2414 2415 <ul class="card__meta__paths"> 2416 <li> 2417 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2418 helm.sh/helm/v3@* 2419 <span class="list-paths__item__arrow">›</span> 2420 golang.org/x/sys/unix@v0.0.0-20220722155257-8c9f86f7a55f 2421 2422 </span> 2423 2424 </li> 2425 </ul><!-- .list-paths --> 2426 2427 </div><!-- .card__section --> 2428 2429 <hr/> 2430 <!-- Overview --> 2431 <h2 id="overview">Overview</h2> 2432 <p>Affected versions of this package are vulnerable to Incorrect Privilege Assignment such that when called with a non-zero flags parameter, the <code>Faccessat</code> function can incorrectly report that a file is accessible.</p> 2433 <h2 id="remediation">Remediation</h2> 2434 <p>Upgrade <code>golang.org/x/sys/unix</code> to version 0.1.0 or higher.</p> 2435 <h2 id="references">References</h2> 2436 <ul> 2437 <li><a href="https://github.com/golang/sys/commit/33da011f77ade50ff5b6a6fb4a9a1e6d6b285809">GitHub Commit</a></li> 2438 <li><a href="https://github.com/golang/sys/releases/tag/v0.1.0">GitHub Release</a></li> 2439 </ul> 2440 2441 <hr/> 2442 2443 <div class="cta card__cta"> 2444 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOLANGORGXSYSUNIX-3310442">More about this vulnerability</a></p> 2445 </div> 2446 2447 </div><!-- .card --> 2448 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2449 <h2 class="card__title">Denial of Service (DoS)</h2> 2450 <div class="card__section"> 2451 2452 <div class="label label--medium"> 2453 <span class="label__text">medium severity</span> 2454 </div> 2455 2456 <hr/> 2457 2458 <ul class="card__meta"> 2459 <li class="card__meta__item"> 2460 Package Manager: golang 2461 </li> 2462 <li class="card__meta__item"> 2463 Vulnerable module: 2464 2465 golang.org/x/net/http2 2466 </li> 2467 2468 <li class="card__meta__item">Introduced through: 2469 2470 helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b 2471 2472 </li> 2473 </ul> 2474 2475 <hr/> 2476 2477 2478 <h3 class="card__section__title">Detailed paths</h3> 2479 2480 <ul class="card__meta__paths"> 2481 <li> 2482 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2483 helm.sh/helm/v3@* 2484 <span class="list-paths__item__arrow">›</span> 2485 golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b 2486 2487 </span> 2488 2489 </li> 2490 </ul><!-- .list-paths --> 2491 2492 </div><!-- .card__section --> 2493 2494 <hr/> 2495 <!-- Overview --> 2496 <h2 id="overview">Overview</h2> 2497 <p><a href="https://pkg.go.dev/golang.org/x/net@v0.0.0-20211209100829-84cba5454caf/http2#section-readme">golang.org/x/net/http2</a> is a work-in-progress HTTP/2 implementation for Go.</p> 2498 <p>Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper checks and limitations for the number of entries in the cache, which can allow an attacker to consume unbounded amounts of memory by sending a small number of very large keys.</p> 2499 <h2 id="details">Details</h2> 2500 <p>Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.</p> 2501 <p>Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.</p> 2502 <p>One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.</p> 2503 <p>When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.</p> 2504 <p>Two common types of DoS vulnerabilities:</p> 2505 <ul> 2506 <li><p>High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, <a href="SNYK-JAVA-COMMONSFILEUPLOAD-30082">commons-fileupload:commons-fileupload</a>.</p> 2507 </li> 2508 <li><p>Crash - An attacker sending crafted requests that could cause the system to crash. For Example, <a href="https://snyk.io/vuln/npm:ws:20171108">npm <code>ws</code> package</a></p> 2509 </li> 2510 </ul> 2511 <h2 id="remediation">Remediation</h2> 2512 <p>Upgrade <code>golang.org/x/net/http2</code> to version 0.4.0 or higher.</p> 2513 <h2 id="references">References</h2> 2514 <ul> 2515 <li><a href="https://cs.opensource.google/go/x/net/+/1e63c2f08a10a150fa02c50ece89b340ae64efe4">Fix Commit</a></li> 2516 <li><a href="https://go-review.googlesource.com/c/net/+/455635">Fix Commit</a></li> 2517 <li><a href="https://github.com/golang/net/commit/1e63c2f08a10a150fa02c50ece89b340ae64efe4">GitHub Commit</a></li> 2518 <li><a href="https://github.com/golang/go/issues/56350">GitHub Issue</a></li> 2519 </ul> 2520 2521 <hr/> 2522 2523 <div class="cta card__cta"> 2524 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2-3160322">More about this vulnerability</a></p> 2525 </div> 2526 2527 </div><!-- .card --> 2528 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2529 <h2 class="card__title">Improper Verification of Cryptographic Signature</h2> 2530 <div class="card__section"> 2531 2532 <div class="label label--medium"> 2533 <span class="label__text">medium severity</span> 2534 </div> 2535 2536 <hr/> 2537 2538 <ul class="card__meta"> 2539 <li class="card__meta__item"> 2540 Package Manager: golang 2541 </li> 2542 <li class="card__meta__item"> 2543 Vulnerable module: 2544 2545 golang.org/x/crypto/openpgp/clearsign 2546 </li> 2547 2548 <li class="card__meta__item">Introduced through: 2549 2550 helm.sh/helm/v3@* and golang.org/x/crypto/openpgp/clearsign@v0.0.0-20220525230936-793ad666bf5e 2551 2552 </li> 2553 </ul> 2554 2555 <hr/> 2556 2557 2558 <h3 class="card__section__title">Detailed paths</h3> 2559 2560 <ul class="card__meta__paths"> 2561 <li> 2562 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2563 helm.sh/helm/v3@* 2564 <span class="list-paths__item__arrow">›</span> 2565 golang.org/x/crypto/openpgp/clearsign@v0.0.0-20220525230936-793ad666bf5e 2566 2567 </span> 2568 2569 </li> 2570 </ul><!-- .list-paths --> 2571 2572 </div><!-- .card__section --> 2573 2574 <hr/> 2575 <!-- Overview --> 2576 <h2 id="overview">Overview</h2> 2577 <p>Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the <code>crypto/openpgp/clearsign/clearsign.go</code> component. An attacker can spoof the 'Hash' Armor Header, leading a victim to believe the signature was generated using a different message digest algorithm than what was actually used. Moreover, the attacker can prepend arbitrary text to cleartext messages without invalidating the signatures.</p> 2578 <h2 id="remediation">Remediation</h2> 2579 <p>Upgrade <code>golang.org/x/crypto/openpgp/clearsign</code> to version 0.1.0 or higher.</p> 2580 <h2 id="references">References</h2> 2581 <ul> 2582 <li><a href="https://github.com/golang/crypto/commit/c05e17bb3b2dca130fc919668a96b4bec9eb9442">GitHub Commit</a></li> 2583 <li><a href="https://groups.google.com/d/msg/golang-openpgp/6vdgZoTgbIY/K6bBY9z3DAAJ">Google Groups Forum</a></li> 2584 <li><a href="http://packetstormsecurity.com/files/152840/Go-Cryptography-Libraries-Cleartext-Message-Spoofing.html">Packet Storm</a></li> 2585 </ul> 2586 2587 <hr/> 2588 2589 <div class="cta card__cta"> 2590 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GOLANGORGXCRYPTOOPENPGPCLEARSIGN-5813980">More about this vulnerability</a></p> 2591 </div> 2592 2593 </div><!-- .card --> 2594 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2595 <h2 class="card__title">Memory Leak</h2> 2596 <div class="card__section"> 2597 2598 <div class="label label--medium"> 2599 <span class="label__text">medium severity</span> 2600 </div> 2601 2602 <hr/> 2603 2604 <ul class="card__meta"> 2605 <li class="card__meta__item"> 2606 Package Manager: ubuntu:22.04 2607 </li> 2608 <li class="card__meta__item"> 2609 Vulnerable module: 2610 2611 glibc/libc-bin 2612 </li> 2613 2614 <li class="card__meta__item">Introduced through: 2615 2616 docker-image|quay.io/argoproj/argocd@v2.6.15 and glibc/libc-bin@2.35-0ubuntu3.1 2617 2618 </li> 2619 </ul> 2620 2621 <hr/> 2622 2623 2624 <h3 class="card__section__title">Detailed paths</h3> 2625 2626 <ul class="card__meta__paths"> 2627 <li> 2628 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2629 docker-image|quay.io/argoproj/argocd@v2.6.15 2630 <span class="list-paths__item__arrow">›</span> 2631 glibc/libc-bin@2.35-0ubuntu3.1 2632 2633 </span> 2634 2635 </li> 2636 <li> 2637 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2638 docker-image|quay.io/argoproj/argocd@v2.6.15 2639 <span class="list-paths__item__arrow">›</span> 2640 glibc/libc6@2.35-0ubuntu3.1 2641 2642 </span> 2643 2644 </li> 2645 </ul><!-- .list-paths --> 2646 2647 </div><!-- .card__section --> 2648 2649 <hr/> 2650 <!-- Overview --> 2651 <h2 id="nvd-description">NVD Description</h2> 2652 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>glibc</code> package and not the <code>glibc</code> package as distributed by <code>Ubuntu</code>.</em> 2653 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 2654 <p>A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.</p> 2655 <h2 id="remediation">Remediation</h2> 2656 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>glibc</code>.</p> 2657 <h2 id="references">References</h2> 2658 <ul> 2659 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-5156">ADVISORY</a></li> 2660 <li><a href="https://access.redhat.com/security/cve/CVE-2023-5156">secalert@redhat.com</a></li> 2661 <li><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2240541">secalert@redhat.com</a></li> 2662 <li><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=30884">secalert@redhat.com</a></li> 2663 <li><a href="https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796">secalert@redhat.com</a></li> 2664 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/03/4">secalert@redhat.com</a></li> 2665 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/03/5">secalert@redhat.com</a></li> 2666 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/03/6">secalert@redhat.com</a></li> 2667 <li><a href="http://www.openwall.com/lists/oss-security/2023/10/03/8">secalert@redhat.com</a></li> 2668 </ul> 2669 2670 <hr/> 2671 2672 <div class="cta card__cta"> 2673 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-GLIBC-5919741">More about this vulnerability</a></p> 2674 </div> 2675 2676 </div><!-- .card --> 2677 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2678 <h2 class="card__title">MPL-2.0 license</h2> 2679 <div class="card__section"> 2680 2681 <div class="label label--medium"> 2682 <span class="label__text">medium severity</span> 2683 </div> 2684 2685 <hr/> 2686 2687 <ul class="card__meta"> 2688 <li class="card__meta__item"> 2689 Package Manager: golang 2690 </li> 2691 <li class="card__meta__item"> 2692 Module: 2693 2694 github.com/r3labs/diff 2695 </li> 2696 2697 <li class="card__meta__item">Introduced through: 2698 2699 github.com/argoproj/argo-cd/v2@* and github.com/r3labs/diff@v1.1.0 2700 2701 </li> 2702 </ul> 2703 2704 <hr/> 2705 2706 2707 <h3 class="card__section__title">Detailed paths</h3> 2708 2709 <ul class="card__meta__paths"> 2710 <li> 2711 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2712 github.com/argoproj/argo-cd/v2@* 2713 <span class="list-paths__item__arrow">›</span> 2714 github.com/r3labs/diff@v1.1.0 2715 2716 </span> 2717 2718 </li> 2719 </ul><!-- .list-paths --> 2720 2721 </div><!-- .card__section --> 2722 2723 <hr/> 2724 <!-- Overview --> 2725 <p>MPL-2.0 license</p> 2726 2727 <hr/> 2728 2729 <div class="cta card__cta"> 2730 <p><a href="https://snyk.io/vuln/snyk:lic:golang:github.com:r3labs:diff:MPL-2.0">More about this vulnerability</a></p> 2731 </div> 2732 2733 </div><!-- .card --> 2734 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2735 <h2 class="card__title">MPL-2.0 license</h2> 2736 <div class="card__section"> 2737 2738 <div class="label label--medium"> 2739 <span class="label__text">medium severity</span> 2740 </div> 2741 2742 <hr/> 2743 2744 <ul class="card__meta"> 2745 <li class="card__meta__item"> 2746 Package Manager: golang 2747 </li> 2748 <li class="card__meta__item"> 2749 Module: 2750 2751 github.com/hashicorp/go-version 2752 </li> 2753 2754 <li class="card__meta__item">Introduced through: 2755 2756 github.com/argoproj/argo-cd/v2@* and github.com/hashicorp/go-version@v1.2.1 2757 2758 </li> 2759 </ul> 2760 2761 <hr/> 2762 2763 2764 <h3 class="card__section__title">Detailed paths</h3> 2765 2766 <ul class="card__meta__paths"> 2767 <li> 2768 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2769 github.com/argoproj/argo-cd/v2@* 2770 <span class="list-paths__item__arrow">›</span> 2771 github.com/hashicorp/go-version@v1.2.1 2772 2773 </span> 2774 2775 </li> 2776 </ul><!-- .list-paths --> 2777 2778 </div><!-- .card__section --> 2779 2780 <hr/> 2781 <!-- Overview --> 2782 <p>MPL-2.0 license</p> 2783 2784 <hr/> 2785 2786 <div class="cta card__cta"> 2787 <p><a href="https://snyk.io/vuln/snyk:lic:golang:github.com:hashicorp:go-version:MPL-2.0">More about this vulnerability</a></p> 2788 </div> 2789 2790 </div><!