{ "SchemaVersion": 2, "Trivy": { "Version": "0.69.3" }, "ReportID": "019d57b3-50f0-7cee-a5c7-6a8bf4e70ec3", "CreatedAt": "2026-04-04T08:54:22.704849534Z", "ArtifactName": "sboms/ai-containers-qdrant-v1.16.2-gpu-nvidia-cyclonedx.json", "ArtifactType": "cyclonedx", "Metadata": { "OS": { "Family": "ubuntu", "Name": "22.04" }, "ImageID": "sha256:bc786c2a22bc312337c1b67f46286c3310df0abda5853372bfc2fc51e34028ad", "DiffIDs": [ "sha256:18545e66b1375e4039f5870e4553a060c197aaa401688972380c9b088e512e81", "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b", "sha256:28f715a9cafd45502eeece063337274e93eee0a96094b268ce60100c5a270a65", "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506", "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea", "sha256:694b14b3243a88f01f45f33f3b0500c865922b5778fcb97aad2cf860314a6e01", "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76", "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1", "sha256:96c4eea9dcec95cd061631f56cb8e591c6423e4b09b472c2f05fb386ad1964b2", "sha256:9882be05fbb5874816c551c6b08b3fe963b406f1c71c7d57c4560d0ef5c74b43", "sha256:a0f928efebedfa60a3c4d80a2b26ecd7c2127d36d8c70bd9efde8fd1763c9f35", "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157", "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e", "sha256:f452ee5391afcdda254c816a49b1c4f17f5416473719f9eef44c81edd8ace336" ], "RepoDigests": [ "registry.suse.com/ai/containers/qdrant@sha256:182ce043506ed525411e696383ea7f9556d3926c43f15f6a29dde26de4afa2fb" ], "Reference": "registry.suse.com/ai/containers/qdrant@sha256:182ce043506ed525411e696383ea7f9556d3926c43f15f6a29dde26de4afa2fb" }, "Results": [ { "Target": "sboms/ai-containers-qdrant-v1.16.2-gpu-nvidia-cyclonedx.json (ubuntu 22.04)", "Class": "os-pkgs", "Type": "ubuntu", "Packages": [ { "ID": "adduser@3.118ubuntu5", "Name": "adduser", "Identifier": { "PURL": "pkg:deb/ubuntu/adduser@3.118ubuntu5?arch=all\u0026distro=ubuntu-22.04", "UID": "957ab14c0d3f31cd", "BOMRef": "pkg:deb/ubuntu/adduser@3.118ubuntu5?arch=all\u0026distro=ubuntu-22.04" }, "Version": "3.118ubuntu5", "Arch": "all", "SrcName": "adduser", "SrcVersion": "3.118ubuntu5", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "passwd@1:4.8.1-2ubuntu2.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "apt@2.4.9", "Name": "apt", "Identifier": { "PURL": "pkg:deb/ubuntu/apt@2.4.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "a042184e5bd3d95d", "BOMRef": "pkg:deb/ubuntu/apt@2.4.9?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.4.9", "Arch": "amd64", "SrcName": "apt", "SrcVersion": "2.4.9", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "adduser@3.118ubuntu5", "gpgv@2.2.27-3ubuntu2.1", "libapt-pkg6.0@2.4.9", "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libgnutls30@3.7.3-4ubuntu1.2", "libseccomp2@2.5.3-2ubuntu2", "libstdc++6@12.1.0-2ubuntu1~22.04", "libsystemd0@249.11-0ubuntu3.9", "ubuntu-keyring@2021.03.26" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "base-files@12ubuntu4.3", "Name": "base-files", "Identifier": { "PURL": "pkg:deb/ubuntu/base-files@12ubuntu4.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "58f9d60e43c04c73", "BOMRef": "pkg:deb/ubuntu/base-files@12ubuntu4.3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "12ubuntu4.3", "Arch": "amd64", "SrcName": "base-files", "SrcVersion": "12ubuntu4.3", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libcrypt1@1:4.4.27-1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "base-passwd@3.5.52build1", "Name": "base-passwd", "Identifier": { "PURL": "pkg:deb/ubuntu/base-passwd@3.5.52build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c56d30d5c70d0c23", "BOMRef": "pkg:deb/ubuntu/base-passwd@3.5.52build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.5.52build1", "Arch": "amd64", "SrcName": "base-passwd", "SrcVersion": "3.5.52build1", "Licenses": [ "GPL-2.0-only", "public-domain" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdebconfclient0@0.261ubuntu1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "bash@5.1-6ubuntu1", "Name": "bash", "Identifier": { "PURL": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1738e0c17c879de", "BOMRef": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.1-6ubuntu1", "Arch": "amd64", "SrcName": "bash", "SrcVersion": "5.1", "SrcRelease": "6ubuntu1", "Licenses": [ "GPL-3.0-only" ], "DependsOn": [ "base-files@12ubuntu4.3", "debianutils@5.5-1ubuntu2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "bsdutils@1:2.37.2-4ubuntu3", "Name": "bsdutils", "Identifier": { "PURL": "pkg:deb/ubuntu/bsdutils@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "fdef9652c0b46c7b", "BOMRef": "pkg:deb/ubuntu/bsdutils@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "2.37.2-4ubuntu3", "Epoch": 1, "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "ca-certificates@20240203~22.04.1", "Name": "ca-certificates", "Identifier": { "PURL": "pkg:deb/ubuntu/ca-certificates@20240203~22.04.1?arch=all\u0026distro=ubuntu-22.04", "UID": "bc453e107ca6dd0e", "BOMRef": "pkg:deb/ubuntu/ca-certificates@20240203~22.04.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "20240203~22.04.1", "Arch": "all", "SrcName": "ca-certificates", "SrcVersion": "20240203~22.04.1", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "MPL-2.0" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "openssl@3.0.2-0ubuntu1.20" ], "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" } }, { "ID": "coreutils@8.32-4.1ubuntu1", "Name": "coreutils", "Identifier": { "PURL": "pkg:deb/ubuntu/coreutils@8.32-4.1ubuntu1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "142752eb68fc96c2", "BOMRef": "pkg:deb/ubuntu/coreutils@8.32-4.1ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "8.32-4.1ubuntu1", "Arch": "amd64", "SrcName": "coreutils", "SrcVersion": "8.32", "SrcRelease": "4.1ubuntu1", "Licenses": [ "GPL-3.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "dash@0.5.11+git20210903+057cd650a4ed-3build1", "Name": "dash", "Identifier": { "PURL": "pkg:deb/ubuntu/dash@0.5.11%2Bgit20210903%2B057cd650a4ed-3build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b8f341501ac60dd3", "BOMRef": "pkg:deb/ubuntu/dash@0.5.11%2Bgit20210903%2B057cd650a4ed-3build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.5.11+git20210903+057cd650a4ed-3build1", "Arch": "amd64", "SrcName": "dash", "SrcVersion": "0.5.11+git20210903+057cd650a4ed", "SrcRelease": "3build1", "Licenses": [ "BSD-3-Clause", "FSFULLR", "FSFUL", "MIT", "GPL-2.0-or-later", "public-domain", "GPL-2.0-only" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "debianutils@5.5-1ubuntu2", "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "debconf@1.5.79ubuntu1", "Name": "debconf", "Identifier": { "PURL": "pkg:deb/ubuntu/debconf@1.5.79ubuntu1?arch=all\u0026distro=ubuntu-22.04", "UID": "4aaa4de27e4fc2d3", "BOMRef": "pkg:deb/ubuntu/debconf@1.5.79ubuntu1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.5.79ubuntu1", "Arch": "all", "SrcName": "debconf", "SrcVersion": "1.5.79ubuntu1", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "debianutils@5.5-1ubuntu2", "Name": "debianutils", "Identifier": { "PURL": "pkg:deb/ubuntu/debianutils@5.5-1ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d154ba181f486616", "BOMRef": "pkg:deb/ubuntu/debianutils@5.5-1ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.5-1ubuntu2", "Arch": "amd64", "SrcName": "debianutils", "SrcVersion": "5.5", "SrcRelease": "1ubuntu2", "Licenses": [ "GPL-2.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "diffutils@1:3.8-0ubuntu2", "Name": "diffutils", "Identifier": { "PURL": "pkg:deb/ubuntu/diffutils@3.8-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "cc776128efa5ad9a", "BOMRef": "pkg:deb/ubuntu/diffutils@3.8-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "3.8-0ubuntu2", "Epoch": 1, "Arch": "amd64", "SrcName": "diffutils", "SrcVersion": "3.8", "SrcRelease": "0ubuntu2", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-or-later", "GFDL-1.3-or-later" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "dpkg@1.21.1ubuntu2.1", "Name": "dpkg", "Identifier": { "PURL": "pkg:deb/ubuntu/dpkg@1.21.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8781567b680a5dbe", "BOMRef": "pkg:deb/ubuntu/dpkg@1.21.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.21.1ubuntu2.1", "Arch": "amd64", "SrcName": "dpkg", "SrcVersion": "1.21.1ubuntu2.1", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "BSD-2-Clause", "public-domain-s-s-d", "public-domain-md5" ], "DependsOn": [ "tar@1.34+dfsg-1ubuntu0.1.22.04.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "e2fsprogs@1.46.5-2ubuntu1.1", "Name": "e2fsprogs", "Identifier": { "PURL": "pkg:deb/ubuntu/e2fsprogs@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "360211ddb4c7062c", "BOMRef": "pkg:deb/ubuntu/e2fsprogs@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.46.5-2ubuntu1.1", "Arch": "amd64", "SrcName": "e2fsprogs", "SrcVersion": "1.46.5", "SrcRelease": "2ubuntu1.1", "Licenses": [ "GPL-2.0-only", "LGPL-2.0-only" ], "DependsOn": [ "logsave@1.46.5-2ubuntu1.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "findutils@4.8.0-1ubuntu3", "Name": "findutils", "Identifier": { "PURL": "pkg:deb/ubuntu/findutils@4.8.0-1ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5c2cbdd5973d236", "BOMRef": "pkg:deb/ubuntu/findutils@4.8.0-1ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "4.8.0-1ubuntu3", "Arch": "amd64", "SrcName": "findutils", "SrcVersion": "4.8.0", "SrcRelease": "1ubuntu3", "Licenses": [ "GPL-3.0-only", "GFDL-1.3-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "gcc-12-base@12.1.0-2ubuntu1~22.04", "Name": "gcc-12-base", "Identifier": { "PURL": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "eb3d8453e26c5e35", "BOMRef": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "12.1.0-2ubuntu1~22.04", "Arch": "i386", "SrcName": "gcc-12", "SrcVersion": "12.1.0", "SrcRelease": "2ubuntu1~22.04", "Licenses": [ "GPL-2.0-or-later", "GPL-3.0-only", "GFDL-1.2-only", "GPL-2.0-only", "Artistic-2.0", "LGPL-2.0-or-later" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "gpgv@2.2.27-3ubuntu2.1", "Name": "gpgv", "Identifier": { "PURL": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "10c4962094550539", "BOMRef": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.2.27-3ubuntu2.1", "Arch": "amd64", "SrcName": "gnupg2", "SrcVersion": "2.2.27", "SrcRelease": "3ubuntu2.1", "Licenses": [ "GPL-3.0-or-later", "permissive", "LGPL-2.1-or-later", "MIT", "BSD-3-Clause", "LGPL-3.0-or-later", "RFC-Reference", "TinySCHEME", "CC0-1.0", "GPL-3.0-only", "LGPL-3.0-only", "LGPL-2.1-only" ], "DependsOn": [ "libbz2-1.0@1.0.8-5build1", "libc6@2.35-0ubuntu3.1", "libgcrypt20@1.9.4-3ubuntu3", "libgpg-error0@1.43-3", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "grep@3.7-1build1", "Name": "grep", "Identifier": { "PURL": "pkg:deb/ubuntu/grep@3.7-1build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8effcf21bb273828", "BOMRef": "pkg:deb/ubuntu/grep@3.7-1build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.7-1build1", "Arch": "amd64", "SrcName": "grep", "SrcVersion": "3.7", "SrcRelease": "1build1", "Licenses": [ "GPL-3.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "gzip@1.10-4ubuntu4.1", "Name": "gzip", "Identifier": { "PURL": "pkg:deb/ubuntu/gzip@1.10-4ubuntu4.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ac6a0beab944a6b5", "BOMRef": "pkg:deb/ubuntu/gzip@1.10-4ubuntu4.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.10-4ubuntu4.1", "Arch": "amd64", "SrcName": "gzip", "SrcVersion": "1.10", "SrcRelease": "4ubuntu4.1", "Licenses": [ "GPL-3.0-or-later", "GFDL-1.3--no-invariant", "FSF-manpages", "GPL-3.0-only", "GFDL-3" ], "DependsOn": [ "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "hostname@3.23ubuntu2", "Name": "hostname", "Identifier": { "PURL": "pkg:deb/ubuntu/hostname@3.23ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f4a8fd1ffd20138a", "BOMRef": "pkg:deb/ubuntu/hostname@3.23ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.23ubuntu2", "Arch": "amd64", "SrcName": "hostname", "SrcVersion": "3.23ubuntu2", "Licenses": [ "GPL-2.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "init-system-helpers@1.62", "Name": "init-system-helpers", "Identifier": { "PURL": "pkg:deb/ubuntu/init-system-helpers@1.62?arch=all\u0026distro=ubuntu-22.04", "UID": "4f514076a882a365", "BOMRef": "pkg:deb/ubuntu/init-system-helpers@1.62?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.62", "Arch": "all", "SrcName": "init-system-helpers", "SrcVersion": "1.62", "Licenses": [ "BSD-3-Clause", "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "perl-base@5.34.0-3ubuntu1.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libacl1@2.3.1-1", "Name": "libacl1", "Identifier": { "PURL": "pkg:deb/ubuntu/libacl1@2.3.1-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "18182a2805f6f9df", "BOMRef": "pkg:deb/ubuntu/libacl1@2.3.1-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.3.1-1", "Arch": "amd64", "SrcName": "acl", "SrcVersion": "2.3.1", "SrcRelease": "1", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "LGPL-2.0-or-later", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libapt-pkg6.0@2.4.9", "Name": "libapt-pkg6.0", "Identifier": { "PURL": "pkg:deb/ubuntu/libapt-pkg6.0@2.4.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53e645d4006f4e62", "BOMRef": "pkg:deb/ubuntu/libapt-pkg6.0@2.4.9?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.4.9", "Arch": "amd64", "SrcName": "apt", "SrcVersion": "2.4.9", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libbz2-1.0@1.0.8-5build1", "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libgcrypt20@1.9.4-3ubuntu3", "liblz4-1@1.9.3-2build2", "liblzma5@5.2.5-2ubuntu1", "libstdc++6@12.1.0-2ubuntu1~22.04", "libsystemd0@249.11-0ubuntu3.9", "libudev1@249.11-0ubuntu3.9", "libxxhash0@0.8.1-1", "libzstd1@1.4.8+dfsg-3build1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libatomic1@12.1.0-2ubuntu1~22.04", "Name": "libatomic1", "Identifier": { "PURL": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "de89eee0da10c546", "BOMRef": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "12.1.0-2ubuntu1~22.04", "Arch": "i386", "SrcName": "gcc-12", "SrcVersion": "12.1.0", "SrcRelease": "2ubuntu1~22.04", "DependsOn": [ "gcc-12-base@12.1.0-2ubuntu1~22.04", "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libattr1@1:2.5.1-1build1", "Name": "libattr1", "Identifier": { "PURL": "pkg:deb/ubuntu/libattr1@2.5.1-1build1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "de5f22deec63ab41", "BOMRef": "pkg:deb/ubuntu/libattr1@2.5.1-1build1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "2.5.1-1build1", "Epoch": 1, "Arch": "amd64", "SrcName": "attr", "SrcVersion": "2.5.1", "SrcRelease": "1build1", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "LGPL-2.0-or-later", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libaudit-common@1:3.0.7-1build1", "Name": "libaudit-common", "Identifier": { "PURL": "pkg:deb/ubuntu/libaudit-common@3.0.7-1build1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "36ca334d6a51087c", "BOMRef": "pkg:deb/ubuntu/libaudit-common@3.0.7-1build1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "3.0.7-1build1", "Epoch": 1, "Arch": "all", "SrcName": "audit", "SrcVersion": "3.0.7", "SrcRelease": "1build1", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-only", "LGPL-2.1-only", "GPL-1.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libaudit1@1:3.0.7-1build1", "Name": "libaudit1", "Identifier": { "PURL": "pkg:deb/ubuntu/libaudit1@3.0.7-1build1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "cbb5b09e7d8fda8c", "BOMRef": "pkg:deb/ubuntu/libaudit1@3.0.7-1build1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "3.0.7-1build1", "Epoch": 1, "Arch": "amd64", "SrcName": "audit", "SrcVersion": "3.0.7", "SrcRelease": "1build1", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-only", "LGPL-2.1-only", "GPL-1.0-only" ], "DependsOn": [ "libaudit-common@1:3.0.7-1build1", "libc6@2.35-0ubuntu3.1", "libcap-ng0@0.7.9-2.2build3" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libblkid1@2.37.2-4ubuntu3", "Name": "libblkid1", "Identifier": { "PURL": "pkg:deb/ubuntu/libblkid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "711bb225c7e5017c", "BOMRef": "pkg:deb/ubuntu/libblkid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libbsd0@0.11.5-1", "Name": "libbsd0", "Identifier": { "PURL": "pkg:deb/ubuntu/libbsd0@0.11.5-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "ca418f39950777eb", "BOMRef": "pkg:deb/ubuntu/libbsd0@0.11.5-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "0.11.5-1", "Arch": "i386", "SrcName": "libbsd", "SrcVersion": "0.11.5", "SrcRelease": "1", "Licenses": [ "BSD-3-Clause", "BSD-4-clause-Niels-Provos", "BSD-4-clause-Christopher-G-Demetriou", "BSD-3-clause-Regents", "BSD-2-Clause-NetBSD", "BSD-3-clause-author", "BSD-3-clause-John-Birrell", "BSD-5-clause-Peter-Wemm", "BSD-2-Clause", "BSD-2-clause-verbatim", "BSD-2-clause-author", "ISC", "ISC-Original", "MIT", "public-domain", "Beerware" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libmd0@1.0.4-1build1" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libbz2-1.0@1.0.8-5build1", "Name": "libbz2-1.0", "Identifier": { "PURL": "pkg:deb/ubuntu/libbz2-1.0@1.0.8-5build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4f990dba204c22af", "BOMRef": "pkg:deb/ubuntu/libbz2-1.0@1.0.8-5build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.0.8-5build1", "Arch": "amd64", "SrcName": "bzip2", "SrcVersion": "1.0.8", "SrcRelease": "5build1", "Licenses": [ "BSD-3-Clause", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libc-bin@2.35-0ubuntu3.1", "Name": "libc-bin", "Identifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.35-0ubuntu3.1", "Arch": "amd64", "SrcName": "glibc", "SrcVersion": "2.35", "SrcRelease": "0ubuntu3.1", "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only", "GFDL-1.3-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libc6@2.35-0ubuntu3.1", "Name": "libc6", "Identifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.35-0ubuntu3.1", "Arch": "i386", "SrcName": "glibc", "SrcVersion": "2.35", "SrcRelease": "0ubuntu3.1", "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only", "GFDL-1.3-only" ], "DependsOn": [ "libcrypt1@1:4.4.27-1", "libgcc-s1@12.1.0-2ubuntu1~22.04" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libcap-ng0@0.7.9-2.2build3", "Name": "libcap-ng0", "Identifier": { "PURL": "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.2build3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b128764c7c9197f8", "BOMRef": "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.2build3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.7.9-2.2build3", "Arch": "amd64", "SrcName": "libcap-ng", "SrcVersion": "0.7.9", "SrcRelease": "2.2build3", "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libcap2@1:2.44-1build3", "Name": "libcap2", "Identifier": { "PURL": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "bc5361cbf7d8d2e6", "BOMRef": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "2.44-1build3", "Epoch": 1, "Arch": "amd64", "SrcName": "libcap2", "SrcVersion": "2.44", "SrcRelease": "1build3", "SrcEpoch": 1, "Licenses": [ "BSD-3-Clause", "GPL-2.0-only", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libcom-err2@1.46.5-2ubuntu1.1", "Name": "libcom-err2", "Identifier": { "PURL": "pkg:deb/ubuntu/libcom-err2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9df07fb0cbb37c09", "BOMRef": "pkg:deb/ubuntu/libcom-err2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.46.5-2ubuntu1.1", "Arch": "amd64", "SrcName": "e2fsprogs", "SrcVersion": "1.46.5", "SrcRelease": "2ubuntu1.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libcrypt1@1:4.4.27-1", "Name": "libcrypt1", "Identifier": { "PURL": "pkg:deb/ubuntu/libcrypt1@4.4.27-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "76dc08faa3f52afa", "BOMRef": "pkg:deb/ubuntu/libcrypt1@4.4.27-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "4.4.27-1", "Epoch": 1, "Arch": "i386", "SrcName": "libxcrypt", "SrcVersion": "4.4.27", "SrcRelease": "1", "SrcEpoch": 1, "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libdb5.3@5.3.28+dfsg1-0.8ubuntu3", "Name": "libdb5.3", "Identifier": { "PURL": "pkg:deb/ubuntu/libdb5.3@5.3.28%2Bdfsg1-0.8ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5d17aebfc7f355cc", "BOMRef": "pkg:deb/ubuntu/libdb5.3@5.3.28%2Bdfsg1-0.8ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.3.28+dfsg1-0.8ubuntu3", "Arch": "amd64", "SrcName": "db5.3", "SrcVersion": "5.3.28+dfsg1", "SrcRelease": "0.8ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libdebconfclient0@0.261ubuntu1", "Name": "libdebconfclient0", "Identifier": { "PURL": "pkg:deb/ubuntu/libdebconfclient0@0.261ubuntu1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "59c817508724f715", "BOMRef": "pkg:deb/ubuntu/libdebconfclient0@0.261ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.261ubuntu1", "Arch": "amd64", "SrcName": "cdebconf", "SrcVersion": "0.261ubuntu1", "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libdpkg-perl@1.21.1ubuntu2.1", "Name": "libdpkg-perl", "Identifier": { "PURL": "pkg:deb/ubuntu/libdpkg-perl@1.21.1ubuntu2.1?arch=all\u0026distro=ubuntu-22.04", "UID": "8bb1e0d1f95b96fc", "BOMRef": "pkg:deb/ubuntu/libdpkg-perl@1.21.1ubuntu2.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.21.1ubuntu2.1", "Arch": "all", "SrcName": "dpkg", "SrcVersion": "1.21.1ubuntu2.1", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "BSD-2-Clause", "public-domain-s-s-d", "public-domain-md5" ], "DependsOn": [ "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libdrm-amdgpu1@2.4.113-2~ubuntu0.22.04.1", "Name": "libdrm-amdgpu1", "Identifier": { "PURL": "pkg:deb/ubuntu/libdrm-amdgpu1@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "f5529872ef8125ec", "BOMRef": "pkg:deb/ubuntu/libdrm-amdgpu1@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.4.113-2~ubuntu0.22.04.1", "Arch": "i386", "SrcName": "libdrm", "SrcVersion": "2.4.113", "SrcRelease": "2~ubuntu0.22.04.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libdrm-common@2.4.113-2~ubuntu0.22.04.1", "Name": "libdrm-common", "Identifier": { "PURL": "pkg:deb/ubuntu/libdrm-common@2.4.113-2~ubuntu0.22.04.1?arch=all\u0026distro=ubuntu-22.04", "UID": "672f36a8b031fbc5", "BOMRef": "pkg:deb/ubuntu/libdrm-common@2.4.113-2~ubuntu0.22.04.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "2.4.113-2~ubuntu0.22.04.1", "Arch": "all", "SrcName": "libdrm", "SrcVersion": "2.4.113", "SrcRelease": "2~ubuntu0.22.04.1", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libdrm-nouveau2@2.4.113-2~ubuntu0.22.04.1", "Name": "libdrm-nouveau2", "Identifier": { "PURL": "pkg:deb/ubuntu/libdrm-nouveau2@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "b6d4278a359ac5ed", "BOMRef": "pkg:deb/ubuntu/libdrm-nouveau2@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.4.113-2~ubuntu0.22.04.1", "Arch": "i386", "SrcName": "libdrm", "SrcVersion": "2.4.113", "SrcRelease": "2~ubuntu0.22.04.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libdrm-radeon1@2.4.113-2~ubuntu0.22.04.1", "Name": "libdrm-radeon1", "Identifier": { "PURL": "pkg:deb/ubuntu/libdrm-radeon1@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "3f1721dfd501710d", "BOMRef": "pkg:deb/ubuntu/libdrm-radeon1@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.4.113-2~ubuntu0.22.04.1", "Arch": "i386", "SrcName": "libdrm", "SrcVersion": "2.4.113", "SrcRelease": "2~ubuntu0.22.04.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libdrm2@2.4.113-2~ubuntu0.22.04.1", "Name": "libdrm2", "Identifier": { "PURL": "pkg:deb/ubuntu/libdrm2@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "87cf09b5b0643d57", "BOMRef": "pkg:deb/ubuntu/libdrm2@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.4.113-2~ubuntu0.22.04.1", "Arch": "i386", "SrcName": "libdrm", "SrcVersion": "2.4.113", "SrcRelease": "2~ubuntu0.22.04.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm-common@2.4.113-2~ubuntu0.22.04.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libedit2@3.1-20210910-1build1", "Name": "libedit2", "Identifier": { "PURL": "pkg:deb/ubuntu/libedit2@3.1-20210910-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "29093ce2670ca00f", "BOMRef": "pkg:deb/ubuntu/libedit2@3.1-20210910-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "3.1-20210910-1build1", "Arch": "i386", "SrcName": "libedit", "SrcVersion": "3.1-20210910", "SrcRelease": "1build1", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "libbsd0@0.11.5-1", "libc6@2.35-0ubuntu3.1", "libtinfo6@6.3-2" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libegl-dev@1.4.0-1", "Name": "libegl-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libegl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "f86321723cd2c281", "BOMRef": "pkg:deb/ubuntu/libegl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libegl1@1.4.0-1", "libgl-dev@1.4.0-1", "libx11-dev@2:1.7.5-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libegl-mesa0@22.2.5-0ubuntu0.1~22.04.1", "Name": "libegl-mesa0", "Identifier": { "PURL": "pkg:deb/ubuntu/libegl-mesa0@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "31029d3af1ff68e2", "BOMRef": "pkg:deb/ubuntu/libegl-mesa0@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1", "libexpat1@2.4.7-1ubuntu0.2", "libgbm1@22.2.5-0ubuntu0.1~22.04.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1", "libwayland-client0@1.20.0-1ubuntu0.1", "libwayland-server0@1.20.0-1ubuntu0.1", "libx11-xcb1@2:1.7.5-1", "libxcb-dri2-0@1.14-3ubuntu3", "libxcb-dri3-0@1.14-3ubuntu3", "libxcb-present0@1.14-3ubuntu3", "libxcb-sync1@1.14-3ubuntu3", "libxcb-xfixes0@1.14-3ubuntu3", "libxcb1@1.14-3ubuntu3", "libxshmfence1@1.3-1build4" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libegl1@1.4.0-1", "Name": "libegl1", "Identifier": { "PURL": "pkg:deb/ubuntu/libegl1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "54d856c1a3f7ed54", "BOMRef": "pkg:deb/ubuntu/libegl1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libegl-mesa0@22.2.5-0ubuntu0.1~22.04.1", "libglvnd0@1.4.0-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libegl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1", "Name": "libegl1-mesa-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libegl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "5f48c823010ba801", "BOMRef": "pkg:deb/ubuntu/libegl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libegl-dev@1.4.0-1", "libglvnd-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libelf1@0.186-1build1", "Name": "libelf1", "Identifier": { "PURL": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1c5253ff706df94a", "BOMRef": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "0.186-1build1", "Arch": "i386", "SrcName": "elfutils", "SrcVersion": "0.186", "SrcRelease": "1build1", "Licenses": [ "GPL-2.0-only", "GPL-3.0-only", "LGPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libexpat1@2.4.7-1ubuntu0.2", "Name": "libexpat1", "Identifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.4.7-1ubuntu0.2", "Arch": "i386", "SrcName": "expat", "SrcVersion": "2.4.7", "SrcRelease": "1ubuntu0.2", "Licenses": [ "MIT" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libext2fs2@1.46.5-2ubuntu1.1", "Name": "libext2fs2", "Identifier": { "PURL": "pkg:deb/ubuntu/libext2fs2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d0196ec911a5a2c5", "BOMRef": "pkg:deb/ubuntu/libext2fs2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.46.5-2ubuntu1.1", "Arch": "amd64", "SrcName": "e2fsprogs", "SrcVersion": "1.46.5", "SrcRelease": "2ubuntu1.1", "Licenses": [ "GPL-2.0-only", "LGPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libffi8@3.4.2-4", "Name": "libffi8", "Identifier": { "PURL": "pkg:deb/ubuntu/libffi8@3.4.2-4?arch=i386\u0026distro=ubuntu-22.04", "UID": "90af6fbace03d2be", "BOMRef": "pkg:deb/ubuntu/libffi8@3.4.2-4?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "3.4.2-4", "Arch": "i386", "SrcName": "libffi", "SrcVersion": "3.4.2", "SrcRelease": "4", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgbm1@22.2.5-0ubuntu0.1~22.04.1", "Name": "libgbm1", "Identifier": { "PURL": "pkg:deb/ubuntu/libgbm1@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "d4a1bb202b91097c", "BOMRef": "pkg:deb/ubuntu/libgbm1@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1", "libexpat1@2.4.7-1ubuntu0.2", "libwayland-server0@1.20.0-1ubuntu0.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libgcc-s1@12.1.0-2ubuntu1~22.04", "Name": "libgcc-s1", "Identifier": { "PURL": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0c93d2000807a7", "BOMRef": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "12.1.0-2ubuntu1~22.04", "Arch": "i386", "SrcName": "gcc-12", "SrcVersion": "12.1.0", "SrcRelease": "2ubuntu1~22.04", "DependsOn": [ "gcc-12-base@12.1.0-2ubuntu1~22.04", "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgcrypt20@1.9.4-3ubuntu3", "Name": "libgcrypt20", "Identifier": { "PURL": "pkg:deb/ubuntu/libgcrypt20@1.9.4-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "2491cdf860298798", "BOMRef": "pkg:deb/ubuntu/libgcrypt20@1.9.4-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.9.4-3ubuntu3", "Arch": "amd64", "SrcName": "libgcrypt20", "SrcVersion": "1.9.4", "SrcRelease": "3ubuntu3", "Licenses": [ "LGPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgpg-error0@1.43-3" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgdbm-compat4@1.23-1", "Name": "libgdbm-compat4", "Identifier": { "PURL": "pkg:deb/ubuntu/libgdbm-compat4@1.23-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "2d24e99ce4d77474", "BOMRef": "pkg:deb/ubuntu/libgdbm-compat4@1.23-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.23-1", "Arch": "amd64", "SrcName": "gdbm", "SrcVersion": "1.23", "SrcRelease": "1", "Licenses": [ "GPL-3.0-or-later", "GPL-2.0-or-later", "GFDL-1.3-no-invariants-or-later", "GPL-3.0-only", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgdbm6@1.23-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgdbm6@1.23-1", "Name": "libgdbm6", "Identifier": { "PURL": "pkg:deb/ubuntu/libgdbm6@1.23-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3431cb49811f3367", "BOMRef": "pkg:deb/ubuntu/libgdbm6@1.23-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.23-1", "Arch": "amd64", "SrcName": "gdbm", "SrcVersion": "1.23", "SrcRelease": "1", "Licenses": [ "GPL-3.0-or-later", "GPL-2.0-or-later", "GFDL-1.3-no-invariants-or-later", "GPL-3.0-only", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgl-dev@1.4.0-1", "Name": "libgl-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libgl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "df2a650644dde7d", "BOMRef": "pkg:deb/ubuntu/libgl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libgl1@1.4.0-1", "libglx-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgl1@1.4.0-1", "Name": "libgl1", "Identifier": { "PURL": "pkg:deb/ubuntu/libgl1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "160f7042ab582a6d", "BOMRef": "pkg:deb/ubuntu/libgl1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libglvnd0@1.4.0-1", "libglx0@1.4.0-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libgl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1", "Name": "libgl1-mesa-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libgl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "3c64fef091cbf5f9", "BOMRef": "pkg:deb/ubuntu/libgl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libgl-dev@1.4.0-1", "libglvnd-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgl1-mesa-dri@22.2.5-0ubuntu0.1~22.04.1", "Name": "libgl1-mesa-dri", "Identifier": { "PURL": "pkg:deb/ubuntu/libgl1-mesa-dri@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "c4b98d199fe20fc3", "BOMRef": "pkg:deb/ubuntu/libgl1-mesa-dri@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm-amdgpu1@2.4.113-2~ubuntu0.22.04.1", "libdrm-nouveau2@2.4.113-2~ubuntu0.22.04.1", "libdrm-radeon1@2.4.113-2~ubuntu0.22.04.