Tuesday, July 2, 2024 Security Releases
Summary The Node.js project will release new versions of the 22.x, 20.x, 18.x releases lines on or shortly after, Tuesday, July 2, 2024 in order to address: 1 high severity issues. 2 medium severity issues. 3 low severity issues. Node.js fetch will be upgraded to undici v6.19.2 on Node.js 18.x...
7AI Score
CVE-2023-0464 affecting package kata-containers-cc for versions less than 0.4.1-2
CVE-2023-0464 affecting package kata-containers-cc for versions less than 0.4.1-2. This CVE either no longer is or was never...
7.5CVSS
8AI Score
0.003EPSS
CVE-2020-4041 affecting package bolt 0.9.2-2
CVE-2020-4041 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
7.4CVSS
7.5AI Score
0.006EPSS
CVE-2019-15484 affecting package bolt 0.9.2-2
CVE-2019-15484 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
6.1CVSS
7.5AI Score
0.001EPSS
CVE-2021-27367 affecting package bolt 0.9.2-2
CVE-2021-27367 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
7.5CVSS
7.5AI Score
0.002EPSS
CVE-2022-31321 affecting package bolt 0.9.2-2
CVE-2022-31321 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
9.1CVSS
7.5AI Score
0.002EPSS
CVE-2023-0475 affecting package k3s 1.24.12-2
CVE-2023-0475 affecting package k3s 1.24.12-2. This CVE either no longer is or was never...
6.5CVSS
9.8AI Score
0.001EPSS
CVE-2022-47021 affecting package opusfile 0.12-2
CVE-2022-47021 affecting package opusfile 0.12-2. No patch is available...
7.8CVSS
7.7AI Score
0.0005EPSS
CVE-2022-38752 affecting package snakeyaml 1.25-2
CVE-2022-38752 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...
6.5CVSS
9AI Score
0.003EPSS
CVE-2022-36069 affecting package poetry 1.0.10-2
CVE-2022-36069 affecting package poetry 1.0.10-2. No patch is available...
7.3CVSS
7.3AI Score
0.001EPSS
CVE-2022-25857 affecting package snakeyaml 1.25-2
CVE-2022-25857 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...
7.5CVSS
9.3AI Score
0.002EPSS
CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2
CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2. A patched version of the package is...
5.9CVSS
6.8AI Score
0.963EPSS
CVE-2023-44487 affecting package moby-cli for versions less than 20.10.25-2
CVE-2023-44487 affecting package moby-cli for versions less than 20.10.25-2. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2024-0727 affecting package nodejs for versions less than 16.20.2-2
CVE-2024-0727 affecting package nodejs for versions less than 16.20.2-2. This CVE either no longer is or was never...
5.5CVSS
6AI Score
0.002EPSS
CVE-2022-3294 affecting package k3s 1.24.12-2
CVE-2022-3294 affecting package k3s 1.24.12-2. This CVE either no longer is or was never...
8.8CVSS
7.5AI Score
0.002EPSS
CVE-2019-9185 affecting package bolt 0.9.2-2
CVE-2019-9185 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
8.8CVSS
7.5AI Score
0.006EPSS
CVE-2019-15483 affecting package bolt 0.9.2-2
CVE-2019-15483 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
6.1CVSS
7.5AI Score
0.001EPSS
CVE-2015-7309 affecting package bolt 0.9.2-2
CVE-2015-7309 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
7.5AI Score
0.449EPSS
CVE-2020-4040 affecting package bolt 0.9.2-2
CVE-2020-4040 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
8.6CVSS
7.5AI Score
0.003EPSS
CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2
CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2. This CVE either no longer is or was never...
7.5CVSS
8.2AI Score
0.004EPSS
CVE-2022-41854 affecting package snakeyaml 1.25-2
CVE-2022-41854 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...
6.5CVSS
8.4AI Score
0.006EPSS
CVE-2023-44487 affecting package moby-containerd for versions less than 1.6.22-2
CVE-2023-44487 affecting package moby-containerd for versions less than 1.6.22-2. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2023-44487 affecting package libcontainers-common for versions less than 20210626-2
CVE-2023-44487 affecting package libcontainers-common for versions less than 20210626-2. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2023-0465 affecting package kata-containers-cc for versions less than 0.4.1-2
CVE-2023-0465 affecting package kata-containers-cc for versions less than 0.4.1-2. This CVE either no longer is or was never...
5.3CVSS
6.9AI Score
0.001EPSS
CVE-2017-16754 affecting package bolt 0.9.2-2
CVE-2017-16754 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
5.3CVSS
7.5AI Score
0.001EPSS
CVE-2023-25173 affecting package k3s 1.24.12-2
CVE-2023-25173 affecting package k3s 1.24.12-2. This CVE either no longer is or was never...