-- .card --> 2791 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2792 <h2 class="card__title">MPL-2.0 license</h2> 2793 <div class="card__section"> 2794 2795 <div class="label label--medium"> 2796 <span class="label__text">medium severity</span> 2797 </div> 2798 2799 <hr/> 2800 2801 <ul class="card__meta"> 2802 <li class="card__meta__item"> 2803 Package Manager: golang 2804 </li> 2805 <li class="card__meta__item"> 2806 Module: 2807 2808 github.com/hashicorp/go-retryablehttp 2809 </li> 2810 2811 <li class="card__meta__item">Introduced through: 2812 2813 github.com/argoproj/argo-cd/v2@* and github.com/hashicorp/go-retryablehttp@v0.7.0 2814 2815 </li> 2816 </ul> 2817 2818 <hr/> 2819 2820 2821 <h3 class="card__section__title">Detailed paths</h3> 2822 2823 <ul class="card__meta__paths"> 2824 <li> 2825 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2826 github.com/argoproj/argo-cd/v2@* 2827 <span class="list-paths__item__arrow">›</span> 2828 github.com/hashicorp/go-retryablehttp@v0.7.0 2829 2830 </span> 2831 2832 </li> 2833 </ul><!-- .list-paths --> 2834 2835 </div><!-- .card__section --> 2836 2837 <hr/> 2838 <!-- Overview --> 2839 <p>MPL-2.0 license</p> 2840 2841 <hr/> 2842 2843 <div class="cta card__cta"> 2844 <p><a href="https://snyk.io/vuln/snyk:lic:golang:github.com:hashicorp:go-retryablehttp:MPL-2.0">More about this vulnerability</a></p> 2845 </div> 2846 2847 </div><!-- .card --> 2848 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2849 <h2 class="card__title">MPL-2.0 license</h2> 2850 <div class="card__section"> 2851 2852 <div class="label label--medium"> 2853 <span class="label__text">medium severity</span> 2854 </div> 2855 2856 <hr/> 2857 2858 <ul class="card__meta"> 2859 <li class="card__meta__item"> 2860 Package Manager: golang 2861 </li> 2862 <li class="card__meta__item"> 2863 Module: 2864 2865 github.com/hashicorp/go-cleanhttp 2866 </li> 2867 2868 <li class="card__meta__item">Introduced through: 2869 2870 github.com/argoproj/argo-cd/v2@* and github.com/hashicorp/go-cleanhttp@v0.5.2 2871 2872 </li> 2873 </ul> 2874 2875 <hr/> 2876 2877 2878 <h3 class="card__section__title">Detailed paths</h3> 2879 2880 <ul class="card__meta__paths"> 2881 <li> 2882 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2883 github.com/argoproj/argo-cd/v2@* 2884 <span class="list-paths__item__arrow">›</span> 2885 github.com/hashicorp/go-cleanhttp@v0.5.2 2886 2887 </span> 2888 2889 </li> 2890 </ul><!-- .list-paths --> 2891 2892 </div><!-- .card__section --> 2893 2894 <hr/> 2895 <!-- Overview --> 2896 <p>MPL-2.0 license</p> 2897 2898 <hr/> 2899 2900 <div class="cta card__cta"> 2901 <p><a href="https://snyk.io/vuln/snyk:lic:golang:github.com:hashicorp:go-cleanhttp:MPL-2.0">More about this vulnerability</a></p> 2902 </div> 2903 2904 </div><!-- .card --> 2905 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2906 <h2 class="card__title">MPL-2.0 license</h2> 2907 <div class="card__section"> 2908 2909 <div class="label label--medium"> 2910 <span class="label__text">medium severity</span> 2911 </div> 2912 2913 <hr/> 2914 2915 <ul class="card__meta"> 2916 <li class="card__meta__item"> 2917 Package Manager: golang 2918 </li> 2919 <li class="card__meta__item"> 2920 Module: 2921 2922 github.com/gosimple/slug 2923 </li> 2924 2925 <li class="card__meta__item">Introduced through: 2926 2927 github.com/argoproj/argo-cd/v2@* and github.com/gosimple/slug@v1.13.1 2928 2929 </li> 2930 </ul> 2931 2932 <hr/> 2933 2934 2935 <h3 class="card__section__title">Detailed paths</h3> 2936 2937 <ul class="card__meta__paths"> 2938 <li> 2939 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2940 github.com/argoproj/argo-cd/v2@* 2941 <span class="list-paths__item__arrow">›</span> 2942 github.com/gosimple/slug@v1.13.1 2943 2944 </span> 2945 2946 </li> 2947 </ul><!-- .list-paths --> 2948 2949 </div><!-- .card__section --> 2950 2951 <hr/> 2952 <!-- Overview --> 2953 <p>MPL-2.0 license</p> 2954 2955 <hr/> 2956 2957 <div class="cta card__cta"> 2958 <p><a href="https://snyk.io/vuln/snyk:lic:golang:github.com:gosimple:slug:MPL-2.0">More about this vulnerability</a></p> 2959 </div> 2960 2961 </div><!-- .card --> 2962 <div class="card card--vuln disclosure--not-new severity--medium" data-snyk-test="medium"> 2963 <h2 class="card__title">Denial of Service (DoS)</h2> 2964 <div class="card__section"> 2965 2966 <div class="label label--medium"> 2967 <span class="label__text">medium severity</span> 2968 </div> 2969 2970 <hr/> 2971 2972 <ul class="card__meta"> 2973 <li class="card__meta__item"> 2974 Package Manager: golang 2975 </li> 2976 <li class="card__meta__item"> 2977 Vulnerable module: 2978 2979 github.com/docker/distribution/registry/api/v2 2980 </li> 2981 2982 <li class="card__meta__item">Introduced through: 2983 2984 helm.sh/helm/v3@* and github.com/docker/distribution/registry/api/v2@v2.8.1+incompatible 2985 2986 </li> 2987 </ul> 2988 2989 <hr/> 2990 2991 2992 <h3 class="card__section__title">Detailed paths</h3> 2993 2994 <ul class="card__meta__paths"> 2995 <li> 2996 <span class="list-paths__item__introduced"><em>Introduced through</em>: 2997 helm.sh/helm/v3@* 2998 <span class="list-paths__item__arrow">›</span> 2999 github.com/docker/distribution/registry/api/v2@v2.8.1+incompatible 3000 3001 </span> 3002 3003 </li> 3004 </ul><!-- .list-paths --> 3005 3006 </div><!-- .card__section --> 3007 3008 <hr/> 3009 <!-- Overview --> 3010 <h2 id="overview">Overview</h2> 3011 <p>Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper validation of the value passed to the <code>n</code> parameter in the <code>/v2/_catalog</code> endpoint. 3012 Exploiting this vulnerability is possible by sending a crafted malicious request to the <code>/v2/_catalog</code> API endpoint, which results in an allocation of a massive string array and excessive use of memory.</p> 3013 <h2 id="remediation">Remediation</h2> 3014 <p>Upgrade <code>github.com/docker/distribution/registry/api/v2</code> to version 2.8.2-beta.1 or higher.</p> 3015 <h2 id="references">References</h2> 3016 <ul> 3017 <li><a href="https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc">GitHub Commit</a></li> 3018 <li><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2189886">RedHat Bugzilla Bug</a></li> 3019 </ul> 3020 3021 <hr/> 3022 3023 <div class="cta card__cta"> 3024 <p><a href="https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDOCKERDISTRIBUTIONREGISTRYAPIV2-5885037">More about this vulnerability</a></p> 3025 </div> 3026 3027 </div><!-- .card --> 3028 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 3029 <h2 class="card__title">CVE-2022-46908</h2> 3030 <div class="card__section"> 3031 3032 <div class="label label--low"> 3033 <span class="label__text">low severity</span> 3034 </div> 3035 3036 <hr/> 3037 3038 <ul class="card__meta"> 3039 <li class="card__meta__item"> 3040 Package Manager: ubuntu:22.04 3041 </li> 3042 <li class="card__meta__item"> 3043 Vulnerable module: 3044 3045 sqlite3/libsqlite3-0 3046 </li> 3047 3048 <li class="card__meta__item">Introduced through: 3049 3050 3051 docker-image|quay.io/argoproj/argocd@v2.6.15, gnupg2/gpg@2.2.27-3ubuntu2.1 and others 3052 </li> 3053 </ul> 3054 3055 <hr/> 3056 3057 3058 <h3 class="card__section__title">Detailed paths</h3> 3059 3060 <ul class="card__meta__paths"> 3061 <li> 3062 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3063 docker-image|quay.io/argoproj/argocd@v2.6.15 3064 <span class="list-paths__item__arrow">›</span> 3065 gnupg2/gpg@2.2.27-3ubuntu2.1 3066 <span class="list-paths__item__arrow">›</span> 3067 sqlite3/libsqlite3-0@3.37.2-2ubuntu0.1 3068 3069 </span> 3070 3071 </li> 3072 </ul><!-- .list-paths --> 3073 3074 </div><!-- .card__section --> 3075 3076 <hr/> 3077 <!-- Overview --> 3078 <h2 id="nvd-description">NVD Description</h2> 3079 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>sqlite3</code> package and not the <code>sqlite3</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 3080 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 3081 <p>SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.</p> 3082 <h2 id="remediation">Remediation</h2> 3083 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>sqlite3</code>.</p> 3084 <h2 id="references">References</h2> 3085 <ul> 3086 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-46908">ADVISORY</a></li> 3087 <li><a href="https://sqlite.org/src/info/cefc032473ac5ad2">cve@mitre.org</a></li> 3088 <li><a href="https://sqlite.org/forum/forumpost/07beac8056151b2f">cve@mitre.org</a></li> 3089 <li><a href="https://news.ycombinator.com/item?id=33948588">cve@mitre.org</a></li> 3090 <li><a href="https://security.netapp.com/advisory/ntap-20230203-0005/">cve@mitre.org</a></li> 3091 </ul> 3092 3093 <hr/> 3094 3095 <div class="cta card__cta"> 3096 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-SQLITE3-3167716">More about this vulnerability</a></p> 3097 </div> 3098 3099 </div><!-- .card --> 3100 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 3101 <h2 class="card__title">Arbitrary Code Injection</h2> 3102 <div class="card__section"> 3103 3104 <div class="label label--low"> 3105 <span class="label__text">low severity</span> 3106 </div> 3107 3108 <hr/> 3109 3110 <ul class="card__meta"> 3111 <li class="card__meta__item"> 3112 Package Manager: ubuntu:22.04 3113 </li> 3114 <li class="card__meta__item"> 3115 Vulnerable module: 3116 3117 shadow/passwd 3118 </li> 3119 3120 <li class="card__meta__item">Introduced through: 3121 3122 docker-image|quay.io/argoproj/argocd@v2.6.15 and shadow/passwd@1:4.8.1-2ubuntu2.1 3123 3124 </li> 3125 </ul> 3126 3127 <hr/> 3128 3129 3130 <h3 class="card__section__title">Detailed paths</h3> 3131 3132 <ul class="card__meta__paths"> 3133 <li> 3134 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3135 docker-image|quay.io/argoproj/argocd@v2.6.15 3136 <span class="list-paths__item__arrow">›</span> 3137 shadow/passwd@1:4.8.1-2ubuntu2.1 3138 3139 </span> 3140 3141 </li> 3142 <li> 3143 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3144 docker-image|quay.io/argoproj/argocd@v2.6.15 3145 <span class="list-paths__item__arrow">›</span> 3146 adduser@3.118ubuntu5 3147 <span class="list-paths__item__arrow">›</span> 3148 shadow/passwd@1:4.8.1-2ubuntu2.1 3149 3150 </span> 3151 3152 </li> 3153 <li> 3154 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3155 docker-image|quay.io/argoproj/argocd@v2.6.15 3156 <span class="list-paths__item__arrow">›</span> 3157 openssh/openssh-client@1:8.9p1-3ubuntu0.3 3158 <span class="list-paths__item__arrow">›</span> 3159 shadow/passwd@1:4.8.1-2ubuntu2.1 3160 3161 </span> 3162 3163 </li> 3164 <li> 3165 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3166 docker-image|quay.io/argoproj/argocd@v2.6.15 3167 <span class="list-paths__item__arrow">›</span> 3168 shadow/login@1:4.8.1-2ubuntu2.1 3169 3170 </span> 3171 3172 </li> 3173 </ul><!-- .list-paths --> 3174 3175 </div><!-- .card__section --> 3176 3177 <hr/> 3178 <!-- Overview --> 3179 <h2 id="nvd-description">NVD Description</h2> 3180 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>shadow</code> package and not the <code>shadow</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 3181 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 3182 <p>In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.</p> 3183 <h2 id="remediation">Remediation</h2> 3184 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>shadow</code>.</p> 3185 <h2 id="references">References</h2> 3186 <ul> 3187 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-29383">ADVISORY</a></li> 3188 <li><a href="https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d">cve@mitre.org</a></li> 3189 <li><a href="https://github.com/shadow-maint/shadow/pull/687">cve@mitre.org</a></li> 3190 <li><a href="https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/">cve@mitre.org</a></li> 3191 <li><a href="https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797">cve@mitre.org</a></li> 3192 </ul> 3193 3194 <hr/> 3195 3196 <div class="cta card__cta"> 3197 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-SHADOW-5425688">More about this vulnerability</a></p> 3198 </div> 3199 3200 </div><!-- .card --> 3201 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 3202 <h2 class="card__title">Out-of-bounds Write</h2> 3203 <div class="card__section"> 3204 3205 <div class="label label--low"> 3206 <span class="label__text">low severity</span> 3207 </div> 3208 3209 <hr/> 3210 3211 <ul class="card__meta"> 3212 <li class="card__meta__item"> 3213 Package Manager: ubuntu:22.04 3214 </li> 3215 <li class="card__meta__item"> 3216 Vulnerable module: 3217 3218 procps/libprocps8 3219 </li> 3220 3221 <li class="card__meta__item">Introduced through: 3222 3223 docker-image|quay.io/argoproj/argocd@v2.6.15 and procps/libprocps8@2:3.3.17-6ubuntu2 3224 3225 </li> 3226 </ul> 3227 3228 <hr/> 3229 3230 3231 <h3 class="card__section__title">Detailed paths</h3> 3232 3233 <ul class="card__meta__paths"> 3234 <li> 3235 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3236 docker-image|quay.io/argoproj/argocd@v2.6.15 3237 <span class="list-paths__item__arrow">›</span> 3238 procps/libprocps8@2:3.3.17-6ubuntu2 3239 3240 </span> 3241 3242 </li> 3243 <li> 3244 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3245 docker-image|quay.io/argoproj/argocd@v2.6.15 3246 <span class="list-paths__item__arrow">›</span> 3247 procps@2:3.3.17-6ubuntu2 3248 <span class="list-paths__item__arrow">›</span> 3249 procps/libprocps8@2:3.3.17-6ubuntu2 3250 3251 </span> 3252 3253 </li> 3254 <li> 3255 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3256 docker-image|quay.io/argoproj/argocd@v2.6.15 3257 <span class="list-paths__item__arrow">›</span> 3258 procps@2:3.3.17-6ubuntu2 3259 3260 </span> 3261 3262 </li> 3263 </ul><!