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1", "libelf1@0.186-1build1", "libexpat1@2.4.7-1ubuntu0.2", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1", "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "libsensors5@1:3.6.0-7ubuntu1", "libstdc++6@12.1.0-2ubuntu1~22.04", "libxcb-dri3-0@1.14-3ubuntu3", "libzstd1@1.4.8+dfsg-3build1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1", "Name": "libglapi-mesa", "Identifier": { "PURL": "pkg:deb/ubuntu/libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "aa5a50c9f667a82c", "BOMRef": "pkg:deb/ubuntu/libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libgles-dev@1.4.0-1", "Name": "libgles-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libgles-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "b71ce9d30785c09f", "BOMRef": "pkg:deb/ubuntu/libgles-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libegl-dev@1.4.0-1", "libgl-dev@1.4.0-1", "libgles1@1.4.0-1", "libgles2@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgles1@1.4.0-1", "Name": "libgles1", "Identifier": { "PURL": "pkg:deb/ubuntu/libgles1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "37b4170c86b3abc4", "BOMRef": "pkg:deb/ubuntu/libgles1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libglvnd0@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgles2@1.4.0-1", "Name": "libgles2", "Identifier": { "PURL": "pkg:deb/ubuntu/libgles2@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "549c1ec8700a72a4", "BOMRef": "pkg:deb/ubuntu/libgles2@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libglvnd0@1.4.0-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libgles2-mesa-dev@22.2.5-0ubuntu0.1~22.04.1", "Name": "libgles2-mesa-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libgles2-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "147311e3e4f9835c", "BOMRef": "pkg:deb/ubuntu/libgles2-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libgles-dev@1.4.0-1", "libglvnd-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libglib2.0-0@2.72.4-0ubuntu2", "Name": "libglib2.0-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.72.4-0ubuntu2", "Arch": "amd64", "SrcName": "glib2.0", "SrcVersion": "2.72.4", "SrcRelease": "0ubuntu2", "Licenses": [ "LGPL-2.0-or-later", "MIT", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libffi8@3.4.2-4", "libmount1@2.37.2-4ubuntu3", "libpcre3@2:8.39-13ubuntu0.22.04.1", "libselinux1@3.3-1build2", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libglvnd-core-dev@1.4.0-1", "Name": "libglvnd-core-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libglvnd-core-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "8059a9c9d227c98c", "BOMRef": "pkg:deb/ubuntu/libglvnd-core-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libglvnd-dev@1.4.0-1", "Name": "libglvnd-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libglvnd-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "d9db0a2ca574f980", "BOMRef": "pkg:deb/ubuntu/libglvnd-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libegl-dev@1.4.0-1", "libgl-dev@1.4.0-1", "libgles-dev@1.4.0-1", "libglvnd-core-dev@1.4.0-1", "libglvnd0@1.4.0-1", "libglx-dev@1.4.0-1", "libopengl-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libglvnd0@1.4.0-1", "Name": "libglvnd0", "Identifier": { "PURL": "pkg:deb/ubuntu/libglvnd0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "326d1f529db2c8ca", "BOMRef": "pkg:deb/ubuntu/libglvnd0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libglx-dev@1.4.0-1", "Name": "libglx-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libglx-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "dd590c64452e0f7e", "BOMRef": "pkg:deb/ubuntu/libglx-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libglx0@1.4.0-1", "libx11-dev@2:1.7.5-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libglx-mesa0@22.2.5-0ubuntu0.1~22.04.1", "Name": "libglx-mesa0", "Identifier": { "PURL": "pkg:deb/ubuntu/libglx-mesa0@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "ed6ffbd3ce476bbe", "BOMRef": "pkg:deb/ubuntu/libglx-mesa0@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1", "libexpat1@2.4.7-1ubuntu0.2", "libgl1-mesa-dri@22.2.5-0ubuntu0.1~22.04.1", "libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1", "libx11-6@2:1.7.5-1", "libx11-xcb1@2:1.7.5-1", "libxcb-dri2-0@1.14-3ubuntu3", "libxcb-dri3-0@1.14-3ubuntu3", "libxcb-glx0@1.14-3ubuntu3", "libxcb-present0@1.14-3ubuntu3", "libxcb-shm0@1.14-3ubuntu3", "libxcb-sync1@1.14-3ubuntu3", "libxcb-xfixes0@1.14-3ubuntu3", "libxcb1@1.14-3ubuntu3", "libxext6@2:1.3.4-1build1", "libxfixes3@1:6.0.0-1", "libxshmfence1@1.3-1build4", "libxxf86vm1@1:1.1.4-1build3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libglx0@1.4.0-1", "Name": "libglx0", "Identifier": { "PURL": "pkg:deb/ubuntu/libglx0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1f4a2fe42a850aad", "BOMRef": "pkg:deb/ubuntu/libglx0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libglvnd0@1.4.0-1", "libglx-mesa0@22.2.5-0ubuntu0.1~22.04.1", "libx11-6@2:1.7.5-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libgmp10@2:6.2.1+dfsg-3ubuntu1", "Name": "libgmp10", "Identifier": { "PURL": "pkg:deb/ubuntu/libgmp10@6.2.1%2Bdfsg-3ubuntu1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "fed31139e2d76482", "BOMRef": "pkg:deb/ubuntu/libgmp10@6.2.1%2Bdfsg-3ubuntu1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "6.2.1+dfsg-3ubuntu1", "Epoch": 2, "Arch": "amd64", "SrcName": "gmp", "SrcVersion": "6.2.1+dfsg", "SrcRelease": "3ubuntu1", "SrcEpoch": 2, "Licenses": [ "LGPL-3.0-only", "GPL-2.0-only", "GPL-3.0-only", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgnutls30@3.7.3-4ubuntu1.2", "Name": "libgnutls30", "Identifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.7.3-4ubuntu1.2", "Arch": "amd64", "SrcName": "gnutls28", "SrcVersion": "3.7.3", "SrcRelease": "4ubuntu1.2", "Licenses": [ "LGPL-2.1-only", "LGPL-2.0-or-later", "LGPL-3.0-only", "GPL-2.0-or-later", "GPL-3.0-only", "GFDL-1.3-only", "CC0-1.0", "MIT", "Apache-2.0", "LGPL-3.0-or-later", "LGPL-2.1-or-later", "GPL-3.0-or-later", "BSD-3-Clause" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgmp10@2:6.2.1+dfsg-3ubuntu1", "libhogweed6@3.7.3-1build2", "libidn2-0@2.3.2-2build1", "libnettle8@3.7.3-1build2", "libp11-kit0@0.24.0-6build1", "libtasn1-6@4.18.0-4build1", "libunistring2@1.0-1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgpg-error0@1.43-3", "Name": "libgpg-error0", "Identifier": { "PURL": "pkg:deb/ubuntu/libgpg-error0@1.43-3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1fd79593e0a79009", "BOMRef": "pkg:deb/ubuntu/libgpg-error0@1.43-3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.43-3", "Arch": "amd64", "SrcName": "libgpg-error", "SrcVersion": "1.43", "SrcRelease": "3", "Licenses": [ "LGPL-2.1-or-later", "BSD-3-Clause", "g10-permissive", "GPL-3.0-or-later", "LGPL-2.1-only", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "Name": "libgssapi-krb5-2", "Identifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.19.2-2ubuntu0.1", "Arch": "amd64", "SrcName": "krb5", "SrcVersion": "1.19.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libcom-err2@1.46.5-2ubuntu1.1", "libk5crypto3@1.19.2-2ubuntu0.1", "libkrb5-3@1.19.2-2ubuntu0.1", "libkrb5support0@1.19.2-2ubuntu0.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libhogweed6@3.7.3-1build2", "Name": "libhogweed6", "Identifier": { "PURL": "pkg:deb/ubuntu/libhogweed6@3.7.3-1build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1ff7f51fd6aac509", "BOMRef": "pkg:deb/ubuntu/libhogweed6@3.7.3-1build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.7.3-1build2", "Arch": "amd64", "SrcName": "nettle", "SrcVersion": "3.7.3", "SrcRelease": "1build2", "Licenses": [ "LGPL-3.0-or-later", "GPL-2.0-or-later", "LGPL-2.0-or-later", "LGPL-2.0-only", "MIT", "GPL-3.0-or-later", "GPL-3.0-only WITH autoconf-exception+", "public-domain", "GPL-2.0-only", "GAP" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgmp10@2:6.2.1+dfsg-3ubuntu1", "libnettle8@3.7.3-1build2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libicu70@70.1-2", "Name": "libicu70", "Identifier": { "PURL": "pkg:deb/ubuntu/libicu70@70.1-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "1ecad657a93d1b21", "BOMRef": "pkg:deb/ubuntu/libicu70@70.1-2?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "70.1-2", "Arch": "i386", "SrcName": "icu", "SrcVersion": "70.1", "SrcRelease": "2", "Licenses": [ "MIT", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libstdc++6@12.1.0-2ubuntu1~22.04" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libidn2-0@2.3.2-2build1", "Name": "libidn2-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libidn2-0@2.3.2-2build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d4495b2187a2a078", "BOMRef": "pkg:deb/ubuntu/libidn2-0@2.3.2-2build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.3.2-2build1", "Arch": "amd64", "SrcName": "libidn2", "SrcVersion": "2.3.2", "SrcRelease": "2build1", "Licenses": [ "GPL-3.0-or-later", "LGPL-3.0-or-later", "GPL-2.0-or-later", "Unicode", "GPL-3.0-only", "GPL-2.0-only", "LGPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libunistring2@1.0-1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libk5crypto3@1.19.2-2ubuntu0.1", "Name": "libk5crypto3", "Identifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.19.2-2ubuntu0.1", "Arch": "amd64", "SrcName": "krb5", "SrcVersion": "1.19.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libkrb5support0@1.19.2-2ubuntu0.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libkeyutils1@1.6.1-2ubuntu3", "Name": "libkeyutils1", "Identifier": { "PURL": "pkg:deb/ubuntu/libkeyutils1@1.6.1-2ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d67a6b9faf62a87c", "BOMRef": "pkg:deb/ubuntu/libkeyutils1@1.6.1-2ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.6.1-2ubuntu3", "Arch": "amd64", "SrcName": "keyutils", "SrcVersion": "1.6.1", "SrcRelease": "2ubuntu3", "Licenses": [ "GPL-2.0-or-later", "LGPL-2.0-or-later", "GPL-2.0-only", "LGPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libkrb5-3@1.19.2-2ubuntu0.1", "Name": "libkrb5-3", "Identifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.19.2-2ubuntu0.1", "Arch": "amd64", "SrcName": "krb5", "SrcVersion": "1.19.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libcom-err2@1.46.5-2ubuntu1.1", "libk5crypto3@1.19.2-2ubuntu0.1", "libkeyutils1@1.6.1-2ubuntu3", "libkrb5support0@1.19.2-2ubuntu0.1", "libssl3@3.0.2-0ubuntu1.9" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libkrb5support0@1.19.2-2ubuntu0.1", "Name": "libkrb5support0", "Identifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.19.2-2ubuntu0.1", "Arch": "amd64", "SrcName": "krb5", "SrcVersion": "1.19.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "Name": "libllvm15", "Identifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "15.0.7-0ubuntu0.22.04.1", "Epoch": 1, "Arch": "i386", "SrcName": "llvm-toolchain-15", "SrcVersion": "15.0.7", "SrcRelease": "0ubuntu0.22.04.1", "SrcEpoch": 1, "Licenses": [ "APACHE-2-LLVM-EXCEPTIONS", "Apache-2.0", "MIT", "BSD-3-Clause", "solar-public-domain", "Python-2.0" ], "DependsOn": [ "libatomic1@12.1.0-2ubuntu1~22.04", "libc6@2.35-0ubuntu3.1", "libedit2@3.1-20210910-1build1", "libffi8@3.4.2-4", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libstdc++6@12.1.0-2ubuntu1~22.04", "libtinfo6@6.3-2", "libxml2@2.9.13+dfsg-1ubuntu0.3", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "liblz4-1@1.9.3-2build2", "Name": "liblz4-1", "Identifier": { "PURL": "pkg:deb/ubuntu/liblz4-1@1.9.3-2build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b64d936ea941e8d8", "BOMRef": "pkg:deb/ubuntu/liblz4-1@1.9.3-2build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.9.3-2build2", "Arch": "amd64", "SrcName": "lz4", "SrcVersion": "1.9.3", "SrcRelease": "2build2", "Licenses": [ "BSD-2-Clause", "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "liblzma5@5.2.5-2ubuntu1", "Name": "liblzma5", "Identifier": { "PURL": "pkg:deb/ubuntu/liblzma5@5.2.5-2ubuntu1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e2248ca07540fc91", "BOMRef": "pkg:deb/ubuntu/liblzma5@5.2.5-2ubuntu1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "5.2.5-2ubuntu1", "Arch": "i386", "SrcName": "xz-utils", "SrcVersion": "5.2.5", "SrcRelease": "2ubuntu1", "Licenses": [ "PD", "probably-PD", "GPL-2.0-or-later", "LGPL-2.1-or-later", "permissive-fsf", "Autoconf", "permissive-nowarranty", "GPL-2.0-only", "none", "config-h", "LGPL-2.0-only", "LGPL-2.1-only", "noderivs", "PD-debian", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libmd0@1.0.4-1build1", "Name": "libmd0", "Identifier": { "PURL": "pkg:deb/ubuntu/libmd0@1.0.4-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "5edf6ec3b591888a", "BOMRef": "pkg:deb/ubuntu/libmd0@1.0.4-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.0.4-1build1", "Arch": "i386", "SrcName": "libmd", "SrcVersion": "1.0.4", "SrcRelease": "1build1", "Licenses": [ "BSD-3-Clause", "BSD-3-clause-Aaron-D-Gifford", "BSD-2-Clause", "BSD-2-Clause-NetBSD", "ISC", "Beerware", "public-domain-md4", "public-domain-md5", "public-domain-sha1" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libmount1@2.37.2-4ubuntu3", "Name": "libmount1", "Identifier": { "PURL": "pkg:deb/ubuntu/libmount1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "7d0178ea5aeaeed9", "BOMRef": "pkg:deb/ubuntu/libmount1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "DependsOn": [ "libblkid1@2.37.2-4ubuntu3", "libc6@2.35-0ubuntu3.1", "libselinux1@3.3-1build2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libmpdec3@2.5.1-2build2", "Name": "libmpdec3", "Identifier": { "PURL": "pkg:deb/ubuntu/libmpdec3@2.5.1-2build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f4acac34185564db", "BOMRef": "pkg:deb/ubuntu/libmpdec3@2.5.1-2build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.5.1-2build2", "Arch": "amd64", "SrcName": "mpdecimal", "SrcVersion": "2.5.1", "SrcRelease": "2build2", "Licenses": [ "BSD-3-Clause", "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libstdc++6@12.1.0-2ubuntu1~22.04" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "libncurses6@6.3-2", "Name": "libncurses6", "Identifier": { "PURL": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9a860c449d03ad00", "BOMRef": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "6.3-2", "Arch": "amd64", "SrcName": "ncurses", "SrcVersion": "6.3", "SrcRelease": "2", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libtinfo6@6.3-2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libncursesw6@6.3-2", "Name": "libncursesw6", "Identifier": { "PURL": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "84da8346908c9794", "BOMRef": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "6.3-2", "Arch": "amd64", "SrcName": "ncurses", "SrcVersion": "6.3", "SrcRelease": "2", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libtinfo6@6.3-2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libnettle8@3.7.3-1build2", "Name": "libnettle8", "Identifier": { "PURL": "pkg:deb/ubuntu/libnettle8@3.7.3-1build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e18e3b0a620a2d92", "BOMRef": "pkg:deb/ubuntu/libnettle8@3.7.3-1build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.7.3-1build2", "Arch": "amd64", "SrcName": "nettle", "SrcVersion": "3.7.3", "SrcRelease": "1build2", "Licenses": [ "LGPL-3.0-or-later", "GPL-2.0-or-later", "LGPL-2.0-or-later", "LGPL-2.0-only", "MIT", "GPL-3.0-or-later", "GPL-3.0-only WITH autoconf-exception+", "public-domain", "GPL-2.0-only", "GAP" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libnsl2@1.3.0-2build2", "Name": "libnsl2", "Identifier": { "PURL": "pkg:deb/ubuntu/libnsl2@1.3.0-2build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e3a32dd9d6115d41", "BOMRef": "pkg:deb/ubuntu/libnsl2@1.3.0-2build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.0-2build2", "Arch": "amd64", "SrcName": "libnsl", "SrcVersion": "1.3.0", "SrcRelease": "2build2", "Licenses": [ "LGPL-2.1-or-later", "LGPL-2.1-only", "BSD-3-Clause", "permissive-fsf", "permissive-makefile-in", "permissive-autoconf-m4-no-warranty", "GPL-3--autoconf-exception", "permissive-configure", "GPL-2--autoconf-exception", "MIT", "GPL-2--libtool-exception", "permissive-autoconf-m4", "GPL-2.0-only", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libtirpc3@1.3.2-2ubuntu0.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libopengl-dev@1.4.0-1", "Name": "libopengl-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libopengl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "9ad940c968c9ad1e", "BOMRef": "pkg:deb/ubuntu/libopengl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libopengl0@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libopengl0@1.4.0-1", "Name": "libopengl0", "Identifier": { "PURL": "pkg:deb/ubuntu/libopengl0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1a4a71cdc162fbf5", "BOMRef": "pkg:deb/ubuntu/libopengl0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libglvnd0@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libp11-kit0@0.24.0-6build1", "Name": "libp11-kit0", "Identifier": { "PURL": "pkg:deb/ubuntu/libp11-kit0@0.24.0-6build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d1a43a8c741df7b6", "BOMRef": "pkg:deb/ubuntu/libp11-kit0@0.24.0-6build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.24.0-6build1", "Arch": "amd64", "SrcName": "p11-kit", "SrcVersion": "0.24.0", "SrcRelease": "6build1", "Licenses": [ "BSD-3-Clause", "permissive-like-automake-output", "ISC", "ISC-IBM", "LGPL-2.1-or-later", "Apache-2.0", "same-as-rest-of-p11kit", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libffi8@3.4.2-4" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpam-modules@1.4.0-11ubuntu2.3", "Name": "libpam-modules", "Identifier": { "PURL": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d8632da2ea866f12", "BOMRef": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-11ubuntu2.3", "Arch": "amd64", "SrcName": "pam", "SrcVersion": "1.4.0", "SrcRelease": "11ubuntu2.3", "Licenses": [ "GPL-2.0-or-later" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpam-modules-bin@1.4.0-11ubuntu2.3", "Name": "libpam-modules-bin", "Identifier": { "PURL": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8c931f0fdc9b837d", "BOMRef": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-11ubuntu2.3", "Arch": "amd64", "SrcName": "pam", "SrcVersion": "1.4.0", "SrcRelease": "11ubuntu2.3", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "libaudit1@1:3.0.7-1build1", "libc6@2.35-0ubuntu3.1", "libcrypt1@1:4.4.27-1", "libpam0g@1.4.0-11ubuntu2.3", "libselinux1@3.3-1build2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpam-runtime@1.4.0-11ubuntu2.3", "Name": "libpam-runtime", "Identifier": { "PURL": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04", "UID": "bbc13483c48a47f3", "BOMRef": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-11ubuntu2.3", "Arch": "all", "SrcName": "pam", "SrcVersion": "1.4.0", "SrcRelease": "11ubuntu2.3", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "libpam-modules@1.4.0-11ubuntu2.3" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpam0g@1.4.0-11ubuntu2.3", "Name": "libpam0g", "Identifier": { "PURL": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3dab8c75dfb28def", "BOMRef": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-11ubuntu2.3", "Arch": "amd64", "SrcName": "pam", "SrcVersion": "1.4.0", "SrcRelease": "11ubuntu2.3", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "libaudit1@1:3.0.7-1build1", "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpcre2-8-0@10.39-3ubuntu0.1", "Name": "libpcre2-8-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libpcre2-8-0@10.39-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9eaa40b8550aa53c", "BOMRef": "pkg:deb/ubuntu/libpcre2-8-0@10.39-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "10.39-3ubuntu0.1", "Arch": "amd64", "SrcName": "pcre2", "SrcVersion": "10.39", "SrcRelease": "3ubuntu0.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpcre3@2:8.39-13ubuntu0.22.04.1", "Name": "libpcre3", "Identifier": { "PURL": "pkg:deb/ubuntu/libpcre3@8.39-13ubuntu0.22.04.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "92207cfb866df534", "BOMRef": "pkg:deb/ubuntu/libpcre3@8.39-13ubuntu0.22.04.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "8.39-13ubuntu0.22.04.1", "Epoch": 2, "Arch": "amd64", "SrcName": "pcre3", "SrcVersion": "8.39", "SrcRelease": "13ubuntu0.22.04.1", "SrcEpoch": 2, "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libperl5.34@5.34.0-3ubuntu1.1", "Name": "libperl5.34", "Identifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.34.0-3ubuntu1.1", "Arch": "amd64", "SrcName": "perl", "SrcVersion": "5.34.0", "SrcRelease": "3ubuntu1.1", "Licenses": [ "GPL-1.0-or-later", "Artistic-2.0", "MIT", "REGCOMP", "GPL-2.0-only WITH bison-exception+", "Unicode", "BZIP", "Zlib", "GPL-2.0-or-later", "RRA-KEEP-THIS-NOTICE", "BSD-3-Clause WITH weird-numbering", "CC0-1.0", "TEXT-TABS", "BSD-4-clause-POWERDOG", "BSD-3-clause-GENERIC", "BSD-3-Clause", "SDBM-PUBLIC-DOMAIN", "DONT-CHANGE-THE-GPL", "Artistic-dist", "LGPL-2.1-only", "GPL-1.0-only", "GPL-2.0-only", "Artistic-2", "HSIEH-DERIVATIVE", "HSIEH-BSD" ], "DependsOn": [ "libbz2-1.0@1.0.8-5build1", "libc6@2.35-0ubuntu3.1", "libcrypt1@1:4.4.27-1", "libdb5.3@5.3.28+dfsg1-0.8ubuntu3", "libgdbm-compat4@1.23-1", "libgdbm6@1.23-1", "perl-modules-5.34@5.34.0-3ubuntu1.1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libprocps8@2:3.3.17-6ubuntu2", "Name": "libprocps8", "Identifier": { "PURL": "pkg:deb/ubuntu/libprocps8@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a5c5ac86365bc0e9", "BOMRef": "pkg:deb/ubuntu/libprocps8@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "3.3.17-6ubuntu2", "Epoch": 2, "Arch": "amd64", "SrcName": "procps", "SrcVersion": "3.3.17", "SrcRelease": "6ubuntu2", "SrcEpoch": 2, "Licenses": [ "LGPL-2.1-or-later", "LGPL-2.0-or-later", "GPL-2.0-or-later", "GPL-2.0-only", "LGPL-2.0-only", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libsystemd0@249.11-0ubuntu3.9" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpthread-stubs0-dev@0.4-1build2", "Name": "libpthread-stubs0-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libpthread-stubs0-dev@0.4-1build2?arch=i386\u0026distro=ubuntu-22.04", "UID": "9244ecc020e991af", "BOMRef": "pkg:deb/ubuntu/libpthread-stubs0-dev@0.4-1build2?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "0.4-1build2", "Arch": "i386", "SrcName": "libpthread-stubs", "SrcVersion": "0.4", "SrcRelease": "1build2", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libpython3-stdlib@3.10.6-1~22.04.1", "Name": "libpython3-stdlib", "Identifier": { "PURL": "pkg:deb/ubuntu/libpython3-stdlib@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ab532e236fab50b", "BOMRef": "pkg:deb/ubuntu/libpython3-stdlib@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.6-1~22.04.1", "Arch": "amd64", "SrcName": "python3-defaults", "SrcVersion": "3.10.6", "SrcRelease": "1~22.04.1", "DependsOn": [ "libpython3.10-stdlib@3.10.12-1~22.04.12" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "libpython3.10-minimal@3.10.12-1~22.04.12", "Name": "libpython3.10-minimal", "Identifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b71bb011027c80d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.12-1~22.04.12", "Arch": "amd64", "SrcName": "python3.10", "SrcVersion": "3.10.12", "SrcRelease": "1~22.04.12", "Licenses": [ "GPL-2.0-only", "Redistribution and use in source and binary forms, with or without", "By obtaining, using, and/or copying this software and/or its", "Permission to use, copy, modify, and distribute this software and", "This software is provided 'as-is', without any express or implied", "Permission is hereby granted, free of charge, to any person", "Permission is hereby granted, free of charge, to any person obtaining", "Permission to use, copy, modify, and distribute this software and its", "This software is provided as-is, without express or implied", "Permission to use, copy, modify, and distribute this software for any", "* Permission to use this software in any way is granted without" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libssl3@3.0.2-0ubuntu1.9" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "Name": "libpython3.10-stdlib", "Identifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "de6b03842b7636d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.12-1~22.04.12", "Arch": "amd64", "SrcName": "python3.10", "SrcVersion": "3.10.12", "SrcRelease": "1~22.04.12", "DependsOn": [ "libbz2-1.0@1.0.8-5build1", "libc6@2.35-0ubuntu3.1", "libcrypt1@1:4.4.27-1", "libdb5.3@5.3.28+dfsg1-0.8ubuntu3", "libffi8@3.4.2-4", "liblzma5@5.2.5-2ubuntu1", "libmpdec3@2.5.1-2build2", "libncursesw6@6.3-2", "libnsl2@1.3.0-2build2", "libpython3.10-minimal@3.10.12-1~22.04.12", "libreadline8@8.1.2-1", "libsqlite3-0@3.37.2-2ubuntu0.5", "libtinfo6@6.3-2", "libtirpc3@1.3.2-2ubuntu0.1", "libuuid1@2.37.2-4ubuntu3", "media-types@7.0.0" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "libreadline8@8.1.2-1", "Name": "libreadline8", "Identifier": { "PURL": "pkg:deb/ubuntu/libreadline8@8.1.2-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "73ae0d0ba2bf3701", "BOMRef": "pkg:deb/ubuntu/libreadline8@8.1.2-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "8.1.2-1", "Arch": "amd64", "SrcName": "readline", "SrcVersion": "8.1.2", "SrcRelease": "1", "Licenses": [ "GPL-3.0-only", "GFDL-1.3-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libtinfo6@6.3-2", "readline-common@8.1.2-1" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "libseccomp2@2.5.3-2ubuntu2", "Name": "libseccomp2", "Identifier": { "PURL": "pkg:deb/ubuntu/libseccomp2@2.5.3-2ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ad783472036421c3", "BOMRef": "pkg:deb/ubuntu/libseccomp2@2.5.3-2ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.5.3-2ubuntu2", "Arch": "amd64", "SrcName": "libseccomp", "SrcVersion": "2.5.3", "SrcRelease": "2ubuntu2", "Licenses": [ "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libselinux1@3.3-1build2", "Name": "libselinux1", "Identifier": { "PURL": "pkg:deb/ubuntu/libselinux1@3.3-1build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "6a26ddd8d0836e1", "BOMRef": "pkg:deb/ubuntu/libselinux1@3.3-1build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.3-1build2", "Arch": "amd64", "SrcName": "libselinux", "SrcVersion": "3.3", "SrcRelease": "1build2", "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libpcre2-8-0@10.39-3ubuntu0.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsemanage-common@3.3-1build2", "Name": "libsemanage-common", "Identifier": { "PURL": "pkg:deb/ubuntu/libsemanage-common@3.3-1build2?arch=all\u0026distro=ubuntu-22.04", "UID": "5c3b97e1f6570b7e", "BOMRef": "pkg:deb/ubuntu/libsemanage-common@3.3-1build2?arch=all\u0026distro=ubuntu-22.04" }, "Version": "3.3-1build2", "Arch": "all", "SrcName": "libsemanage", "SrcVersion": "3.3", "SrcRelease": "1build2", "Licenses": [ "LGPL-2.0-or-later", "GPL-2.0-or-later" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsemanage2@3.3-1build2", "Name": "libsemanage2", "Identifier": { "PURL": "pkg:deb/ubuntu/libsemanage2@3.3-1build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3f05f406486fabc9", "BOMRef": "pkg:deb/ubuntu/libsemanage2@3.3-1build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.3-1build2", "Arch": "amd64", "SrcName": "libsemanage", "SrcVersion": "3.3", "SrcRelease": "1build2", "Licenses": [ "LGPL-2.0-or-later", "GPL-2.0-or-later" ], "DependsOn": [ "libaudit1@1:3.0.7-1build1", "libbz2-1.0@1.0.8-5build1", "libc6@2.35-0ubuntu3.1", "libselinux1@3.3-1build2", "libsemanage-common@3.3-1build2", "libsepol2@3.3-1build1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsensors-config@1:3.6.0-7ubuntu1", "Name": "libsensors-config", "Identifier": { "PURL": "pkg:deb/ubuntu/libsensors-config@3.6.0-7ubuntu1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "da4133c9293967c0", "BOMRef": "pkg:deb/ubuntu/libsensors-config@3.6.0-7ubuntu1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "3.6.0-7ubuntu1", "Epoch": 1, "Arch": "all", "SrcName": "lm-sensors", "SrcVersion": "3.6.0", "SrcRelease": "7ubuntu1", "SrcEpoch": 1, "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libsensors5@1:3.6.0-7ubuntu1", "Name": "libsensors5", "Identifier": { "PURL": "pkg:deb/ubuntu/libsensors5@3.6.0-7ubuntu1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "1eee0f2f253d6463", "BOMRef": "pkg:deb/ubuntu/libsensors5@3.6.0-7ubuntu1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "3.6.0-7ubuntu1", "Epoch": 1, "Arch": "i386", "SrcName": "lm-sensors", "SrcVersion": "3.6.0", "SrcRelease": "7ubuntu1", "SrcEpoch": 1, "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libsensors-config@1:3.6.0-7ubuntu1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libsepol2@3.3-1build1", "Name": "libsepol2", "Identifier": { "PURL": "pkg:deb/ubuntu/libsepol2@3.3-1build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "7dba3fe8afb9b30c", "BOMRef": "pkg:deb/ubuntu/libsepol2@3.3-1build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.3-1build1", "Arch": "amd64", "SrcName": "libsepol", "SrcVersion": "3.3", "SrcRelease": "1build1", "Licenses": [ "LGPL-2.0-or-later", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsmartcols1@2.37.2-4ubuntu3", "Name": "libsmartcols1", "Identifier": { "PURL": "pkg:deb/ubuntu/libsmartcols1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "fb3b2255a47d5ea7", "BOMRef": "pkg:deb/ubuntu/libsmartcols1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsqlite3-0@3.37.2-2ubuntu0.5", "Name": "libsqlite3-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libsqlite3-0@3.37.2-2ubuntu0.5?arch=amd64\u0026distro=ubuntu-22.04", "UID": "791f04d15c8d3709", "BOMRef": "pkg:deb/ubuntu/libsqlite3-0@3.37.2-2ubuntu0.5?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.37.2-2ubuntu0.5", "Arch": "amd64", "SrcName": "sqlite3", "SrcVersion": "3.37.2", "SrcRelease": "2ubuntu0.5", "Licenses": [ "public-domain", "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "libss2@1.46.5-2ubuntu1.1", "Name": "libss2", "Identifier": { "PURL": "pkg:deb/ubuntu/libss2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "6b55a8dda41ca48a", "BOMRef": "pkg:deb/ubuntu/libss2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.46.5-2ubuntu1.1", "Arch": "amd64", "SrcName": "e2fsprogs", "SrcVersion": "1.46.5", "SrcRelease": "2ubuntu1.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libcom-err2@1.46.5-2ubuntu1.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libssl3@3.0.2-0ubuntu1.9", "Name": "libssl3", "Identifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.0.2-0ubuntu1.9", "Arch": "amd64", "SrcName": "openssl", "SrcVersion": "3.0.2", "SrcRelease": "0ubuntu1.9", "Licenses": [ "Apache-2.0", "Artistic-2.0", "GPL-1.0-or-later", "GPL-1.0-only" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libstdc++6@12.1.0-2ubuntu1~22.04", "Name": "libstdc++6", "Identifier": { "PURL": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0e795624f7a9e39", "BOMRef": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "12.1.0-2ubuntu1~22.04", "Arch": "i386", "SrcName": "gcc-12", "SrcVersion": "12.1.0", "SrcRelease": "2ubuntu1~22.04", "DependsOn": [ "gcc-12-base@12.1.0-2ubuntu1~22.04", "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsystemd0@249.11-0ubuntu3.9", "Name": "libsystemd0", "Identifier": { "PURL": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8fc50e9d6218a3c5", "BOMRef": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "249.11-0ubuntu3.9", "Arch": "amd64", "SrcName": "systemd", "SrcVersion": "249.11", "SrcRelease": "0ubuntu3.9", "Licenses": [ "LGPL-2.1-or-later", "CC0-1.0", "GPL-2.0-only", "GPL-2.0-only WITH Linux-syscall-note-exception", "MIT", "public-domain", "GPL-2.0-or-later", "LGPL-2.1-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libtasn1-6@4.18.0-4build1", "Name": "libtasn1-6", "Identifier": { "PURL": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "293e71af62e5b4c1", "BOMRef": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "4.18.0-4build1", "Arch": "amd64", "SrcName": "libtasn1-6", "SrcVersion": "4.18.0", "SrcRelease": "4build1", "Licenses": [ "LGPL-2.0-or-later", "LGPL-2.1-only", "GPL-3.0-only", "GFDL-1.3-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libtinfo6@6.3-2", "Name": "libtinfo6", "Identifier": { "PURL": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "fa7375b15eaca5cc", "BOMRef": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "6.3-2", "Arch": "i386", "SrcName": "ncurses", "SrcVersion": "6.3", "SrcRelease": "2", "Licenses": [ "MIT-X11", "X11", "BSD-3-Clause" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libtirpc-common@1.3.2-2ubuntu0.1", "Name": "libtirpc-common", "Identifier": { "PURL": "pkg:deb/ubuntu/libtirpc-common@1.3.2-2ubuntu0.1?arch=all\u0026distro=ubuntu-22.04", "UID": "f7b92ae92d78b280", "BOMRef": "pkg:deb/ubuntu/libtirpc-common@1.3.2-2ubuntu0.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.3.2-2ubuntu0.1", "Arch": "all", "SrcName": "libtirpc", "SrcVersion": "1.3.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "BSD-3-Clause", "GPL-2.0-only", "--AUTO-PERMISSIVE--", "BSD-2-Clause", "BSD-4-Clause", "LGPL-2.1-or-later", "PERMISSIVE", "LGPL-2.1-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libtirpc3@1.3.2-2ubuntu0.1", "Name": "libtirpc3", "Identifier": { "PURL": "pkg:deb/ubuntu/libtirpc3@1.3.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1b8d4ee351d78de", "BOMRef": "pkg:deb/ubuntu/libtirpc3@1.3.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.2-2ubuntu0.1", "Arch": "amd64", "SrcName": "libtirpc", "SrcVersion": "1.3.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "BSD-3-Clause", "GPL-2.0-only", "--AUTO-PERMISSIVE--", "BSD-2-Clause", "BSD-4-Clause", "LGPL-2.1-or-later", "PERMISSIVE", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "libtirpc-common@1.3.2-2ubuntu0.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libudev1@249.11-0ubuntu3.9", "Name": "libudev1", "Identifier": { "PURL": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "31f61eb9b05df0f1", "BOMRef": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "249.11-0ubuntu3.9", "Arch": "amd64", "SrcName": "systemd", "SrcVersion": "249.11", "SrcRelease": "0ubuntu3.9", "Licenses": [ "LGPL-2.1-or-later", "CC0-1.0", "GPL-2.0-only", "GPL-2.0-only WITH Linux-syscall-note-exception", "MIT", "public-domain", "GPL-2.0-or-later", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libunistring2@1.0-1", "Name": "libunistring2", "Identifier": { "PURL": "pkg:deb/ubuntu/libunistring2@1.0-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1eba7f3ef792fc06", "BOMRef": "pkg:deb/ubuntu/libunistring2@1.0-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.0-1", "Arch": "amd64", "SrcName": "libunistring", "SrcVersion": "1.0", "SrcRelease": "1", "Licenses": [ "LGPL-3.0-or-later", "GPL-2.0-or-later", "FreeSoftware", "GPL-3.0-or-later", "GFDL-1.2-or-later", "GPL-2.0-or-later WITH distribution-exception", "MIT", "LGPL-3.0-only", "GPL-3.0-only", "GPL-2.0-only", "GFDL-1.2-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libunwind8@1.3.2-2build2.1", "Name": "libunwind8", "Identifier": { "PURL": "pkg:deb/ubuntu/libunwind8@1.3.2-2build2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "6324b43817198057", "BOMRef": "pkg:deb/ubuntu/libunwind8@1.3.2-2build2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.2-2build2.1", "Arch": "amd64", "SrcName": "libunwind", "SrcVersion": "1.3.2", "SrcRelease": "2build2.1", "Licenses": [ "MIT", "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "liblzma5@5.2.5-2ubuntu1" ], "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" } }, { "ID": "libuuid1@2.37.2-4ubuntu3", "Name": "libuuid1", "Identifier": { "PURL": "pkg:deb/ubuntu/libuuid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "189fc01c7ee1cffd", "BOMRef": "pkg:deb/ubuntu/libuuid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libvulkan-dev@1.3.204.1-2", "Name": "libvulkan-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libvulkan-dev@1.3.204.1-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "614087229c3b00fe", "BOMRef": "pkg:deb/ubuntu/libvulkan-dev@1.3.204.1-2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.204.1-2", "Arch": "amd64", "SrcName": "vulkan-loader", "SrcVersion": "1.3.204.1", "SrcRelease": "2", "Licenses": [ "Apache-2.0", "MIT" ], "DependsOn": [ "libvulkan1@1.3.204.1-2" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "libvulkan1@1.3.204.1-2", "Name": "libvulkan1", "Identifier": { "PURL": "pkg:deb/ubuntu/libvulkan1@1.3.204.1-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d5ffddaecb4de888", "BOMRef": "pkg:deb/ubuntu/libvulkan1@1.3.204.1-2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.204.1-2", "Arch": "amd64", "SrcName": "vulkan-loader", "SrcVersion": "1.3.204.1", "SrcRelease": "2", "Licenses": [ "Apache-2.0", "MIT" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "libwayland-client0@1.20.0-1ubuntu0.1", "Name": "libwayland-client0", "Identifier": { "PURL": "pkg:deb/ubuntu/libwayland-client0@1.20.0-1ubuntu0.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "eafe0822c84ec8bf", "BOMRef": "pkg:deb/ubuntu/libwayland-client0@1.20.0-1ubuntu0.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.20.0-1ubuntu0.1", "Arch": "i386", "SrcName": "wayland", "SrcVersion": "1.20.0", "SrcRelease": "1ubuntu0.1", "Licenses": [ "X11" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libffi8@3.4.2-4" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libwayland-server0@1.20.0-1ubuntu0.1", "Name": "libwayland-server0", "Identifier": { "PURL": "pkg:deb/ubuntu/libwayland-server0@1.20.0-1ubuntu0.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "de635a485b213678", "BOMRef": "pkg:deb/ubuntu/libwayland-server0@1.20.0-1ubuntu0.