7.8CVSS
8.9AI Score
0.001EPSS
CVE-2022-43410 affecting package mercurial 6.0.3-2
CVE-2022-43410 affecting package mercurial 6.0.3-2. No patch is available...
5.3CVSS
5.8AI Score
0.001EPSS
CVE-2021-3634 affecting package libssh 0.9.5-2
CVE-2021-3634 affecting package libssh 0.9.5-2. This CVE either no longer is or was never...
6.5CVSS
9.7AI Score
0.006EPSS
CVE-2022-38750 affecting package snakeyaml 1.25-2
CVE-2022-38750 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...
6.5CVSS
9.4AI Score
0.001EPSS
CVE-2022-38749 affecting package snakeyaml 1.25-2
CVE-2022-38749 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...
6.5CVSS
8.4AI Score
0.001EPSS
CVE-2011-4966 affecting package freeradius 3.2.3-2
CVE-2011-4966 affecting package freeradius 3.2.3-2. No patch is available...
6.4AI Score
0.003EPSS
CVE-2002-0318 affecting package freeradius 3.2.3-2
CVE-2002-0318 affecting package freeradius 3.2.3-2. No patch is available...
6.9AI Score
0.005EPSS
CVE-2023-48795 affecting package nmap for versions less than 7.93-2
CVE-2023-48795 affecting package nmap for versions less than 7.93-2. A patched version of the package is...
5.9CVSS
6.1AI Score
0.963EPSS
CVE-2023-2650 affecting package kata-containers-cc for versions less than 0.4.1-2
CVE-2023-2650 affecting package kata-containers-cc for versions less than 0.4.1-2. This CVE either no longer is or was never...
6.5CVSS
7.5AI Score
0.001EPSS
CVE-2020-28925 affecting package bolt 0.9.2-2
CVE-2020-28925 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
5.3CVSS
7.5AI Score
0.001EPSS
CVE-2022-1941 affecting package protobuf 3.17.3-2
CVE-2022-1941 affecting package protobuf 3.17.3-2. No patch is available...
7.5CVSS
7.7AI Score
0.002EPSS
CVE-2023-44487 affecting package prometheus-adapter for versions less than 0.10.0-2
CVE-2023-44487 affecting package prometheus-adapter for versions less than 0.10.0-2. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2023-39325 affecting package golang for versions less than 1.20.7-2
CVE-2023-39325 affecting package golang for versions less than 1.20.7-2. A patched version of the package is...
7.5CVSS
8.3AI Score
0.002EPSS
CVE-2019-15485 affecting package bolt 0.9.2-2
CVE-2019-15485 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...
6.1CVSS
7.5AI Score
0.001EPSS
CVE-2022-38751 affecting package snakeyaml 1.25-2
CVE-2022-38751 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...
6.5CVSS
9.3AI Score
0.001EPSS
CVE-2017-18640 affecting package snakeyaml 1.25-2
CVE-2017-18640 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...
7.5CVSS
9.6AI Score
0.019EPSS
CVE-2020-29509 affecting package golang 1.17.13-2
CVE-2020-29509 affecting package golang 1.17.13-2. No patch is available...
9.8CVSS
9.9AI Score
0.001EPSS
CVE-2020-29511 affecting package golang 1.17.13-2
CVE-2020-29511 affecting package golang 1.17.13-2. No patch is available...
9.8CVSS
9.9AI Score
0.001EPSS
CVE-2018-20225 affecting package python-pip 19.2-2
CVE-2018-20225 affecting package python-pip 19.2-2. No patch is available...
7.8CVSS
9.9AI Score
0.001EPSS
CVE-2022-46908 affecting package sqlite 3.34.1-2
CVE-2022-46908 affecting package sqlite 3.34.1-2. This CVE either no longer is or was never...
7.3CVSS
9.8AI Score
0.001EPSS
CVE-2022-21628 affecting package openjdk8 1.8.0.332-2
CVE-2022-21628 affecting package openjdk8 1.8.0.332-2. No patch is available...
5.3CVSS
6.1AI Score
0.002EPSS
CVE-2022-41715 affecting package golang 1.17.13-2
CVE-2022-41715 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
9.1AI Score
0.002EPSS
CVE-2022-2879 affecting package golang 1.17.13-2
CVE-2022-2879 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
9.1AI Score
0.002EPSS
CVE-2022-21541 affecting package openjdk8 1.8.0.332-2
CVE-2022-21541 affecting package openjdk8 1.8.0.332-2. No patch is available...
5.9CVSS
9.9AI Score
0.001EPSS
CVE-2022-41725 affecting package golang 1.17.13-2
CVE-2022-41725 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
10AI Score
0.001EPSS