-- .list-paths --> 3264 3265 </div><!-- .card__section --> 3266 3267 <hr/> 3268 <!-- Overview --> 3269 <h2 id="nvd-description">NVD Description</h2> 3270 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>procps</code> package and not the <code>procps</code> package as distributed by <code>Ubuntu</code>.</em> 3271 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 3272 <p>Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.</p> 3273 <h2 id="remediation">Remediation</h2> 3274 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>procps</code>.</p> 3275 <h2 id="references">References</h2> 3276 <ul> 3277 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-4016">ADVISORY</a></li> 3278 <li><a href="https://gitlab.com/procps-ng/procps">trellixpsirt@trellix.com</a></li> 3279 <li><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/">trellixpsirt@trellix.com</a></li> 3280 </ul> 3281 3282 <hr/> 3283 3284 <div class="cta card__cta"> 3285 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-PROCPS-5816665">More about this vulnerability</a></p> 3286 </div> 3287 3288 </div><!-- .card --> 3289 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 3290 <h2 class="card__title">Uncontrolled Recursion</h2> 3291 <div class="card__section"> 3292 3293 <div class="label label--low"> 3294 <span class="label__text">low severity</span> 3295 </div> 3296 3297 <hr/> 3298 3299 <ul class="card__meta"> 3300 <li class="card__meta__item"> 3301 Package Manager: ubuntu:22.04 3302 </li> 3303 <li class="card__meta__item"> 3304 Vulnerable module: 3305 3306 pcre3/libpcre3 3307 </li> 3308 3309 <li class="card__meta__item">Introduced through: 3310 3311 docker-image|quay.io/argoproj/argocd@v2.6.15 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 3312 3313 </li> 3314 </ul> 3315 3316 <hr/> 3317 3318 3319 <h3 class="card__section__title">Detailed paths</h3> 3320 3321 <ul class="card__meta__paths"> 3322 <li> 3323 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3324 docker-image|quay.io/argoproj/argocd@v2.6.15 3325 <span class="list-paths__item__arrow">›</span> 3326 pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 3327 3328 </span> 3329 3330 </li> 3331 <li> 3332 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3333 docker-image|quay.io/argoproj/argocd@v2.6.15 3334 <span class="list-paths__item__arrow">›</span> 3335 grep@3.7-1build1 3336 <span class="list-paths__item__arrow">›</span> 3337 pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 3338 3339 </span> 3340 3341 </li> 3342 </ul><!-- .list-paths --> 3343 3344 </div><!-- .card__section --> 3345 3346 <hr/> 3347 <!-- Overview --> 3348 <h2 id="nvd-description">NVD Description</h2> 3349 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>pcre3</code> package and not the <code>pcre3</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 3350 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 3351 <p>In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.</p> 3352 <h2 id="remediation">Remediation</h2> 3353 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>pcre3</code>.</p> 3354 <h2 id="references">References</h2> 3355 <ul> 3356 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11164">ADVISORY</a></li> 3357 <li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164">CVE Details</a></li> 3358 <li><a href="https://security-tracker.debian.org/tracker/CVE-2017-11164">Debian Security Tracker</a></li> 3359 <li><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">MLIST</a></li> 3360 <li><a href="http://openwall.com/lists/oss-security/2017/07/11/3">OSS security Advisory</a></li> 3361 <li><a href="http://www.securityfocus.com/bid/99575">Security Focus</a></li> 3362 <li><a href="http://www.openwall.com/lists/oss-security/2023/04/11/1">cve@mitre.org</a></li> 3363 <li><a href="http://www.openwall.com/lists/oss-security/2023/04/12/1">cve@mitre.org</a></li> 3364 </ul> 3365 3366 <hr/> 3367 3368 <div class="cta card__cta"> 3369 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-PCRE3-2799820">More about this vulnerability</a></p> 3370 </div> 3371 3372 </div><!-- .card --> 3373 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 3374 <h2 class="card__title">Release of Invalid Pointer or Reference</h2> 3375 <div class="card__section"> 3376 3377 <div class="label label--low"> 3378 <span class="label__text">low severity</span> 3379 </div> 3380 3381 <hr/> 3382 3383 <ul class="card__meta"> 3384 <li class="card__meta__item"> 3385 Package Manager: ubuntu:22.04 3386 </li> 3387 <li class="card__meta__item"> 3388 Vulnerable module: 3389 3390 patch 3391 </li> 3392 3393 <li class="card__meta__item">Introduced through: 3394 3395 docker-image|quay.io/argoproj/argocd@v2.6.15 and patch@2.7.6-7build2 3396 3397 </li> 3398 </ul> 3399 3400 <hr/> 3401 3402 3403 <h3 class="card__section__title">Detailed paths</h3> 3404 3405 <ul class="card__meta__paths"> 3406 <li> 3407 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3408 docker-image|quay.io/argoproj/argocd@v2.6.15 3409 <span class="list-paths__item__arrow">›</span> 3410 patch@2.7.6-7build2 3411 3412 </span> 3413 3414 </li> 3415 </ul><!-- .list-paths --> 3416 3417 </div><!-- .card__section --> 3418 3419 <hr/> 3420 <!-- Overview --> 3421 <h2 id="nvd-description">NVD Description</h2> 3422 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>patch</code> package and not the <code>patch</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 3423 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 3424 <p>An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.</p> 3425 <h2 id="remediation">Remediation</h2> 3426 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>patch</code>.</p> 3427 <h2 id="references">References</h2> 3428 <ul> 3429 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2021-45261">ADVISORY</a></li> 3430 <li><a href="https://savannah.gnu.org/bugs/?61685">MISC</a></li> 3431 </ul> 3432 3433 <hr/> 3434 3435 <div class="cta card__cta"> 3436 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-PATCH-2780071">More about this vulnerability</a></p> 3437 </div> 3438 3439 </div><!-- .card --> 3440 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 3441 <h2 class="card__title">Double Free</h2> 3442 <div class="card__section"> 3443 3444 <div class="label label--low"> 3445 <span class="label__text">low severity</span> 3446 </div> 3447 3448 <hr/> 3449 3450 <ul class="card__meta"> 3451 <li class="card__meta__item"> 3452 Package Manager: ubuntu:22.04 3453 </li> 3454 <li class="card__meta__item"> 3455 Vulnerable module: 3456 3457 patch 3458 </li> 3459 3460 <li class="card__meta__item">Introduced through: 3461 3462 docker-image|quay.io/argoproj/argocd@v2.6.15 and patch@2.7.6-7build2 3463 3464 </li> 3465 </ul> 3466 3467 <hr/> 3468 3469 3470 <h3 class="card__section__title">Detailed paths</h3> 3471 3472 <ul class="card__meta__paths"> 3473 <li> 3474 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3475 docker-image|quay.io/argoproj/argocd@v2.6.15 3476 <span class="list-paths__item__arrow">›</span> 3477 patch@2.7.6-7build2 3478 3479 </span> 3480 3481 </li> 3482 </ul><!-- .list-paths --> 3483 3484 </div><!-- .card__section --> 3485 3486 <hr/> 3487 <!-- Overview --> 3488 <h2 id="nvd-description">NVD Description</h2> 3489 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>patch</code> package and not the <code>patch</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 3490 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 3491 <p>A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.</p> 3492 <h2 id="remediation">Remediation</h2> 3493 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>patch</code>.</p> 3494 <h2 id="references">References</h2> 3495 <ul> 3496 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6952">ADVISORY</a></li> 3497 <li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952">CVE Details</a></li> 3498 <li><a href="https://security-tracker.debian.org/tracker/CVE-2018-6952">Debian Security Tracker</a></li> 3499 <li><a href="https://security.gentoo.org/glsa/201904-17">Gentoo Security Advisory</a></li> 3500 <li><a href="https://savannah.gnu.org/bugs/index.php?53133">MISC</a></li> 3501 <li><a href="https://access.redhat.com/errata/RHSA-2019:2033">REDHAT</a></li> 3502 <li><a href="http://www.securityfocus.com/bid/103047">Security Focus</a></li> 3503 </ul> 3504 3505 <hr/> 3506 3507 <div class="cta card__cta"> 3508 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-PATCH-2784568">More about this vulnerability</a></p> 3509 </div> 3510 3511 </div><!-- .card --> 3512 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 3513 <h2 class="card__title">Improper Authentication</h2> 3514 <div class="card__section"> 3515 3516 <div class="label label--low"> 3517 <span class="label__text">low severity</span> 3518 </div> 3519 3520 <hr/> 3521 3522 <ul class="card__meta"> 3523 <li class="card__meta__item"> 3524 Package Manager: ubuntu:22.04 3525 </li> 3526 <li class="card__meta__item"> 3527 Vulnerable module: 3528 3529 openssl/libssl3 3530 </li> 3531 3532 <li class="card__meta__item">Introduced through: 3533 3534 docker-image|quay.io/argoproj/argocd@v2.6.15 and openssl/libssl3@3.0.2-0ubuntu1.10 3535 3536 </li> 3537 </ul> 3538 3539 <hr/> 3540 3541 3542 <h3 class="card__section__title">Detailed paths</h3> 3543 3544 <ul class="card__meta__paths"> 3545 <li> 3546 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3547 docker-image|quay.io/argoproj/argocd@v2.6.15 3548 <span class="list-paths__item__arrow">›</span> 3549 openssl/libssl3@3.0.2-0ubuntu1.10 3550 3551 </span> 3552 3553 </li> 3554 <li> 3555 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3556 docker-image|quay.io/argoproj/argocd@v2.6.15 3557 <span class="list-paths__item__arrow">›</span> 3558 cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 3559 <span class="list-paths__item__arrow">›</span> 3560 openssl/libssl3@3.0.2-0ubuntu1.10 3561 3562 </span> 3563 3564 </li> 3565 <li> 3566 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3567 docker-image|quay.io/argoproj/argocd@v2.6.15 3568 <span class="list-paths__item__arrow">›</span> 3569 libfido2/libfido2-1@1.10.0-1 3570 <span class="list-paths__item__arrow">›</span> 3571 openssl/libssl3@3.0.2-0ubuntu1.10 3572 3573 </span> 3574 3575 </li> 3576 <li> 3577 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3578 docker-image|quay.io/argoproj/argocd@v2.6.15 3579 <span class="list-paths__item__arrow">›</span> 3580 openssh/openssh-client@1:8.9p1-3ubuntu0.3 3581 <span class="list-paths__item__arrow">›</span> 3582 openssl/libssl3@3.0.2-0ubuntu1.10 3583 3584 </span> 3585 3586 </li> 3587 <li> 3588 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3589 docker-image|quay.io/argoproj/argocd@v2.6.15 3590 <span class="list-paths__item__arrow">›</span> 3591 ca-certificates@20230311ubuntu0.22.04.1 3592 <span class="list-paths__item__arrow">›</span> 3593 openssl@3.0.2-0ubuntu1.10 3594 <span class="list-paths__item__arrow">›</span> 3595 openssl/libssl3@3.0.2-0ubuntu1.10 3596 3597 </span> 3598 3599 </li> 3600 <li> 3601 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3602 docker-image|quay.io/argoproj/argocd@v2.6.15 3603 <span class="list-paths__item__arrow">›</span> 3604 git@1:2.34.1-1ubuntu1.10 3605 <span class="list-paths__item__arrow">›</span> 3606 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 3607 <span class="list-paths__item__arrow">›</span> 3608 libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 3609 <span class="list-paths__item__arrow">›</span> 3610 openssl/libssl3@3.0.2-0ubuntu1.10 3611 3612 </span> 3613 3614 </li> 3615 <li> 3616 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3617 docker-image|quay.io/argoproj/argocd@v2.6.15 3618 <span class="list-paths__item__arrow">›</span> 3619 adduser@3.118ubuntu5 3620 <span class="list-paths__item__arrow">›</span> 3621 shadow/passwd@1:4.8.1-2ubuntu2.1 3622 <span class="list-paths__item__arrow">›</span> 3623 pam/libpam-modules@1.4.0-11ubuntu2.3 3624 <span class="list-paths__item__arrow">›</span> 3625 libnsl/libnsl2@1.3.0-2build2 3626 <span class="list-paths__item__arrow">›</span> 3627 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 3628 <span class="list-paths__item__arrow">›</span> 3629 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 3630 <span class="list-paths__item__arrow">›</span> 3631 krb5/libkrb5-3@1.19.2-2ubuntu0.2 3632 <span class="list-paths__item__arrow">›</span> 3633 openssl/libssl3@3.0.2-0ubuntu1.10 3634 3635 </span> 3636 3637 </li> 3638 <li> 3639 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3640 docker-image|quay.io/argoproj/argocd@v2.6.15 3641 <span class="list-paths__item__arrow">›</span> 3642 openssl@3.0.2-0ubuntu1.10 3643 3644 </span> 3645 3646 </li> 3647 <li> 3648 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3649 docker-image|quay.io/argoproj/argocd@v2.6.15 3650 <span class="list-paths__item__arrow">›</span> 3651 ca-certificates@20230311ubuntu0.22.04.1 3652 <span class="list-paths__item__arrow">›</span> 3653 openssl@3.0.2-0ubuntu1.10 3654 3655 </span> 3656 3657 </li> 3658 </ul><!