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.20.0-1ubuntu0.1", "Arch": "i386", "SrcName": "wayland", "SrcVersion": "1.20.0", "SrcRelease": "1ubuntu0.1", "Licenses": [ "X11" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libffi8@3.4.2-4" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libx11-6@2:1.7.5-1", "Name": "libx11-6", "Identifier": { "PURL": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a327a803ee8e21f7", "BOMRef": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "1.7.5-1", "Epoch": 2, "Arch": "i386", "SrcName": "libx11", "SrcVersion": "1.7.5", "SrcRelease": "1", "SrcEpoch": 2, "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libx11-data@2:1.7.5-1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libx11-data@2:1.7.5-1", "Name": "libx11-data", "Identifier": { "PURL": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f83eeb7f13e45a5", "BOMRef": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "1.7.5-1", "Epoch": 2, "Arch": "all", "SrcName": "libx11", "SrcVersion": "1.7.5", "SrcRelease": "1", "SrcEpoch": 2, "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libx11-dev@2:1.7.5-1", "Name": "libx11-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "67b6ce2121379529", "BOMRef": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "1.7.5-1", "Epoch": 2, "Arch": "i386", "SrcName": "libx11", "SrcVersion": "1.7.5", "SrcRelease": "1", "SrcEpoch": 2, "DependsOn": [ "libx11-6@2:1.7.5-1", "libxau-dev@1:1.0.9-1build5", "libxcb1-dev@1.14-3ubuntu3", "libxdmcp-dev@1:1.1.3-0ubuntu5", "x11proto-dev@2021.5-1", "xtrans-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libx11-xcb1@2:1.7.5-1", "Name": "libx11-xcb1", "Identifier": { "PURL": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "ea45f5e41b8d25a5", "BOMRef": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "1.7.5-1", "Epoch": 2, "Arch": "i386", "SrcName": "libx11", "SrcVersion": "1.7.5", "SrcRelease": "1", "SrcEpoch": 2, "DependsOn": [ "libx11-6@2:1.7.5-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxau-dev@1:1.0.9-1build5", "Name": "libxau-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libxau-dev@1.0.9-1build5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "55aad96ee00277a6", "BOMRef": "pkg:deb/ubuntu/libxau-dev@1.0.9-1build5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.0.9-1build5", "Epoch": 1, "Arch": "i386", "SrcName": "libxau", "SrcVersion": "1.0.9", "SrcRelease": "1build5", "SrcEpoch": 1, "DependsOn": [ "libxau6@1:1.0.9-1build5", "x11proto-dev@2021.5-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libxau6@1:1.0.9-1build5", "Name": "libxau6", "Identifier": { "PURL": "pkg:deb/ubuntu/libxau6@1.0.9-1build5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "4f64547f2bacfe91", "BOMRef": "pkg:deb/ubuntu/libxau6@1.0.9-1build5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.0.9-1build5", "Epoch": 1, "Arch": "i386", "SrcName": "libxau", "SrcVersion": "1.0.9", "SrcRelease": "1build5", "SrcEpoch": 1, "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libxcb-dri2-0@1.14-3ubuntu3", "Name": "libxcb-dri2-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-dri2-0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "858818f5ba6dad08", "BOMRef": "pkg:deb/ubuntu/libxcb-dri2-0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-dri3-0@1.14-3ubuntu3", "Name": "libxcb-dri3-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-dri3-0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "6e13a9b4a1539591", "BOMRef": "pkg:deb/ubuntu/libxcb-dri3-0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-glx0@1.14-3ubuntu3", "Name": "libxcb-glx0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-glx0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "71caab91d4fbce51", "BOMRef": "pkg:deb/ubuntu/libxcb-glx0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-present0@1.14-3ubuntu3", "Name": "libxcb-present0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-present0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "adcf4d73e062147a", "BOMRef": "pkg:deb/ubuntu/libxcb-present0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-randr0@1.14-3ubuntu3", "Name": "libxcb-randr0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-randr0@1.14-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "cee00f9db93f472e", "BOMRef": "pkg:deb/ubuntu/libxcb-randr0@1.14-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "amd64", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "libxcb-shm0@1.14-3ubuntu3", "Name": "libxcb-shm0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-shm0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "9d5df9fb7f75c98c", "BOMRef": "pkg:deb/ubuntu/libxcb-shm0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-sync1@1.14-3ubuntu3", "Name": "libxcb-sync1", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-sync1@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "5560763b4d8168a", "BOMRef": "pkg:deb/ubuntu/libxcb-sync1@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-xfixes0@1.14-3ubuntu3", "Name": "libxcb-xfixes0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-xfixes0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "9065ca84380d1c8b", "BOMRef": "pkg:deb/ubuntu/libxcb-xfixes0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb1@1.14-3ubuntu3", "Name": "libxcb1", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb1@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "14930c90fe4aea81", "BOMRef": "pkg:deb/ubuntu/libxcb1@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxau6@1:1.0.9-1build5", "libxdmcp6@1:1.1.3-0ubuntu5" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libxcb1-dev@1.14-3ubuntu3", "Name": "libxcb1-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb1-dev@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "b94a2203db19a5c4", "BOMRef": "pkg:deb/ubuntu/libxcb1-dev@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libpthread-stubs0-dev@0.4-1build2", "libxau-dev@1:1.0.9-1build5", "libxcb1@1.14-3ubuntu3", "libxdmcp-dev@1:1.1.3-0ubuntu5" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libxdmcp-dev@1:1.1.3-0ubuntu5", "Name": "libxdmcp-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libxdmcp-dev@1.1.3-0ubuntu5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "b332aaa5a3eaf147", "BOMRef": "pkg:deb/ubuntu/libxdmcp-dev@1.1.3-0ubuntu5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.1.3-0ubuntu5", "Epoch": 1, "Arch": "i386", "SrcName": "libxdmcp", "SrcVersion": "1.1.3", "SrcRelease": "0ubuntu5", "SrcEpoch": 1, "DependsOn": [ "libxdmcp6@1:1.1.3-0ubuntu5" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libxdmcp6@1:1.1.3-0ubuntu5", "Name": "libxdmcp6", "Identifier": { "PURL": "pkg:deb/ubuntu/libxdmcp6@1.1.3-0ubuntu5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "102fb2e6c13fb013", "BOMRef": "pkg:deb/ubuntu/libxdmcp6@1.1.3-0ubuntu5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.1.3-0ubuntu5", "Epoch": 1, "Arch": "i386", "SrcName": "libxdmcp", "SrcVersion": "1.1.3", "SrcRelease": "0ubuntu5", "SrcEpoch": 1, "DependsOn": [ "libbsd0@0.11.5-1", "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libxext6@2:1.3.4-1build1", "Name": "libxext6", "Identifier": { "PURL": "pkg:deb/ubuntu/libxext6@1.3.4-1build1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "218fce2e6f1eaed7", "BOMRef": "pkg:deb/ubuntu/libxext6@1.3.4-1build1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "1.3.4-1build1", "Epoch": 2, "Arch": "i386", "SrcName": "libxext", "SrcVersion": "1.3.4", "SrcRelease": "1build1", "SrcEpoch": 2, "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libx11-6@2:1.7.5-1" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libxfixes3@1:6.0.0-1", "Name": "libxfixes3", "Identifier": { "PURL": "pkg:deb/ubuntu/libxfixes3@6.0.0-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "9ac33c84855f9626", "BOMRef": "pkg:deb/ubuntu/libxfixes3@6.0.0-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "6.0.0-1", "Epoch": 1, "Arch": "i386", "SrcName": "libxfixes", "SrcVersion": "6.0.0", "SrcRelease": "1", "SrcEpoch": 1, "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libx11-6@2:1.7.5-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "Name": "libxml2", "Identifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.9.13+dfsg-1ubuntu0.3", "Arch": "i386", "SrcName": "libxml2", "SrcVersion": "2.9.13+dfsg", "SrcRelease": "1ubuntu0.3", "Licenses": [ "MIT-1", "ISC" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libicu70@70.1-2", "liblzma5@5.2.5-2ubuntu1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxshmfence1@1.3-1build4", "Name": "libxshmfence1", "Identifier": { "PURL": "pkg:deb/ubuntu/libxshmfence1@1.3-1build4?arch=i386\u0026distro=ubuntu-22.04", "UID": "7aa3e0306cf761e6", "BOMRef": "pkg:deb/ubuntu/libxshmfence1@1.3-1build4?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.3-1build4", "Arch": "i386", "SrcName": "libxshmfence", "SrcVersion": "1.3", "SrcRelease": "1build4", "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxxf86vm1@1:1.1.4-1build3", "Name": "libxxf86vm1", "Identifier": { "PURL": "pkg:deb/ubuntu/libxxf86vm1@1.1.4-1build3?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "47bbbe0666dad957", "BOMRef": "pkg:deb/ubuntu/libxxf86vm1@1.1.4-1build3?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.1.4-1build3", "Epoch": 1, "Arch": "i386", "SrcName": "libxxf86vm", "SrcVersion": "1.1.4", "SrcRelease": "1build3", "SrcEpoch": 1, "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libx11-6@2:1.7.5-1", "libxext6@2:1.3.4-1build1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxxhash0@0.8.1-1", "Name": "libxxhash0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxxhash0@0.8.1-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5e1fd54a1fb1e77b", "BOMRef": "pkg:deb/ubuntu/libxxhash0@0.8.1-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.8.1-1", "Arch": "amd64", "SrcName": "xxhash", "SrcVersion": "0.8.1", "SrcRelease": "1", "Licenses": [ "BSD-2-Clause", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libzstd1@1.4.8+dfsg-3build1", "Name": "libzstd1", "Identifier": { "PURL": "pkg:deb/ubuntu/libzstd1@1.4.8%2Bdfsg-3build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "efbf7875f9285a06", "BOMRef": "pkg:deb/ubuntu/libzstd1@1.4.8%2Bdfsg-3build1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.8+dfsg-3build1", "Arch": "i386", "SrcName": "libzstd", "SrcVersion": "1.4.8+dfsg", "SrcRelease": "3build1", "Licenses": [ "BSD-3-Clause", "GPL-2.0-only", "Zlib", "MIT" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "login@1:4.8.1-2ubuntu2.1", "Name": "login", "Identifier": { "PURL": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "f6b18d3c8eaf4120", "BOMRef": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "4.8.1-2ubuntu2.1", "Epoch": 1, "Arch": "amd64", "SrcName": "shadow", "SrcVersion": "4.8.1", "SrcRelease": "2ubuntu2.1", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "logsave@1.46.5-2ubuntu1.1", "Name": "logsave", "Identifier": { "PURL": "pkg:deb/ubuntu/logsave@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e65883280a869dde", "BOMRef": "pkg:deb/ubuntu/logsave@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.46.5-2ubuntu1.1", "Arch": "amd64", "SrcName": "e2fsprogs", "SrcVersion": "1.46.5", "SrcRelease": "2ubuntu1.1", "Licenses": [ "GPL-2.0-only", "LGPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "lsb-base@11.1.0ubuntu4", "Name": "lsb-base", "Identifier": { "PURL": "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu4?arch=all\u0026distro=ubuntu-22.04", "UID": "54697e11facb0c6", "BOMRef": "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu4?arch=all\u0026distro=ubuntu-22.04" }, "Version": "11.1.0ubuntu4", "Arch": "all", "SrcName": "lsb", "SrcVersion": "11.1.0ubuntu4", "Licenses": [ "GPL-2.0-only", "BSD-3-Clause" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "mawk@1.3.4.20200120-3", "Name": "mawk", "Identifier": { "PURL": "pkg:deb/ubuntu/mawk@1.3.4.20200120-3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d68f177e01c5e51", "BOMRef": "pkg:deb/ubuntu/mawk@1.3.4.20200120-3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.4.20200120-3", "Arch": "amd64", "SrcName": "mawk", "SrcVersion": "1.3.4.20200120", "SrcRelease": "3", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "media-types@7.0.0", "Name": "media-types", "Identifier": { "PURL": "pkg:deb/ubuntu/media-types@7.0.0?arch=all\u0026distro=ubuntu-22.04", "UID": "d7a0958373b8ce3b", "BOMRef": "pkg:deb/ubuntu/media-types@7.0.0?arch=all\u0026distro=ubuntu-22.04" }, "Version": "7.0.0", "Arch": "all", "SrcName": "media-types", "SrcVersion": "7.0.0", "Licenses": [ "ad-hoc" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "mesa-vulkan-drivers@23.2.1-1ubuntu3.1~22.04.3", "Name": "mesa-vulkan-drivers", "Identifier": { "PURL": "pkg:deb/ubuntu/mesa-vulkan-drivers@23.2.1-1ubuntu3.1~22.04.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "42a6d66bca0f3866", "BOMRef": "pkg:deb/ubuntu/mesa-vulkan-drivers@23.2.1-1ubuntu3.1~22.04.3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "23.2.1-1ubuntu3.1~22.04.3", "Arch": "amd64", "SrcName": "mesa", "SrcVersion": "23.2.1", "SrcRelease": "1ubuntu3.1~22.04.3", "Licenses": [ "MIT", "GPL-2.0-only", "GPL-1.0-or-later", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later", "GPL-1.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm-amdgpu1@2.4.113-2~ubuntu0.22.04.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1", "libelf1@0.186-1build1", "libexpat1@2.4.7-1ubuntu0.2", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "libstdc++6@12.1.0-2ubuntu1~22.04", "libvulkan1@1.3.204.1-2", "libwayland-client0@1.20.0-1ubuntu0.1", "libx11-xcb1@2:1.7.5-1", "libxcb-dri3-0@1.14-3ubuntu3", "libxcb-present0@1.14-3ubuntu3", "libxcb-randr0@1.14-3ubuntu3", "libxcb-shm0@1.14-3ubuntu3", "libxcb-sync1@1.14-3ubuntu3", "libxcb-xfixes0@1.14-3ubuntu3", "libxcb1@1.14-3ubuntu3", "libxshmfence1@1.3-1build4", "libzstd1@1.4.8+dfsg-3build1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "mount@2.37.2-4ubuntu3", "Name": "mount", "Identifier": { "PURL": "pkg:deb/ubuntu/mount@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f67614957785e847", "BOMRef": "pkg:deb/ubuntu/mount@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "ncurses-base@6.3-2", "Name": "ncurses-base", "Identifier": { "PURL": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04", "UID": "3a589d901234074a", "BOMRef": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04" }, "Version": "6.3-2", "Arch": "all", "SrcName": "ncurses", "SrcVersion": "6.3", "SrcRelease": "2", "Licenses": [ "MIT-X11", "X11", "BSD-3-Clause" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "ncurses-bin@6.3-2", "Name": "ncurses-bin", "Identifier": { "PURL": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e68a54a2be1b49a3", "BOMRef": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "6.3-2", "Arch": "amd64", "SrcName": "ncurses", "SrcVersion": "6.3", "SrcRelease": "2", "Licenses": [ "MIT-X11", "X11", "BSD-3-Clause" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "openssl@3.0.2-0ubuntu1.20", "Name": "openssl", "Identifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f6550cbc0dbed022", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.0.2-0ubuntu1.20", "Arch": "amd64", "SrcName": "openssl", "SrcVersion": "3.0.2", "SrcRelease": "0ubuntu1.20", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libssl3@3.0.2-0ubuntu1.9" ], "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" } }, { "ID": "passwd@1:4.8.1-2ubuntu2.1", "Name": "passwd", "Identifier": { "PURL": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "4b89c00035057c2", "BOMRef": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "4.8.1-2ubuntu2.1", "Epoch": 1, "Arch": "amd64", "SrcName": "shadow", "SrcVersion": "4.8.1", "SrcRelease": "2ubuntu2.1", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libaudit1@1:3.0.7-1build1", "libc6@2.35-0ubuntu3.1", "libcrypt1@1:4.4.27-1", "libpam-modules@1.4.0-11ubuntu2.3", "libpam0g@1.4.0-11ubuntu2.3", "libselinux1@3.3-1build2", "libsemanage2@3.3-1build2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "perl@5.34.0-3ubuntu1.1", "Name": "perl", "Identifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.34.0-3ubuntu1.1", "Arch": "amd64", "SrcName": "perl", "SrcVersion": "5.34.0", "SrcRelease": "3ubuntu1.1", "Licenses": [ "GPL-1.0-or-later", "Artistic-2.0", "MIT", "REGCOMP", "GPL-2.0-only WITH bison-exception+", "Unicode", "BZIP", "Zlib", "GPL-2.0-or-later", "RRA-KEEP-THIS-NOTICE", "BSD-3-Clause WITH weird-numbering", "CC0-1.0", "TEXT-TABS", "BSD-4-clause-POWERDOG", "BSD-3-clause-GENERIC", "BSD-3-Clause", "SDBM-PUBLIC-DOMAIN", "DONT-CHANGE-THE-GPL", "Artistic-dist", "LGPL-2.1-only", "GPL-1.0-only", "GPL-2.0-only", "Artistic-2", "HSIEH-DERIVATIVE", "HSIEH-BSD" ], "DependsOn": [ "libperl5.34@5.34.0-3ubuntu1.1", "perl-base@5.34.0-3ubuntu1.1", "perl-modules-5.34@5.34.0-3ubuntu1.1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "perl-base@5.34.0-3ubuntu1.1", "Name": "perl-base", "Identifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.34.0-3ubuntu1.1", "Arch": "amd64", "SrcName": "perl", "SrcVersion": "5.34.0", "SrcRelease": "3ubuntu1.1", "Licenses": [ "GPL-1.0-or-later", "Artistic-2.0", "MIT", "REGCOMP", "GPL-2.0-only WITH bison-exception+", "Unicode", "BZIP", "Zlib", "GPL-2.0-or-later", "RRA-KEEP-THIS-NOTICE", "BSD-3-Clause WITH weird-numbering", "CC0-1.0", "TEXT-TABS", "BSD-4-clause-POWERDOG", "BSD-3-clause-GENERIC", "BSD-3-Clause", "SDBM-PUBLIC-DOMAIN", "DONT-CHANGE-THE-GPL", "Artistic-dist", "LGPL-2.1-only", "GPL-1.0-only", "GPL-2.0-only", "Artistic-2", "HSIEH-DERIVATIVE", "HSIEH-BSD" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "Name": "perl-modules-5.34", "Identifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "5.34.0-3ubuntu1.1", "Arch": "all", "SrcName": "perl", "SrcVersion": "5.34.0", "SrcRelease": "3ubuntu1.1", "Licenses": [ "GPL-1.0-or-later", "Artistic-2.0", "MIT", "REGCOMP", "GPL-2.0-only WITH bison-exception+", "Unicode", "BZIP", "Zlib", "GPL-2.0-or-later", "RRA-KEEP-THIS-NOTICE", "BSD-3-Clause WITH weird-numbering", "CC0-1.0", "TEXT-TABS", "BSD-4-clause-POWERDOG", "BSD-3-clause-GENERIC", "BSD-3-Clause", "SDBM-PUBLIC-DOMAIN", "DONT-CHANGE-THE-GPL", "Artistic-dist", "LGPL-2.1-only", "GPL-1.0-only", "GPL-2.0-only", "Artistic-2", "HSIEH-DERIVATIVE", "HSIEH-BSD" ], "DependsOn": [ "perl-base@5.34.0-3ubuntu1.1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "pkg-config@0.29.2-1ubuntu3", "Name": "pkg-config", "Identifier": { "PURL": "pkg:deb/ubuntu/pkg-config@0.29.2-1ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f482125f2cc9ac76", "BOMRef": "pkg:deb/ubuntu/pkg-config@0.29.2-1ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.29.2-1ubuntu3", "Arch": "amd64", "SrcName": "pkg-config", "SrcVersion": "0.29.2", "SrcRelease": "1ubuntu3", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdpkg-perl@1.21.1ubuntu2.1", "libglib2.0-0@2.72.4-0ubuntu2" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "procps@2:3.3.17-6ubuntu2", "Name": "procps", "Identifier": { "PURL": "pkg:deb/ubuntu/procps@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f7508553e0c13459", "BOMRef": "pkg:deb/ubuntu/procps@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "3.3.17-6ubuntu2", "Epoch": 2, "Arch": "amd64", "SrcName": "procps", "SrcVersion": "3.3.17", "SrcRelease": "6ubuntu2", "SrcEpoch": 2, "Licenses": [ "LGPL-2.1-or-later", "LGPL-2.0-or-later", "GPL-2.0-or-later", "GPL-2.0-only", "LGPL-2.0-only", "LGPL-2.1-only" ], "DependsOn": [ "init-system-helpers@1.62", "libc6@2.35-0ubuntu3.1", "libncurses6@6.3-2", "libncursesw6@6.3-2", "libprocps8@2:3.3.17-6ubuntu2", "libtinfo6@6.3-2", "lsb-base@11.1.0ubuntu4" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "python3@3.10.6-1~22.04.1", "Name": "python3", "Identifier": { "PURL": "pkg:deb/ubuntu/python3@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "81f72b917f4341d1", "BOMRef": "pkg:deb/ubuntu/python3@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.6-1~22.04.1", "Arch": "amd64", "SrcName": "python3-defaults", "SrcVersion": "3.10.6", "SrcRelease": "1~22.04.1", "DependsOn": [ "libpython3-stdlib@3.10.6-1~22.04.1", "python3.10@3.10.12-1~22.04.12" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "python3-minimal@3.10.6-1~22.04.1", "Name": "python3-minimal", "Identifier": { "PURL": "pkg:deb/ubuntu/python3-minimal@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f23a5bc700cf17fb", "BOMRef": "pkg:deb/ubuntu/python3-minimal@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.6-1~22.04.1", "Arch": "amd64", "SrcName": "python3-defaults", "SrcVersion": "3.10.6", "SrcRelease": "1~22.04.1", "DependsOn": [ "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "python3.10@3.10.12-1~22.04.12", "Name": "python3.10", "Identifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b000e578d82c9f49", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.12-1~22.04.12", "Arch": "amd64", "SrcName": "python3.10", "SrcVersion": "3.10.12", "SrcRelease": "1~22.04.12", "Licenses": [ "GPL-2.0-only", "Redistribution and use in source and binary forms, with or without", "By obtaining, using, and/or copying this software and/or its", "Permission to use, copy, modify, and distribute this software and", "This software is provided 'as-is', without any express or implied", "Permission is hereby granted, free of charge, to any person", "Permission is hereby granted, free of charge, to any person obtaining", "Permission to use, copy, modify, and distribute this software and its", "This software is provided as-is, without express or implied", "Permission to use, copy, modify, and distribute this software for any", "* Permission to use this software in any way is granted without" ], "DependsOn": [ "libpython3.10-stdlib@3.10.12-1~22.04.12", "media-types@7.0.0", "python3.10-minimal@3.10.12-1~22.04.12" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "python3.10-minimal@3.10.12-1~22.04.12", "Name": "python3.10-minimal", "Identifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1ff2f5f6352c24cd", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.12-1~22.04.12", "Arch": "amd64", "SrcName": "python3.10", "SrcVersion": "3.10.12", "SrcRelease": "1~22.04.12", "Licenses": [ "GPL-2.0-only", "Redistribution and use in source and binary forms, with or without", "By obtaining, using, and/or copying this software and/or its", "Permission to use, copy, modify, and distribute this software and", "This software is provided 'as-is', without any express or implied", "Permission is hereby granted, free of charge, to any person", "Permission is hereby granted, free of charge, to any person obtaining", "Permission to use, copy, modify, and distribute this software and its", "This software is provided as-is, without express or implied", "Permission to use, copy, modify, and distribute this software for any", "* Permission to use this software in any way is granted without" ], "DependsOn": [ "libexpat1@2.4.7-1ubuntu0.2", "libpython3.10-minimal@3.10.12-1~22.04.12", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "readline-common@8.1.2-1", "Name": "readline-common", "Identifier": { "PURL": "pkg:deb/ubuntu/readline-common@8.1.2-1?arch=all\u0026distro=ubuntu-22.04", "UID": "3160333fdae12687", "BOMRef": "pkg:deb/ubuntu/readline-common@8.1.2-1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "8.1.2-1", "Arch": "all", "SrcName": "readline", "SrcVersion": "8.1.2", "SrcRelease": "1", "Licenses": [ "GPL-3.0-only", "GFDL-1.3-or-later" ], "DependsOn": [ "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "sed@4.8-1ubuntu2", "Name": "sed", "Identifier": { "PURL": "pkg:deb/ubuntu/sed@4.8-1ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "45468b702c3ba035", "BOMRef": "pkg:deb/ubuntu/sed@4.8-1ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "4.8-1ubuntu2", "Arch": "amd64", "SrcName": "sed", "SrcVersion": "4.8", "SrcRelease": "1ubuntu2", "Licenses": [ "GPL-3.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "sensible-utils@0.0.17", "Name": "sensible-utils", "Identifier": { "PURL": "pkg:deb/ubuntu/sensible-utils@0.0.17?arch=all\u0026distro=ubuntu-22.04", "UID": "668f7b27597bd067", "BOMRef": "pkg:deb/ubuntu/sensible-utils@0.0.17?arch=all\u0026distro=ubuntu-22.04" }, "Version": "0.0.17", "Arch": "all", "SrcName": "sensible-utils", "SrcVersion": "0.0.17", "Licenses": [ "GPL-2.0-or-later", "All-permissive", "configure", "installsh", "GPL-2.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "sysvinit-utils@3.01-1ubuntu1", "Name": "sysvinit-utils", "Identifier": { "PURL": "pkg:deb/ubuntu/sysvinit-utils@3.01-1ubuntu1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3378697d0c6726e6", "BOMRef": "pkg:deb/ubuntu/sysvinit-utils@3.01-1ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.01-1ubuntu1", "Arch": "amd64", "SrcName": "sysvinit", "SrcVersion": "3.01", "SrcRelease": "1ubuntu1", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "lsb-base@11.1.0ubuntu4" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "tar@1.34+dfsg-1ubuntu0.1.22.04.1", "Name": "tar", "Identifier": { "PURL": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9b61a5f18e49d407", "BOMRef": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.34+dfsg-1ubuntu0.1.22.04.1", "Arch": "amd64", "SrcName": "tar", "SrcVersion": "1.34+dfsg", "SrcRelease": "1ubuntu0.1.22.04.1", "Licenses": [ "GPL-3.0-only", "GPL-2.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "tzdata@2025b-0ubuntu0.22.04.1", "Name": "tzdata", "Identifier": { "PURL": "pkg:deb/ubuntu/tzdata@2025b-0ubuntu0.22.04.1?arch=all\u0026distro=ubuntu-22.04", "UID": "19a719efbd18d3a5", "BOMRef": "pkg:deb/ubuntu/tzdata@2025b-0ubuntu0.22.04.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "2025b-0ubuntu0.22.04.1", "Arch": "all", "SrcName": "tzdata", "SrcVersion": "2025b", "SrcRelease": "0ubuntu0.22.04.1", "Licenses": [ "ICU" ], "DependsOn": [ "debconf@1.5.79ubuntu1" ], "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" } }, { "ID": "ubuntu-keyring@2021.03.26", "Name": "ubuntu-keyring", "Identifier": { "PURL": "pkg:deb/ubuntu/ubuntu-keyring@2021.03.26?arch=all\u0026distro=ubuntu-22.04", "UID": "2a163b508bd03bc8", "BOMRef": "pkg:deb/ubuntu/ubuntu-keyring@2021.03.26?arch=all\u0026distro=ubuntu-22.04" }, "Version": "2021.03.26", "Arch": "all", "SrcName": "ubuntu-keyring", "SrcVersion": "2021.03.26", "Licenses": [ "GPL-2.0-or-later" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "usrmerge@25ubuntu2", "Name": "usrmerge", "Identifier": { "PURL": "pkg:deb/ubuntu/usrmerge@25ubuntu2?arch=all\u0026distro=ubuntu-22.04", "UID": "900c5920fec2b63d", "BOMRef": "pkg:deb/ubuntu/usrmerge@25ubuntu2?arch=all\u0026distro=ubuntu-22.04" }, "Version": "25ubuntu2", "Arch": "all", "SrcName": "usrmerge", "SrcVersion": "25ubuntu2", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "perl-base@5.34.0-3ubuntu1.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "util-linux@2.37.2-4ubuntu3", "Name": "util-linux", "Identifier": { "PURL": "pkg:deb/ubuntu/util-linux@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "87365d9d2616f051", "BOMRef": "pkg:deb/ubuntu/util-linux@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "vulkan-tools@1.3.204.0+dfsg1-1", "Name": "vulkan-tools", "Identifier": { "PURL": "pkg:deb/ubuntu/vulkan-tools@1.3.204.0%2Bdfsg1-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "bb5940e1c0e2729b", "BOMRef": "pkg:deb/ubuntu/vulkan-tools@1.3.204.0%2Bdfsg1-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.204.0+dfsg1-1", "Arch": "amd64", "SrcName": "vulkan-tools", "SrcVersion": "1.3.204.0+dfsg1", "SrcRelease": "1", "Licenses": [ "Apache-2.0", "MIT" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libstdc++6@12.1.0-2ubuntu1~22.04", "libvulkan1@1.3.204.1-2", "libwayland-client0@1.20.0-1ubuntu0.1", "libx11-6@2:1.7.5-1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" } }, { "ID": "x11proto-dev@2021.5-1", "Name": "x11proto-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/x11proto-dev@2021.5-1?arch=all\u0026distro=ubuntu-22.04", "UID": "4ba03d9fc362f27b", "BOMRef": "pkg:deb/ubuntu/x11proto-dev@2021.5-1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "2021.5-1", "Arch": "all", "SrcName": "xorgproto", "SrcVersion": "2021.5", "SrcRelease": "1", "Licenses": [ "MIT", "SGI" ], "DependsOn": [ "xorg-sgml-doctools@1:1.11-1.1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "xorg-sgml-doctools@1:1.11-1.1", "Name": "xorg-sgml-doctools", "Identifier": { "PURL": "pkg:deb/ubuntu/xorg-sgml-doctools@1.11-1.1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "c25e42011a17c3f0", "BOMRef": "pkg:deb/ubuntu/xorg-sgml-doctools@1.11-1.1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.11-1.1", "Epoch": 1, "Arch": "all", "SrcName": "xorg-sgml-doctools", "SrcVersion": "1.11", "SrcRelease": "1.1", "SrcEpoch": 1, "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "xtrans-dev@1.4.0-1", "Name": "xtrans-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/xtrans-dev@1.4.0-1?arch=all\u0026distro=ubuntu-22.04", "UID": "dfd450fa93aac609", "BOMRef": "pkg:deb/ubuntu/xtrans-dev@1.4.0-1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "all", "SrcName": "xtrans", "SrcVersion": "1.4.0", "SrcRelease": "1", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "zlib1g@1:1.2.11.dfsg-2ubuntu9.2", "Name": "zlib1g", "Identifier": { "PURL": "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu9.2?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "84603c3e51b4bbcf", "BOMRef": "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu9.2?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.2.11.dfsg-2ubuntu9.2", "Epoch": 1, "Arch": "i386", "SrcName": "zlib", "SrcVersion": "1.2.11.dfsg", "SrcRelease": "2ubuntu9.2", "SrcEpoch": 1, "Licenses": [ "Zlib" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2022-3715", "PkgID": "bash@5.1-6ubuntu1", "PkgName": "bash", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1738e0c17c879de", "BOMRef": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.1-6ubuntu1", "FixedVersion": "5.1-6ubuntu1.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-3715", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:92ab56c916b52eebd050842f0a9023b05abb5e70b95dab305c5726512043c479", "Title": "bash: a heap-buffer-overflow in valid_parameter_transform", "Description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "V3Score": 6.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:0340", "https://access.redhat.com/security/cve/CVE-2022-3715", "https://bugzilla.redhat.com/2126720", "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", "https://errata.almalinux.org/9/ALSA-2023-0340.html", "https://errata.rockylinux.org/RLSA-2023:0340", "https://linux.oracle.com/cve/CVE-2022-3715.html", "https://linux.oracle.com/errata/ELSA-2023-0340.html", "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", "https://security.netapp.com/advisory/ntap-20241108-0002/", "https://ubuntu.com/security/notices/USN-6697-1", "https://www.cve.org/CVERecord?id=CVE-2022-3715" ], "PublishedDate": "2023-01-05T15:15:10.41Z", "LastModifiedDate": "2025-11-03T22:16:00.343Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "bsdutils@1:2.37.2-4ubuntu3", "PkgName": "bsdutils", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/bsdutils@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "fdef9652c0b46c7b", "BOMRef": "pkg:deb/ubuntu/bsdutils@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e3c68cf3d841237669f56d7fa22f2504c419e85bafa25c26ce6bdfa640b1fadd", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2025-6297", "PkgID": "dpkg@1.21.1ubuntu2.1", "PkgName": "dpkg", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/dpkg@1.21.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8781567b680a5dbe", "BOMRef": "pkg:deb/ubuntu/dpkg@1.21.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.21.1ubuntu2.1", "FixedVersion": "1.21.1ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6297", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:afbd0cb31f44e9b84df9df6afe2fb56a04cffb9768a5d6ab73f4b03fb59e0f2d", "Title": "It was discovered that dpkg-deb does not properly sanitize directory p ...", "Description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is\ndocumented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on\nadversarial .deb packages or with well compressible files, placed\ninside a directory with permissions not allowing removal by a non-root\nuser, this can end up in a DoS scenario due to causing disk quota\nexhaustion or disk full conditions.", "Severity": "LOW", "CweIDs": [ "CWE-400", "CWE-732" ], "VendorSeverity": { "ubuntu": 1 }, "References": [ "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ed6bbd445dd8800308c67236ba35d08004c98e82", "https://ubuntu.com/security/notices/USN-7768-1", "https://www.cve.org/CVERecord?id=CVE-2025-6297" ], "PublishedDate": "2025-07-01T17:15:30.177Z", "LastModifiedDate": "2025-08-19T17:50:38.047Z" }, { "VulnerabilityID": "CVE-2022-27943", "PkgID": "gcc-12-base@12.1.0-2ubuntu1~22.04", "PkgName": "gcc-12-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "eb3d8453e26c5e35", "BOMRef": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-27943", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1d95fb4a770f13f20530bb9ce3cd1a3b8f74c2b08dda51e0ea58b41121abbf08", "Title": "binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const", "Description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "Severity": "LOW", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 1, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V2Score": 4.3, "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-27943", "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead", "https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "https://sourceware.org/bugzilla/show_bug.cgi?id=28995", "https://www.cve.org/CVERecord?id=CVE-2022-27943" ], "PublishedDate": "2022-03-26T13:15:07.9Z", "LastModifiedDate": "2024-11-21T06:56:31.04Z" }, { "VulnerabilityID": "CVE-2023-4039", "PkgID": "gcc-12-base@12.1.0-2ubuntu1~22.04", "PkgName": "gcc-12-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "eb3d8453e26c5e35", "BOMRef": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "FixedVersion": "12.3.0-1ubuntu1~22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4039", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1b9d9a6a0d8a4cd23c69cb463ab112845ea78dfc4adeae9b146b855638ce02a6", "Title": "gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64", "Description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "Severity": "LOW", "CweIDs": [ "CWE-693" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-4039", "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64", "https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt", "https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html", "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf", "https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org", "https://linux.oracle.com/cve/CVE-2023-4039.html", "https://linux.oracle.com/errata/ELSA-2023-28766.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4039", "https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html", "https://ubuntu.com/security/notices/USN-7700-1", "https://www.cve.org/CVERecord?id=CVE-2023-4039" ], "PublishedDate": "2023-09-13T09:15:15.69Z", "LastModifiedDate": "2025-02-13T17:17:14.717Z" }, { "VulnerabilityID": "CVE-2025-68973", "PkgID": "gpgv@2.2.27-3ubuntu2.1", "PkgName": "gpgv", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "10c4962094550539", "BOMRef": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.2.27-3ubuntu2.1", "FixedVersion": "2.2.27-3ubuntu2.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-68973", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f8c77c15a3054c75ca3ad084c79c10b9e20db1bbd0f6859c170f97909594312f", "Title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write", "Description": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", "Severity": "HIGH", "CweIDs": [ "CWE-675", "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 3 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/12/29/11", "https://access.redhat.com/errata/RHSA-2026:0719", "https://access.redhat.com/security/cve/CVE-2025-68973", "https://bugzilla.redhat.com/2425966", "https://bugzilla.redhat.com/show_bug.cgi?id=2425966", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973", "https://dev.gnupg.org/T7906", "https://dev.gnupg.org/T8001", "https://errata.almalinux.org/9/ALSA-2026-0719.html", "https://errata.rockylinux.org/RLSA-2026:0719", "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9 (gnupg-2.5.14)", "https://github.com/gpg/gnupg/commit/1e929abd20fa2e4be3797a137caca63a971d5372 (gnupg-2.2.51)", "https://github.com/gpg/gnupg/commit/4ecc5122f20e10c17172ed72f4fa46c784b5fb48 (gnupg-2.4.9)", "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", "https://gpg.fail/memcpy", "https://linux.oracle.com/cve/CVE-2025-68973.html", "https://linux.oracle.com/errata/ELSA-2026-1677.html", "https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html", "https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i", "https://news.ycombinator.com/item?id=46403200", "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", "https://ubuntu.com/security/notices/USN-7946-1", "https://ubuntu.com/security/notices/USN-7946-2", "https://www.cve.org/CVERecord?id=CVE-2025-68973", "https://www.openwall.com/lists/oss-security/2025/12/28/5" ], "PublishedDate": "2025-12-28T17:16:01.5Z", "LastModifiedDate": "2026-01-14T19:16:46.857Z" }, { "VulnerabilityID": "CVE-2025-30258", "PkgID": "gpgv@2.2.27-3ubuntu2.1", "PkgName": "gpgv", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "10c4962094550539", "BOMRef": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.2.27-3ubuntu2.1", "FixedVersion": "2.2.27-3ubuntu2.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-30258", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3d1040dde4ef6beebf960b663ac1635374acc11a34c2256f4361c8f8a5978cfe", "Title": "gnupg: verification DoS due to a malicious subkey in the keyring", "Description": "In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a \"verification DoS.\"", "Severity": "MEDIUM", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "amazon": 1, "nvd": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 4.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L", "V3Score": 2.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-30258", "https://dev.gnupg.org/T7527", "https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158", "https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-30258", "https://ubuntu.com/security/notices/USN-7412-1", "https://ubuntu.com/security/notices/USN-7412-3", "https://www.cve.org/CVERecord?id=CVE-2025-30258" ], "PublishedDate": "2025-03-19T20:15:20.14Z", "LastModifiedDate": "2025-10-16T16:53:07.557Z" }, { "VulnerabilityID": "CVE-2022-27943", "PkgID": "libatomic1@12.1.0-2ubuntu1~22.04", "PkgName": "libatomic1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "de89eee0da10c546", "BOMRef": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-27943", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0d2ff659787d2bb081ea772e8c28d825db2e108fb2fac319ec7f74a578b28c8d", "Title": "binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const", "Description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "Severity": "LOW", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 1, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V2Score": 4.3, "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-27943", "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead", "https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "https://sourceware.org/bugzilla/show_bug.cgi?id=28995", "https://www.cve.org/CVERecord?id=CVE-2022-27943" ], "PublishedDate": "2022-03-26T13:15:07.9Z", "LastModifiedDate": "2024-11-21T06:56:31.04Z" }, { "VulnerabilityID": "CVE-2023-4039", "PkgID": "libatomic1@12.1.0-2ubuntu1~22.04", "PkgName": "libatomic1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "de89eee0da10c546", "BOMRef": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "FixedVersion": "12.3.0-1ubuntu1~22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4039", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:648a164843a00324bef4556ae6a4f2d12310acd9713072ca4ec3bf916eb9d42e", "Title": "gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64", "Description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "Severity": "LOW", "CweIDs": [ "CWE-693" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-4039", "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64", "https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt", "https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html", "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf", "https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org", "https://linux.oracle.com/cve/CVE-2023-4039.html", "https://linux.oracle.com/errata/ELSA-2023-28766.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4039", "https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html", "https://ubuntu.com/security/notices/USN-7700-1", "https://www.cve.org/CVERecord?id=CVE-2023-4039" ], "PublishedDate": "2023-09-13T09:15:15.69Z", "LastModifiedDate": "2025-02-13T17:17:14.717Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "libblkid1@2.37.2-4ubuntu3", "PkgName": "libblkid1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libblkid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "711bb225c7e5017c", "BOMRef": "pkg:deb/ubuntu/libblkid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:dc110e23980ab6a687d433164de779d09a6d5d5021eb25d9148a5f97ca05e889", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2023-4911", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4911", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5511f9a81815df9b4bdaa61b083c2def22d39ca3dcceb8c6c6c51ef0ba7c5a8e", "Title": "glibc: buffer overflow in ld.so leading to privilege escalation", "Description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "Severity": "HIGH", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 3 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html", "http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html", "http://seclists.org/fulldisclosure/2023/Oct/11", "http://www.openwall.com/lists/oss-security/2023/10/03/2", "http://www.openwall.com/lists/oss-security/2023/10/03/3", "http://www.openwall.com/lists/oss-security/2023/10/05/1", "http://www.openwall.com/lists/oss-security/2023/10/13/11", "http://www.openwall.com/lists/oss-security/2023/10/14/3", "http://www.openwall.com/lists/oss-security/2023/10/14/5", "http://www.openwall.com/lists/oss-security/2023/10/14/6", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5454", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:5476", "https://access.redhat.com/errata/RHSA-2024:0033", "https://access.redhat.com/security/cve/CVE-2023-4911", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4911.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4911", "https://security.gentoo.org/glsa/202310-03", "https://security.netapp.com/advisory/ntap-20231013-0006/", "https://ubuntu.com/security/notices/USN-6409-1", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911", "https://www.cve.org/CVERecord?id=CVE-2023-4911", "https://www.debian.org/security/2023/dsa-5514", "https://www.exploit-db.com/exploits/52479", "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt", "https://www.qualys.com/cve-2023-4911/" ], "PublishedDate": "2023-10-03T18:15:10.463Z", "LastModifiedDate": "2026-02-13T21:25:07.227Z" }, { "VulnerabilityID": "CVE-2023-5156", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-5156", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0bea4f1c604114149068fb669d58b6e1d8fd7525894a3f03772e5efaa7a77e92", "Title": "glibc: DoS due to memory leak in getaddrinfo.c", "Description": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "amazon": 1, "azure": 3, "cbl-mariner": 3, "nvd": 3, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/4", "http://www.openwall.com/lists/oss-security/2023/10/03/5", "http://www.openwall.com/lists/oss-security/2023/10/03/6", "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/security/cve/CVE-2023-5156", "https://bugzilla.redhat.com/show_bug.cgi?id=2240541", "https://nvd.nist.gov/vuln/detail/CVE-2023-5156", "https://security.gentoo.org/glsa/202402-01", "https://sourceware.org/bugzilla/show_bug.cgi?id=30884", "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796", "https://sourceware.org/pipermail/libc-alpha/2023-September/151691.html", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-5156" ], "PublishedDate": "2023-09-25T16:15:15.613Z", "LastModifiedDate": "2024-11-21T08:41:10.837Z" }, { "VulnerabilityID": "CVE-2024-2961", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-2961", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:aafd9d74bce2ee93f09bf4aa762d16bda484c691e3cc456dc3a5d6419447722a", "Title": "glibc: Out of bounds write in iconv may lead to remote code execution", "Description": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/04/17/9", "http://www.openwall.com/lists/oss-security/2024/04/18/4", "http://www.openwall.com/lists/oss-security/2024/04/24/2", "http://www.openwall.com/lists/oss-security/2024/05/27/1", "http://www.openwall.com/lists/oss-security/2024/05/27/2", "http://www.openwall.com/lists/oss-security/2024/05/27/3", "http://www.openwall.com/lists/oss-security/2024/05/27/4", "http://www.openwall.com/lists/oss-security/2024/05/27/5", "http://www.openwall.com/lists/oss-security/2024/05/27/6", "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-2961", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://linux.oracle.com/cve/CVE-2024-2961.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/", "https://nvd.nist.gov/vuln/detail/CVE-2024-2961", "https://security.netapp.com/advisory/ntap-20240531-0002/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004", "https://ubuntu.com/security/notices/USN-6737-1", "https://ubuntu.com/security/notices/USN-6737-2", "https://ubuntu.com/security/notices/USN-6762-1", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p1", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p2", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p3", "https://www.cve.org/CVERecord?id=CVE-2024-2961", "https://www.openwall.com/lists/oss-security/2024/04/17/9" ], "PublishedDate": "2024-04-17T18:15:15.833Z", "LastModifiedDate": "2026-04-03T16:36:35.057Z" }, { "VulnerabilityID": "CVE-2024-33599", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33599", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:462698184049c604980200ed799c0e6410ba22f0f3b32bb39cd2773467190fb2", "Title": "glibc: stack-based buffer overflow in netgroup cache", "Description": "nscd: Stack-based buffer overflow in netgroup cache\n\nIf the Name Service Cache Daemon's (nscd) fixed size cache is exhausted\nby client requests then a subsequent client request for netgroup data\nmay result in a stack-based buffer overflow. This flaw was introduced\nin glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.6 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33599", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33599.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33599", "https://security.netapp.com/advisory/ntap-20240524-0011/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33599", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.437Z", "LastModifiedDate": "2025-06-18T14:56:01.037Z" }, { "VulnerabilityID": "CVE-2024-33600", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33600", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:37eda355d2abf533104313428c895e65ad72eb36f67bad1f60abb1a5e224aa5d", "Title": "glibc: null pointer dereferences after failed netgroup cache insertion", "Description": "nscd: Null pointer crashes after notfound response\n\nIf the Name Service Cache Daemon's (nscd) cache fails to add a not-found\nnetgroup response to the cache, the client request can result in a null\npointer dereference. This flaw was introduced in glibc 2.15 when the\ncache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33600", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33600.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33600", "https://security.netapp.com/advisory/ntap-20240524-0013/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33600", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.523Z", "LastModifiedDate": "2025-06-18T14:50:25.44Z" }, { "VulnerabilityID": "CVE-2024-33601", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33601", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9c9032a7283fd59c123c402501c871bd5e434c1f89f4f478021fb642d4ae177d", "Title": "glibc: netgroup cache may terminate daemon on memory allocation failure", "Description": "nscd: netgroup cache may terminate daemon on memory allocation failure\n\nThe Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or\nxrealloc and these functions may terminate the process due to a memory\nallocation failure resulting in a denial of service to the clients. The\nflaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-617" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33601", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33601.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33601", "https://security.netapp.com/advisory/ntap-20240524-0014/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33601", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.603Z", "LastModifiedDate": "2025-08-01T01:56:26.467Z" }, { "VulnerabilityID": "CVE-2024-33602", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33602", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1aae00cfa93d65d431f8771876351a7bb22c7a1b2e6dc89367fda2180f2c19bd", "Title": "glibc: netgroup cache assumes NSS callback uses in-buffer strings", "Description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings\n\nThe Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory\nwhen the NSS callback does not store all strings in the provided buffer.\nThe flaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-466" ], "VendorSeverity": { "alma": 3, "amazon": 2, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33602", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33602.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33602", "https://security.netapp.com/advisory/ntap-20240524-0012/", "https://sourceware.org/bugzilla/show_bug.cgi?id=31680", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33602", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.68Z", "LastModifiedDate": "2025-06-18T14:40:48.823Z" }, { "VulnerabilityID": "CVE-2025-0395", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.9", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-0395", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6c5486e3ab6917f72c29547c1fea95bf1d7cf44f27eaa7bf86815c34356728eb", "Title": "glibc: buffer overflow in the GNU C Library's assert()", "Description": "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "Severity": "MEDIUM", "CweIDs": [ "CWE-131" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 1, "cbl-mariner": 1, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/01/22/4", "http://www.openwall.com/lists/oss-security/2025/01/23/2", "http://www.openwall.com/lists/oss-security/2025/04/13/1", "http://www.openwall.com/lists/oss-security/2025/04/24/7", "https://access.redhat.com/errata/RHSA-2025:4244", "https://access.redhat.com/security/cve/CVE-2025-0395", "https://bugzilla.redhat.com/2339460", "https://bugzilla.redhat.com/show_bug.cgi?id=2339460", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0395", "https://errata.almalinux.org/9/ALSA-2025-4244.html", "https://errata.rockylinux.org/RLSA-2025:4244", "https://linux.oracle.com/cve/CVE-2025-0395.html", "https://linux.oracle.com/errata/ELSA-2025-4244.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00039.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-0395", "https://security.netapp.com/advisory/ntap-20250228-0006/", "https://sourceware.org/bugzilla/show_bug.cgi?id=32582", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001", "https://sourceware.org/pipermail/libc-announce/2025/000044.html", "https://ubuntu.com/security/notices/USN-7259-1", "https://ubuntu.com/security/notices/USN-7259-2", "https://ubuntu.com/security/notices/USN-7259-3", "https://www.cve.org/CVERecord?id=CVE-2025-0395", "https://www.openwall.com/lists/oss-security/2025/01/22/4" ], "PublishedDate": "2025-01-22T13:15:20.933Z", "LastModifiedDate": "2026-02-04T21:15:56.993Z" }, { "VulnerabilityID": "CVE-2025-15281", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15281", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8487551515c9efe808532cd46719766b3862f4cdf38f9d64d0abf9e10211ed52", "Title": "glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory", "Description": "Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.", "Severity": "MEDIUM", "CweIDs": [ "CWE-908" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/20/3", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2025-15281", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2025-15281.html", "https://linux.oracle.com/errata/ELSA-2026-50174.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-15281", "https://sourceware.org/bugzilla/show_bug.cgi?id=33814", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2025-15281", "https://www.openwall.com/lists/oss-security/2026/01/20/3" ], "PublishedDate": "2026-01-20T14:16:07.843Z", "LastModifiedDate": "2026-02-05T17:43:18.63Z" }, { "VulnerabilityID": "CVE-2025-4802", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.10", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-4802", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1e3143bf174f81d35458e86ee5c85cc79e37ec7aa54e660bf471058bf7e2bace", "Title": "glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH", "Description": "Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).", "Severity": "MEDIUM", "CweIDs": [ "CWE-426" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/05/16/7", "http://www.openwall.com/lists/oss-security/2025/05/17/2", "https://access.redhat.com/errata/RHSA-2025:8655", "https://access.redhat.com/security/cve/CVE-2025-4802", "https://bugzilla.redhat.com/2367468", "https://bugzilla.redhat.com/show_bug.cgi?id=2367468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802", "https://errata.almalinux.org/9/ALSA-2025-8655.html", "https://errata.rockylinux.org/RLSA-2025:8655", "https://inbox.sourceware.org/libc-announce/3ac997b0-28a5-4129-af53-675efe4c2dec@redhat.com/T/#u", "https://linux.oracle.com/cve/CVE-2025-4802.html", "https://linux.oracle.com/errata/ELSA-2025-8686.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00033.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-4802", "https://sourceware.org/bugzilla/show_bug.cgi?id=32976", "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e", "https://sourceware.org/cgit/glibc/commit/?id=5451fa962cd0a90a0e2ec1d8910a559ace02bba0", "https://ubuntu.com/security/notices/USN-7541-1", "https://www.cve.org/CVERecord?id=CVE-2025-4802", "https://www.openwall.com/lists/oss-security/2025/05/16/7", "https://www.openwall.com/lists/oss-security/2025/05/17/2" ], "PublishedDate": "2025-05-16T20:15:22.28Z", "LastModifiedDate": "2025-11-03T20:19:11.153Z" }, { "VulnerabilityID": "CVE-2025-8058", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.11", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-8058", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8d9ba62ecf7c769f95d525ca37be2ebed08e97ba8362f1dfdf8bdd927ef5e7d8", "Title": "glibc: Double free in glibc", "Description": "The regcomp function in the GNU C library version from 2.4 to 2.41 is \nsubject to a double free if some previous allocation fails. It can be \naccomplished either by a malloc failure or by using an interposed malloc\n that injects random malloc failures. The double free can allow buffer \nmanipulation depending of how the regex is constructed. This issue \naffects all architectures and ABIs supported by the GNU C library.", "Severity": "MEDIUM", "CweIDs": [ "CWE-415" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "V3Score": 4.2 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/23/1", "https://access.redhat.com/errata/RHSA-2025:12980", "https://access.redhat.com/security/cve/CVE-2025-8058", "https://bugzilla.redhat.com/2383146", "https://bugzilla.redhat.com/show_bug.cgi?id=2383146", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8058", "https://errata.almalinux.org/8/ALSA-2025-12980.html", "https://errata.rockylinux.org/RLSA-2025:12748", "https://linux.oracle.com/cve/CVE-2025-8058.html", "https://linux.oracle.com/errata/ELSA-2025-28054.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-8058", "https://sourceware.org/bugzilla/show_bug.cgi?id=33185", "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2025-0005", "https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f", "https://ubuntu.com/security/notices/USN-7760-1", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2025-8058" ], "PublishedDate": "2025-07-23T20:15:27.747Z", "LastModifiedDate": "2025-11-04T22:16:44.44Z" }, { "VulnerabilityID": "CVE-2026-0861", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0861", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:896afcc0f754d590f587ffcb332147f3dca321eaf197077d7878036d7f203d48", "Title": "glibc: Integer overflow in memalign leads to heap corruption", "Description": "Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption.\n\nNote that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for the alignment for memalign to the range [1\u003c\u003c62+ 1, 1\u003c\u003c63] and exactly 1\u003c\u003c63 for posix_memalign and aligned_alloc.\n\nTypically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice. An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/16/5", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2026-0861", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2026-0861.html", "https://linux.oracle.com/errata/ELSA-2026-50120.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-0861", "https://sourceware.org/bugzilla/show_bug.cgi?id=33796", "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0001", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2026-0861" ], "PublishedDate": "2026-01-14T21:15:52.617Z", "LastModifiedDate": "2026-02-03T18:26:25.39Z" }, { "VulnerabilityID": "CVE-2026-0915", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0915", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:57c74bb0d246a3cddcb3583ffea420c20cae3204c5595ce444034810b77a0bbd", "Title": "glibc: glibc: Information disclosure via zero-valued network query", "Description": "Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.", "Severity": "MEDIUM", "CweIDs": [ "CWE-908" ], "VendorSeverity": { "alma": 2, "azure": 1, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/16/6", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2026-0915", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2026-0915.html", "https://linux.oracle.com/errata/ELSA-2026-50174.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-0915", "https://sourceware.org/bugzilla/show_bug.cgi?id=33802", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2026-0915", "https://www.openwall.com/lists/oss-security/2026/01/16/6" ], "PublishedDate": "2026-01-15T22:16:12.457Z", "LastModifiedDate": "2026-01-23T19:36:50.73Z" }, { "VulnerabilityID": "CVE-2023-4806", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4806", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b900b4d50c2944cc9d9b0aae55311fd8033066de208f206294ca914143b44e59", "Title": "glibc: potential use-after-free in getaddrinfo()", "Description": "A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "Severity": "LOW", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/4", "http://www.openwall.com/lists/oss-security/2023/10/03/5", "http://www.openwall.com/lists/oss-security/2023/10/03/6", "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/errata/RHBA-2024:2413", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:7409", "https://access.redhat.com/security/cve/CVE-2023-4806", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4806.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4806", "https://security.gentoo.org/glsa/202310-03", "https://security.netapp.com/advisory/ntap-20240125-0008/", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-4806" ], "PublishedDate": "2023-09-18T17:15:55.813Z", "LastModifiedDate": "2025-09-26T12:15:32.717Z" }, { "VulnerabilityID": "CVE-2023-4813", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4813", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e7d7890583c9fa8bf207efcd38ab4fa3250ee94f751b2c8c810465e2dc833303", "Title": "glibc: potential use-after-free in gaih_inet()", "Description": "A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "Severity": "LOW", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/errata/RHBA-2024:2413", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:7409", "https://access.redhat.com/security/cve/CVE-2023-4813", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4813.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4813", "https://security.netapp.com/advisory/ntap-20231110-0003/", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-4813" ], "PublishedDate": "2023-09-12T22:15:08.277Z", "LastModifiedDate": "2025-09-26T12:15:34.583Z" }, { "VulnerabilityID": "CVE-2023-4911", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4911", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6319e2c66e44ac4b90e066ae9e1559cba56cbc1d86b89170cb15d5f4752041c2", "Title": "glibc: buffer overflow in ld.so leading to privilege escalation", "Description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "Severity": "HIGH", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 3 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html", "http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html", "http://seclists.org/fulldisclosure/2023/Oct/11", "http://www.openwall.com/lists/oss-security/2023/10/03/2", "http://www.openwall.com/lists/oss-security/2023/10/03/3", "http://www.openwall.com/lists/oss-security/2023/10/05/1", "http://www.openwall.com/lists/oss-security/2023/10/13/11", "http://www.openwall.com/lists/oss-security/2023/10/14/3", "http://www.openwall.com/lists/oss-security/2023/10/14/5", "http://www.openwall.com/lists/oss-security/2023/10/14/6", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5454", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:5476", "https://access.redhat.com/errata/RHSA-2024:0033", "https://access.redhat.com/security/cve/CVE-2023-4911", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4911.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4911", "https://security.gentoo.org/glsa/202310-03", "https://security.netapp.com/advisory/ntap-20231013-0006/", "https://ubuntu.com/security/notices/USN-6409-1", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911", "https://www.cve.org/CVERecord?id=CVE-2023-4911", "https://www.debian.org/security/2023/dsa-5514", "https://www.exploit-db.com/exploits/52479", "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt", "https://www.qualys.com/cve-2023-4911/" ], "PublishedDate": "2023-10-03T18:15:10.463Z", "LastModifiedDate": "2026-02-13T21:25:07.227Z" }, { "VulnerabilityID": "CVE-2023-5156", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-5156", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bf8d6accb8e6b8505111e2bd1c6590a5bb2aa43b774c3575b731ad06994b0900", "Title": "glibc: DoS due to memory leak in getaddrinfo.c", "Description": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "amazon": 1, "azure": 3, "cbl-mariner": 3, "nvd": 3, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/4", "http://www.openwall.com/lists/oss-security/2023/10/03/5", "http://www.openwall.com/lists/oss-security/2023/10/03/6", "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/security/cve/CVE-2023-5156", "https://bugzilla.redhat.com/show_bug.cgi?id=2240541", "https://nvd.nist.gov/vuln/detail/CVE-2023-5156", "https://security.gentoo.org/glsa/202402-01", "https://sourceware.org/bugzilla/show_bug.cgi?id=30884", "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796", "https://sourceware.org/pipermail/libc-alpha/2023-September/151691.html", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-5156" ], "PublishedDate": "2023-09-25T16:15:15.613Z", "LastModifiedDate": "2024-11-21T08:41:10.837Z" }, { "VulnerabilityID": "CVE-2024-2961", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-2961", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3cee74e61b8980d955ee48e2c3ec2220cb551cae643e98718c51a77acfab48cb", "Title": "glibc: Out of bounds write in iconv may lead to remote code execution", "Description": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/04/17/9", "http://www.openwall.com/lists/oss-security/2024/04/18/4", "http://www.openwall.com/lists/oss-security/2024/04/24/2", "http://www.openwall.com/lists/oss-security/2024/05/27/1", "http://www.openwall.com/lists/oss-security/2024/05/27/2", "http://www.openwall.com/lists/oss-security/2024/05/27/3", "http://www.openwall.com/lists/oss-security/2024/05/27/4", "http://www.openwall.com/lists/oss-security/2024/05/27/5", "http://www.openwall.com/lists/oss-security/2024/05/27/6", "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-2961", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://linux.oracle.com/cve/CVE-2024-2961.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/", "https://nvd.nist.gov/vuln/detail/CVE-2024-2961", "https://security.netapp.com/advisory/ntap-20240531-0002/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004", "https://ubuntu.com/security/notices/USN-6737-1", "https://ubuntu.com/security/notices/USN-6737-2", "https://ubuntu.com/security/notices/USN-6762-1", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p1", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p2", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p3", "https://www.cve.org/CVERecord?id=CVE-2024-2961", "https://www.openwall.com/lists/oss-security/2024/04/17/9" ], "PublishedDate": "2024-04-17T18:15:15.833Z", "LastModifiedDate": "2026-04-03T16:36:35.057Z" }, { "VulnerabilityID": "CVE-2024-33599", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33599", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0e20956ee428ffb85b3a0fe78851fa3ea1cd73b821f5adf0d9258db2358d0150", "Title": "glibc: stack-based buffer overflow in netgroup cache", "Description": "nscd: Stack-based buffer overflow in netgroup cache\n\nIf the Name Service Cache Daemon's (nscd) fixed size cache is exhausted\nby client requests then a subsequent client request for netgroup data\nmay result in a stack-based buffer overflow. This flaw was introduced\nin glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.6 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33599", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33599.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33599", "https://security.netapp.com/advisory/ntap-20240524-0011/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33599", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.437Z", "LastModifiedDate": "2025-06-18T14:56:01.037Z" }, { "VulnerabilityID": "CVE-2024-33600", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33600", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f09a1951bbdea08c6fc64866f2184e4177786798230bc4545ac7c95c1e31c8da", "Title": "glibc: null pointer dereferences after failed netgroup cache insertion", "Description": "nscd: Null pointer crashes after notfound response\n\nIf the Name Service Cache Daemon's (nscd) cache fails to add a not-found\nnetgroup response to the cache, the client request can result in a null\npointer dereference. This flaw was introduced in glibc 2.15 when the\ncache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33600", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33600.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33600", "https://security.netapp.com/advisory/ntap-20240524-0013/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33600", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.523Z", "LastModifiedDate": "2025-06-18T14:50:25.44Z" }, { "VulnerabilityID": "CVE-2024-33601", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33601", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:22dd3e46f51a789ed3487df59a7e46c504c1aa4fd2c5786980c3dc46f24e13dd", "Title": "glibc: netgroup cache may terminate daemon on memory allocation failure", "Description": "nscd: netgroup cache may terminate daemon on memory allocation failure\n\nThe Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or\nxrealloc and these functions may terminate the process due to a memory\nallocation failure resulting in a denial of service to the clients. The\nflaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-617" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33601", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33601.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33601", "https://security.netapp.com/advisory/ntap-20240524-0014/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33601", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.603Z", "LastModifiedDate": "2025-08-01T01:56:26.467Z" }, { "VulnerabilityID": "CVE-2024-33602", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33602", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0de95866316752ebe8c80d4a56c906bca834a7849b8006c0d3d14755c5ea3faf", "Title": "glibc: netgroup cache assumes NSS callback uses in-buffer strings", "Description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings\n\nThe Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory\nwhen the NSS callback does not store all strings in the provided buffer.\nThe flaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-466" ], "VendorSeverity": { "alma": 3, "amazon": 2, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33602", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33602.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33602", "https://security.netapp.com/advisory/ntap-20240524-0012/", "https://sourceware.org/bugzilla/show_bug.cgi?id=31680", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33602", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.68Z", "LastModifiedDate": "2025-06-18T14:40:48.823Z" }, { "VulnerabilityID": "CVE-2025-0395", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.9", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-0395", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bcb465122746417e18dff6e3c02bd452b9f19947d73e3ec72c548dbacac2448c", "Title": "glibc: buffer overflow in the GNU C Library's assert()", "Description": "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "Severity": "MEDIUM", "CweIDs": [ "CWE-131" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 1, "cbl-mariner": 1, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/01/22/4", "http://www.openwall.com/lists/oss-security/2025/01/23/2", "http://www.openwall.com/lists/oss-security/2025/04/13/1", "http://www.openwall.com/lists/oss-security/2025/04/24/7", "https://access.redhat.com/errata/RHSA-2025:4244", "https://access.redhat.com/security/cve/CVE-2025-0395", "https://bugzilla.redhat.com/2339460", "https://bugzilla.redhat.com/show_bug.cgi?id=2339460", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0395", "https://errata.almalinux.org/9/ALSA-2025-4244.html", "https://errata.rockylinux.org/RLSA-2025:4244", "https://linux.oracle.com/cve/CVE-2025-0395.html", "https://linux.oracle.com/errata/ELSA-2025-4244.