-- .list-paths --> 3659 3660 </div><!-- .card__section --> 3661 3662 <hr/> 3663 <!-- Overview --> 3664 <h2 id="nvd-description">NVD Description</h2> 3665 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>openssl</code> package and not the <code>openssl</code> package as distributed by <code>Ubuntu</code>.</em> 3666 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 3667 <p>Issue summary: The AES-SIV cipher implementation contains a bug that causes 3668 it to ignore empty associated data entries which are unauthenticated as 3669 a consequence.</p> 3670 <p>Impact summary: Applications that use the AES-SIV algorithm and want to 3671 authenticate empty data entries as associated data can be mislead by removing 3672 adding or reordering such empty entries as these are ignored by the OpenSSL 3673 implementation. We are currently unaware of any such applications.</p> 3674 <p>The AES-SIV algorithm allows for authentication of multiple associated 3675 data entries along with the encryption. To authenticate empty data the 3676 application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with 3677 NULL pointer as the output buffer and 0 as the input buffer length. 3678 The AES-SIV implementation in OpenSSL just returns success for such a call 3679 instead of performing the associated data authentication operation. 3680 The empty data thus will not be authenticated.</p> 3681 <p>As this issue does not affect non-empty associated data authentication and 3682 we expect it to be rare for an application to use empty associated data 3683 entries this is qualified as Low severity issue.</p> 3684 <h2 id="remediation">Remediation</h2> 3685 <p>Upgrade <code>Ubuntu:22.04</code> <code>openssl</code> to version 3.0.2-0ubuntu1.12 or higher.</p> 3686 <h2 id="references">References</h2> 3687 <ul> 3688 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-2975">ADVISORY</a></li> 3689 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598">openssl-security@openssl.org</a></li> 3690 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc">openssl-security@openssl.org</a></li> 3691 <li><a href="https://www.openssl.org/news/secadv/20230714.txt">openssl-security@openssl.org</a></li> 3692 <li><a href="http://www.openwall.com/lists/oss-security/2023/07/15/1">openssl-security@openssl.org</a></li> 3693 <li><a href="http://www.openwall.com/lists/oss-security/2023/07/19/5">openssl-security@openssl.org</a></li> 3694 <li><a href="https://security.netapp.com/advisory/ntap-20230725-0004/">openssl-security@openssl.org</a></li> 3695 </ul> 3696 3697 <hr/> 3698 3699 <div class="cta card__cta"> 3700 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-OPENSSL-5776816">More about this vulnerability</a></p> 3701 </div> 3702 3703 </div><!-- .card --> 3704 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 3705 <h2 class="card__title">Inefficient Regular Expression Complexity</h2> 3706 <div class="card__section"> 3707 3708 <div class="label label--low"> 3709 <span class="label__text">low severity</span> 3710 </div> 3711 3712 <hr/> 3713 3714 <ul class="card__meta"> 3715 <li class="card__meta__item"> 3716 Package Manager: ubuntu:22.04 3717 </li> 3718 <li class="card__meta__item"> 3719 Vulnerable module: 3720 3721 openssl/libssl3 3722 </li> 3723 3724 <li class="card__meta__item">Introduced through: 3725 3726 docker-image|quay.io/argoproj/argocd@v2.6.15 and openssl/libssl3@3.0.2-0ubuntu1.10 3727 3728 </li> 3729 </ul> 3730 3731 <hr/> 3732 3733 3734 <h3 class="card__section__title">Detailed paths</h3> 3735 3736 <ul class="card__meta__paths"> 3737 <li> 3738 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3739 docker-image|quay.io/argoproj/argocd@v2.6.15 3740 <span class="list-paths__item__arrow">›</span> 3741 openssl/libssl3@3.0.2-0ubuntu1.10 3742 3743 </span> 3744 3745 </li> 3746 <li> 3747 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3748 docker-image|quay.io/argoproj/argocd@v2.6.15 3749 <span class="list-paths__item__arrow">›</span> 3750 cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 3751 <span class="list-paths__item__arrow">›</span> 3752 openssl/libssl3@3.0.2-0ubuntu1.10 3753 3754 </span> 3755 3756 </li> 3757 <li> 3758 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3759 docker-image|quay.io/argoproj/argocd@v2.6.15 3760 <span class="list-paths__item__arrow">›</span> 3761 libfido2/libfido2-1@1.10.0-1 3762 <span class="list-paths__item__arrow">›</span> 3763 openssl/libssl3@3.0.2-0ubuntu1.10 3764 3765 </span> 3766 3767 </li> 3768 <li> 3769 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3770 docker-image|quay.io/argoproj/argocd@v2.6.15 3771 <span class="list-paths__item__arrow">›</span> 3772 openssh/openssh-client@1:8.9p1-3ubuntu0.3 3773 <span class="list-paths__item__arrow">›</span> 3774 openssl/libssl3@3.0.2-0ubuntu1.10 3775 3776 </span> 3777 3778 </li> 3779 <li> 3780 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3781 docker-image|quay.io/argoproj/argocd@v2.6.15 3782 <span class="list-paths__item__arrow">›</span> 3783 ca-certificates@20230311ubuntu0.22.04.1 3784 <span class="list-paths__item__arrow">›</span> 3785 openssl@3.0.2-0ubuntu1.10 3786 <span class="list-paths__item__arrow">›</span> 3787 openssl/libssl3@3.0.2-0ubuntu1.10 3788 3789 </span> 3790 3791 </li> 3792 <li> 3793 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3794 docker-image|quay.io/argoproj/argocd@v2.6.15 3795 <span class="list-paths__item__arrow">›</span> 3796 git@1:2.34.1-1ubuntu1.10 3797 <span class="list-paths__item__arrow">›</span> 3798 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 3799 <span class="list-paths__item__arrow">›</span> 3800 libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 3801 <span class="list-paths__item__arrow">›</span> 3802 openssl/libssl3@3.0.2-0ubuntu1.10 3803 3804 </span> 3805 3806 </li> 3807 <li> 3808 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3809 docker-image|quay.io/argoproj/argocd@v2.6.15 3810 <span class="list-paths__item__arrow">›</span> 3811 adduser@3.118ubuntu5 3812 <span class="list-paths__item__arrow">›</span> 3813 shadow/passwd@1:4.8.1-2ubuntu2.1 3814 <span class="list-paths__item__arrow">›</span> 3815 pam/libpam-modules@1.4.0-11ubuntu2.3 3816 <span class="list-paths__item__arrow">›</span> 3817 libnsl/libnsl2@1.3.0-2build2 3818 <span class="list-paths__item__arrow">›</span> 3819 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 3820 <span class="list-paths__item__arrow">›</span> 3821 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 3822 <span class="list-paths__item__arrow">›</span> 3823 krb5/libkrb5-3@1.19.2-2ubuntu0.2 3824 <span class="list-paths__item__arrow">›</span> 3825 openssl/libssl3@3.0.2-0ubuntu1.10 3826 3827 </span> 3828 3829 </li> 3830 <li> 3831 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3832 docker-image|quay.io/argoproj/argocd@v2.6.15 3833 <span class="list-paths__item__arrow">›</span> 3834 openssl@3.0.2-0ubuntu1.10 3835 3836 </span> 3837 3838 </li> 3839 <li> 3840 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3841 docker-image|quay.io/argoproj/argocd@v2.6.15 3842 <span class="list-paths__item__arrow">›</span> 3843 ca-certificates@20230311ubuntu0.22.04.1 3844 <span class="list-paths__item__arrow">›</span> 3845 openssl@3.0.2-0ubuntu1.10 3846 3847 </span> 3848 3849 </li> 3850 </ul><!-- .list-paths --> 3851 3852 </div><!-- .card__section --> 3853 3854 <hr/> 3855 <!-- Overview --> 3856 <h2 id="nvd-description">NVD Description</h2> 3857 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>openssl</code> package and not the <code>openssl</code> package as distributed by <code>Ubuntu</code>.</em> 3858 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 3859 <p>Issue summary: Checking excessively long DH keys or parameters may be very slow.</p> 3860 <p>Impact summary: Applications that use the functions DH_check(), DH_check_ex() 3861 or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long 3862 delays. Where the key or parameters that are being checked have been obtained 3863 from an untrusted source this may lead to a Denial of Service.</p> 3864 <p>The function DH_check() performs various checks on DH parameters. One of those 3865 checks confirms that the modulus ('p' parameter) is not too large. Trying to use 3866 a very large modulus is slow and OpenSSL will not normally use a modulus which 3867 is over 10,000 bits in length.</p> 3868 <p>However the DH_check() function checks numerous aspects of the key or parameters 3869 that have been supplied. Some of those checks use the supplied modulus value 3870 even if it has already been found to be too large.</p> 3871 <p>An application that calls DH_check() and supplies a key or parameters obtained 3872 from an untrusted source could be vulernable to a Denial of Service attack.</p> 3873 <p>The function DH_check() is itself called by a number of other OpenSSL functions. 3874 An application calling any of those other functions may similarly be affected. 3875 The other functions affected by this are DH_check_ex() and 3876 EVP_PKEY_param_check().</p> 3877 <p>Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications 3878 when using the '-check' option.</p> 3879 <p>The OpenSSL SSL/TLS implementation is not affected by this issue. 3880 The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.</p> 3881 <h2 id="remediation">Remediation</h2> 3882 <p>Upgrade <code>Ubuntu:22.04</code> <code>openssl</code> to version 3.0.2-0ubuntu1.12 or higher.</p> 3883 <h2 id="references">References</h2> 3884 <ul> 3885 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-3446">ADVISORY</a></li> 3886 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb">openssl-security@openssl.org</a></li> 3887 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528">openssl-security@openssl.org</a></li> 3888 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c">openssl-security@openssl.org</a></li> 3889 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23">openssl-security@openssl.org</a></li> 3890 <li><a href="https://www.openssl.org/news/secadv/20230719.txt">openssl-security@openssl.org</a></li> 3891 <li><a href="http://www.openwall.com/lists/oss-security/2023/07/19/4">openssl-security@openssl.org</a></li> 3892 <li><a href="http://www.openwall.com/lists/oss-security/2023/07/19/5">openssl-security@openssl.org</a></li> 3893 <li><a href="http://www.openwall.com/lists/oss-security/2023/07/19/6">openssl-security@openssl.org</a></li> 3894 <li><a href="http://www.openwall.com/lists/oss-security/2023/07/31/1">openssl-security@openssl.org</a></li> 3895 <li><a href="https://security.netapp.com/advisory/ntap-20230803-0011/">openssl-security@openssl.org</a></li> 3896 <li><a href="https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html">openssl-security@openssl.org</a></li> 3897 </ul> 3898 3899 <hr/> 3900 3901 <div class="cta card__cta"> 3902 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-OPENSSL-5786277">More about this vulnerability</a></p> 3903 </div> 3904 3905 </div><!