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00039.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-0395", "https://security.netapp.com/advisory/ntap-20250228-0006/", "https://sourceware.org/bugzilla/show_bug.cgi?id=32582", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001", "https://sourceware.org/pipermail/libc-announce/2025/000044.html", "https://ubuntu.com/security/notices/USN-7259-1", "https://ubuntu.com/security/notices/USN-7259-2", "https://ubuntu.com/security/notices/USN-7259-3", "https://www.cve.org/CVERecord?id=CVE-2025-0395", "https://www.openwall.com/lists/oss-security/2025/01/22/4" ], "PublishedDate": "2025-01-22T13:15:20.933Z", "LastModifiedDate": "2026-02-04T21:15:56.993Z" }, { "VulnerabilityID": "CVE-2025-15281", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15281", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:315ec735cfec32de9df63cfa34449befd74d76c28ba1fe20afdccd1a79a5a548", "Title": "glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory", "Description": "Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.", "Severity": "MEDIUM", "CweIDs": [ "CWE-908" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/20/3", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2025-15281", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2025-15281.html", "https://linux.oracle.com/errata/ELSA-2026-50174.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-15281", "https://sourceware.org/bugzilla/show_bug.cgi?id=33814", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2025-15281", "https://www.openwall.com/lists/oss-security/2026/01/20/3" ], "PublishedDate": "2026-01-20T14:16:07.843Z", "LastModifiedDate": "2026-02-05T17:43:18.63Z" }, { "VulnerabilityID": "CVE-2025-4802", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.10", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-4802", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c7e5c73e1e0d10ef096517efeb21bf252ce47c1f262c25597c09386f0691403d", "Title": "glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH", "Description": "Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).", "Severity": "MEDIUM", "CweIDs": [ "CWE-426" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/05/16/7", "http://www.openwall.com/lists/oss-security/2025/05/17/2", "https://access.redhat.com/errata/RHSA-2025:8655", "https://access.redhat.com/security/cve/CVE-2025-4802", "https://bugzilla.redhat.com/2367468", "https://bugzilla.redhat.com/show_bug.cgi?id=2367468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802", "https://errata.almalinux.org/9/ALSA-2025-8655.html", "https://errata.rockylinux.org/RLSA-2025:8655", "https://inbox.sourceware.org/libc-announce/3ac997b0-28a5-4129-af53-675efe4c2dec@redhat.com/T/#u", "https://linux.oracle.com/cve/CVE-2025-4802.html", "https://linux.oracle.com/errata/ELSA-2025-8686.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00033.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-4802", "https://sourceware.org/bugzilla/show_bug.cgi?id=32976", "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e", "https://sourceware.org/cgit/glibc/commit/?id=5451fa962cd0a90a0e2ec1d8910a559ace02bba0", "https://ubuntu.com/security/notices/USN-7541-1", "https://www.cve.org/CVERecord?id=CVE-2025-4802", "https://www.openwall.com/lists/oss-security/2025/05/16/7", "https://www.openwall.com/lists/oss-security/2025/05/17/2" ], "PublishedDate": "2025-05-16T20:15:22.28Z", "LastModifiedDate": "2025-11-03T20:19:11.153Z" }, { "VulnerabilityID": "CVE-2025-8058", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.11", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-8058", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:42e60609a865063d2d39873d0501bffe90fc00d4fb60d6f6d34d50a86b6f844f", "Title": "glibc: Double free in glibc", "Description": "The regcomp function in the GNU C library version from 2.4 to 2.41 is \nsubject to a double free if some previous allocation fails. It can be \naccomplished either by a malloc failure or by using an interposed malloc\n that injects random malloc failures. The double free can allow buffer \nmanipulation depending of how the regex is constructed. This issue \naffects all architectures and ABIs supported by the GNU C library.", "Severity": "MEDIUM", "CweIDs": [ "CWE-415" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "V3Score": 4.2 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/23/1", "https://access.redhat.com/errata/RHSA-2025:12980", "https://access.redhat.com/security/cve/CVE-2025-8058", "https://bugzilla.redhat.com/2383146", "https://bugzilla.redhat.com/show_bug.cgi?id=2383146", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8058", "https://errata.almalinux.org/8/ALSA-2025-12980.html", "https://errata.rockylinux.org/RLSA-2025:12748", "https://linux.oracle.com/cve/CVE-2025-8058.html", "https://linux.oracle.com/errata/ELSA-2025-28054.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-8058", "https://sourceware.org/bugzilla/show_bug.cgi?id=33185", "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2025-0005", "https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f", "https://ubuntu.com/security/notices/USN-7760-1", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2025-8058" ], "PublishedDate": "2025-07-23T20:15:27.747Z", "LastModifiedDate": "2025-11-04T22:16:44.44Z" }, { "VulnerabilityID": "CVE-2026-0861", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0861", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1c16653a77eee0286c45359306701cdbcbaee4fc78fd9d492959d2466e23693a", "Title": "glibc: Integer overflow in memalign leads to heap corruption", "Description": "Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption.\n\nNote that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for the alignment for memalign to the range [1\u003c\u003c62+ 1, 1\u003c\u003c63] and exactly 1\u003c\u003c63 for posix_memalign and aligned_alloc.\n\nTypically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice. An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/16/5", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2026-0861", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2026-0861.html", "https://linux.oracle.com/errata/ELSA-2026-50120.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-0861", "https://sourceware.org/bugzilla/show_bug.cgi?id=33796", "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0001", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2026-0861" ], "PublishedDate": "2026-01-14T21:15:52.617Z", "LastModifiedDate": "2026-02-03T18:26:25.39Z" }, { "VulnerabilityID": "CVE-2026-0915", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0915", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f1c27332023ef24b294f20e88b04ed608b51cacd569464e67eb353115d89b427", "Title": "glibc: glibc: Information disclosure via zero-valued network query", "Description": "Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.", "Severity": "MEDIUM", "CweIDs": [ "CWE-908" ], "VendorSeverity": { "alma": 2, "azure": 1, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/16/6", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2026-0915", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2026-0915.html", "https://linux.oracle.com/errata/ELSA-2026-50174.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-0915", "https://sourceware.org/bugzilla/show_bug.cgi?id=33802", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2026-0915", "https://www.openwall.com/lists/oss-security/2026/01/16/6" ], "PublishedDate": "2026-01-15T22:16:12.457Z", "LastModifiedDate": "2026-01-23T19:36:50.73Z" }, { "VulnerabilityID": "CVE-2023-4806", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4806", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d4ef1b2cb2d73d420283d8b95de57a600c740b09ba61f64ceae934c7f604102f", "Title": "glibc: potential use-after-free in getaddrinfo()", "Description": "A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "Severity": "LOW", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/4", "http://www.openwall.com/lists/oss-security/2023/10/03/5", "http://www.openwall.com/lists/oss-security/2023/10/03/6", "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/errata/RHBA-2024:2413", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:7409", "https://access.redhat.com/security/cve/CVE-2023-4806", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4806.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4806", "https://security.gentoo.org/glsa/202310-03", "https://security.netapp.com/advisory/ntap-20240125-0008/", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-4806" ], "PublishedDate": "2023-09-18T17:15:55.813Z", "LastModifiedDate": "2025-09-26T12:15:32.717Z" }, { "VulnerabilityID": "CVE-2023-4813", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4813", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:42733444bae5a3a82b517ae8bf08ce2333c1ac8ea037421965a7d4790a01b2cc", "Title": "glibc: potential use-after-free in gaih_inet()", "Description": "A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "Severity": "LOW", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/errata/RHBA-2024:2413", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:7409", "https://access.redhat.com/security/cve/CVE-2023-4813", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4813.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4813", "https://security.netapp.com/advisory/ntap-20231110-0003/", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-4813" ], "PublishedDate": "2023-09-12T22:15:08.277Z", "LastModifiedDate": "2025-09-26T12:15:34.583Z" }, { "VulnerabilityID": "CVE-2023-2603", "PkgID": "libcap2@1:2.44-1build3", "PkgName": "libcap2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "bc5361cbf7d8d2e6", "BOMRef": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:2.44-1build3", "FixedVersion": "1:2.44-1ubuntu0.22.04.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-2603", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:96c28354bb5f865d2bb88abc5e5624a841c4f0c5f6daf4c7c6c1d15ca571fd16", "Title": "libcap: Integer Overflow in _libcap_strdup()", "Description": "A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:5071", "https://access.redhat.com/security/cve/CVE-2023-2603", "https://bugzilla.redhat.com/2209113", "https://bugzilla.redhat.com/2209114", "https://bugzilla.redhat.com/show_bug.cgi?id=2209113", "https://bugzilla.redhat.com/show_bug.cgi?id=2209114", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2602", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2603", "https://errata.almalinux.org/9/ALSA-2023-5071.html", "https://errata.rockylinux.org/RLSA-2023:4524", "https://linux.oracle.com/cve/CVE-2023-2603.html", "https://linux.oracle.com/errata/ELSA-2023-5071.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/", "https://nvd.nist.gov/vuln/detail/CVE-2023-2603", "https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.iuvg7sbjg8pe", "https://ubuntu.com/security/notices/USN-6166-1", "https://ubuntu.com/security/notices/USN-6166-2", "https://www.cve.org/CVERecord?id=CVE-2023-2603", "https://www.openwall.com/lists/oss-security/2023/05/15/4", "https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf" ], "PublishedDate": "2023-06-06T20:15:13.187Z", "LastModifiedDate": "2025-12-02T21:15:51.163Z" }, { "VulnerabilityID": "CVE-2025-1390", "PkgID": "libcap2@1:2.44-1build3", "PkgName": "libcap2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "bc5361cbf7d8d2e6", "BOMRef": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:2.44-1build3", "FixedVersion": "1:2.44-1ubuntu0.22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-1390", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e25861b09dd46f6a26b2dced4e4c8e413fb496b795f8ed5d8d42cf16ee8dc631", "Title": "libcap: pam_cap: Fix potential configuration parsing error", "Description": "The PAM module pam_cap.so of libcap configuration supports group names starting with “@”, during actual parsing, configurations not starting with “@” are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potentially leading to security risks. Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames.", "Severity": "MEDIUM", "CweIDs": [ "CWE-284" ], "VendorSeverity": { "amazon": 3, "azure": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "V3Score": 6.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-1390", "https://bugzilla.openanolis.cn/show_bug.cgi?id=18804", "https://nvd.nist.gov/vuln/detail/CVE-2025-1390", "https://ubuntu.com/security/notices/USN-7287-1", "https://www.cve.org/CVERecord?id=CVE-2025-1390" ], "PublishedDate": "2025-02-18T03:15:10.447Z", "LastModifiedDate": "2025-02-18T03:15:10.447Z" }, { "VulnerabilityID": "CVE-2023-2602", "PkgID": "libcap2@1:2.44-1build3", "PkgName": "libcap2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "bc5361cbf7d8d2e6", "BOMRef": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:2.44-1build3", "FixedVersion": "1:2.44-1ubuntu0.22.04.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-2602", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d269f1ce60b83e6380e6687838eb3b53e4289177acfbf4a036d3e2ca955a41ab", "Title": "libcap: Memory Leak on pthread_create() Error", "Description": "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "Severity": "LOW", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "alma": 2, "amazon": 1, "cbl-mariner": 1, "nvd": 1, "oracle-oval": 2, "photon": 1, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:5071", "https://access.redhat.com/security/cve/CVE-2023-2602", "https://bugzilla.redhat.com/2209113", "https://bugzilla.redhat.com/2209114", "https://bugzilla.redhat.com/show_bug.cgi?id=2209113", "https://bugzilla.redhat.com/show_bug.cgi?id=2209114", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2602", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2603", "https://errata.almalinux.org/9/ALSA-2023-5071.html", "https://errata.rockylinux.org/RLSA-2023:4524", "https://linux.oracle.com/cve/CVE-2023-2602.html", "https://linux.oracle.com/errata/ELSA-2023-5071.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/", "https://nvd.nist.gov/vuln/detail/CVE-2023-2602", "https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.iuvg7sbjg8pe", "https://ubuntu.com/security/notices/USN-6166-1", "https://www.cve.org/CVERecord?id=CVE-2023-2602", "https://www.openwall.com/lists/oss-security/2023/05/15/4", "https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf" ], "PublishedDate": "2023-06-06T20:15:12.76Z", "LastModifiedDate": "2024-11-21T07:58:54.713Z" }, { "VulnerabilityID": "CVE-2025-6297", "PkgID": "libdpkg-perl@1.21.1ubuntu2.1", "PkgName": "libdpkg-perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libdpkg-perl@1.21.1ubuntu2.1?arch=all\u0026distro=ubuntu-22.04", "UID": "8bb1e0d1f95b96fc", "BOMRef": "pkg:deb/ubuntu/libdpkg-perl@1.21.1ubuntu2.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.21.1ubuntu2.1", "FixedVersion": "1.21.1ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6297", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:da59dfc56fbeff7388a55b943ccbba7bf8c7db11835da7e71db0fd5a9d7ffb17", "Title": "It was discovered that dpkg-deb does not properly sanitize directory p ...", "Description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is\ndocumented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on\nadversarial .deb packages or with well compressible files, placed\ninside a directory with permissions not allowing removal by a non-root\nuser, this can end up in a DoS scenario due to causing disk quota\nexhaustion or disk full conditions.", "Severity": "LOW", "CweIDs": [ "CWE-400", "CWE-732" ], "VendorSeverity": { "ubuntu": 1 }, "References": [ "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ed6bbd445dd8800308c67236ba35d08004c98e82", "https://ubuntu.com/security/notices/USN-7768-1", "https://www.cve.org/CVERecord?id=CVE-2025-6297" ], "PublishedDate": "2025-07-01T17:15:30.177Z", "LastModifiedDate": "2025-08-19T17:50:38.047Z" }, { "VulnerabilityID": "CVE-2025-1372", "PkgID": "libelf1@0.186-1build1", "PkgName": "libelf1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1c5253ff706df94a", "BOMRef": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "0.186-1build1", "FixedVersion": "0.186-1ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-1372", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:fb6816245bebc990ee349a761df00c645edab2d1b7a15fc001444b5631d39b05", "Title": "elfutils: GNU elfutils eu-readelf readelf.c print_string_section buffer overflow", "Description": "A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-120" ], "VendorSeverity": { "amazon": 2, "azure": 2, "nvd": 3, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-1372", "https://nvd.nist.gov/vuln/detail/CVE-2025-1372", "https://sourceware.org/bugzilla/attachment.cgi?id=15927", "https://sourceware.org/bugzilla/show_bug.cgi?id=32656", "https://sourceware.org/bugzilla/show_bug.cgi?id=32656#c3", "https://sourceware.org/bugzilla/show_bug.cgi?id=32657", "https://ubuntu.com/security/notices/USN-7369-1", "https://vuldb.com/?ctiid.295981", "https://vuldb.com/?id.295981", "https://vuldb.com/?submit.496485", "https://www.cve.org/CVERecord?id=CVE-2025-1372", "https://www.gnu.org/" ], "PublishedDate": "2025-02-17T03:15:09.573Z", "LastModifiedDate": "2025-11-04T20:19:09.52Z" }, { "VulnerabilityID": "CVE-2025-1377", "PkgID": "libelf1@0.186-1build1", "PkgName": "libelf1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1c5253ff706df94a", "BOMRef": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "0.186-1build1", "FixedVersion": "0.186-1ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-1377", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8bafa11bc0e7ee91a4cb3f04f0cae03cf581bc78ecbb1ada6f44ae2886444aff", "Title": "elfutils: GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service", "Description": "A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-404" ], "VendorSeverity": { "azure": 1, "nvd": 2, "photon": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-1377", "https://nvd.nist.gov/vuln/detail/CVE-2025-1377", "https://sourceware.org/bugzilla/attachment.cgi?id=15941", "https://sourceware.org/bugzilla/show_bug.cgi?id=32673", "https://sourceware.org/bugzilla/show_bug.cgi?id=32673#c2", "https://ubuntu.com/security/notices/USN-7369-1", "https://vuldb.com/?ctiid.295985", "https://vuldb.com/?id.295985", "https://vuldb.com/?submit.497539", "https://www.cve.org/CVERecord?id=CVE-2025-1377", "https://www.gnu.org/" ], "PublishedDate": "2025-02-17T05:15:10.09Z", "LastModifiedDate": "2025-11-04T20:26:20.043Z" }, { "VulnerabilityID": "CVE-2025-1352", "PkgID": "libelf1@0.186-1build1", "PkgName": "libelf1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1c5253ff706df94a", "BOMRef": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "0.186-1build1", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-1352", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9262486df5b0afd30af126d0fe4963a15a2356194ad6cf809d459296cc84e3c3", "Title": "elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption", "Description": "A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue.", "Severity": "LOW", "CweIDs": [ "CWE-119" ], "VendorSeverity": { "amazon": 2, "azure": 1, "nvd": 3, "photon": 3, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "V3Score": 5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-1352", "https://nvd.nist.gov/vuln/detail/CVE-2025-1352", "https://sourceware.org/bugzilla/attachment.cgi?id=15923", "https://sourceware.org/bugzilla/show_bug.cgi?id=32650", "https://sourceware.org/bugzilla/show_bug.cgi?id=32650#c2", "https://vuldb.com/?ctiid.295960", "https://vuldb.com/?id.295960", "https://vuldb.com/?submit.495965", "https://www.cve.org/CVERecord?id=CVE-2025-1352", "https://www.gnu.org/" ], "PublishedDate": "2025-02-16T15:15:09.133Z", "LastModifiedDate": "2025-11-03T20:34:23.89Z" }, { "VulnerabilityID": "CVE-2025-1376", "PkgID": "libelf1@0.186-1build1", "PkgName": "libelf1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1c5253ff706df94a", "BOMRef": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "0.186-1build1", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-1376", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:235934a25fcb9f8bf77a95c9c6143d54b83f1a113356c3f55c46cb2982abdea8", "Title": "elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service", "Description": "A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue.", "Severity": "LOW", "CweIDs": [ "CWE-404" ], "VendorSeverity": { "azure": 1, "nvd": 2, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 4.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 2.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-1376", "https://nvd.nist.gov/vuln/detail/CVE-2025-1376", "https://sourceware.org/bugzilla/attachment.cgi?id=15940", "https://sourceware.org/bugzilla/show_bug.cgi?id=32672", "https://sourceware.org/bugzilla/show_bug.cgi?id=32672#c3", "https://vuldb.com/?ctiid.295984", "https://vuldb.com/?id.295984", "https://vuldb.com/?submit.497538", "https://www.cve.org/CVERecord?id=CVE-2025-1376", "https://www.gnu.org/" ], "PublishedDate": "2025-02-17T05:15:09.807Z", "LastModifiedDate": "2025-11-04T20:21:18.26Z" }, { "VulnerabilityID": "CVE-2023-52425", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-52425", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ef542bad4615d1b6ca305434ce119a5f958a552e99818b4d4d1b054e7d3cebcf", "Title": "expat: parsing large tokens can trigger a denial of service", "Description": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/20/5", "https://access.redhat.com/errata/RHSA-2024:1530", "https://access.redhat.com/security/cve/CVE-2023-52425", "https://bugzilla.redhat.com/2262877", "https://bugzilla.redhat.com/2268766", "https://bugzilla.redhat.com/show_bug.cgi?id=2262877", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52425", "https://errata.almalinux.org/9/ALSA-2024-1530.html", "https://errata.rockylinux.org/RLSA-2024:1615", "https://github.com/libexpat/libexpat/pull/789", "https://linux.oracle.com/cve/CVE-2023-52425.html", "https://linux.oracle.com/errata/ELSA-2024-4259.html", "https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/", "https://nvd.nist.gov/vuln/detail/CVE-2023-52425", "https://security.netapp.com/advisory/ntap-20240614-0003/", "https://ubuntu.com/security/notices/USN-6694-1", "https://www.cve.org/CVERecord?id=CVE-2023-52425" ], "PublishedDate": "2024-02-04T20:15:46.063Z", "LastModifiedDate": "2025-11-04T19:16:22.74Z" }, { "VulnerabilityID": "CVE-2024-28757", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28757", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:27e064b65f0f3af312ea490e7553bc1e8f0c4247b6725cda6578cb63e9568b39", "Title": "expat: XML Entity Expansion", "Description": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).", "Severity": "MEDIUM", "CweIDs": [ "CWE-776" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/15/1", "https://access.redhat.com/errata/RHSA-2024:1530", "https://access.redhat.com/security/cve/CVE-2024-28757", "https://bugzilla.redhat.com/2262877", "https://bugzilla.redhat.com/2268766", "https://errata.almalinux.org/9/ALSA-2024-1530.html", "https://github.com/libexpat/libexpat/issues/839", "https://github.com/libexpat/libexpat/pull/842", "https://linux.oracle.com/cve/CVE-2024-28757.html", "https://linux.oracle.com/errata/ELSA-2024-1530.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28757", "https://security.netapp.com/advisory/ntap-20240322-0001/", "https://ubuntu.com/security/notices/USN-6694-1", "https://www.cve.org/CVERecord?id=CVE-2024-28757" ], "PublishedDate": "2024-03-10T05:15:06.57Z", "LastModifiedDate": "2025-11-04T22:15:59.8Z" }, { "VulnerabilityID": "CVE-2024-45490", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-45490", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f1d2f699469bc08ea4ee4b0cedbf1633e8bc6451c3dc9d085ac23ac79ae1f64a", "Title": "libexpat: Negative Length Parsing Vulnerability in libexpat", "Description": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-611", "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Dec/10", "http://seclists.org/fulldisclosure/2024/Dec/12", "http://seclists.org/fulldisclosure/2024/Dec/6", "http://seclists.org/fulldisclosure/2024/Dec/7", "http://seclists.org/fulldisclosure/2024/Dec/8", "https://access.redhat.com/errata/RHSA-2024:6754", "https://access.redhat.com/security/cve/CVE-2024-45490", "https://bugzilla.redhat.com/2308615", "https://bugzilla.redhat.com/2308616", "https://bugzilla.redhat.com/2308617", "https://bugzilla.redhat.com/show_bug.cgi?id=2308615", "https://bugzilla.redhat.com/show_bug.cgi?id=2308616", "https://bugzilla.redhat.com/show_bug.cgi?id=2308617", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492", "https://errata.almalinux.org/9/ALSA-2024-6754.html", "https://errata.rockylinux.org/RLSA-2024:6754", "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes", "https://github.com/libexpat/libexpat/issues/887", "https://github.com/libexpat/libexpat/pull/890", "https://linux.oracle.com/cve/CVE-2024-45490.html", "https://linux.oracle.com/errata/ELSA-2024-6989.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-45490", "https://security.netapp.com/advisory/ntap-20241018-0004/", "https://ubuntu.com/security/notices/USN-7000-1", "https://ubuntu.com/security/notices/USN-7000-2", "https://ubuntu.com/security/notices/USN-7001-1", "https://ubuntu.com/security/notices/USN-7001-2", "https://www.cve.org/CVERecord?id=CVE-2024-45490" ], "PublishedDate": "2024-08-30T03:15:03.757Z", "LastModifiedDate": "2025-11-04T17:16:15.06Z" }, { "VulnerabilityID": "CVE-2024-45491", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-45491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:adac60ddea422dab981d894ae2ef2b67d2fb269939d23e0edda4e95867a3b9c9", "Title": "libexpat: Integer Overflow or Wraparound", "Description": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 2, "photon": 4, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6754", "https://access.redhat.com/security/cve/CVE-2024-45491", "https://bugzilla.redhat.com/2308615", "https://bugzilla.redhat.com/2308616", "https://bugzilla.redhat.com/2308617", "https://bugzilla.redhat.com/show_bug.cgi?id=2308615", "https://bugzilla.redhat.com/show_bug.cgi?id=2308616", "https://bugzilla.redhat.com/show_bug.cgi?id=2308617", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492", "https://errata.almalinux.org/9/ALSA-2024-6754.html", "https://errata.rockylinux.org/RLSA-2024:6754", "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes", "https://github.com/libexpat/libexpat/issues/888", "https://github.com/libexpat/libexpat/pull/891", "https://linux.oracle.com/cve/CVE-2024-45491.html", "https://linux.oracle.com/errata/ELSA-2024-8859.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-45491", "https://security.netapp.com/advisory/ntap-20241018-0003/", "https://ubuntu.com/security/notices/USN-7000-1", "https://ubuntu.com/security/notices/USN-7000-2", "https://ubuntu.com/security/notices/USN-7001-1", "https://ubuntu.com/security/notices/USN-7001-2", "https://www.cve.org/CVERecord?id=CVE-2024-45491" ], "PublishedDate": "2024-08-30T03:15:03.85Z", "LastModifiedDate": "2025-11-04T17:16:15.26Z" }, { "VulnerabilityID": "CVE-2024-45492", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-45492", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:33a6b101e183a1db7de91e181e0e2ce2348ace94f57159f5812bd21a7db8dfa6", "Title": "libexpat: integer overflow", "Description": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 2, "photon": 4, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6754", "https://access.redhat.com/security/cve/CVE-2024-45492", "https://bugzilla.redhat.com/2308615", "https://bugzilla.redhat.com/2308616", "https://bugzilla.redhat.com/2308617", "https://bugzilla.redhat.com/show_bug.cgi?id=2308615", "https://bugzilla.redhat.com/show_bug.cgi?id=2308616", "https://bugzilla.redhat.com/show_bug.cgi?id=2308617", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492", "https://errata.almalinux.org/9/ALSA-2024-6754.html", "https://errata.rockylinux.org/RLSA-2024:6754", "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes", "https://github.com/libexpat/libexpat/issues/889", "https://github.com/libexpat/libexpat/pull/892", "https://linux.oracle.com/cve/CVE-2024-45492.html", "https://linux.oracle.com/errata/ELSA-2024-6989.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-45492", "https://security.netapp.com/advisory/ntap-20241018-0005/", "https://ubuntu.com/security/notices/USN-7000-1", "https://ubuntu.com/security/notices/USN-7000-2", "https://www.cve.org/CVERecord?id=CVE-2024-45492" ], "PublishedDate": "2024-08-30T03:15:03.93Z", "LastModifiedDate": "2025-11-04T17:16:15.43Z" }, { "VulnerabilityID": "CVE-2024-50602", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-50602", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:223395b56423b27e5753b80dc67417b0343fda3fda9efc300b065f095f4ab96d", "Title": "libexpat: expat: DoS via XML_ResumeParser", "Description": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.", "Severity": "MEDIUM", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9541", "https://access.redhat.com/security/cve/CVE-2024-50602", "https://bugzilla.redhat.com/2321987", "https://bugzilla.redhat.com/show_bug.cgi?id=2321987", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50602", "https://docs.python.org/release/3.10.16/whatsnew/changelog.html", "https://docs.python.org/release/3.11.11/whatsnew/changelog.html#python-3-11-11", "https://docs.python.org/release/3.12.8/whatsnew/changelog.html#python-3-12-8", "https://docs.python.org/release/3.13.1/whatsnew/changelog.html#python-3-13-1", "https://docs.python.org/release/3.9.21/whatsnew/changelog.html", "https://errata.almalinux.org/9/ALSA-2024-9541.html", "https://errata.rockylinux.org/RLSA-2024:9502", "https://github.com/libexpat/libexpat/pull/915", "https://github.com/python/cpython/issues/126623", "https://linux.oracle.com/cve/CVE-2024-50602.html", "https://linux.oracle.com/errata/ELSA-2024-9541.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00040.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-50602", "https://security.netapp.com/advisory/ntap-20250404-0008/", "https://ubuntu.com/security/notices/USN-7145-1", "https://www.cve.org/CVERecord?id=CVE-2024-50602" ], "PublishedDate": "2024-10-27T05:15:04.09Z", "LastModifiedDate": "2025-10-15T17:54:22.117Z" }, { "VulnerabilityID": "CVE-2024-8176", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-8176", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c9413f738da4dadf76f57b74bdf7d651b545e9827623ef8130ccf898226ca170", "Title": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat", "Description": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://seclists.org/fulldisclosure/2025/May/10", "http://seclists.org/fulldisclosure/2025/May/11", "http://seclists.org/fulldisclosure/2025/May/12", "http://seclists.org/fulldisclosure/2025/May/6", "http://seclists.org/fulldisclosure/2025/May/7", "http://seclists.org/fulldisclosure/2025/May/8", "http://www.openwall.com/lists/oss-security/2025/03/15/1", "http://www.openwall.com/lists/oss-security/2025/09/24/11", "https://access.redhat.com/errata/RHSA-2025:13681", "https://access.redhat.com/errata/RHSA-2025:22033", "https://access.redhat.com/errata/RHSA-2025:22034", "https://access.redhat.com/errata/RHSA-2025:22035", "https://access.redhat.com/errata/RHSA-2025:22607", "https://access.redhat.com/errata/RHSA-2025:22785", "https://access.redhat.com/errata/RHSA-2025:22842", "https://access.redhat.com/errata/RHSA-2025:22871", "https://access.redhat.com/errata/RHSA-2025:3531", "https://access.redhat.com/errata/RHSA-2025:3734", "https://access.redhat.com/errata/RHSA-2025:3913", "https://access.redhat.com/errata/RHSA-2025:4048", "https://access.redhat.com/errata/RHSA-2025:4446", "https://access.redhat.com/errata/RHSA-2025:4447", "https://access.redhat.com/errata/RHSA-2025:4448", "https://access.redhat.com/errata/RHSA-2025:4449", "https://access.redhat.com/errata/RHSA-2025:7444", "https://access.redhat.com/errata/RHSA-2025:7512", "https://access.redhat.com/errata/RHSA-2025:8385", "https://access.redhat.com/security/cve/CVE-2024-8176", "https://blog.hartwork.org/posts/expat-2-7-0-released/", "https://bugzilla.redhat.com/2310137", "https://bugzilla.redhat.com/show_bug.cgi?id=2310137", "https://bugzilla.suse.com/show_bug.cgi?id=1239618", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8176", "https://errata.almalinux.org/9/ALSA-2025-7444.html", "https://errata.rockylinux.org/RLSA-2025:7444", "https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52", "https://github.com/libexpat/libexpat/issues/893", "https://github.com/libexpat/libexpat/pull/973", "https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53", "https://linux.oracle.com/cve/CVE-2024-8176.html", "https://linux.oracle.com/errata/ELSA-2025-7512.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-8176", "https://security-tracker.debian.org/tracker/CVE-2024-8176", "https://security.netapp.com/advisory/ntap-20250328-0009/", "https://ubuntu.com/security/CVE-2024-8176", "https://ubuntu.com/security/notices/USN-7424-1", "https://www.cve.org/CVERecord?id=CVE-2024-8176", "https://www.kb.cert.org/vuls/id/760160" ], "PublishedDate": "2025-03-14T09:15:14.157Z", "LastModifiedDate": "2026-03-20T03:15:58.12Z" }, { "VulnerabilityID": "CVE-2025-66382", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-66382", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:557811a139b6f1e5e3ba5b9868d0bdfc19f914d0dc6318b1d8641f54a944adfc", "Title": "libexpat: libexpat: Denial of service via crafted file processing", "Description": "In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "nvd": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 2.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/12/02/1", "https://access.redhat.com/security/cve/CVE-2025-66382", "https://github.com/libexpat/libexpat/issues/1076", "https://nvd.nist.gov/vuln/detail/CVE-2025-66382", "https://www.cve.org/CVERecord?id=CVE-2025-66382" ], "PublishedDate": "2025-11-28T07:15:57.9Z", "LastModifiedDate": "2025-12-19T16:05:03.557Z" }, { "VulnerabilityID": "CVE-2026-24515", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-24515", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:61027dd715f17893e5d9c70c8a5614e63c72a6fbba8bd3535a141e079ce2d98d", "Title": "libexpat: libexpat null pointer dereference", "Description": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.", "Severity": "MEDIUM", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "nvd": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 2.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 2.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-24515", "https://github.com/libexpat/libexpat/pull/1131", "https://nvd.nist.gov/vuln/detail/CVE-2026-24515", "https://ubuntu.com/security/notices/USN-8022-1", "https://ubuntu.com/security/notices/USN-8022-2", "https://ubuntu.com/security/notices/USN-8023-1", "https://www.cve.org/CVERecord?id=CVE-2026-24515" ], "PublishedDate": "2026-01-23T08:16:01.49Z", "LastModifiedDate": "2026-02-05T17:27:53.29Z" }, { "VulnerabilityID": "CVE-2026-25210", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25210", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:cdfd4bf00caa411196501b80e245bf1edcc5e42d44c7e9be6dc24bd60b844e0f", "Title": "libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation", "Description": "In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 3, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "V3Score": 6.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-25210", "https://github.com/libexpat/libexpat/pull/1075", "https://github.com/libexpat/libexpat/pull/1075/commits/9c2d990389e6abe2e44527eeaa8b39f16fe859c7", "https://nvd.nist.gov/vuln/detail/CVE-2026-25210", "https://ubuntu.com/security/notices/USN-8022-1", "https://ubuntu.com/security/notices/USN-8022-2", "https://ubuntu.com/security/notices/USN-8023-1", "https://www.cve.org/CVERecord?id=CVE-2026-25210" ], "PublishedDate": "2026-01-30T07:16:15.57Z", "LastModifiedDate": "2026-03-10T18:17:12.78Z" }, { "VulnerabilityID": "CVE-2022-27943", "PkgID": "libgcc-s1@12.1.0-2ubuntu1~22.04", "PkgName": "libgcc-s1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0c93d2000807a7", "BOMRef": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-27943", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2267f6e934dee478c1969406a5d94e837bbf509471e5966e8ac8424876c06a11", "Title": "binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const", "Description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "Severity": "LOW", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 1, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V2Score": 4.3, "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-27943", "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead", "https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "https://sourceware.org/bugzilla/show_bug.cgi?id=28995", "https://www.cve.org/CVERecord?id=CVE-2022-27943" ], "PublishedDate": "2022-03-26T13:15:07.9Z", "LastModifiedDate": "2024-11-21T06:56:31.04Z" }, { "VulnerabilityID": "CVE-2023-4039", "PkgID": "libgcc-s1@12.1.0-2ubuntu1~22.04", "PkgName": "libgcc-s1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0c93d2000807a7", "BOMRef": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "FixedVersion": "12.3.0-1ubuntu1~22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4039", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:af1d6ec01174e4c46c1302a2eead3f2207a4342395427c1288a1b60718f37cdc", "Title": "gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64", "Description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "Severity": "LOW", "CweIDs": [ "CWE-693" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-4039", "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64", "https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt", "https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html", "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf", "https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org", "https://linux.oracle.com/cve/CVE-2023-4039.html", "https://linux.oracle.com/errata/ELSA-2023-28766.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4039", "https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html", "https://ubuntu.com/security/notices/USN-7700-1", "https://www.cve.org/CVERecord?id=CVE-2023-4039" ], "PublishedDate": "2023-09-13T09:15:15.69Z", "LastModifiedDate": "2025-02-13T17:17:14.717Z" }, { "VulnerabilityID": "CVE-2024-2236", "PkgID": "libgcrypt20@1.9.4-3ubuntu3", "PkgName": "libgcrypt20", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgcrypt20@1.9.4-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "2491cdf860298798", "BOMRef": "pkg:deb/ubuntu/libgcrypt20@1.9.4-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.9.4-3ubuntu3", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-2236", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f2c8d2d51a858ff4b3f4d81d2be6e25fd987f92fbddd0337fc1be40427485be5", "Title": "libgcrypt: vulnerable to Marvin Attack", "Description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "Severity": "LOW", "CweIDs": [ "CWE-385" ], "VendorSeverity": { "alma": 2, "amazon": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9404", "https://access.redhat.com/errata/RHSA-2025:3530", "https://access.redhat.com/errata/RHSA-2025:3534", "https://access.redhat.com/security/cve/CVE-2024-2236", "https://bugzilla.redhat.com/2245218", "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", "https://bugzilla.redhat.com/show_bug.cgi?id=2268268", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236", "https://dev.gnupg.org/T7136", "https://errata.almalinux.org/9/ALSA-2024-9404.html", "https://errata.rockylinux.org/RLSA-2024:9404", "https://github.com/tomato42/marvin-toolkit/tree/master/example/libgcrypt", "https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/17", "https://linux.oracle.com/cve/CVE-2024-2236.html", "https://linux.oracle.com/errata/ELSA-2024-9404.html", "https://lists.gnupg.org/pipermail/gcrypt-devel/2024-March/005607.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", "https://www.cve.org/CVERecord?id=CVE-2024-2236" ], "PublishedDate": "2024-03-06T22:15:57.977Z", "LastModifiedDate": "2026-02-25T20:17:20.547Z" }, { "VulnerabilityID": "CVE-2023-29499", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29499", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7284987ce4fdcde67219febf81f4d4f25e83db9c259369814b09aec96afe4a50", "Title": "glib: GVariant offset table entry size is not checked in is_normal()", "Description": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 1, "amazon": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2528", "https://access.redhat.com/security/cve/CVE-2023-29499", "https://bugzilla.redhat.com/2211827", "https://bugzilla.redhat.com/2211828", "https://bugzilla.redhat.com/2211829", "https://bugzilla.redhat.com/2211833", "https://bugzilla.redhat.com/show_bug.cgi?id=2211828", "https://errata.almalinux.org/9/ALSA-2024-2528.html", "https://gitlab.gnome.org/GNOME/glib/-/issues/2794", "https://linux.oracle.com/cve/CVE-2023-29499.html", "https://linux.oracle.com/errata/ELSA-2024-2528.html", "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-29499", "https://security.gentoo.org/glsa/202311-18", "https://security.netapp.com/advisory/ntap-20231103-0001/", "https://ubuntu.com/security/notices/USN-6165-1", "https://ubuntu.com/security/notices/USN-6165-2", "https://www.cve.org/CVERecord?id=CVE-2023-29499" ], "PublishedDate": "2023-09-14T20:15:09.42Z", "LastModifiedDate": "2024-11-21T07:57:10.807Z" }, { "VulnerabilityID": "CVE-2023-32611", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-32611", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:db2e6c8b1eab9fa5852d5c4463f153cea5c370beeeab6aa4b1d9e1027b201f07", "Title": "glib: g_variant_byteswap() can take a long time with some non-normal inputs", "Description": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 1, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2528", "https://access.redhat.com/security/cve/CVE-2023-32611", "https://bugzilla.redhat.com/2211827", "https://bugzilla.redhat.com/2211828", "https://bugzilla.redhat.com/2211829", "https://bugzilla.redhat.com/2211833", "https://bugzilla.redhat.com/show_bug.cgi?id=2211829", "https://errata.almalinux.org/9/ALSA-2024-2528.html", "https://gitlab.gnome.org/GNOME/glib/-/issues/2797", "https://linux.oracle.com/cve/CVE-2023-32611.html", "https://linux.oracle.com/errata/ELSA-2024-2528.html", "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-32611", "https://security.gentoo.org/glsa/202311-18", "https://security.netapp.com/advisory/ntap-20231027-0005/", "https://ubuntu.com/security/notices/USN-6165-1", "https://ubuntu.com/security/notices/USN-6165-2", "https://www.cve.org/CVERecord?id=CVE-2023-32611" ], "PublishedDate": "2023-09-14T20:15:09.55Z", "LastModifiedDate": "2024-11-21T08:03:41.77Z" }, { "VulnerabilityID": "CVE-2023-32636", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-32636", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1819f9ea3bb1a894a08c221dd2ece45754f1d4302cad94e2f044e87e18608e42", "Title": "glib: Timeout in fuzz_variant_text", "Description": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-502" ], "VendorSeverity": { "alma": 1, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2528", "https://access.redhat.com/security/cve/CVE-2023-32636", "https://bugzilla.redhat.com/2211827", "https://bugzilla.redhat.com/2211828", "https://bugzilla.redhat.com/2211829", "https://bugzilla.redhat.com/2211833", "https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835", "https://errata.almalinux.org/9/ALSA-2024-2528.html", "https://gitlab.gnome.org/GNOME/glib/-/issues/2841", "https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835", "https://linux.oracle.com/cve/CVE-2023-32636.html", "https://linux.oracle.com/errata/ELSA-2024-2528.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-32636", "https://security.netapp.com/advisory/ntap-20231110-0002/", "https://ubuntu.com/security/notices/USN-6165-1", "https://ubuntu.com/security/notices/USN-6165-2", "https://www.cve.org/CVERecord?id=CVE-2023-32636" ], "PublishedDate": "2023-09-14T20:15:09.653Z", "LastModifiedDate": "2024-11-21T08:03:44.8Z" }, { "VulnerabilityID": "CVE-2023-32643", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-32643", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4cbb24b0bf2222d02aef4307cdee8c73e770f3a0b742181e8cb8c707b6b49dab", "Title": "glib: Heap-buffer-overflow in g_variant_serialised_get_child", "Description": "A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "amazon": 3, "cbl-mariner": 3, "nvd": 3, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-32643", "https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835", "https://gitlab.gnome.org/GNOME/glib/-/issues/2840", "https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835", "https://nvd.nist.gov/vuln/detail/CVE-2023-32643", "https://security.netapp.com/advisory/ntap-20240426-0005/", "https://ubuntu.com/security/notices/USN-6165-1", "https://ubuntu.com/security/notices/USN-6165-2", "https://www.cve.org/CVERecord?id=CVE-2023-32643" ], "PublishedDate": "2023-09-14T20:15:09.77Z", "LastModifiedDate": "2024-11-21T08:03:45.57Z" }, { "VulnerabilityID": "CVE-2023-32665", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-32665", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:39eb99e3c6b7b0276239c03f14c6f954c29623d943577beec027c9c63038195e", "Title": "glib: GVariant deserialisation does not match spec for non-normal data", "Description": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-502" ], "VendorSeverity": { "alma": 1, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2528", "https://access.redhat.com/security/cve/CVE-2023-32665", "https://bugzilla.redhat.com/2211827", "https://bugzilla.redhat.com/2211828", "https://bugzilla.redhat.com/2211829", "https://bugzilla.redhat.com/2211833", "https://bugzilla.redhat.com/show_bug.cgi?id=2211827", "https://errata.almalinux.org/9/ALSA-2024-2528.html", "https://gitlab.gnome.org/GNOME/glib/-/issues/2121", "https://linux.oracle.com/cve/CVE-2023-32665.html", "https://linux.oracle.com/errata/ELSA-2024-2528.html", "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-32665", "https://security.gentoo.org/glsa/202311-18", "https://security.netapp.com/advisory/ntap-20240426-0006/", "https://ubuntu.com/security/notices/USN-6165-1", "https://ubuntu.com/security/notices/USN-6165-2", "https://www.cve.org/CVERecord?id=CVE-2023-32665" ], "PublishedDate": "2023-09-14T20:15:09.883Z", "LastModifiedDate": "2024-11-21T08:03:48.437Z" }, { "VulnerabilityID": "CVE-2024-34397", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-34397", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5824b0ebfa350ca42384f8b94f4c0457634948a4948ca48f81293ec868f8883f", "Title": "glib2: Signal subscription vulnerabilities", "Description": "An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.", "Severity": "MEDIUM", "CweIDs": [ "CWE-290" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "V3Score": 3.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9442", "https://access.redhat.com/security/cve/CVE-2024-34397", "https://bugzilla.redhat.com/2279632", "https://bugzilla.redhat.com/show_bug.cgi?id=2279632", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34397", "https://discourse.gnome.org/t/security-fixes-for-signal-handling-in-gdbus-in-glib/20882/1", "https://errata.almalinux.org/9/ALSA-2024-9442.html", "https://errata.rockylinux.org/RLSA-2024:6464", "https://gitlab.gnome.org/GNOME/glib/-/issues/3268", "https://linux.oracle.com/cve/CVE-2024-34397.html", "https://linux.oracle.com/errata/ELSA-2025-11327.html", "https://lists.debian.org/debian-lts-announce/2024/05/msg00008.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRSFYAE5X23TNRWX7ZWEJOMISLCDSYNS/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCDY3KA7G7D3DRXYTT46K6LFHS2KHWBH/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LL6HSJDXCXMLEIJBYV6CPOR4K2NTCTXW/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UNFJHISR4O6VFOHBFWH5I5WWMG37H63A/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IRSFYAE5X23TNRWX7ZWEJOMISLCDSYNS/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCDY3KA7G7D3DRXYTT46K6LFHS2KHWBH/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LL6HSJDXCXMLEIJBYV6CPOR4K2NTCTXW/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNFJHISR4O6VFOHBFWH5I5WWMG37H63A/", "https://nvd.nist.gov/vuln/detail/CVE-2024-34397", "https://security.netapp.com/advisory/ntap-20240531-0008/", "https://ubuntu.com/security/notices/USN-6768-1", "https://www.cve.org/CVERecord?id=CVE-2024-34397", "https://www.openwall.com/lists/oss-security/2024/05/07/5" ], "PublishedDate": "2024-05-07T18:15:08.35Z", "LastModifiedDate": "2025-11-04T22:16:01.24Z" }, { "VulnerabilityID": "CVE-2024-52533", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.4", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-52533", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f91b73113c7a430136bc5dbefaa2aa9f084f5397cc0eb1bba6eac1f085eec6bd", "Title": "glib: buffer overflow in set_connect_msg()", "Description": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\\0' character.", "Severity": "MEDIUM", "CweIDs": [ "CWE-120" ], "VendorSeverity": { "alma": 2, "azure": 4, "cbl-mariner": 4, "oracle-oval": 2, "photon": 4, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/11/12/11", "https://access.redhat.com/errata/RHSA-2025:11140", "https://access.redhat.com/security/cve/CVE-2024-52533", "https://bugzilla.redhat.com/2325340", "https://bugzilla.redhat.com/2364265", "https://bugzilla.redhat.com/show_bug.cgi?id=2325340", "https://bugzilla.redhat.com/show_bug.cgi?id=2364265", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52533", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4373", "https://errata.almalinux.org/9/ALSA-2025-11140.html", "https://errata.rockylinux.org/RLSA-2025:11140", "https://gitlab.gnome.org/GNOME/glib/-/issues/3461", "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1", "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", "https://linux.oracle.com/cve/CVE-2024-52533.html", "https://linux.oracle.com/errata/ELSA-2025-11327.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00020.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-52533", "https://security.netapp.com/advisory/ntap-20241206-0009/", "https://ubuntu.com/security/notices/USN-7114-1", "https://www.cve.org/CVERecord?id=CVE-2024-52533" ], "PublishedDate": "2024-11-11T23:15:05.967Z", "LastModifiedDate": "2025-06-17T01:23:56.15Z" }, { "VulnerabilityID": "CVE-2025-13601", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.7", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13601", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:975793296c50414346a20aaa172605ec636351e364fd3e96d8ab0f60adef7863", "Title": "glib: Integer overflow in in g_escape_uri_string()", "Description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "V3Score": 7.7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:0936", "https://access.redhat.com/errata/RHSA-2026:0975", "https://access.redhat.com/errata/RHSA-2026:0991", "https://access.redhat.com/errata/RHSA-2026:1323", "https://access.redhat.com/errata/RHSA-2026:1324", "https://access.redhat.com/errata/RHSA-2026:1326", "https://access.redhat.com/errata/RHSA-2026:1327", "https://access.redhat.com/errata/RHSA-2026:1465", "https://access.redhat.com/errata/RHSA-2026:1608", "https://access.redhat.com/errata/RHSA-2026:1624", "https://access.redhat.com/errata/RHSA-2026:1625", "https://access.redhat.com/errata/RHSA-2026:1626", "https://access.redhat.com/errata/RHSA-2026:1627", "https://access.redhat.com/errata/RHSA-2026:1652", "https://access.redhat.com/errata/RHSA-2026:1736", "https://access.redhat.com/errata/RHSA-2026:2064", "https://access.redhat.com/errata/RHSA-2026:2072", "https://access.redhat.com/errata/RHSA-2026:2485", "https://access.redhat.com/errata/RHSA-2026:2563", "https://access.redhat.com/errata/RHSA-2026:2633", "https://access.redhat.com/errata/RHSA-2026:2659", "https://access.redhat.com/errata/RHSA-2026:2671", "https://access.redhat.com/errata/RHSA-2026:2974", "https://access.redhat.com/errata/RHSA-2026:3415", "https://access.redhat.com/errata/RHSA-2026:4419", "https://access.redhat.com/security/cve/CVE-2025-13601", "https://bugzilla.redhat.com/2416741", "https://bugzilla.redhat.com/show_bug.cgi?id=2416741", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601", "https://errata.almalinux.org/9/ALSA-2026-0936.html", "https://errata.rockylinux.org/RLSA-2026:0936", "https://gitlab.gnome.org/GNOME/glib/-/issues/3827", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914", "https://linux.oracle.com/cve/CVE-2025-13601.html", "https://linux.oracle.com/errata/ELSA-2026-1608.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-13601", "https://ubuntu.com/security/notices/USN-7942-1", "https://ubuntu.com/security/notices/USN-7942-2", "https://www.cve.org/CVERecord?id=CVE-2025-13601" ], "PublishedDate": "2025-11-26T15:15:51.723Z", "LastModifiedDate": "2026-03-19T06:16:24.557Z" }, { "VulnerabilityID": "CVE-2025-14087", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.7", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-14087", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6efb4788c8e70c5c9962407b568c42ce52163d2839bebd5e097c1b3f9a87762e", "Title": "glib: GLib: Buffer underflow in GVariant parser leads to heap corruption", "Description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "amazon": 3, "azure": 2, "cbl-mariner": 2, "nvd": 4, "photon": 4, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-14087", "https://bugzilla.redhat.com/show_bug.cgi?id=2419093", "https://gitlab.gnome.org/GNOME/glib/-/issues/3834", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4933", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4934", "https://nvd.nist.gov/vuln/detail/CVE-2025-14087", "https://ubuntu.com/security/notices/USN-7942-1", "https://ubuntu.com/security/notices/USN-7942-2", "https://www.cve.org/CVERecord?id=CVE-2025-14087" ], "PublishedDate": "2025-12-10T09:15:47.053Z", "LastModifiedDate": "2026-03-18T17:16:03.597Z" }, { "VulnerabilityID": "CVE-2025-14512", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.7", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-14512", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bbe419b8d86597e1d7fba68dadb844d3d9f3d8d68b5070e7be84c91e25ef2a30", "Title": "glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow", "Description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "azure": 2, "cbl-mariner": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-14512", "https://bugzilla.redhat.com/show_bug.cgi?id=2421339", "https://gitlab.gnome.org/GNOME/glib/-/issues/3845", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4935", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4936", "https://nvd.nist.gov/vuln/detail/CVE-2025-14512", "https://www.cve.org/CVERecord?id=CVE-2025-14512" ], "PublishedDate": "2025-12-11T07:16:00.463Z", "LastModifiedDate": "2026-03-19T10:16:16.66Z" }, { "VulnerabilityID": "CVE-2025-4373", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.5", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-4373", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0ec62bf8335088925bcc680583adf0dc94c1f4949be7a806d875cbe5049c5073", "Title": "glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar", "Description": "A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.", "Severity": "MEDIUM", "CweIDs": [ "CWE-124" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:10855", "https://access.redhat.com/errata/RHSA-2025:11140", "https://access.redhat.com/errata/RHSA-2025:11327", "https://access.redhat.com/errata/RHSA-2025:11373", "https://access.redhat.com/errata/RHSA-2025:11374", "https://access.redhat.com/errata/RHSA-2025:11662", "https://access.redhat.com/errata/RHSA-2025:12275", "https://access.redhat.com/errata/RHSA-2025:13335", "https://access.redhat.com/errata/RHSA-2025:14988", "https://access.redhat.com/errata/RHSA-2025:14989", "https://access.redhat.com/errata/RHSA-2025:14990", "https://access.redhat.com/errata/RHSA-2025:14991", "https://access.redhat.com/security/cve/CVE-2025-4373", "https://bugzilla.redhat.com/2325340", "https://bugzilla.redhat.com/2364265", "https://bugzilla.redhat.com/show_bug.cgi?id=2325340", "https://bugzilla.redhat.com/show_bug.cgi?id=2364265", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52533", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4373", "https://errata.almalinux.org/9/ALSA-2025-11140.html", "https://errata.rockylinux.org/RLSA-2025:11140", "https://gitlab.gnome.org/GNOME/glib/-/issues/3677", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4588", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4592", "https://linux.oracle.com/cve/CVE-2025-4373.html", "https://linux.oracle.com/errata/ELSA-2025-11327.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-4373", "https://ubuntu.com/security/notices/USN-7532-1", "https://www.cve.org/CVERecord?id=CVE-2025-4373" ], "PublishedDate": "2025-05-06T15:16:05.32Z", "LastModifiedDate": "2025-09-02T03:15:41.65Z" }, { "VulnerabilityID": "CVE-2026-0988", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.8", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0988", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:474081fe7d8160126f49dda970a050c8c0425cf93723c1148fd61dc95b07e0af", "Title": "glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek()", "Description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0988", "https://bugzilla.redhat.com/show_bug.cgi?id=2429886", "https://gitlab.gnome.org/GNOME/glib/-/issues/3851", "https://nvd.nist.gov/vuln/detail/CVE-2026-0988", "https://ubuntu.com/security/notices/USN-7971-1", "https://www.cve.org/CVERecord?id=CVE-2026-0988" ], "PublishedDate": "2026-01-21T12:15:55.56Z", "LastModifiedDate": "2026-03-19T10:16:17.323Z" }, { "VulnerabilityID": "CVE-2026-1484", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.9", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1484", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4f0e7c258c31a1b70387487fdc0e04cc974878ceadd781e3c4daee2782156bd0", "Title": "Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode()", "Description": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "azure": 1, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "V3Score": 4.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1484", "https://bugzilla.redhat.com/show_bug.cgi?id=2433259", "https://gitlab.gnome.org/GNOME/glib/-/issues/3870", "https://nvd.nist.gov/vuln/detail/CVE-2026-1484", "https://ubuntu.com/security/notices/USN-8017-1", "https://www.cve.org/CVERecord?id=CVE-2026-1484" ], "PublishedDate": "2026-01-27T14:15:56.05Z", "LastModifiedDate": "2026-03-19T10:16:17.51Z" }, { "VulnerabilityID": "CVE-2026-1485", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.9", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1485", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:01c5eb5f3c84b5e200543d0784f3b7a7e689864d22031e7524aa600f5b14c986", "Title": "Glib: Glib: Local denial of service via buffer underflow in content type parsing", "Description": "A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.", "Severity": "MEDIUM", "CweIDs": [ "CWE-124" ], "VendorSeverity": { "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "V3Score": 2.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1485", "https://bugzilla.redhat.com/show_bug.cgi?id=2433325", "https://gitlab.gnome.org/GNOME/glib/-/issues/3871", "https://nvd.nist.gov/vuln/detail/CVE-2026-1485", "https://ubuntu.com/security/notices/USN-8017-1", "https://www.cve.org/CVERecord?id=CVE-2026-1485" ], "PublishedDate": "2026-01-27T14:15:56.223Z", "LastModifiedDate": "2026-03-18T17:16:05.69Z" }, { "VulnerabilityID": "CVE-2026-1489", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.9", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1489", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0d454ce526dba10192f7b71a786645719af034ba24d5692df2d35272beb3ac8b", "Title": "Glib: GLib: Memory corruption via integer overflow in Unicode case conversion", "Description": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "azure": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "V3Score": 5.4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1489", "https://bugzilla.redhat.com/show_bug.cgi?id=2433348", "https://gitlab.gnome.org/GNOME/glib/-/issues/3872", "https://nvd.nist.gov/vuln/detail/CVE-2026-1489", "https://ubuntu.com/security/notices/USN-8017-1", "https://www.cve.org/CVERecord?id=CVE-2026-1489" ], "PublishedDate": "2026-01-27T15:15:57.37Z", "LastModifiedDate": "2026-03-19T10:16:17.693Z" }, { "VulnerabilityID": "CVE-2025-3360", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.7", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-3360", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6ebe98ee6749c205a398b71df38ffe67ae47b6d7964b2674c748ab8cf1c4b249", "Title": "glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601().", "Description": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.", "Severity": "LOW", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "amazon": 3, "azure": 1, "cbl-mariner": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-3360", "https://bugzilla.redhat.com/show_bug.cgi?id=2357754", "https://lists.debian.org/debian-lts-announce/2025/04/msg00024.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-3360", "https://ubuntu.com/security/notices/USN-7942-1", "https://ubuntu.com/security/notices/USN-7942-2", "https://www.cve.org/CVERecord?id=CVE-2025-3360" ], "PublishedDate": "2025-04-07T13:15:43.687Z", "LastModifiedDate": "2025-04-14T12:15:16.087Z" }, { "VulnerabilityID": "CVE-2025-7039", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.7", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-7039", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:935127f9900203b638a6c6c6c7ab25b04297d13061e69873feb3642dd1328a7c", "Title": "glib: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file()", "Description": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.", "Severity": "LOW", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-7039", "https://bugzilla.redhat.com/show_bug.cgi?id=2392423", "https://nvd.nist.gov/vuln/detail/CVE-2025-7039", "https://ubuntu.com/security/notices/USN-7942-1", "https://ubuntu.com/security/notices/USN-7942-2", "https://www.cve.org/CVERecord?id=CVE-2025-7039" ], "PublishedDate": "2025-09-03T02:15:38.12Z", "LastModifiedDate": "2025-09-04T15:36:56.447Z" }, { "VulnerabilityID": "CVE-2023-5981", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-5981", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:fc690e59b81a6f9185a33f6c3d1d6d4b5b291ad16281a7d7ab0af287a9c99c3d", "Title": "gnutls: timing side-channel in the RSA-PSK authentication", "Description": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.", "Severity": "MEDIUM", "CweIDs": [ "CWE-208", "CWE-203" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/19/3", "https://access.redhat.com/errata/RHSA-2024:0155", "https://access.redhat.com/errata/RHSA-2024:0319", "https://access.redhat.com/errata/RHSA-2024:0399", "https://access.redhat.com/errata/RHSA-2024:0451", "https://access.redhat.com/errata/RHSA-2024:0533", "https://access.redhat.com/errata/RHSA-2024:1383", "https://access.redhat.com/errata/RHSA-2024:2094", "https://access.redhat.com/security/cve/CVE-2023-5981", "https://bugzilla.redhat.com/2248445", "https://bugzilla.redhat.com/2258412", "https://bugzilla.redhat.com/2258544", "https://bugzilla.redhat.com/show_bug.cgi?id=2248445", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5981", "https://errata.almalinux.org/9/ALSA-2024-0533.html", "https://errata.rockylinux.org/RLSA-2024:0155", "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23", "https://linux.oracle.com/cve/CVE-2023-5981.html", "https://linux.oracle.com/errata/ELSA-2024-12336.html", "https://lists.debian.org/debian-lts-announce/2023/11/msg00016.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/", "https://lists.gnupg.org/pipermail/gnutls-help/2023-November/004837.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-5981", "https://ubuntu.com/security/notices/USN-6499-1", "https://ubuntu.com/security/notices/USN-6499-2", "https://www.cve.org/CVERecord?id=CVE-2023-5981" ], "PublishedDate": "2023-11-28T12:15:07.04Z", "LastModifiedDate": "2026-03-25T20:01:09.507Z" }, { "VulnerabilityID": "CVE-2024-0553", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-0553", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:65b8a6b923ef1171e268a9fa2cbccaae0729679e0aaae913855f098454db6116", "Title": "gnutls: incomplete fix for CVE-2023-5981", "Description": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", "Severity": "MEDIUM", "CweIDs": [ "CWE-203" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/19/3", "https://access.redhat.com/errata/RHSA-2024:0533", "https://access.redhat.com/errata/RHSA-2024:0627", "https://access.redhat.com/errata/RHSA-2024:0796", "https://access.redhat.com/errata/RHSA-2024:1082", "https://access.redhat.com/errata/RHSA-2024:1108", "https://access.redhat.com/errata/RHSA-2024:1383", "https://access.redhat.com/errata/RHSA-2024:2094", "https://access.redhat.com/security/cve/CVE-2024-0553", "https://bugzilla.redhat.com/2248445", "https://bugzilla.redhat.com/2258412", "https://bugzilla.redhat.com/2258544", "https://bugzilla.redhat.com/show_bug.cgi?id=2258412", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0553", "https://errata.almalinux.org/9/ALSA-2024-0533.html", "https://errata.rockylinux.org/RLSA-2024:0627", "https://gitlab.com/gnutls/gnutls/-/issues/1522", "https://gnutls.org/security-new.html#GNUTLS-SA-2024-01-14", "https://linux.oracle.com/cve/CVE-2024-0553.html", "https://linux.oracle.com/errata/ELSA-2024-12336.html", "https://lists.debian.org/debian-lts-announce/2024/02/msg00010.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/", "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-0553", "https://security.netapp.com/advisory/ntap-20240202-0011/", "https://ubuntu.com/security/notices/USN-6593-1", "https://www.cve.org/CVERecord?id=CVE-2024-0553" ], "PublishedDate": "2024-01-16T12:15:45.557Z", "LastModifiedDate": "2026-03-24T12:16:10.683Z" }, { "VulnerabilityID": "CVE-2024-0567", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-0567", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ef192a8e96e0b1ad63e3fb8862d739c6bdc63bbed9a2ab33de5de59aef0ccc34", "Title": "gnutls: rejects certificate chain with distributed trust", "Description": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", "Severity": "MEDIUM", "CweIDs": [ "CWE-347" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/19/3", "https://access.redhat.com/errata/RHSA-2024:0533", "https://access.redhat.com/errata/RHSA-2024:1082", "https://access.redhat.com/errata/RHSA-2024:1383", "https://access.redhat.com/errata/RHSA-2024:2094", "https://access.redhat.com/security/cve/CVE-2024-0567", "https://bugzilla.redhat.com/2248445", "https://bugzilla.redhat.com/2258412", "https://bugzilla.redhat.com/2258544", "https://bugzilla.redhat.com/show_bug.cgi?id=2258544", "https://errata.almalinux.org/9/ALSA-2024-0533.html", "https://gitlab.com/gnutls/gnutls/-/issues/1521", "https://gnutls.org/security-new.html#GNUTLS-SA-2024-01-09", "https://linux.oracle.com/cve/CVE-2024-0567.html", "https://linux.oracle.com/errata/ELSA-2024-12336.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/", "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-0567", "https://security.netapp.com/advisory/ntap-20240202-0011/", "https://ubuntu.com/security/notices/USN-6593-1", "https://www.cve.org/CVERecord?id=CVE-2024-0567" ], "PublishedDate": "2024-01-16T14:15:48.527Z", "LastModifiedDate": "2024-11-21T08:46:53.563Z" }, { "VulnerabilityID": "CVE-2024-12243", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-12243", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:eb135c2d287e45931e262344d9e497e527f109660cc25a3f85240080031e5f4c", "Title": "gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS", "Description": "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:17361", "https://access.redhat.com/errata/RHSA-2025:4051", "https://access.redhat.com/errata/RHSA-2025:7076", "https://access.redhat.com/errata/RHSA-2025:8020", "https://access.redhat.com/errata/RHSA-2025:8385", "https://access.redhat.com/security/cve/CVE-2024-12243", "https://bugzilla.redhat.com/2344615", "https://bugzilla.redhat.com/show_bug.cgi?id=2344615", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12243", "https://errata.almalinux.org/9/ALSA-2025-7076.html", "https://errata.rockylinux.org/RLSA-2025:7076", "https://gitlab.com/gnutls/gnutls/-/issues/1553", "https://gitlab.com/gnutls/libtasn1/-/issues/52", "https://linux.oracle.com/cve/CVE-2024-12243.html", "https://linux.oracle.com/errata/ELSA-2025-7076.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00027.html", "https://lists.gnupg.org/pipermail/gnutls-help/2025-February/004875.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-12243", "https://security.netapp.com/advisory/ntap-20250523-0002/", "https://ubuntu.com/security/notices/USN-7281-1", "https://www.cve.org/CVERecord?id=CVE-2024-12243", "https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-02-07" ], "PublishedDate": "2025-02-10T16:15:37.423Z", "LastModifiedDate": "2026-03-24T23:17:07.753Z" }, { "VulnerabilityID": "CVE-2024-28834", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28834", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:608885757eea231f675ce3a75caf36768107ae7d4d790c69f51a432e5b2358ec", "Title": "gnutls: vulnerable to Minerva side-channel information leak", "Description": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.", "Severity": "MEDIUM", "CweIDs": [ "CWE-327" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/22/1", "http://www.openwall.com/lists/oss-security/2024/03/22/2", "https://access.redhat.com/errata/RHSA-2024:1784", "https://access.redhat.com/errata/RHSA-2024:1879", "https://access.redhat.com/errata/RHSA-2024:1997", "https://access.redhat.com/errata/RHSA-2024:2044", "https://access.redhat.com/errata/RHSA-2024:2570", "https://access.redhat.com/errata/RHSA-2024:2889", "https://access.redhat.com/security/cve/CVE-2024-28834", "https://bugzilla.redhat.com/2269084", "https://bugzilla.redhat.com/2269228", "https://bugzilla.redhat.com/show_bug.cgi?id=2269084", "https://bugzilla.redhat.com/show_bug.cgi?id=2269228", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28834", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28835", "https://errata.almalinux.org/9/ALSA-2024-2570.html", "https://errata.rockylinux.org/RLSA-2024:2570", "https://linux.oracle.com/cve/CVE-2024-28834.html", "https://linux.oracle.com/errata/ELSA-2024-2570.