-- .card --> 3906 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 3907 <h2 class="card__title">Excessive Iteration</h2> 3908 <div class="card__section"> 3909 3910 <div class="label label--low"> 3911 <span class="label__text">low severity</span> 3912 </div> 3913 3914 <hr/> 3915 3916 <ul class="card__meta"> 3917 <li class="card__meta__item"> 3918 Package Manager: ubuntu:22.04 3919 </li> 3920 <li class="card__meta__item"> 3921 Vulnerable module: 3922 3923 openssl/libssl3 3924 </li> 3925 3926 <li class="card__meta__item">Introduced through: 3927 3928 docker-image|quay.io/argoproj/argocd@v2.6.15 and openssl/libssl3@3.0.2-0ubuntu1.10 3929 3930 </li> 3931 </ul> 3932 3933 <hr/> 3934 3935 3936 <h3 class="card__section__title">Detailed paths</h3> 3937 3938 <ul class="card__meta__paths"> 3939 <li> 3940 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3941 docker-image|quay.io/argoproj/argocd@v2.6.15 3942 <span class="list-paths__item__arrow">›</span> 3943 openssl/libssl3@3.0.2-0ubuntu1.10 3944 3945 </span> 3946 3947 </li> 3948 <li> 3949 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3950 docker-image|quay.io/argoproj/argocd@v2.6.15 3951 <span class="list-paths__item__arrow">›</span> 3952 cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 3953 <span class="list-paths__item__arrow">›</span> 3954 openssl/libssl3@3.0.2-0ubuntu1.10 3955 3956 </span> 3957 3958 </li> 3959 <li> 3960 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3961 docker-image|quay.io/argoproj/argocd@v2.6.15 3962 <span class="list-paths__item__arrow">›</span> 3963 libfido2/libfido2-1@1.10.0-1 3964 <span class="list-paths__item__arrow">›</span> 3965 openssl/libssl3@3.0.2-0ubuntu1.10 3966 3967 </span> 3968 3969 </li> 3970 <li> 3971 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3972 docker-image|quay.io/argoproj/argocd@v2.6.15 3973 <span class="list-paths__item__arrow">›</span> 3974 openssh/openssh-client@1:8.9p1-3ubuntu0.3 3975 <span class="list-paths__item__arrow">›</span> 3976 openssl/libssl3@3.0.2-0ubuntu1.10 3977 3978 </span> 3979 3980 </li> 3981 <li> 3982 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3983 docker-image|quay.io/argoproj/argocd@v2.6.15 3984 <span class="list-paths__item__arrow">›</span> 3985 ca-certificates@20230311ubuntu0.22.04.1 3986 <span class="list-paths__item__arrow">›</span> 3987 openssl@3.0.2-0ubuntu1.10 3988 <span class="list-paths__item__arrow">›</span> 3989 openssl/libssl3@3.0.2-0ubuntu1.10 3990 3991 </span> 3992 3993 </li> 3994 <li> 3995 <span class="list-paths__item__introduced"><em>Introduced through</em>: 3996 docker-image|quay.io/argoproj/argocd@v2.6.15 3997 <span class="list-paths__item__arrow">›</span> 3998 git@1:2.34.1-1ubuntu1.10 3999 <span class="list-paths__item__arrow">›</span> 4000 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 4001 <span class="list-paths__item__arrow">›</span> 4002 libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 4003 <span class="list-paths__item__arrow">›</span> 4004 openssl/libssl3@3.0.2-0ubuntu1.10 4005 4006 </span> 4007 4008 </li> 4009 <li> 4010 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4011 docker-image|quay.io/argoproj/argocd@v2.6.15 4012 <span class="list-paths__item__arrow">›</span> 4013 adduser@3.118ubuntu5 4014 <span class="list-paths__item__arrow">›</span> 4015 shadow/passwd@1:4.8.1-2ubuntu2.1 4016 <span class="list-paths__item__arrow">›</span> 4017 pam/libpam-modules@1.4.0-11ubuntu2.3 4018 <span class="list-paths__item__arrow">›</span> 4019 libnsl/libnsl2@1.3.0-2build2 4020 <span class="list-paths__item__arrow">›</span> 4021 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 4022 <span class="list-paths__item__arrow">›</span> 4023 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 4024 <span class="list-paths__item__arrow">›</span> 4025 krb5/libkrb5-3@1.19.2-2ubuntu0.2 4026 <span class="list-paths__item__arrow">›</span> 4027 openssl/libssl3@3.0.2-0ubuntu1.10 4028 4029 </span> 4030 4031 </li> 4032 <li> 4033 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4034 docker-image|quay.io/argoproj/argocd@v2.6.15 4035 <span class="list-paths__item__arrow">›</span> 4036 openssl@3.0.2-0ubuntu1.10 4037 4038 </span> 4039 4040 </li> 4041 <li> 4042 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4043 docker-image|quay.io/argoproj/argocd@v2.6.15 4044 <span class="list-paths__item__arrow">›</span> 4045 ca-certificates@20230311ubuntu0.22.04.1 4046 <span class="list-paths__item__arrow">›</span> 4047 openssl@3.0.2-0ubuntu1.10 4048 4049 </span> 4050 4051 </li> 4052 </ul><!-- .list-paths --> 4053 4054 </div><!-- .card__section --> 4055 4056 <hr/> 4057 <!-- Overview --> 4058 <h2 id="nvd-description">NVD Description</h2> 4059 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>openssl</code> package and not the <code>openssl</code> package as distributed by <code>Ubuntu</code>.</em> 4060 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 4061 <p>Issue summary: Checking excessively long DH keys or parameters may be very slow.</p> 4062 <p>Impact summary: Applications that use the functions DH_check(), DH_check_ex() 4063 or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long 4064 delays. Where the key or parameters that are being checked have been obtained 4065 from an untrusted source this may lead to a Denial of Service.</p> 4066 <p>The function DH_check() performs various checks on DH parameters. After fixing 4067 CVE-2023-3446 it was discovered that a large q parameter value can also trigger 4068 an overly long computation during some of these checks. A correct q value, 4069 if present, cannot be larger than the modulus p parameter, thus it is 4070 unnecessary to perform these checks if q is larger than p.</p> 4071 <p>An application that calls DH_check() and supplies a key or parameters obtained 4072 from an untrusted source could be vulnerable to a Denial of Service attack.</p> 4073 <p>The function DH_check() is itself called by a number of other OpenSSL functions. 4074 An application calling any of those other functions may similarly be affected. 4075 The other functions affected by this are DH_check_ex() and 4076 EVP_PKEY_param_check().</p> 4077 <p>Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications 4078 when using the "-check" option.</p> 4079 <p>The OpenSSL SSL/TLS implementation is not affected by this issue.</p> 4080 <p>The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.</p> 4081 <h2 id="remediation">Remediation</h2> 4082 <p>Upgrade <code>Ubuntu:22.04</code> <code>openssl</code> to version 3.0.2-0ubuntu1.12 or higher.</p> 4083 <h2 id="references">References</h2> 4084 <ul> 4085 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-3817">ADVISORY</a></li> 4086 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5">openssl-security@openssl.org</a></li> 4087 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644">openssl-security@openssl.org</a></li> 4088 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f">openssl-security@openssl.org</a></li> 4089 <li><a href="https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5">openssl-security@openssl.org</a></li> 4090 <li><a href="https://www.openssl.org/news/secadv/20230731.txt">openssl-security@openssl.org</a></li> 4091 <li><a href="http://www.openwall.com/lists/oss-security/2023/07/31/1">openssl-security@openssl.org</a></li> 4092 <li><a href="http://seclists.org/fulldisclosure/2023/Jul/43">openssl-security@openssl.org</a></li> 4093 <li><a href="https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html">openssl-security@openssl.org</a></li> 4094 <li><a href="https://security.netapp.com/advisory/ntap-20230818-0014/">openssl-security@openssl.org</a></li> 4095 <li><a href="http://www.openwall.com/lists/oss-security/2023/09/22/9">openssl-security@openssl.org</a></li> 4096 <li><a href="http://www.openwall.com/lists/oss-security/2023/09/22/11">openssl-security@openssl.org</a></li> 4097 <li><a href="https://security.netapp.com/advisory/ntap-20231027-0008/">openssl-security@openssl.org</a></li> 4098 </ul> 4099 4100 <hr/> 4101 4102 <div class="cta card__cta"> 4103 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-OPENSSL-5811825">More about this vulnerability</a></p> 4104 </div> 4105 4106 </div><!-- .card --> 4107 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 4108 <h2 class="card__title">CVE-2023-28531</h2> 4109 <div class="card__section"> 4110 4111 <div class="label label--low"> 4112 <span class="label__text">low severity</span> 4113 </div> 4114 4115 <hr/> 4116 4117 <ul class="card__meta"> 4118 <li class="card__meta__item"> 4119 Package Manager: ubuntu:22.04 4120 </li> 4121 <li class="card__meta__item"> 4122 Vulnerable module: 4123 4124 openssh/openssh-client 4125 </li> 4126 4127 <li class="card__meta__item">Introduced through: 4128 4129 docker-image|quay.io/argoproj/argocd@v2.6.15 and openssh/openssh-client@1:8.9p1-3ubuntu0.3 4130 4131 </li> 4132 </ul> 4133 4134 <hr/> 4135 4136 4137 <h3 class="card__section__title">Detailed paths</h3> 4138 4139 <ul class="card__meta__paths"> 4140 <li> 4141 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4142 docker-image|quay.io/argoproj/argocd@v2.6.15 4143 <span class="list-paths__item__arrow">›</span> 4144 openssh/openssh-client@1:8.9p1-3ubuntu0.3 4145 4146 </span> 4147 4148 </li> 4149 </ul><!-- .list-paths --> 4150 4151 </div><!-- .card__section --> 4152 4153 <hr/> 4154 <!-- Overview --> 4155 <h2 id="nvd-description">NVD Description</h2> 4156 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>openssh</code> package and not the <code>openssh</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 4157 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 4158 <p>ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.</p> 4159 <h2 id="remediation">Remediation</h2> 4160 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>openssh</code>.</p> 4161 <h2 id="references">References</h2> 4162 <ul> 4163 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-28531">ADVISORY</a></li> 4164 <li><a href="https://www.openwall.com/lists/oss-security/2023/03/15/8">cve@mitre.org</a></li> 4165 <li><a href="https://security.netapp.com/advisory/ntap-20230413-0008/">cve@mitre.org</a></li> 4166 <li><a href="https://security.gentoo.org/glsa/202307-01">cve@mitre.org</a></li> 4167 </ul> 4168 4169 <hr/> 4170 4171 <div class="cta card__cta"> 4172 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-OPENSSH-3367022">More about this vulnerability</a></p> 4173 </div> 4174 4175 </div><!-- .card --> 4176 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 4177 <h2 class="card__title">NULL Pointer Dereference</h2> 4178 <div class="card__section"> 4179 4180 <div class="label label--low"> 4181 <span class="label__text">low severity</span> 4182 </div> 4183 4184 <hr/> 4185 4186 <ul class="card__meta"> 4187 <li class="card__meta__item"> 4188 Package Manager: ubuntu:22.04 4189 </li> 4190 <li class="card__meta__item"> 4191 Vulnerable module: 4192 4193 openldap/libldap-2.5-0 4194 </li> 4195 4196 <li class="card__meta__item">Introduced through: 4197 4198 4199 docker-image|quay.io/argoproj/argocd@v2.6.15, gnupg2/dirmngr@2.2.27-3ubuntu2.1 and others 4200 </li> 4201 </ul> 4202 4203 <hr/> 4204 4205 4206 <h3 class="card__section__title">Detailed paths</h3> 4207 4208 <ul class="card__meta__paths"> 4209 <li> 4210 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4211 docker-image|quay.io/argoproj/argocd@v2.6.15 4212 <span class="list-paths__item__arrow">›</span> 4213 gnupg2/dirmngr@2.2.27-3ubuntu2.1 4214 <span class="list-paths__item__arrow">›</span> 4215 openldap/libldap-2.5-0@2.5.16+dfsg-0ubuntu0.22.04.1 4216 4217 </span> 4218 4219 </li> 4220 <li> 4221 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4222 docker-image|quay.io/argoproj/argocd@v2.6.15 4223 <span class="list-paths__item__arrow">›</span> 4224 git@1:2.34.1-1ubuntu1.10 4225 <span class="list-paths__item__arrow">›</span> 4226 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 4227 <span class="list-paths__item__arrow">›</span> 4228 openldap/libldap-2.5-0@2.5.16+dfsg-0ubuntu0.22.04.1 4229 4230 </span> 4231 4232 </li> 4233 <li> 4234 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4235 docker-image|quay.io/argoproj/argocd@v2.6.15 4236 <span class="list-paths__item__arrow">›</span> 4237 openldap/libldap-common@2.5.16+dfsg-0ubuntu0.22.04.1 4238 4239 </span> 4240 4241 </li> 4242 </ul><!-- .list-paths --> 4243 4244 </div><!-- .card__section --> 4245 4246 <hr/> 4247 <!-- Overview --> 4248 <h2 id="nvd-description">NVD Description</h2> 4249 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>openldap</code> package and not the <code>openldap</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 4250 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 4251 <p>A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.</p> 4252 <h2 id="remediation">Remediation</h2> 4253 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>openldap</code>.</p> 4254 <h2 id="references">References</h2> 4255 <ul> 4256 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-2953">ADVISORY</a></li> 4257 <li><a href="https://access.redhat.com/security/cve/CVE-2023-2953">secalert@redhat.com</a></li> 4258 <li><a href="https://bugs.openldap.org/show_bug.cgi?id=9904">secalert@redhat.com</a></li> 4259 <li><a href="https://security.netapp.com/advisory/ntap-20230703-0005/">secalert@redhat.com</a></li> 4260 <li><a href="https://support.apple.com/kb/HT213843">secalert@redhat.com</a></li> 4261 <li><a href="https://support.apple.com/kb/HT213844">secalert@redhat.com</a></li> 4262 <li><a href="https://support.apple.com/kb/HT213845">secalert@redhat.com</a></li> 4263 <li><a href="http://seclists.org/fulldisclosure/2023/Jul/47">secalert@redhat.com</a></li> 4264 <li><a href="http://seclists.org/fulldisclosure/2023/Jul/48">secalert@redhat.com</a></li> 4265 <li><a href="http://seclists.org/fulldisclosure/2023/Jul/52">secalert@redhat.com</a></li> 4266 </ul> 4267 4268 <hr/> 4269 4270 <div class="cta card__cta"> 4271 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-OPENLDAP-5661784">More about this vulnerability</a></p> 4272 </div> 4273 4274 </div><!