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00019.html", "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html", "https://minerva.crocs.fi.muni.cz/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28834", "https://people.redhat.com/~hkario/marvin/", "https://security.netapp.com/advisory/ntap-20240524-0004/", "https://ubuntu.com/security/notices/USN-6733-1", "https://ubuntu.com/security/notices/USN-6733-2", "https://www.cve.org/CVERecord?id=CVE-2024-28834", "https://www.gnutls.org/security-new.html#GNUTLS-SA-2023-12-04" ], "PublishedDate": "2024-03-21T14:15:07.547Z", "LastModifiedDate": "2025-11-04T17:15:49.793Z" }, { "VulnerabilityID": "CVE-2024-28835", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28835", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:993af3d84668e60c44e0bb0c162e9661d1d6d59fea541facdfaf7fb566020793", "Title": "gnutls: potential crash during chain building/verification", "Description": "A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the \"certtool --verify-chain\" command.", "Severity": "MEDIUM", "CweIDs": [ "CWE-248" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/22/1", "http://www.openwall.com/lists/oss-security/2024/03/22/2", "https://access.redhat.com/errata/RHSA-2024:1879", "https://access.redhat.com/errata/RHSA-2024:2570", "https://access.redhat.com/errata/RHSA-2024:2889", "https://access.redhat.com/security/cve/CVE-2024-28835", "https://bugzilla.redhat.com/2269084", "https://bugzilla.redhat.com/2269228", "https://bugzilla.redhat.com/show_bug.cgi?id=2269084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28834", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28835", "https://errata.almalinux.org/9/ALSA-2024-2570.html", "https://errata.rockylinux.org/RLSA-2024:2570", "https://linux.oracle.com/cve/CVE-2024-28835.html", "https://linux.oracle.com/errata/ELSA-2024-2570.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00019.html", "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-28835", "https://security.netapp.com/advisory/ntap-20241122-0009/", "https://ubuntu.com/security/notices/USN-6733-1", "https://ubuntu.com/security/notices/USN-6733-2", "https://www.cve.org/CVERecord?id=CVE-2024-28835", "https://www.gnutls.org/security-new.html#GNUTLS-SA-2024-01-23" ], "PublishedDate": "2024-03-21T06:15:45.113Z", "LastModifiedDate": "2025-11-04T17:15:50Z" }, { "VulnerabilityID": "CVE-2025-14831", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-14831", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3d13222b78a31ec818fb038a2b7649b47bee993576c63ca81fa586d46a5df7ea", "Title": "gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification", "Description": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:3477", "https://access.redhat.com/errata/RHSA-2026:4188", "https://access.redhat.com/errata/RHSA-2026:4655", "https://access.redhat.com/errata/RHSA-2026:4943", "https://access.redhat.com/errata/RHSA-2026:5585", "https://access.redhat.com/errata/RHSA-2026:5606", "https://access.redhat.com/security/cve/CVE-2025-14831", "https://bugzilla.redhat.com/2392528", "https://bugzilla.redhat.com/2423177", "https://bugzilla.redhat.com/show_bug.cgi?id=2392528", "https://bugzilla.redhat.com/show_bug.cgi?id=2423177", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14831", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9820", "https://errata.almalinux.org/9/ALSA-2026-4188.html", "https://errata.rockylinux.org/RLSA-2026:4188", "https://gitlab.com/gnutls/gnutls/-/issues/1773", "https://linux.oracle.com/cve/CVE-2025-14831.html", "https://linux.oracle.com/errata/ELSA-2026-5585.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-14831", "https://ubuntu.com/security/notices/USN-8043-1", "https://www.cve.org/CVERecord?id=CVE-2025-14831" ], "PublishedDate": "2026-02-09T15:16:09.937Z", "LastModifiedDate": "2026-03-24T11:16:21.903Z" }, { "VulnerabilityID": "CVE-2025-32988", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32988", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f13eb700dcdf1d54c9937ef67f1d81596e61d5c292d07637d294d6683431848b", "Title": "gnutls: Vulnerability in GnuTLS otherName SAN export", "Description": "A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure.\n\nThis vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.", "Severity": "MEDIUM", "CweIDs": [ "CWE-415" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 8.2 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 6.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/11/3", "https://access.redhat.com/errata/RHSA-2025:16115", "https://access.redhat.com/errata/RHSA-2025:16116", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:17348", "https://access.redhat.com/errata/RHSA-2025:17361", "https://access.redhat.com/errata/RHSA-2025:17415", "https://access.redhat.com/errata/RHSA-2025:19088", "https://access.redhat.com/errata/RHSA-2025:22529", "https://access.redhat.com/security/cve/CVE-2025-32988", "https://bugzilla.redhat.com/2359620", "https://bugzilla.redhat.com/2359621", "https://bugzilla.redhat.com/2359622", "https://bugzilla.redhat.com/2376755", "https://bugzilla.redhat.com/show_bug.cgi?id=2359620", "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", "https://bugzilla.redhat.com/show_bug.cgi?id=2359622", "https://bugzilla.redhat.com/show_bug.cgi?id=2376755", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6395", "https://errata.almalinux.org/9/ALSA-2025-16116.html", "https://errata.rockylinux.org/RLSA-2025:16116", "https://linux.oracle.com/cve/CVE-2025-32988.html", "https://linux.oracle.com/errata/ELSA-2025-20606.html", "https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html", "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-32988", "https://ubuntu.com/security/notices/USN-7635-1", "https://ubuntu.com/security/notices/USN-7742-1", "https://www.cve.org/CVERecord?id=CVE-2025-32988" ], "PublishedDate": "2025-07-10T08:15:24.223Z", "LastModifiedDate": "2026-03-26T17:16:26.463Z" }, { "VulnerabilityID": "CVE-2025-32989", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32989", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6b68cf7ed80304dd8c49f2ca4722ed7dbf884c88b43a9638790ed43ffad4eee6", "Title": "gnutls: Vulnerability in GnuTLS SCT extension parsing", "Description": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.", "Severity": "MEDIUM", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/11/3", "https://access.redhat.com/errata/RHSA-2025:16115", "https://access.redhat.com/errata/RHSA-2025:16116", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:17348", "https://access.redhat.com/errata/RHSA-2025:17361", "https://access.redhat.com/errata/RHSA-2025:19088", "https://access.redhat.com/errata/RHSA-2025:22529", "https://access.redhat.com/security/cve/CVE-2025-32989", "https://bugzilla.redhat.com/2359620", "https://bugzilla.redhat.com/2359621", "https://bugzilla.redhat.com/2359622", "https://bugzilla.redhat.com/2376755", "https://bugzilla.redhat.com/show_bug.cgi?id=2359620", "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", "https://bugzilla.redhat.com/show_bug.cgi?id=2359622", "https://bugzilla.redhat.com/show_bug.cgi?id=2376755", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6395", "https://errata.almalinux.org/9/ALSA-2025-16116.html", "https://errata.rockylinux.org/RLSA-2025:16116", "https://linux.oracle.com/cve/CVE-2025-32989.html", "https://linux.oracle.com/errata/ELSA-2025-20606.html", "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-32989", "https://ubuntu.com/security/notices/USN-7635-1", "https://www.cve.org/CVERecord?id=CVE-2025-32989" ], "PublishedDate": "2025-07-10T08:15:24.43Z", "LastModifiedDate": "2025-12-01T22:15:48.027Z" }, { "VulnerabilityID": "CVE-2025-32990", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32990", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d26154d638636bfb904a79942f2c50d1ddc221eb7ffbf0178d176101c76d08ff", "Title": "gnutls: Vulnerability in GnuTLS certtool template parsing", "Description": "A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 8.2 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/11/3", "https://access.redhat.com/errata/RHSA-2025:16115", "https://access.redhat.com/errata/RHSA-2025:16116", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:17348", "https://access.redhat.com/errata/RHSA-2025:17361", "https://access.redhat.com/errata/RHSA-2025:17415", "https://access.redhat.com/errata/RHSA-2025:19088", "https://access.redhat.com/errata/RHSA-2025:22529", "https://access.redhat.com/security/cve/CVE-2025-32990", "https://bugzilla.redhat.com/2359620", "https://bugzilla.redhat.com/2359621", "https://bugzilla.redhat.com/2359622", "https://bugzilla.redhat.com/2376755", "https://bugzilla.redhat.com/show_bug.cgi?id=2359620", "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", "https://bugzilla.redhat.com/show_bug.cgi?id=2359622", "https://bugzilla.redhat.com/show_bug.cgi?id=2376755", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6395", "https://errata.almalinux.org/9/ALSA-2025-16116.html", "https://errata.rockylinux.org/RLSA-2025:16116", "https://linux.oracle.com/cve/CVE-2025-32990.html", "https://linux.oracle.com/errata/ELSA-2025-20606.html", "https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html", "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-32990", "https://ubuntu.com/security/notices/USN-7635-1", "https://ubuntu.com/security/notices/USN-7742-1", "https://www.cve.org/CVERecord?id=CVE-2025-32990" ], "PublishedDate": "2025-07-10T10:15:33.06Z", "LastModifiedDate": "2025-12-01T22:15:48.2Z" }, { "VulnerabilityID": "CVE-2025-6395", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6395", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:64b107997b27d3efe74cd56ea9788ba4b20ef2003472607f8e95e03a5cfd41e2", "Title": "gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()", "Description": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().", "Severity": "MEDIUM", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 6.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/11/3", "https://access.redhat.com/errata/RHSA-2025:16115", "https://access.redhat.com/errata/RHSA-2025:16116", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:17348", "https://access.redhat.com/errata/RHSA-2025:17361", "https://access.redhat.com/errata/RHSA-2025:17415", "https://access.redhat.com/errata/RHSA-2025:19088", "https://access.redhat.com/errata/RHSA-2025:22529", "https://access.redhat.com/security/cve/CVE-2025-6395", "https://bugzilla.redhat.com/2359620", "https://bugzilla.redhat.com/2359621", "https://bugzilla.redhat.com/2359622", "https://bugzilla.redhat.com/2376755", "https://bugzilla.redhat.com/show_bug.cgi?id=2359620", "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", "https://bugzilla.redhat.com/show_bug.cgi?id=2359622", "https://bugzilla.redhat.com/show_bug.cgi?id=2376755", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6395", "https://errata.almalinux.org/9/ALSA-2025-16116.html", "https://errata.rockylinux.org/RLSA-2025:16116", "https://linux.oracle.com/cve/CVE-2025-6395.html", "https://linux.oracle.com/errata/ELSA-2025-20606.html", "https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html", "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6395", "https://ubuntu.com/security/notices/USN-7635-1", "https://ubuntu.com/security/notices/USN-7742-1", "https://www.cve.org/CVERecord?id=CVE-2025-6395" ], "PublishedDate": "2025-07-10T16:15:25.11Z", "LastModifiedDate": "2025-12-01T22:15:51.513Z" }, { "VulnerabilityID": "CVE-2025-9820", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-9820", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:742ad4341924fea25b8b7dd18c716cf1daa77c5e153d721ab0ec3587aac0bfac", "Title": "gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function", "Description": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.", "Severity": "LOW", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/11/20/2", "https://access.redhat.com/errata/RHSA-2026:3477", "https://access.redhat.com/errata/RHSA-2026:4188", "https://access.redhat.com/errata/RHSA-2026:4655", "https://access.redhat.com/errata/RHSA-2026:4943", "https://access.redhat.com/errata/RHSA-2026:5585", "https://access.redhat.com/errata/RHSA-2026:5606", "https://access.redhat.com/security/cve/CVE-2025-9820", "https://bugzilla.redhat.com/2392528", "https://bugzilla.redhat.com/2423177", "https://bugzilla.redhat.com/show_bug.cgi?id=2392528", "https://bugzilla.redhat.com/show_bug.cgi?id=2423177", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14831", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9820", "https://errata.almalinux.org/9/ALSA-2026-4188.html", "https://errata.rockylinux.org/RLSA-2026:4188", "https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5", "https://gitlab.com/gnutls/gnutls/-/issues/1732", "https://linux.oracle.com/cve/CVE-2025-9820.html", "https://linux.oracle.com/errata/ELSA-2026-5585.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-9820", "https://ubuntu.com/security/notices/USN-8043-1", "https://www.cve.org/CVERecord?id=CVE-2025-9820", "https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18" ], "PublishedDate": "2026-01-26T20:16:09.37Z", "LastModifiedDate": "2026-03-24T11:16:22.723Z" }, { "VulnerabilityID": "CVE-2023-36054", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-36054", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7f17c7734f2bc4f8e5031ba42fb0c19f7d4359f4078e99a6a7e6b76fbd6c06dc", "Title": "krb5: Denial of service through freeing uninitialized pointer", "Description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "Severity": "MEDIUM", "CweIDs": [ "CWE-824" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6699", "https://access.redhat.com/security/cve/CVE-2023-36054", "https://bugzilla.redhat.com/2230178", "https://bugzilla.redhat.com/2232682", "https://errata.almalinux.org/9/ALSA-2023-6699.html", "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", "https://linux.oracle.com/cve/CVE-2023-36054.html", "https://linux.oracle.com/errata/ELSA-2023-6699.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-36054", "https://security.netapp.com/advisory/ntap-20230908-0004/", "https://ubuntu.com/security/notices/USN-6467-1", "https://ubuntu.com/security/notices/USN-6467-2", "https://web.mit.edu/kerberos/www/advisories/", "https://www.cve.org/CVERecord?id=CVE-2023-36054" ], "PublishedDate": "2023-08-07T19:15:09.84Z", "LastModifiedDate": "2024-11-21T08:09:15.227Z" }, { "VulnerabilityID": "CVE-2024-3596", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-3596", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:91566c7699b6d5d5dd816785f676f713e6b96377f9560eda4e3a5075825da8d3", "Title": "freeradius: forgery attack", "Description": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.", "Severity": "MEDIUM", "CweIDs": [ "CWE-354", "CWE-924" ], "VendorSeverity": { "alma": 3, "amazon": 3, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/09/4", "https://access.redhat.com/errata/RHSA-2024:9474", "https://access.redhat.com/security/cve/CVE-2024-3596", "https://bugzilla.redhat.com/2263240", "https://bugzilla.redhat.com/show_bug.cgi?id=2263240", "https://cert-portal.siemens.com/productcert/html/ssa-723487.html", "https://cert-portal.siemens.com/productcert/html/ssa-794185.html", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3596", "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/", "https://datatracker.ietf.org/doc/html/rfc2865", "https://errata.almalinux.org/9/ALSA-2024-9474.html", "https://errata.rockylinux.org/RLSA-2024:9474", "https://kb.cert.org/vince/comm/case/1515/", "https://linux.oracle.com/cve/CVE-2024-3596.html", "https://linux.oracle.com/errata/ELSA-2024-9474.html", "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf", "https://nvd.nist.gov/vuln/detail/CVE-2024-3596", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014", "https://security.netapp.com/advisory/ntap-20240822-0001/", "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol", "https://ubuntu.com/security/notices/USN-7055-1", "https://ubuntu.com/security/notices/USN-7257-1", "https://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt", "https://www.blastradius.fail/", "https://www.cve.org/CVERecord?id=CVE-2024-3596", "https://www.kb.cert.org/vuls/id/456537" ], "PublishedDate": "2024-07-09T12:15:20.7Z", "LastModifiedDate": "2025-11-04T18:16:31.367Z" }, { "VulnerabilityID": "CVE-2024-37370", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37370", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:cb0c0cf22d88c9a23b062a9882779f32d3b25cd85b954b591bc7cc80e8b46fce", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "Severity": "MEDIUM", "CweIDs": [ "CWE-345" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6166", "https://access.redhat.com/security/cve/CVE-2024-37370", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2294677", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2294677", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://errata.almalinux.org/9/ALSA-2024-6166.html", "https://errata.rockylinux.org/RLSA-2024:5312", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37370.html", "https://linux.oracle.com/errata/ELSA-2024-6166.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37370", "https://security.netapp.com/advisory/ntap-20241108-0007/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37370" ], "PublishedDate": "2024-06-28T22:15:02.293Z", "LastModifiedDate": "2026-02-18T16:22:27.4Z" }, { "VulnerabilityID": "CVE-2024-37371", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37371", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a2ec64eeb46ca4b50e87bb7d3e2b7c9ce0176cc3855e50b0b53c31ea2d6c1c38", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:1671", "https://access.redhat.com/security/cve/CVE-2024-37371", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2301888", "https://bugzilla.redhat.com/2318857", "https://bugzilla.redhat.com/2318858", "https://bugzilla.redhat.com/2318870", "https://bugzilla.redhat.com/2318873", "https://bugzilla.redhat.com/2318874", "https://bugzilla.redhat.com/2318876", "https://bugzilla.redhat.com/2318882", "https://bugzilla.redhat.com/2318883", "https://bugzilla.redhat.com/2318884", "https://bugzilla.redhat.com/2318885", "https://bugzilla.redhat.com/2318886", "https://bugzilla.redhat.com/2318897", "https://bugzilla.redhat.com/2318900", "https://bugzilla.redhat.com/2318905", "https://bugzilla.redhat.com/2318914", "https://bugzilla.redhat.com/2318922", "https://bugzilla.redhat.com/2318923", "https://bugzilla.redhat.com/2318925", "https://bugzilla.redhat.com/2318926", "https://bugzilla.redhat.com/2318927", "https://bugzilla.redhat.com/2331191", "https://bugzilla.redhat.com/2339218", "https://bugzilla.redhat.com/2339220", "https://bugzilla.redhat.com/2339221", "https://bugzilla.redhat.com/2339226", "https://bugzilla.redhat.com/2339231", "https://bugzilla.redhat.com/2339236", "https://bugzilla.redhat.com/2339238", "https://bugzilla.redhat.com/2339243", "https://bugzilla.redhat.com/2339247", "https://bugzilla.redhat.com/2339252", "https://bugzilla.redhat.com/2339259", "https://bugzilla.redhat.com/2339266", "https://bugzilla.redhat.com/2339270", "https://bugzilla.redhat.com/2339271", "https://bugzilla.redhat.com/2339275", "https://bugzilla.redhat.com/2339277", "https://bugzilla.redhat.com/2339281", "https://bugzilla.redhat.com/2339284", "https://bugzilla.redhat.com/2339291", "https://bugzilla.redhat.com/2339293", "https://bugzilla.redhat.com/2339295", "https://bugzilla.redhat.com/2339299", "https://bugzilla.redhat.com/2339300", "https://bugzilla.redhat.com/2339304", "https://bugzilla.redhat.com/2339305", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "https://bugzilla.redhat.com/show_bug.cgi?id=2318857", "https://bugzilla.redhat.com/show_bug.cgi?id=2318858", "https://bugzilla.redhat.com/show_bug.cgi?id=2318870", "https://bugzilla.redhat.com/show_bug.cgi?id=2318873", "https://bugzilla.redhat.com/show_bug.cgi?id=2318874", "https://bugzilla.redhat.com/show_bug.cgi?id=2318876", "https://bugzilla.redhat.com/show_bug.cgi?id=2318882", "https://bugzilla.redhat.com/show_bug.cgi?id=2318883", "https://bugzilla.redhat.com/show_bug.cgi?id=2318884", "https://bugzilla.redhat.com/show_bug.cgi?id=2318885", "https://bugzilla.redhat.com/show_bug.cgi?id=2318886", "https://bugzilla.redhat.com/show_bug.cgi?id=2318897", "https://bugzilla.redhat.com/show_bug.cgi?id=2318900", "https://bugzilla.redhat.com/show_bug.cgi?id=2318905", "https://bugzilla.redhat.com/show_bug.cgi?id=2318914", "https://bugzilla.redhat.com/show_bug.cgi?id=2318922", "https://bugzilla.redhat.com/show_bug.cgi?id=2318923", "https://bugzilla.redhat.com/show_bug.cgi?id=2318925", "https://bugzilla.redhat.com/show_bug.cgi?id=2318926", "https://bugzilla.redhat.com/show_bug.cgi?id=2318927", "https://bugzilla.redhat.com/show_bug.cgi?id=2331191", "https://bugzilla.redhat.com/show_bug.cgi?id=2339218", "https://bugzilla.redhat.com/show_bug.cgi?id=2339220", "https://bugzilla.redhat.com/show_bug.cgi?id=2339221", "https://bugzilla.redhat.com/show_bug.cgi?id=2339226", "https://bugzilla.redhat.com/show_bug.cgi?id=2339231", "https://bugzilla.redhat.com/show_bug.cgi?id=2339236", "https://bugzilla.redhat.com/show_bug.cgi?id=2339238", "https://bugzilla.redhat.com/show_bug.cgi?id=2339243", "https://bugzilla.redhat.com/show_bug.cgi?id=2339247", "https://bugzilla.redhat.com/show_bug.cgi?id=2339252", "https://bugzilla.redhat.com/show_bug.cgi?id=2339259", "https://bugzilla.redhat.com/show_bug.cgi?id=2339266", "https://bugzilla.redhat.com/show_bug.cgi?id=2339270", "https://bugzilla.redhat.com/show_bug.cgi?id=2339271", "https://bugzilla.redhat.com/show_bug.cgi?id=2339275", "https://bugzilla.redhat.com/show_bug.cgi?id=2339277", "https://bugzilla.redhat.com/show_bug.cgi?id=2339281", "https://bugzilla.redhat.com/show_bug.cgi?id=2339284", "https://bugzilla.redhat.com/show_bug.cgi?id=2339291", "https://bugzilla.redhat.com/show_bug.cgi?id=2339293", "https://bugzilla.redhat.com/show_bug.cgi?id=2339295", "https://bugzilla.redhat.com/show_bug.cgi?id=2339299", "https://bugzilla.redhat.com/show_bug.cgi?id=2339300", "https://bugzilla.redhat.com/show_bug.cgi?id=2339304", "https://bugzilla.redhat.com/show_bug.cgi?id=2339305", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21193", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21194", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21197", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21198", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21201", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21203", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21212", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21213", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21218", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21219", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21230", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21231", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21236", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21238", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21239", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21241", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21247", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21497", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21500", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21501", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21503", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21504", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21505", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21518", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21519", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21520", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21521", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21522", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21525", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21529", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21531", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21534", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21536", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21540", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21543", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21546", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21555", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21559", "https://errata.almalinux.org/9/ALSA-2025-1671.html", "https://errata.rockylinux.org/RLSA-2025:1671", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37371.html", "https://linux.oracle.com/errata/ELSA-2025-1673.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37371", "https://security.netapp.com/advisory/ntap-20241108-0009/", "https://security.netapp.com/advisory/ntap-20250124-0010/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37371", "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL" ], "PublishedDate": "2024-06-28T23:15:11.603Z", "LastModifiedDate": "2025-11-03T21:16:13.997Z" }, { "VulnerabilityID": "CVE-2025-24528", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-24528", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6d86ec9b05ee6750ec1ac68e6c6677fbfaa66388901c093b6909116b59633a9c", "Title": "krb5: overflow when calculating ulog block size", "Description": "In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:7067", "https://access.redhat.com/security/cve/CVE-2025-24528", "https://bugzilla.redhat.com/2342796", "https://bugzilla.redhat.com/show_bug.cgi?id=2342796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528", "https://errata.almalinux.org/9/ALSA-2025-7067.html", "https://errata.rockylinux.org/RLSA-2025:7067", "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0", "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final", "https://linux.oracle.com/cve/CVE-2025-24528.html", "https://linux.oracle.com/errata/ELSA-2025-7067.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-24528", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2025-24528" ], "PublishedDate": "2026-01-16T18:16:06.633Z", "LastModifiedDate": "2026-01-26T15:05:57.19Z" }, { "VulnerabilityID": "CVE-2025-3576", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-3576", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3bf9526cddcd764c92eead0dc5f7f713427f0313196cde250a265af5a80a1a0a", "Title": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions", "Description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "Severity": "MEDIUM", "CweIDs": [ "CWE-328" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:13664", "https://access.redhat.com/errata/RHSA-2025:13777", "https://access.redhat.com/errata/RHSA-2025:15000", "https://access.redhat.com/errata/RHSA-2025:15001", "https://access.redhat.com/errata/RHSA-2025:15002", "https://access.redhat.com/errata/RHSA-2025:15003", "https://access.redhat.com/errata/RHSA-2025:15004", "https://access.redhat.com/errata/RHSA-2025:8411", "https://access.redhat.com/errata/RHSA-2025:9418", "https://access.redhat.com/errata/RHSA-2025:9430", "https://access.redhat.com/security/cve/CVE-2025-3576", "https://bugzilla.redhat.com/2359465", "https://bugzilla.redhat.com/show_bug.cgi?id=2359465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576", "https://errata.almalinux.org/9/ALSA-2025-9430.html", "https://errata.rockylinux.org/RLSA-2025:9430", "https://linux.oracle.com/cve/CVE-2025-3576.html", "https://linux.oracle.com/errata/ELSA-2025-9430.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-3576", "https://ubuntu.com/security/notices/USN-7542-1", "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html", "https://www.cve.org/CVERecord?id=CVE-2025-3576" ], "PublishedDate": "2025-04-15T06:15:44.047Z", "LastModifiedDate": "2025-09-02T10:15:34.32Z" }, { "VulnerabilityID": "CVE-2024-26458", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2f552689ab23cf3b1722a62f7e6b6b59292f743ff7bdd988f112d138024520ed", "Title": "krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "Severity": "LOW", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26458", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md", "https://linux.oracle.com/cve/CVE-2024-26458.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26458", "https://security.netapp.com/advisory/ntap-20240415-0010/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26458" ], "PublishedDate": "2024-02-29T01:44:18.78Z", "LastModifiedDate": "2025-05-23T15:39:31.357Z" }, { "VulnerabilityID": "CVE-2024-26461", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26461", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4a11baa25722e257071087025e2f7a9cf10f1569895a58898ffce02fe134023a", "Title": "krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26461", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md", "https://linux.oracle.com/cve/CVE-2024-26461.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26461", "https://security.netapp.com/advisory/ntap-20240415-0011/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26461" ], "PublishedDate": "2024-02-29T01:44:18.82Z", "LastModifiedDate": "2025-05-23T15:30:30.847Z" }, { "VulnerabilityID": "CVE-2025-5222", "PkgID": "libicu70@70.1-2", "PkgName": "libicu70", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libicu70@70.1-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "1ecad657a93d1b21", "BOMRef": "pkg:deb/ubuntu/libicu70@70.1-2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "70.1-2", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-5222", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c13e0a192ca152f7bb1ca32cf28a045a8b13a5f190c6bb62177777749065e244", "Title": "icu: Stack buffer overflow in the SRBRoot::addTag function", "Description": "A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.", "Severity": "LOW", "CweIDs": [ "CWE-120" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:11888", "https://access.redhat.com/errata/RHSA-2025:12083", "https://access.redhat.com/errata/RHSA-2025:12331", "https://access.redhat.com/errata/RHSA-2025:12332", "https://access.redhat.com/errata/RHSA-2025:12333", "https://access.redhat.com/security/cve/CVE-2025-5222", "https://bugzilla.redhat.com/2368600", "https://bugzilla.redhat.com/show_bug.cgi?id=2368600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5222", "https://errata.almalinux.org/9/ALSA-2025-12083.html", "https://errata.rockylinux.org/RLSA-2025:12083", "https://linux.oracle.com/cve/CVE-2025-5222.html", "https://linux.oracle.com/errata/ELSA-2025-12083.html", "https://lists.debian.org/debian-lts-announce/2025/06/msg00015.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-5222", "https://www.cve.org/CVERecord?id=CVE-2025-5222" ], "PublishedDate": "2025-05-27T21:15:23.03Z", "LastModifiedDate": "2026-01-23T11:33:07.2Z" }, { "VulnerabilityID": "CVE-2023-36054", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-36054", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3e9fd8e3603093dba0b921383928ebef5752d8dc4a59d9026571842f43abb232", "Title": "krb5: Denial of service through freeing uninitialized pointer", "Description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "Severity": "MEDIUM", "CweIDs": [ "CWE-824" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6699", "https://access.redhat.com/security/cve/CVE-2023-36054", "https://bugzilla.redhat.com/2230178", "https://bugzilla.redhat.com/2232682", "https://errata.almalinux.org/9/ALSA-2023-6699.html", "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", "https://linux.oracle.com/cve/CVE-2023-36054.html", "https://linux.oracle.com/errata/ELSA-2023-6699.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-36054", "https://security.netapp.com/advisory/ntap-20230908-0004/", "https://ubuntu.com/security/notices/USN-6467-1", "https://ubuntu.com/security/notices/USN-6467-2", "https://web.mit.edu/kerberos/www/advisories/", "https://www.cve.org/CVERecord?id=CVE-2023-36054" ], "PublishedDate": "2023-08-07T19:15:09.84Z", "LastModifiedDate": "2024-11-21T08:09:15.227Z" }, { "VulnerabilityID": "CVE-2024-3596", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-3596", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a39993a0901d14971f3bb468a4582296c5ab86b5207e6568c301d737c81560cc", "Title": "freeradius: forgery attack", "Description": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.", "Severity": "MEDIUM", "CweIDs": [ "CWE-354", "CWE-924" ], "VendorSeverity": { "alma": 3, "amazon": 3, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/09/4", "https://access.redhat.com/errata/RHSA-2024:9474", "https://access.redhat.com/security/cve/CVE-2024-3596", "https://bugzilla.redhat.com/2263240", "https://bugzilla.redhat.com/show_bug.cgi?id=2263240", "https://cert-portal.siemens.com/productcert/html/ssa-723487.html", "https://cert-portal.siemens.com/productcert/html/ssa-794185.html", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3596", "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/", "https://datatracker.ietf.org/doc/html/rfc2865", "https://errata.almalinux.org/9/ALSA-2024-9474.html", "https://errata.rockylinux.org/RLSA-2024:9474", "https://kb.cert.org/vince/comm/case/1515/", "https://linux.oracle.com/cve/CVE-2024-3596.html", "https://linux.oracle.com/errata/ELSA-2024-9474.html", "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf", "https://nvd.nist.gov/vuln/detail/CVE-2024-3596", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014", "https://security.netapp.com/advisory/ntap-20240822-0001/", "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol", "https://ubuntu.com/security/notices/USN-7055-1", "https://ubuntu.com/security/notices/USN-7257-1", "https://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt", "https://www.blastradius.fail/", "https://www.cve.org/CVERecord?id=CVE-2024-3596", "https://www.kb.cert.org/vuls/id/456537" ], "PublishedDate": "2024-07-09T12:15:20.7Z", "LastModifiedDate": "2025-11-04T18:16:31.367Z" }, { "VulnerabilityID": "CVE-2024-37370", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37370", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4ff0f33bcda7534f68024ff0175ededd99b18f6882aeb3071912b20c4d196ebf", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "Severity": "MEDIUM", "CweIDs": [ "CWE-345" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6166", "https://access.redhat.com/security/cve/CVE-2024-37370", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2294677", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2294677", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://errata.almalinux.org/9/ALSA-2024-6166.html", "https://errata.rockylinux.org/RLSA-2024:5312", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37370.html", "https://linux.oracle.com/errata/ELSA-2024-6166.