-- .card --> 4275 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 4276 <h2 class="card__title">Resource Exhaustion</h2> 4277 <div class="card__section"> 4278 4279 <div class="label label--low"> 4280 <span class="label__text">low severity</span> 4281 </div> 4282 4283 <hr/> 4284 4285 <ul class="card__meta"> 4286 <li class="card__meta__item"> 4287 Package Manager: ubuntu:22.04 4288 </li> 4289 <li class="card__meta__item"> 4290 Vulnerable module: 4291 4292 libzstd/libzstd1 4293 </li> 4294 4295 <li class="card__meta__item">Introduced through: 4296 4297 docker-image|quay.io/argoproj/argocd@v2.6.15 and libzstd/libzstd1@1.4.8+dfsg-3build1 4298 4299 </li> 4300 </ul> 4301 4302 <hr/> 4303 4304 4305 <h3 class="card__section__title">Detailed paths</h3> 4306 4307 <ul class="card__meta__paths"> 4308 <li> 4309 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4310 docker-image|quay.io/argoproj/argocd@v2.6.15 4311 <span class="list-paths__item__arrow">›</span> 4312 libzstd/libzstd1@1.4.8+dfsg-3build1 4313 4314 </span> 4315 4316 </li> 4317 </ul><!-- .list-paths --> 4318 4319 </div><!-- .card__section --> 4320 4321 <hr/> 4322 <!-- Overview --> 4323 <h2 id="nvd-description">NVD Description</h2> 4324 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>libzstd</code> package and not the <code>libzstd</code> package as distributed by <code>Ubuntu</code>.</em> 4325 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 4326 <p>A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.</p> 4327 <h2 id="remediation">Remediation</h2> 4328 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>libzstd</code>.</p> 4329 <h2 id="references">References</h2> 4330 <ul> 4331 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-4899">ADVISORY</a></li> 4332 <li><a href="https://github.com/facebook/zstd/issues/3200">secalert@redhat.com</a></li> 4333 <li><a href="https://security.netapp.com/advisory/ntap-20230725-0005/">secalert@redhat.com</a></li> 4334 <li><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/">secalert@redhat.com</a></li> 4335 <li><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/">secalert@redhat.com</a></li> 4336 <li><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/">secalert@redhat.com</a></li> 4337 </ul> 4338 4339 <hr/> 4340 4341 <div class="cta card__cta"> 4342 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-LIBZSTD-3368800">More about this vulnerability</a></p> 4343 </div> 4344 4345 </div><!-- .card --> 4346 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 4347 <h2 class="card__title">Integer Overflow or Wraparound</h2> 4348 <div class="card__section"> 4349 4350 <div class="label label--low"> 4351 <span class="label__text">low severity</span> 4352 </div> 4353 4354 <hr/> 4355 4356 <ul class="card__meta"> 4357 <li class="card__meta__item"> 4358 Package Manager: ubuntu:22.04 4359 </li> 4360 <li class="card__meta__item"> 4361 Vulnerable module: 4362 4363 krb5/libk5crypto3 4364 </li> 4365 4366 <li class="card__meta__item">Introduced through: 4367 4368 docker-image|quay.io/argoproj/argocd@v2.6.15 and krb5/libk5crypto3@1.19.2-2ubuntu0.2 4369 4370 </li> 4371 </ul> 4372 4373 <hr/> 4374 4375 4376 <h3 class="card__section__title">Detailed paths</h3> 4377 4378 <ul class="card__meta__paths"> 4379 <li> 4380 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4381 docker-image|quay.io/argoproj/argocd@v2.6.15 4382 <span class="list-paths__item__arrow">›</span> 4383 krb5/libk5crypto3@1.19.2-2ubuntu0.2 4384 4385 </span> 4386 4387 </li> 4388 <li> 4389 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4390 docker-image|quay.io/argoproj/argocd@v2.6.15 4391 <span class="list-paths__item__arrow">›</span> 4392 adduser@3.118ubuntu5 4393 <span class="list-paths__item__arrow">›</span> 4394 shadow/passwd@1:4.8.1-2ubuntu2.1 4395 <span class="list-paths__item__arrow">›</span> 4396 pam/libpam-modules@1.4.0-11ubuntu2.3 4397 <span class="list-paths__item__arrow">›</span> 4398 libnsl/libnsl2@1.3.0-2build2 4399 <span class="list-paths__item__arrow">›</span> 4400 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 4401 <span class="list-paths__item__arrow">›</span> 4402 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 4403 <span class="list-paths__item__arrow">›</span> 4404 krb5/libk5crypto3@1.19.2-2ubuntu0.2 4405 4406 </span> 4407 4408 </li> 4409 <li> 4410 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4411 docker-image|quay.io/argoproj/argocd@v2.6.15 4412 <span class="list-paths__item__arrow">›</span> 4413 adduser@3.118ubuntu5 4414 <span class="list-paths__item__arrow">›</span> 4415 shadow/passwd@1:4.8.1-2ubuntu2.1 4416 <span class="list-paths__item__arrow">›</span> 4417 pam/libpam-modules@1.4.0-11ubuntu2.3 4418 <span class="list-paths__item__arrow">›</span> 4419 libnsl/libnsl2@1.3.0-2build2 4420 <span class="list-paths__item__arrow">›</span> 4421 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 4422 <span class="list-paths__item__arrow">›</span> 4423 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 4424 <span class="list-paths__item__arrow">›</span> 4425 krb5/libkrb5-3@1.19.2-2ubuntu0.2 4426 <span class="list-paths__item__arrow">›</span> 4427 krb5/libk5crypto3@1.19.2-2ubuntu0.2 4428 4429 </span> 4430 4431 </li> 4432 <li> 4433 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4434 docker-image|quay.io/argoproj/argocd@v2.6.15 4435 <span class="list-paths__item__arrow">›</span> 4436 krb5/libkrb5-3@1.19.2-2ubuntu0.2 4437 4438 </span> 4439 4440 </li> 4441 <li> 4442 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4443 docker-image|quay.io/argoproj/argocd@v2.6.15 4444 <span class="list-paths__item__arrow">›</span> 4445 adduser@3.118ubuntu5 4446 <span class="list-paths__item__arrow">›</span> 4447 shadow/passwd@1:4.8.1-2ubuntu2.1 4448 <span class="list-paths__item__arrow">›</span> 4449 pam/libpam-modules@1.4.0-11ubuntu2.3 4450 <span class="list-paths__item__arrow">›</span> 4451 libnsl/libnsl2@1.3.0-2build2 4452 <span class="list-paths__item__arrow">›</span> 4453 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 4454 <span class="list-paths__item__arrow">›</span> 4455 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 4456 <span class="list-paths__item__arrow">›</span> 4457 krb5/libkrb5-3@1.19.2-2ubuntu0.2 4458 4459 </span> 4460 4461 </li> 4462 <li> 4463 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4464 docker-image|quay.io/argoproj/argocd@v2.6.15 4465 <span class="list-paths__item__arrow">›</span> 4466 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 4467 4468 </span> 4469 4470 </li> 4471 <li> 4472 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4473 docker-image|quay.io/argoproj/argocd@v2.6.15 4474 <span class="list-paths__item__arrow">›</span> 4475 openssh/openssh-client@1:8.9p1-3ubuntu0.3 4476 <span class="list-paths__item__arrow">›</span> 4477 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 4478 4479 </span> 4480 4481 </li> 4482 <li> 4483 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4484 docker-image|quay.io/argoproj/argocd@v2.6.15 4485 <span class="list-paths__item__arrow">›</span> 4486 git@1:2.34.1-1ubuntu1.10 4487 <span class="list-paths__item__arrow">›</span> 4488 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 4489 <span class="list-paths__item__arrow">›</span> 4490 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 4491 4492 </span> 4493 4494 </li> 4495 <li> 4496 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4497 docker-image|quay.io/argoproj/argocd@v2.6.15 4498 <span class="list-paths__item__arrow">›</span> 4499 git@1:2.34.1-1ubuntu1.10 4500 <span class="list-paths__item__arrow">›</span> 4501 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 4502 <span class="list-paths__item__arrow">›</span> 4503 libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 4504 <span class="list-paths__item__arrow">›</span> 4505 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 4506 4507 </span> 4508 4509 </li> 4510 <li> 4511 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4512 docker-image|quay.io/argoproj/argocd@v2.6.15 4513 <span class="list-paths__item__arrow">›</span> 4514 adduser@3.118ubuntu5 4515 <span class="list-paths__item__arrow">›</span> 4516 shadow/passwd@1:4.8.1-2ubuntu2.1 4517 <span class="list-paths__item__arrow">›</span> 4518 pam/libpam-modules@1.4.0-11ubuntu2.3 4519 <span class="list-paths__item__arrow">›</span> 4520 libnsl/libnsl2@1.3.0-2build2 4521 <span class="list-paths__item__arrow">›</span> 4522 libtirpc/libtirpc3@1.3.2-2ubuntu0.1 4523 <span class="list-paths__item__arrow">›</span> 4524 krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 4525 4526 </span> 4527 4528 </li> 4529 <li> 4530 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4531 docker-image|quay.io/argoproj/argocd@v2.6.15 4532 <span class="list-paths__item__arrow">›</span> 4533 krb5/libkrb5support0@1.19.2-2ubuntu0.2 4534 4535 </span> 4536 4537 </li> 4538 </ul><!-- .list-paths --> 4539 4540 </div><!-- .card__section --> 4541 4542 <hr/> 4543 <!-- Overview --> 4544 <h2 id="nvd-description">NVD Description</h2> 4545 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>krb5</code> package and not the <code>krb5</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 4546 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 4547 <p>An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.</p> 4548 <h2 id="remediation">Remediation</h2> 4549 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>krb5</code>.</p> 4550 <h2 id="references">References</h2> 4551 <ul> 4552 <li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709">CVE Details</a></li> 4553 <li><a href="https://security-tracker.debian.org/tracker/CVE-2018-5709">Debian Security Tracker</a></li> 4554 <li><a href="https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow">GitHub Additional Information</a></li> 4555 <li><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">MLIST</a></li> 4556 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-5709">Ubuntu CVE Tracker</a></li> 4557 </ul> 4558 4559 <hr/> 4560 4561 <div class="cta card__cta"> 4562 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-KRB5-2797765">More about this vulnerability</a></p> 4563 </div> 4564 4565 </div><!-- .card --> 4566 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 4567 <h2 class="card__title">Out-of-bounds Write</h2> 4568 <div class="card__section"> 4569 4570 <div class="label label--low"> 4571 <span class="label__text">low severity</span> 4572 </div> 4573 4574 <hr/> 4575 4576 <ul class="card__meta"> 4577 <li class="card__meta__item"> 4578 Package Manager: ubuntu:22.04 4579 </li> 4580 <li class="card__meta__item"> 4581 Vulnerable module: 4582 4583 gnupg2/gpgv 4584 </li> 4585 4586 <li class="card__meta__item">Introduced through: 4587 4588 docker-image|quay.io/argoproj/argocd@v2.6.15 and gnupg2/gpgv@2.2.27-3ubuntu2.1 4589 4590 </li> 4591 </ul> 4592 4593 <hr/> 4594 4595 4596 <h3 class="card__section__title">Detailed paths</h3> 4597 4598 <ul class="card__meta__paths"> 4599 <li> 4600 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4601 docker-image|quay.io/argoproj/argocd@v2.6.15 4602 <span class="list-paths__item__arrow">›</span> 4603 gnupg2/gpgv@2.2.27-3ubuntu2.1 4604 4605 </span> 4606 4607 </li> 4608 <li> 4609 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4610 docker-image|quay.io/argoproj/argocd@v2.6.15 4611 <span class="list-paths__item__arrow">›</span> 4612 apt@2.4.10 4613 <span class="list-paths__item__arrow">›</span> 4614 gnupg2/gpgv@2.2.27-3ubuntu2.1 4615 4616 </span> 4617 4618 </li> 4619 <li> 4620 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4621 docker-image|quay.io/argoproj/argocd@v2.6.15 4622 <span class="list-paths__item__arrow">›</span> 4623 gnupg2/gnupg@2.2.27-3ubuntu2.1 4624 <span class="list-paths__item__arrow">›</span> 4625 gnupg2/gpgv@2.2.27-3ubuntu2.1 4626 4627 </span> 4628 4629 </li> 4630 <li> 4631 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4632 docker-image|quay.io/argoproj/argocd@v2.6.15 4633 <span class="list-paths__item__arrow">›</span> 4634 gnupg2/dirmngr@2.2.27-3ubuntu2.1 4635 <span class="list-paths__item__arrow">›</span> 4636 gnupg2/gpgconf@2.2.27-3ubuntu2.1 4637 4638 </span> 4639 4640 </li> 4641 <li> 4642 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4643 docker-image|quay.io/argoproj/argocd@v2.6.15 4644 <span class="list-paths__item__arrow">›</span> 4645 gnupg2/gpg@2.2.27-3ubuntu2.1 4646 <span class="list-paths__item__arrow">›</span> 4647 gnupg2/gpgconf@2.2.27-3ubuntu2.1 4648 4649 </span> 4650 4651 </li> 4652 <li> 4653 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4654 docker-image|quay.io/argoproj/argocd@v2.6.15 4655 <span class="list-paths__item__arrow">›</span> 4656 gnupg2/gnupg@2.2.27-3ubuntu2.1 4657 <span class="list-paths__item__arrow">›</span> 4658 gnupg2/gpg-agent@2.2.27-3ubuntu2.1 4659 <span class="list-paths__item__arrow">›</span> 4660 gnupg2/gpgconf@2.2.27-3ubuntu2.1 4661 4662 </span> 4663 4664 </li> 4665 <li> 4666 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4667 docker-image|quay.io/argoproj/argocd@v2.6.15 4668 <span class="list-paths__item__arrow">›</span> 4669 gnupg2/gnupg@2.2.27-3ubuntu2.1 4670 <span class="list-paths__item__arrow">›</span> 4671 gnupg2/gpgsm@2.2.27-3ubuntu2.1 4672 <span class="list-paths__item__arrow">›</span> 4673 gnupg2/gpgconf@2.2.27-3ubuntu2.1 4674 4675 </span> 4676 4677 </li> 4678 <li> 4679 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4680 docker-image|quay.io/argoproj/argocd@v2.6.15 4681 <span class="list-paths__item__arrow">›</span> 4682 gnupg2/dirmngr@2.2.27-3ubuntu2.1 4683 4684 </span> 4685 4686 </li> 4687 <li> 4688 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4689 docker-image|quay.io/argoproj/argocd@v2.6.15 4690 <span class="list-paths__item__arrow">›</span> 4691 gnupg2/gnupg@2.2.27-3ubuntu2.1 4692 <span class="list-paths__item__arrow">›</span> 4693 gnupg2/dirmngr@2.2.27-3ubuntu2.1 4694 4695 </span> 4696 4697 </li> 4698 <li> 4699 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4700 docker-image|quay.io/argoproj/argocd@v2.6.15 4701 <span class="list-paths__item__arrow">›</span> 4702 gnupg2/gnupg@2.2.27-3ubuntu2.1 4703 <span class="list-paths__item__arrow">›</span> 4704 gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 4705 <span class="list-paths__item__arrow">›</span> 4706 gnupg2/dirmngr@2.2.27-3ubuntu2.1 4707 4708 </span> 4709 4710 </li> 4711 <li> 4712 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4713 docker-image|quay.io/argoproj/argocd@v2.6.15 4714 <span class="list-paths__item__arrow">›</span> 4715 gnupg2/gnupg-l10n@2.2.27-3ubuntu2.1 4716 4717 </span> 4718 4719 </li> 4720 <li> 4721 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4722 docker-image|quay.io/argoproj/argocd@v2.6.15 4723 <span class="list-paths__item__arrow">›</span> 4724 gnupg2/gnupg@2.2.27-3ubuntu2.1 4725 <span class="list-paths__item__arrow">›</span> 4726 gnupg2/gnupg-l10n@2.2.27-3ubuntu2.1 4727 4728 </span> 4729 4730 </li> 4731 <li> 4732 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4733 docker-image|quay.io/argoproj/argocd@v2.6.15 4734 <span class="list-paths__item__arrow">›</span> 4735 gnupg2/gnupg-utils@2.2.27-3ubuntu2.1 4736 4737 </span> 4738 4739 </li> 4740 <li> 4741 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4742 docker-image|quay.io/argoproj/argocd@v2.6.15 4743 <span class="list-paths__item__arrow">›</span> 4744 gnupg2/gnupg@2.2.27-3ubuntu2.1 4745 <span class="list-paths__item__arrow">›</span> 4746 gnupg2/gnupg-utils@2.2.27-3ubuntu2.1 4747 4748 </span> 4749 4750 </li> 4751 <li> 4752 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4753 docker-image|quay.io/argoproj/argocd@v2.6.15 4754 <span class="list-paths__item__arrow">›</span> 4755 gnupg2/gpg@2.2.27-3ubuntu2.1 4756 4757 </span> 4758 4759 </li> 4760 <li> 4761 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4762 docker-image|quay.io/argoproj/argocd@v2.6.15 4763 <span class="list-paths__item__arrow">›</span> 4764 gnupg2/gnupg@2.2.27-3ubuntu2.1 4765 <span class="list-paths__item__arrow">›</span> 4766 gnupg2/gpg@2.2.27-3ubuntu2.1 4767 4768 </span> 4769 4770 </li> 4771 <li> 4772 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4773 docker-image|quay.io/argoproj/argocd@v2.6.15 4774 <span class="list-paths__item__arrow">›</span> 4775 gnupg2/gnupg@2.2.27-3ubuntu2.1 4776 <span class="list-paths__item__arrow">›</span> 4777 gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 4778 <span class="list-paths__item__arrow">›</span> 4779 gnupg2/gpg@2.2.27-3ubuntu2.1 4780 4781 </span> 4782 4783 </li> 4784 <li> 4785 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4786 docker-image|quay.io/argoproj/argocd@v2.6.15 4787 <span class="list-paths__item__arrow">›</span> 4788 gnupg2/gnupg@2.2.27-3ubuntu2.1 4789 <span class="list-paths__item__arrow">›</span> 4790 gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 4791 <span class="list-paths__item__arrow">›</span> 4792 gnupg2/gpg@2.2.27-3ubuntu2.1 4793 4794 </span> 4795 4796 </li> 4797 <li> 4798 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4799 docker-image|quay.io/argoproj/argocd@v2.6.15 4800 <span class="list-paths__item__arrow">›</span> 4801 gnupg2/gpg-agent@2.2.27-3ubuntu2.1 4802 4803 </span> 4804 4805 </li> 4806 <li> 4807 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4808 docker-image|quay.io/argoproj/argocd@v2.6.15 4809 <span class="list-paths__item__arrow">›</span> 4810 gnupg2/gnupg@2.2.27-3ubuntu2.1 4811 <span class="list-paths__item__arrow">›</span> 4812 gnupg2/gpg-agent@2.2.27-3ubuntu2.1 4813 4814 </span> 4815 4816 </li> 4817 <li> 4818 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4819 docker-image|quay.io/argoproj/argocd@v2.6.15 4820 <span class="list-paths__item__arrow">›</span> 4821 gnupg2/gnupg@2.2.27-3ubuntu2.1 4822 <span class="list-paths__item__arrow">›</span> 4823 gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 4824 <span class="list-paths__item__arrow">›</span> 4825 gnupg2/gpg-agent@2.2.27-3ubuntu2.1 4826 4827 </span> 4828 4829 </li> 4830 <li> 4831 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4832 docker-image|quay.io/argoproj/argocd@v2.6.15 4833 <span class="list-paths__item__arrow">›</span> 4834 gnupg2/gnupg@2.2.27-3ubuntu2.1 4835 <span class="list-paths__item__arrow">›</span> 4836 gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 4837 <span class="list-paths__item__arrow">›</span> 4838 gnupg2/gpg-agent@2.2.27-3ubuntu2.1 4839 4840 </span> 4841 4842 </li> 4843 <li> 4844 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4845 docker-image|quay.io/argoproj/argocd@v2.6.15 4846 <span class="list-paths__item__arrow">›</span> 4847 gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 4848 4849 </span> 4850 4851 </li> 4852 <li> 4853 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4854 docker-image|quay.io/argoproj/argocd@v2.6.15 4855 <span class="list-paths__item__arrow">›</span> 4856 gnupg2/gnupg@2.2.27-3ubuntu2.1 4857 <span class="list-paths__item__arrow">›</span> 4858 gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 4859 4860 </span> 4861 4862 </li> 4863 <li> 4864 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4865 docker-image|quay.io/argoproj/argocd@v2.6.15 4866 <span class="list-paths__item__arrow">›</span> 4867 gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 4868 4869 </span> 4870 4871 </li> 4872 <li> 4873 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4874 docker-image|quay.io/argoproj/argocd@v2.6.15 4875 <span class="list-paths__item__arrow">›</span> 4876 gnupg2/gnupg@2.2.27-3ubuntu2.1 4877 <span class="list-paths__item__arrow">›</span> 4878 gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 4879 4880 </span> 4881 4882 </li> 4883 <li> 4884 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4885 docker-image|quay.io/argoproj/argocd@v2.6.15 4886 <span class="list-paths__item__arrow">›</span> 4887 gnupg2/gpgsm@2.2.27-3ubuntu2.1 4888 4889 </span> 4890 4891 </li> 4892 <li> 4893 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4894 docker-image|quay.io/argoproj/argocd@v2.6.15 4895 <span class="list-paths__item__arrow">›</span> 4896 gnupg2/gnupg@2.2.27-3ubuntu2.1 4897 <span class="list-paths__item__arrow">›</span> 4898 gnupg2/gpgsm@2.2.27-3ubuntu2.1 4899 4900 </span> 4901 4902 </li> 4903 <li> 4904 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4905 docker-image|quay.io/argoproj/argocd@v2.6.15 4906 <span class="list-paths__item__arrow">›</span> 4907 gnupg2/gnupg@2.2.27-3ubuntu2.1 4908 4909 </span> 4910 4911 </li> 4912 </ul><!-- .list-paths --> 4913 4914 </div><!-- .card__section --> 4915 4916 <hr/> 4917 <!-- Overview --> 4918 <h2 id="nvd-description">NVD Description</h2> 4919 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>gnupg2</code> package and not the <code>gnupg2</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 4920 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 4921 <p>GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.</p> 4922 <h2 id="remediation">Remediation</h2> 4923 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>gnupg2</code>.</p> 4924 <h2 id="references">References</h2> 4925 <ul> 4926 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-3219">ADVISORY</a></li> 4927 <li><a href="https://access.redhat.com/security/cve/CVE-2022-3219">secalert@redhat.com</a></li> 4928 <li><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2127010">secalert@redhat.com</a></li> 4929 <li><a href="https://dev.gnupg.org/D556">secalert@redhat.com</a></li> 4930 <li><a href="https://dev.gnupg.org/T5993">secalert@redhat.com</a></li> 4931 <li><a href="https://marc.info/?l=oss-security&m=165696590211434&w=4">secalert@redhat.com</a></li> 4932 <li><a href="https://security.netapp.com/advisory/ntap-20230324-0001/">secalert@redhat.com</a></li> 4933 </ul> 4934 4935 <hr/> 4936 4937 <div class="cta card__cta"> 4938 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-GNUPG2-3035409">More about this vulnerability</a></p> 4939 </div> 4940 4941 </div><!-- .card --> 4942 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 4943 <h2 class="card__title">Allocation of Resources Without Limits or Throttling</h2> 4944 <div class="card__section"> 4945 4946 <div class="label label--low"> 4947 <span class="label__text">low severity</span> 4948 </div> 4949 4950 <hr/> 4951 4952 <ul class="card__meta"> 4953 <li class="card__meta__item"> 4954 Package Manager: ubuntu:22.04 4955 </li> 4956 <li class="card__meta__item"> 4957 Vulnerable module: 4958 4959 glibc/libc-bin 4960 </li> 4961 4962 <li class="card__meta__item">Introduced through: 4963 4964 docker-image|quay.io/argoproj/argocd@v2.6.15 and glibc/libc-bin@2.35-0ubuntu3.1 4965 4966 </li> 4967 </ul> 4968 4969 <hr/> 4970 4971 4972 <h3 class="card__section__title">Detailed paths</h3> 4973 4974 <ul class="card__meta__paths"> 4975 <li> 4976 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4977 docker-image|quay.io/argoproj/argocd@v2.6.15 4978 <span class="list-paths__item__arrow">›</span> 4979 glibc/libc-bin@2.35-0ubuntu3.1 4980 4981 </span> 4982 4983 </li> 4984 <li> 4985 <span class="list-paths__item__introduced"><em>Introduced through</em>: 4986 docker-image|quay.io/argoproj/argocd@v2.6.15 4987 <span class="list-paths__item__arrow">›</span> 4988 glibc/libc6@2.35-0ubuntu3.1 4989 4990 </span> 4991 4992 </li> 4993 </ul><!-- .list-paths --> 4994 4995 </div><!-- .card__section --> 4996 4997 <hr/> 4998 <!-- Overview --> 4999 <h2 id="nvd-description">NVD Description</h2> 5000 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>glibc</code> package and not the <code>glibc</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 5001 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 5002 <p>sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.</p> 5003 <h2 id="remediation">Remediation</h2> 5004 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>glibc</code>.</p> 5005 <h2 id="references">References</h2> 5006 <ul> 5007 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-20013">ADVISORY</a></li> 5008 <li><a href="https://twitter.com/solardiz/status/795601240151457793">cve@mitre.org</a></li> 5009 <li><a href="https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/">cve@mitre.org</a></li> 5010 <li><a href="https://akkadia.org/drepper/SHA-crypt.txt">cve@mitre.org</a></li> 5011 </ul> 5012 5013 <hr/> 5014 5015 <div class="cta card__cta"> 5016 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-GLIBC-2801292">More about this vulnerability</a></p> 5017 </div> 5018 5019 </div><!-- .card --> 5020 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 5021 <h2 class="card__title">Improper Input Validation</h2> 5022 <div class="card__section"> 5023 5024 <div class="label label--low"> 5025 <span class="label__text">low severity</span> 5026 </div> 5027 5028 <hr/> 5029 5030 <ul class="card__meta"> 5031 <li class="card__meta__item"> 5032 Package Manager: ubuntu:22.04 5033 </li> 5034 <li class="card__meta__item"> 5035 Vulnerable module: 5036 5037 git/git-man 5038 </li> 5039 5040 <li class="card__meta__item">Introduced through: 5041 5042 5043 docker-image|quay.io/argoproj/argocd@v2.6.15, git@1:2.34.1-1ubuntu1.10 and others 5044 </li> 5045 </ul> 5046 5047 <hr/> 5048 5049 5050 <h3 class="card__section__title">Detailed paths</h3> 5051 5052 <ul class="card__meta__paths"> 5053 <li> 5054 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5055 docker-image|quay.io/argoproj/argocd@v2.6.15 5056 <span class="list-paths__item__arrow">›</span> 5057 git@1:2.34.1-1ubuntu1.10 5058 <span class="list-paths__item__arrow">›</span> 5059 git/git-man@1:2.34.1-1ubuntu1.10 5060 5061 </span> 5062 5063 </li> 5064 <li> 5065 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5066 docker-image|quay.io/argoproj/argocd@v2.6.15 5067 <span class="list-paths__item__arrow">›</span> 5068 git@1:2.34.1-1ubuntu1.10 5069 5070 </span> 5071 5072 </li> 5073 <li> 5074 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5075 docker-image|quay.io/argoproj/argocd@v2.6.15 5076 <span class="list-paths__item__arrow">›</span> 5077 git-lfs@3.0.2-1ubuntu0.2 5078 <span class="list-paths__item__arrow">›</span> 5079 git@1:2.34.1-1ubuntu1.10 5080 5081 </span> 5082 5083 </li> 5084 </ul><!-- .list-paths --> 5085 5086 </div><!-- .card__section --> 5087 5088 <hr/> 5089 <!-- Overview --> 5090 <h2 id="nvd-description">NVD Description</h2> 5091 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>git</code> package and not the <code>git</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 5092 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 5093 <p>GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).</p> 5094 <h2 id="remediation">Remediation</h2> 5095 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>git</code>.</p> 5096 <h2 id="references">References</h2> 5097 <ul> 5098 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1000021">ADVISORY</a></li> 5099 <li><a href="https://security-tracker.debian.org/tracker/CVE-2018-1000021">Debian Security Tracker</a></li> 5100 <li><a href="http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html">http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html</a></li> 5101 </ul> 5102 5103 <hr/> 5104 5105 <div class="cta card__cta"> 5106 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-GIT-2798113">More about this vulnerability</a></p> 5107 </div> 5108 5109 </div><!-- .card --> 5110 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 5111 <h2 class="card__title">Uncontrolled Recursion</h2> 5112 <div class="card__section"> 5113 5114 <div class="label label--low"> 5115 <span class="label__text">low severity</span> 5116 </div> 5117 5118 <hr/> 5119 5120 <ul class="card__meta"> 5121 <li class="card__meta__item"> 5122 Package Manager: ubuntu:22.04 5123 </li> 5124 <li class="card__meta__item"> 5125 Vulnerable module: 5126 5127 gcc-12/libstdc++6 5128 </li> 5129 5130 <li class="card__meta__item">Introduced through: 5131 5132 docker-image|quay.io/argoproj/argocd@v2.6.15 and gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 5133 5134 </li> 5135 </ul> 5136 5137 <hr/> 5138 5139 5140 <h3 class="card__section__title">Detailed paths</h3> 5141 5142 <ul class="card__meta__paths"> 5143 <li> 5144 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5145 docker-image|quay.io/argoproj/argocd@v2.6.15 5146 <span class="list-paths__item__arrow">›</span> 5147 gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 5148 5149 </span> 5150 5151 </li> 5152 <li> 5153 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5154 docker-image|quay.io/argoproj/argocd@v2.6.15 5155 <span class="list-paths__item__arrow">›</span> 5156 apt@2.4.10 5157 <span class="list-paths__item__arrow">›</span> 5158 gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 5159 5160 </span> 5161 5162 </li> 5163 <li> 5164 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5165 docker-image|quay.io/argoproj/argocd@v2.6.15 5166 <span class="list-paths__item__arrow">›</span> 5167 apt@2.4.10 5168 <span class="list-paths__item__arrow">›</span> 5169 apt/libapt-pkg6.0@2.4.10 5170 <span class="list-paths__item__arrow">›</span> 5171 gcc-12/libstdc++6@12.3.0-1ubuntu1~22.04 5172 5173 </span> 5174 5175 </li> 5176 <li> 5177 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5178 docker-image|quay.io/argoproj/argocd@v2.6.15 5179 <span class="list-paths__item__arrow">›</span> 5180 gcc-12/gcc-12-base@12.3.0-1ubuntu1~22.04 5181 5182 </span> 5183 5184 </li> 5185 <li> 5186 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5187 docker-image|quay.io/argoproj/argocd@v2.6.15 5188 <span class="list-paths__item__arrow">›</span> 5189 gcc-12/libgcc-s1@12.3.0-1ubuntu1~22.04 5190 5191 </span> 5192 5193 </li> 5194 </ul><!-- .list-paths --> 5195 5196 </div><!-- .card__section --> 5197 5198 <hr/> 5199 <!-- Overview --> 5200 <h2 id="nvd-description">NVD Description</h2> 5201 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>gcc-12</code> package and not the <code>gcc-12</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 5202 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 5203 <p>libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.</p> 5204 <h2 id="remediation">Remediation</h2> 5205 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>gcc-12</code>.</p> 5206 <h2 id="references">References</h2> 5207 <ul> 5208 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-27943">ADVISORY</a></li> 5209 <li><a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039">cve@mitre.org</a></li> 5210 <li><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=28995">cve@mitre.org</a></li> 5211 <li><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/">cve@mitre.org</a></li> 5212 </ul> 5213 5214 <hr/> 5215 5216 <div class="cta card__cta"> 5217 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-GCC12-5861847">More about this vulnerability</a></p> 5218 </div> 5219 5220 </div><!-- .card --> 5221 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 5222 <h2 class="card__title">CVE-2023-38546</h2> 5223 <div class="card__section"> 5224 5225 <div class="label label--low"> 5226 <span class="label__text">low severity</span> 5227 </div> 5228 5229 <hr/> 5230 5231 <ul class="card__meta"> 5232 <li class="card__meta__item"> 5233 Package Manager: ubuntu:22.04 5234 </li> 5235 <li class="card__meta__item"> 5236 Vulnerable module: 5237 5238 curl/libcurl3-gnutls 5239 </li> 5240 5241 <li class="card__meta__item">Introduced through: 5242 5243 5244 docker-image|quay.io/argoproj/argocd@v2.6.15, git@1:2.34.1-1ubuntu1.10 and others 5245 </li> 5246 </ul> 5247 5248 <hr/> 5249 5250 5251 <h3 class="card__section__title">Detailed paths</h3> 5252 5253 <ul class="card__meta__paths"> 5254 <li> 5255 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5256 docker-image|quay.io/argoproj/argocd@v2.6.15 5257 <span class="list-paths__item__arrow">›</span> 5258 git@1:2.34.1-1ubuntu1.10 5259 <span class="list-paths__item__arrow">›</span> 5260 curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 5261 5262 </span> 5263 5264 </li> 5265 </ul><!-- .list-paths --> 5266 5267 </div><!-- .card__section --> 5268 5269 <hr/> 5270 <!-- Overview --> 5271 <h2 id="nvd-description">NVD Description</h2> 5272 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>curl</code> package and not the <code>curl</code> package as distributed by <code>Ubuntu</code>.</em> 5273 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 5274 <p>This flaw allows an attacker to insert cookies at will into a running program 5275 using libcurl, if the specific series of conditions are met.</p> 5276 <p>libcurl performs transfers. In its API, an application creates "easy handles" 5277 that are the individual handles for single transfers.</p> 5278 <p>libcurl provides a function call that duplicates en easy handle called 5279 <a href="https://curl.se/libcurl/c/curl_easy_duphandle.html">curl_easy_duphandle</a>.</p> 5280 <p>If a transfer has cookies enabled when the handle is duplicated, the 5281 cookie-enable state is also cloned - but without cloning the actual 5282 cookies. If the source handle did not read any cookies from a specific file on 5283 disk, the cloned version of the handle would instead store the file name as 5284 <code>none</code> (using the four ASCII letters, no quotes).</p> 5285 <p>Subsequent use of the cloned handle that does not explicitly set a source to 5286 load cookies from would then inadvertently load cookies from a file named 5287 <code>none</code> - if such a file exists and is readable in the current directory of the 5288 program using libcurl. And if using the correct file format of course.</p> 5289 <h2 id="remediation">Remediation</h2> 5290 <p>Upgrade <code>Ubuntu:22.04</code> <code>curl</code> to version 7.81.0-1ubuntu1.14 or higher.</p> 5291 <h2 id="references">References</h2> 5292 <ul> 5293 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-38546">ADVISORY</a></li> 5294 <li><a href="https://curl.se/docs/CVE-2023-38546.html">support@hackerone.com</a></li> 5295 <li><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/">support@hackerone.com</a></li> 5296 </ul> 5297 5298 <hr/> 5299 5300 <div class="cta card__cta"> 5301 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-CURL-5960732">More about this vulnerability</a></p> 5302 </div> 5303 5304 </div><!-- .card --> 5305 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 5306 <h2 class="card__title">Improper Input Validation</h2> 5307 <div class="card__section"> 5308 5309 <div class="label label--low"> 5310 <span class="label__text">low severity</span> 5311 </div> 5312 5313 <hr/> 5314 5315 <ul class="card__meta"> 5316 <li class="card__meta__item"> 5317 Package Manager: ubuntu:22.04 5318 </li> 5319 <li class="card__meta__item"> 5320 Vulnerable module: 5321 5322 coreutils 5323 </li> 5324 5325 <li class="card__meta__item">Introduced through: 5326 5327 docker-image|quay.io/argoproj/argocd@v2.6.15 and coreutils@8.32-4.1ubuntu1 5328 5329 </li> 5330 </ul> 5331 5332 <hr/> 5333 5334 5335 <h3 class="card__section__title">Detailed paths</h3> 5336 5337 <ul class="card__meta__paths"> 5338 <li> 5339 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5340 docker-image|quay.io/argoproj/argocd@v2.6.15 5341 <span class="list-paths__item__arrow">›</span> 5342 coreutils@8.32-4.1ubuntu1 5343 5344 </span> 5345 5346 </li> 5347 </ul><!-- .list-paths --> 5348 5349 </div><!-- .card__section --> 5350 5351 <hr/> 5352 <!-- Overview --> 5353 <h2 id="nvd-description">NVD Description</h2> 5354 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>coreutils</code> package and not the <code>coreutils</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 5355 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 5356 <p>chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.</p> 5357 <h2 id="remediation">Remediation</h2> 5358 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>coreutils</code>.</p> 5359 <h2 id="references">References</h2> 5360 <ul> 5361 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2781">ADVISORY</a></li> 5362 <li><a href="https://security-tracker.debian.org/tracker/CVE-2016-2781">Debian Security Tracker</a></li> 5363 <li><a href="https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E">MLIST</a></li> 5364 <li><a href="http://www.openwall.com/lists/oss-security/2016/02/28/2">OSS security Advisory</a></li> 5365 <li><a href="http://www.openwall.com/lists/oss-security/2016/02/28/3">OSS security Advisory</a></li> 5366 </ul> 5367 5368 <hr/> 5369 5370 <div class="cta card__cta"> 5371 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-COREUTILS-2801226">More about this vulnerability</a></p> 5372 </div> 5373 5374 </div><!-- .card --> 5375 <div class="card card--vuln disclosure--not-new severity--low" data-snyk-test="low"> 5376 <h2 class="card__title">Out-of-bounds Write</h2> 5377 <div class="card__section"> 5378 5379 <div class="label label--low"> 5380 <span class="label__text">low severity</span> 5381 </div> 5382 5383 <hr/> 5384 5385 <ul class="card__meta"> 5386 <li class="card__meta__item"> 5387 Package Manager: ubuntu:22.04 5388 </li> 5389 <li class="card__meta__item"> 5390 Vulnerable module: 5391 5392 bash 5393 </li> 5394 5395 <li class="card__meta__item">Introduced through: 5396 5397 docker-image|quay.io/argoproj/argocd@v2.6.15 and bash@5.1-6ubuntu1 5398 5399 </li> 5400 </ul> 5401 5402 <hr/> 5403 5404 5405 <h3 class="card__section__title">Detailed paths</h3> 5406 5407 <ul class="card__meta__paths"> 5408 <li> 5409 <span class="list-paths__item__introduced"><em>Introduced through</em>: 5410 docker-image|quay.io/argoproj/argocd@v2.6.15 5411 <span class="list-paths__item__arrow">›</span> 5412 bash@5.1-6ubuntu1 5413 5414 </span> 5415 5416 </li> 5417 </ul><!-- .list-paths --> 5418 5419 </div><!-- .card__section --> 5420 5421 <hr/> 5422 <!-- Overview --> 5423 <h2 id="nvd-description">NVD Description</h2> 5424 <p><strong><em>Note:</em></strong> <em>Versions mentioned in the description apply only to the upstream <code>bash</code> package and not the <code>bash</code> package as distributed by <code>Ubuntu:22.04</code>.</em> 5425 <em>See <code>How to fix?</code> for <code>Ubuntu:22.04</code> relevant fixed versions and status.</em></p> 5426 <p>A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.</p> 5427 <h2 id="remediation">Remediation</h2> 5428 <p>There is no fixed version for <code>Ubuntu:22.04</code> <code>bash</code>.</p> 5429 <h2 id="references">References</h2> 5430 <ul> 5431 <li><a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-3715">ADVISORY</a></li> 5432 <li><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2126720">secalert@redhat.com</a></li> 5433 </ul> 5434 5435 <hr/> 5436 5437 <div class="cta card__cta"> 5438 <p><a href="https://snyk.io/vuln/SNYK-UBUNTU2204-BASH-3098342">More about this vulnerability</a></p> 5439 </div> 5440 5441 </div><!-- .card --> 5442 </div><!-- cards --> 5443 </div> 5444 </main><!-- .layout-stacked__content --> 5445 </body> 5446 5447 </html>