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37370", "https://security.netapp.com/advisory/ntap-20241108-0007/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37370" ], "PublishedDate": "2024-06-28T22:15:02.293Z", "LastModifiedDate": "2026-02-18T16:22:27.4Z" }, { "VulnerabilityID": "CVE-2024-37371", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37371", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e2199a39ba4016c529d2d9a66127b3cad116c3002be27066e726eff039b7ba94", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:1671", "https://access.redhat.com/security/cve/CVE-2024-37371", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2301888", "https://bugzilla.redhat.com/2318857", "https://bugzilla.redhat.com/2318858", "https://bugzilla.redhat.com/2318870", "https://bugzilla.redhat.com/2318873", "https://bugzilla.redhat.com/2318874", "https://bugzilla.redhat.com/2318876", "https://bugzilla.redhat.com/2318882", "https://bugzilla.redhat.com/2318883", "https://bugzilla.redhat.com/2318884", "https://bugzilla.redhat.com/2318885", "https://bugzilla.redhat.com/2318886", "https://bugzilla.redhat.com/2318897", "https://bugzilla.redhat.com/2318900", "https://bugzilla.redhat.com/2318905", "https://bugzilla.redhat.com/2318914", "https://bugzilla.redhat.com/2318922", "https://bugzilla.redhat.com/2318923", "https://bugzilla.redhat.com/2318925", "https://bugzilla.redhat.com/2318926", "https://bugzilla.redhat.com/2318927", "https://bugzilla.redhat.com/2331191", "https://bugzilla.redhat.com/2339218", "https://bugzilla.redhat.com/2339220", "https://bugzilla.redhat.com/2339221", "https://bugzilla.redhat.com/2339226", "https://bugzilla.redhat.com/2339231", "https://bugzilla.redhat.com/2339236", "https://bugzilla.redhat.com/2339238", "https://bugzilla.redhat.com/2339243", "https://bugzilla.redhat.com/2339247", "https://bugzilla.redhat.com/2339252", "https://bugzilla.redhat.com/2339259", "https://bugzilla.redhat.com/2339266", "https://bugzilla.redhat.com/2339270", "https://bugzilla.redhat.com/2339271", "https://bugzilla.redhat.com/2339275", "https://bugzilla.redhat.com/2339277", "https://bugzilla.redhat.com/2339281", "https://bugzilla.redhat.com/2339284", "https://bugzilla.redhat.com/2339291", "https://bugzilla.redhat.com/2339293", "https://bugzilla.redhat.com/2339295", "https://bugzilla.redhat.com/2339299", "https://bugzilla.redhat.com/2339300", "https://bugzilla.redhat.com/2339304", "https://bugzilla.redhat.com/2339305", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "https://bugzilla.redhat.com/show_bug.cgi?id=2318857", "https://bugzilla.redhat.com/show_bug.cgi?id=2318858", "https://bugzilla.redhat.com/show_bug.cgi?id=2318870", "https://bugzilla.redhat.com/show_bug.cgi?id=2318873", "https://bugzilla.redhat.com/show_bug.cgi?id=2318874", "https://bugzilla.redhat.com/show_bug.cgi?id=2318876", "https://bugzilla.redhat.com/show_bug.cgi?id=2318882", "https://bugzilla.redhat.com/show_bug.cgi?id=2318883", "https://bugzilla.redhat.com/show_bug.cgi?id=2318884", "https://bugzilla.redhat.com/show_bug.cgi?id=2318885", "https://bugzilla.redhat.com/show_bug.cgi?id=2318886", "https://bugzilla.redhat.com/show_bug.cgi?id=2318897", "https://bugzilla.redhat.com/show_bug.cgi?id=2318900", "https://bugzilla.redhat.com/show_bug.cgi?id=2318905", "https://bugzilla.redhat.com/show_bug.cgi?id=2318914", "https://bugzilla.redhat.com/show_bug.cgi?id=2318922", "https://bugzilla.redhat.com/show_bug.cgi?id=2318923", "https://bugzilla.redhat.com/show_bug.cgi?id=2318925", "https://bugzilla.redhat.com/show_bug.cgi?id=2318926", "https://bugzilla.redhat.com/show_bug.cgi?id=2318927", "https://bugzilla.redhat.com/show_bug.cgi?id=2331191", "https://bugzilla.redhat.com/show_bug.cgi?id=2339218", "https://bugzilla.redhat.com/show_bug.cgi?id=2339220", "https://bugzilla.redhat.com/show_bug.cgi?id=2339221", "https://bugzilla.redhat.com/show_bug.cgi?id=2339226", "https://bugzilla.redhat.com/show_bug.cgi?id=2339231", "https://bugzilla.redhat.com/show_bug.cgi?id=2339236", "https://bugzilla.redhat.com/show_bug.cgi?id=2339238", "https://bugzilla.redhat.com/show_bug.cgi?id=2339243", "https://bugzilla.redhat.com/show_bug.cgi?id=2339247", "https://bugzilla.redhat.com/show_bug.cgi?id=2339252", "https://bugzilla.redhat.com/show_bug.cgi?id=2339259", "https://bugzilla.redhat.com/show_bug.cgi?id=2339266", "https://bugzilla.redhat.com/show_bug.cgi?id=2339270", "https://bugzilla.redhat.com/show_bug.cgi?id=2339271", "https://bugzilla.redhat.com/show_bug.cgi?id=2339275", "https://bugzilla.redhat.com/show_bug.cgi?id=2339277", "https://bugzilla.redhat.com/show_bug.cgi?id=2339281", "https://bugzilla.redhat.com/show_bug.cgi?id=2339284", "https://bugzilla.redhat.com/show_bug.cgi?id=2339291", "https://bugzilla.redhat.com/show_bug.cgi?id=2339293", "https://bugzilla.redhat.com/show_bug.cgi?id=2339295", "https://bugzilla.redhat.com/show_bug.cgi?id=2339299", "https://bugzilla.redhat.com/show_bug.cgi?id=2339300", "https://bugzilla.redhat.com/show_bug.cgi?id=2339304", "https://bugzilla.redhat.com/show_bug.cgi?id=2339305", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21193", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21194", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21197", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21198", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21201", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21203", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21212", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21213", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21218", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21219", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21230", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21231", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21236", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21238", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21239", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21241", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21247", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21497", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21500", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21501", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21503", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21504", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21505", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21518", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21519", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21520", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21521", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21522", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21525", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21529", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21531", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21534", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21536", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21540", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21543", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21546", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21555", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21559", "https://errata.almalinux.org/9/ALSA-2025-1671.html", "https://errata.rockylinux.org/RLSA-2025:1671", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37371.html", "https://linux.oracle.com/errata/ELSA-2025-1673.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37371", "https://security.netapp.com/advisory/ntap-20241108-0009/", "https://security.netapp.com/advisory/ntap-20250124-0010/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37371", "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL" ], "PublishedDate": "2024-06-28T23:15:11.603Z", "LastModifiedDate": "2025-11-03T21:16:13.997Z" }, { "VulnerabilityID": "CVE-2025-24528", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-24528", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a432a19913d06c1c114d5ad2011d1a45b7744b1975911c96d91da2f45d928d30", "Title": "krb5: overflow when calculating ulog block size", "Description": "In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:7067", "https://access.redhat.com/security/cve/CVE-2025-24528", "https://bugzilla.redhat.com/2342796", "https://bugzilla.redhat.com/show_bug.cgi?id=2342796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528", "https://errata.almalinux.org/9/ALSA-2025-7067.html", "https://errata.rockylinux.org/RLSA-2025:7067", "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0", "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final", "https://linux.oracle.com/cve/CVE-2025-24528.html", "https://linux.oracle.com/errata/ELSA-2025-7067.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-24528", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2025-24528" ], "PublishedDate": "2026-01-16T18:16:06.633Z", "LastModifiedDate": "2026-01-26T15:05:57.19Z" }, { "VulnerabilityID": "CVE-2025-3576", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-3576", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:53bdc2dc42916cd4d53287127cfa14c0966ee72391268966108efd956869bdb0", "Title": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions", "Description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "Severity": "MEDIUM", "CweIDs": [ "CWE-328" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:13664", "https://access.redhat.com/errata/RHSA-2025:13777", "https://access.redhat.com/errata/RHSA-2025:15000", "https://access.redhat.com/errata/RHSA-2025:15001", "https://access.redhat.com/errata/RHSA-2025:15002", "https://access.redhat.com/errata/RHSA-2025:15003", "https://access.redhat.com/errata/RHSA-2025:15004", "https://access.redhat.com/errata/RHSA-2025:8411", "https://access.redhat.com/errata/RHSA-2025:9418", "https://access.redhat.com/errata/RHSA-2025:9430", "https://access.redhat.com/security/cve/CVE-2025-3576", "https://bugzilla.redhat.com/2359465", "https://bugzilla.redhat.com/show_bug.cgi?id=2359465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576", "https://errata.almalinux.org/9/ALSA-2025-9430.html", "https://errata.rockylinux.org/RLSA-2025:9430", "https://linux.oracle.com/cve/CVE-2025-3576.html", "https://linux.oracle.com/errata/ELSA-2025-9430.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-3576", "https://ubuntu.com/security/notices/USN-7542-1", "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html", "https://www.cve.org/CVERecord?id=CVE-2025-3576" ], "PublishedDate": "2025-04-15T06:15:44.047Z", "LastModifiedDate": "2025-09-02T10:15:34.32Z" }, { "VulnerabilityID": "CVE-2024-26458", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5055165f46058734c0b62e2932968232ec23f05f75538608e9ac1aff9c9d87fd", "Title": "krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "Severity": "LOW", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26458", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md", "https://linux.oracle.com/cve/CVE-2024-26458.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26458", "https://security.netapp.com/advisory/ntap-20240415-0010/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26458" ], "PublishedDate": "2024-02-29T01:44:18.78Z", "LastModifiedDate": "2025-05-23T15:39:31.357Z" }, { "VulnerabilityID": "CVE-2024-26461", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26461", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:235284066f01e76076c2975bef15c7e751db903cee16743e9063ac889aca8091", "Title": "krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26461", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md", "https://linux.oracle.com/cve/CVE-2024-26461.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26461", "https://security.netapp.com/advisory/ntap-20240415-0011/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26461" ], "PublishedDate": "2024-02-29T01:44:18.82Z", "LastModifiedDate": "2025-05-23T15:30:30.847Z" }, { "VulnerabilityID": "CVE-2023-36054", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-36054", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ffdd2bc8d7d0554b3087b1f77654f27e0596baccf2d9cde161de953f176cb259", "Title": "krb5: Denial of service through freeing uninitialized pointer", "Description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "Severity": "MEDIUM", "CweIDs": [ "CWE-824" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6699", "https://access.redhat.com/security/cve/CVE-2023-36054", "https://bugzilla.redhat.com/2230178", "https://bugzilla.redhat.com/2232682", "https://errata.almalinux.org/9/ALSA-2023-6699.html", "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", "https://linux.oracle.com/cve/CVE-2023-36054.html", "https://linux.oracle.com/errata/ELSA-2023-6699.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-36054", "https://security.netapp.com/advisory/ntap-20230908-0004/", "https://ubuntu.com/security/notices/USN-6467-1", "https://ubuntu.com/security/notices/USN-6467-2", "https://web.mit.edu/kerberos/www/advisories/", "https://www.cve.org/CVERecord?id=CVE-2023-36054" ], "PublishedDate": "2023-08-07T19:15:09.84Z", "LastModifiedDate": "2024-11-21T08:09:15.227Z" }, { "VulnerabilityID": "CVE-2024-3596", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-3596", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:53db615cba72ba13c890528919c16208745a0a5333d8e780f444e17ea6897bf1", "Title": "freeradius: forgery attack", "Description": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.", "Severity": "MEDIUM", "CweIDs": [ "CWE-354", "CWE-924" ], "VendorSeverity": { "alma": 3, "amazon": 3, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/09/4", "https://access.redhat.com/errata/RHSA-2024:9474", "https://access.redhat.com/security/cve/CVE-2024-3596", "https://bugzilla.redhat.com/2263240", "https://bugzilla.redhat.com/show_bug.cgi?id=2263240", "https://cert-portal.siemens.com/productcert/html/ssa-723487.html", "https://cert-portal.siemens.com/productcert/html/ssa-794185.html", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3596", "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/", "https://datatracker.ietf.org/doc/html/rfc2865", "https://errata.almalinux.org/9/ALSA-2024-9474.html", "https://errata.rockylinux.org/RLSA-2024:9474", "https://kb.cert.org/vince/comm/case/1515/", "https://linux.oracle.com/cve/CVE-2024-3596.html", "https://linux.oracle.com/errata/ELSA-2024-9474.html", "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf", "https://nvd.nist.gov/vuln/detail/CVE-2024-3596", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014", "https://security.netapp.com/advisory/ntap-20240822-0001/", "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol", "https://ubuntu.com/security/notices/USN-7055-1", "https://ubuntu.com/security/notices/USN-7257-1", "https://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt", "https://www.blastradius.fail/", "https://www.cve.org/CVERecord?id=CVE-2024-3596", "https://www.kb.cert.org/vuls/id/456537" ], "PublishedDate": "2024-07-09T12:15:20.7Z", "LastModifiedDate": "2025-11-04T18:16:31.367Z" }, { "VulnerabilityID": "CVE-2024-37370", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37370", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f2ce715f2b235fe815a8f206f8872b9b5cad2262045a74efa23d497496200d56", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "Severity": "MEDIUM", "CweIDs": [ "CWE-345" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6166", "https://access.redhat.com/security/cve/CVE-2024-37370", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2294677", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2294677", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://errata.almalinux.org/9/ALSA-2024-6166.html", "https://errata.rockylinux.org/RLSA-2024:5312", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37370.html", "https://linux.oracle.com/errata/ELSA-2024-6166.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37370", "https://security.netapp.com/advisory/ntap-20241108-0007/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37370" ], "PublishedDate": "2024-06-28T22:15:02.293Z", "LastModifiedDate": "2026-02-18T16:22:27.4Z" }, { "VulnerabilityID": "CVE-2024-37371", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37371", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d60b99d9ca80e4f27d3cb99c0502e061476d81770ce1fb07f878c217772f6246", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:1671", "https://access.redhat.com/security/cve/CVE-2024-37371", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2301888", "https://bugzilla.redhat.com/2318857", "https://bugzilla.redhat.com/2318858", "https://bugzilla.redhat.com/2318870", "https://bugzilla.redhat.com/2318873", "https://bugzilla.redhat.com/2318874", "https://bugzilla.redhat.com/2318876", "https://bugzilla.redhat.com/2318882", "https://bugzilla.redhat.com/2318883", "https://bugzilla.redhat.com/2318884", "https://bugzilla.redhat.com/2318885", "https://bugzilla.redhat.com/2318886", "https://bugzilla.redhat.com/2318897", "https://bugzilla.redhat.com/2318900", "https://bugzilla.redhat.com/2318905", "https://bugzilla.redhat.com/2318914", "https://bugzilla.redhat.com/2318922", "https://bugzilla.redhat.com/2318923", "https://bugzilla.redhat.com/2318925", "https://bugzilla.redhat.com/2318926", "https://bugzilla.redhat.com/2318927", "https://bugzilla.redhat.com/2331191", "https://bugzilla.redhat.com/2339218", "https://bugzilla.redhat.com/2339220", "https://bugzilla.redhat.com/2339221", "https://bugzilla.redhat.com/2339226", "https://bugzilla.redhat.com/2339231", "https://bugzilla.redhat.com/2339236", "https://bugzilla.redhat.com/2339238", "https://bugzilla.redhat.com/2339243", "https://bugzilla.redhat.com/2339247", "https://bugzilla.redhat.com/2339252", "https://bugzilla.redhat.com/2339259", "https://bugzilla.redhat.com/2339266", "https://bugzilla.redhat.com/2339270", "https://bugzilla.redhat.com/2339271", "https://bugzilla.redhat.com/2339275", "https://bugzilla.redhat.com/2339277", "https://bugzilla.redhat.com/2339281", "https://bugzilla.redhat.com/2339284", "https://bugzilla.redhat.com/2339291", "https://bugzilla.redhat.com/2339293", "https://bugzilla.redhat.com/2339295", "https://bugzilla.redhat.com/2339299", "https://bugzilla.redhat.com/2339300", "https://bugzilla.redhat.com/2339304", "https://bugzilla.redhat.com/2339305", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "https://bugzilla.redhat.com/show_bug.cgi?id=2318857", "https://bugzilla.redhat.com/show_bug.cgi?id=2318858", "https://bugzilla.redhat.com/show_bug.cgi?id=2318870", "https://bugzilla.redhat.com/show_bug.cgi?id=2318873", "https://bugzilla.redhat.com/show_bug.cgi?id=2318874", "https://bugzilla.redhat.com/show_bug.cgi?id=2318876", "https://bugzilla.redhat.com/show_bug.cgi?id=2318882", "https://bugzilla.redhat.com/show_bug.cgi?id=2318883", "https://bugzilla.redhat.com/show_bug.cgi?id=2318884", "https://bugzilla.redhat.com/show_bug.cgi?id=2318885", "https://bugzilla.redhat.com/show_bug.cgi?id=2318886", "https://bugzilla.redhat.com/show_bug.cgi?id=2318897", "https://bugzilla.redhat.com/show_bug.cgi?id=2318900", "https://bugzilla.redhat.com/show_bug.cgi?id=2318905", "https://bugzilla.redhat.com/show_bug.cgi?id=2318914", "https://bugzilla.redhat.com/show_bug.cgi?id=2318922", "https://bugzilla.redhat.com/show_bug.cgi?id=2318923", "https://bugzilla.redhat.com/show_bug.cgi?id=2318925", "https://bugzilla.redhat.com/show_bug.cgi?id=2318926", "https://bugzilla.redhat.com/show_bug.cgi?id=2318927", "https://bugzilla.redhat.com/show_bug.cgi?id=2331191", "https://bugzilla.redhat.com/show_bug.cgi?id=2339218", "https://bugzilla.redhat.com/show_bug.cgi?id=2339220", "https://bugzilla.redhat.com/show_bug.cgi?id=2339221", "https://bugzilla.redhat.com/show_bug.cgi?id=2339226", "https://bugzilla.redhat.com/show_bug.cgi?id=2339231", "https://bugzilla.redhat.com/show_bug.cgi?id=2339236", "https://bugzilla.redhat.com/show_bug.cgi?id=2339238", "https://bugzilla.redhat.com/show_bug.cgi?id=2339243", "https://bugzilla.redhat.com/show_bug.cgi?id=2339247", "https://bugzilla.redhat.com/show_bug.cgi?id=2339252", "https://bugzilla.redhat.com/show_bug.cgi?id=2339259", "https://bugzilla.redhat.com/show_bug.cgi?id=2339266", "https://bugzilla.redhat.com/show_bug.cgi?id=2339270", "https://bugzilla.redhat.com/show_bug.cgi?id=2339271", "https://bugzilla.redhat.com/show_bug.cgi?id=2339275", "https://bugzilla.redhat.com/show_bug.cgi?id=2339277", "https://bugzilla.redhat.com/show_bug.cgi?id=2339281", "https://bugzilla.redhat.com/show_bug.cgi?id=2339284", "https://bugzilla.redhat.com/show_bug.cgi?id=2339291", "https://bugzilla.redhat.com/show_bug.cgi?id=2339293", "https://bugzilla.redhat.com/show_bug.cgi?id=2339295", "https://bugzilla.redhat.com/show_bug.cgi?id=2339299", "https://bugzilla.redhat.com/show_bug.cgi?id=2339300", "https://bugzilla.redhat.com/show_bug.cgi?id=2339304", "https://bugzilla.redhat.com/show_bug.cgi?id=2339305", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21193", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21194", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21197", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21198", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21201", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21203", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21212", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21213", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21218", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21219", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21230", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21231", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21236", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21238", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21239", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21241", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21247", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21497", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21500", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21501", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21503", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21504", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21505", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21518", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21519", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21520", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21521", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21522", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21525", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21529", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21531", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21534", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21536", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21540", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21543", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21546", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21555", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21559", "https://errata.almalinux.org/9/ALSA-2025-1671.html", "https://errata.rockylinux.org/RLSA-2025:1671", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37371.html", "https://linux.oracle.com/errata/ELSA-2025-1673.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37371", "https://security.netapp.com/advisory/ntap-20241108-0009/", "https://security.netapp.com/advisory/ntap-20250124-0010/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37371", "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL" ], "PublishedDate": "2024-06-28T23:15:11.603Z", "LastModifiedDate": "2025-11-03T21:16:13.997Z" }, { "VulnerabilityID": "CVE-2025-24528", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-24528", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2ac8d8386ce00de1aa8e0922837bf6fd1df3d3b075a92f085d34c429c08824a1", "Title": "krb5: overflow when calculating ulog block size", "Description": "In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:7067", "https://access.redhat.com/security/cve/CVE-2025-24528", "https://bugzilla.redhat.com/2342796", "https://bugzilla.redhat.com/show_bug.cgi?id=2342796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528", "https://errata.almalinux.org/9/ALSA-2025-7067.html", "https://errata.rockylinux.org/RLSA-2025:7067", "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0", "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final", "https://linux.oracle.com/cve/CVE-2025-24528.html", "https://linux.oracle.com/errata/ELSA-2025-7067.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-24528", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2025-24528" ], "PublishedDate": "2026-01-16T18:16:06.633Z", "LastModifiedDate": "2026-01-26T15:05:57.19Z" }, { "VulnerabilityID": "CVE-2025-3576", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-3576", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a3b3169f9c5cd5988d143c816c59b830703de73439046af3b78d207f95b11c4f", "Title": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions", "Description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "Severity": "MEDIUM", "CweIDs": [ "CWE-328" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:13664", "https://access.redhat.com/errata/RHSA-2025:13777", "https://access.redhat.com/errata/RHSA-2025:15000", "https://access.redhat.com/errata/RHSA-2025:15001", "https://access.redhat.com/errata/RHSA-2025:15002", "https://access.redhat.com/errata/RHSA-2025:15003", "https://access.redhat.com/errata/RHSA-2025:15004", "https://access.redhat.com/errata/RHSA-2025:8411", "https://access.redhat.com/errata/RHSA-2025:9418", "https://access.redhat.com/errata/RHSA-2025:9430", "https://access.redhat.com/security/cve/CVE-2025-3576", "https://bugzilla.redhat.com/2359465", "https://bugzilla.redhat.com/show_bug.cgi?id=2359465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576", "https://errata.almalinux.org/9/ALSA-2025-9430.html", "https://errata.rockylinux.org/RLSA-2025:9430", "https://linux.oracle.com/cve/CVE-2025-3576.html", "https://linux.oracle.com/errata/ELSA-2025-9430.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-3576", "https://ubuntu.com/security/notices/USN-7542-1", "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html", "https://www.cve.org/CVERecord?id=CVE-2025-3576" ], "PublishedDate": "2025-04-15T06:15:44.047Z", "LastModifiedDate": "2025-09-02T10:15:34.32Z" }, { "VulnerabilityID": "CVE-2024-26458", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8a455bcfa13f7780e16f28a61f4eddaad3b4375319bfa53532af893cfdf0523d", "Title": "krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "Severity": "LOW", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26458", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md", "https://linux.oracle.com/cve/CVE-2024-26458.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26458", "https://security.netapp.com/advisory/ntap-20240415-0010/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26458" ], "PublishedDate": "2024-02-29T01:44:18.78Z", "LastModifiedDate": "2025-05-23T15:39:31.357Z" }, { "VulnerabilityID": "CVE-2024-26461", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26461", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5a9040d4a696f8d8a66673ff3e585ba5f0a4c3067caf074a0f8ba8e48c05cb85", "Title": "krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26461", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md", "https://linux.oracle.com/cve/CVE-2024-26461.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26461", "https://security.netapp.com/advisory/ntap-20240415-0011/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26461" ], "PublishedDate": "2024-02-29T01:44:18.82Z", "LastModifiedDate": "2025-05-23T15:30:30.847Z" }, { "VulnerabilityID": "CVE-2023-36054", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-36054", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:07fbfde4bbe9d7bcd449109174c5ed9728b2827898021cd0f770e160a624780f", "Title": "krb5: Denial of service through freeing uninitialized pointer", "Description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "Severity": "MEDIUM", "CweIDs": [ "CWE-824" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6699", "https://access.redhat.com/security/cve/CVE-2023-36054", "https://bugzilla.redhat.com/2230178", "https://bugzilla.redhat.com/2232682", "https://errata.almalinux.org/9/ALSA-2023-6699.html", "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", "https://linux.oracle.com/cve/CVE-2023-36054.html", "https://linux.oracle.com/errata/ELSA-2023-6699.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-36054", "https://security.netapp.com/advisory/ntap-20230908-0004/", "https://ubuntu.com/security/notices/USN-6467-1", "https://ubuntu.com/security/notices/USN-6467-2", "https://web.mit.edu/kerberos/www/advisories/", "https://www.cve.org/CVERecord?id=CVE-2023-36054" ], "PublishedDate": "2023-08-07T19:15:09.84Z", "LastModifiedDate": "2024-11-21T08:09:15.227Z" }, { "VulnerabilityID": "CVE-2024-3596", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-3596", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:30279e6de4dc20aa1ab09502a3d89e458cf8d8f1f3e78fe4f1a758b2f6043805", "Title": "freeradius: forgery attack", "Description": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.", "Severity": "MEDIUM", "CweIDs": [ "CWE-354", "CWE-924" ], "VendorSeverity": { "alma": 3, "amazon": 3, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/09/4", "https://access.redhat.com/errata/RHSA-2024:9474", "https://access.redhat.com/security/cve/CVE-2024-3596", "https://bugzilla.redhat.com/2263240", "https://bugzilla.redhat.com/show_bug.cgi?id=2263240", "https://cert-portal.siemens.com/productcert/html/ssa-723487.html", "https://cert-portal.siemens.com/productcert/html/ssa-794185.html", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3596", "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/", "https://datatracker.ietf.org/doc/html/rfc2865", "https://errata.almalinux.org/9/ALSA-2024-9474.html", "https://errata.rockylinux.org/RLSA-2024:9474", "https://kb.cert.org/vince/comm/case/1515/", "https://linux.oracle.com/cve/CVE-2024-3596.html", "https://linux.oracle.com/errata/ELSA-2024-9474.html", "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf", "https://nvd.nist.gov/vuln/detail/CVE-2024-3596", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014", "https://security.netapp.com/advisory/ntap-20240822-0001/", "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol", "https://ubuntu.com/security/notices/USN-7055-1", "https://ubuntu.com/security/notices/USN-7257-1", "https://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt", "https://www.blastradius.fail/", "https://www.cve.org/CVERecord?id=CVE-2024-3596", "https://www.kb.cert.org/vuls/id/456537" ], "PublishedDate": "2024-07-09T12:15:20.7Z", "LastModifiedDate": "2025-11-04T18:16:31.367Z" }, { "VulnerabilityID": "CVE-2024-37370", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37370", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:acf7733ce9c0ab578e14d0900ce4bc0bb6970e02c3054185d5be79dbd9077c8d", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "Severity": "MEDIUM", "CweIDs": [ "CWE-345" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6166", "https://access.redhat.com/security/cve/CVE-2024-37370", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2294677", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2294677", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://errata.almalinux.org/9/ALSA-2024-6166.html", "https://errata.rockylinux.org/RLSA-2024:5312", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37370.html", "https://linux.oracle.com/errata/ELSA-2024-6166.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37370", "https://security.netapp.com/advisory/ntap-20241108-0007/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37370" ], "PublishedDate": "2024-06-28T22:15:02.293Z", "LastModifiedDate": "2026-02-18T16:22:27.4Z" }, { "VulnerabilityID": "CVE-2024-37371", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37371", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a702fc054e296d764bc85b2bbc68d6cc9c978ecd350d880d868c94d151ade527", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:1671", "https://access.redhat.com/security/cve/CVE-2024-37371", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2301888", "https://bugzilla.redhat.com/2318857", "https://bugzilla.redhat.com/2318858", "https://bugzilla.redhat.com/2318870", "https://bugzilla.redhat.com/2318873", "https://bugzilla.redhat.com/2318874", "https://bugzilla.redhat.com/2318876", "https://bugzilla.redhat.com/2318882", "https://bugzilla.redhat.com/2318883", "https://bugzilla.redhat.com/2318884", "https://bugzilla.redhat.com/2318885", "https://bugzilla.redhat.com/2318886", "https://bugzilla.redhat.com/2318897", "https://bugzilla.redhat.com/2318900", "https://bugzilla.redhat.com/2318905", "https://bugzilla.redhat.com/2318914", "https://bugzilla.redhat.com/2318922", "https://bugzilla.redhat.com/2318923", "https://bugzilla.redhat.com/2318925", "https://bugzilla.redhat.com/2318926", "https://bugzilla.redhat.com/2318927", "https://bugzilla.redhat.com/2331191", "https://bugzilla.redhat.com/2339218", "https://bugzilla.redhat.com/2339220", "https://bugzilla.redhat.com/2339221", "https://bugzilla.redhat.com/2339226", "https://bugzilla.redhat.com/2339231", "https://bugzilla.redhat.com/2339236", "https://bugzilla.redhat.com/2339238", "https://bugzilla.redhat.com/2339243", "https://bugzilla.redhat.com/2339247", "https://bugzilla.redhat.com/2339252", "https://bugzilla.redhat.com/2339259", "https://bugzilla.redhat.com/2339266", "https://bugzilla.redhat.com/2339270", "https://bugzilla.redhat.com/2339271", "https://bugzilla.redhat.com/2339275", "https://bugzilla.redhat.com/2339277", "https://bugzilla.redhat.com/2339281", "https://bugzilla.redhat.com/2339284", "https://bugzilla.redhat.com/2339291", "https://bugzilla.redhat.com/2339293", "https://bugzilla.redhat.com/2339295", "https://bugzilla.redhat.com/2339299", "https://bugzilla.redhat.com/2339300", "https://bugzilla.redhat.com/2339304", "https://bugzilla.redhat.com/2339305", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "https://bugzilla.redhat.com/show_bug.cgi?id=2318857", "https://bugzilla.redhat.com/show_bug.cgi?id=2318858", "https://bugzilla.redhat.com/show_bug.cgi?id=2318870", "https://bugzilla.redhat.com/show_bug.cgi?id=2318873", "https://bugzilla.redhat.com/show_bug.cgi?id=2318874", "https://bugzilla.redhat.com/show_bug.cgi?id=2318876", "https://bugzilla.redhat.com/show_bug.cgi?id=2318882", "https://bugzilla.redhat.com/show_bug.cgi?id=2318883", "https://bugzilla.redhat.com/show_bug.cgi?id=2318884", "https://bugzilla.redhat.com/show_bug.cgi?id=2318885", "https://bugzilla.redhat.com/show_bug.cgi?id=2318886", "https://bugzilla.redhat.com/show_bug.cgi?id=2318897", "https://bugzilla.redhat.com/show_bug.cgi?id=2318900", "https://bugzilla.redhat.com/show_bug.cgi?id=2318905", "https://bugzilla.redhat.com/show_bug.cgi?id=2318914", "https://bugzilla.redhat.com/show_bug.cgi?id=2318922", "https://bugzilla.redhat.com/show_bug.cgi?id=2318923", "https://bugzilla.redhat.com/show_bug.cgi?id=2318925", "https://bugzilla.redhat.com/show_bug.cgi?id=2318926", "https://bugzilla.redhat.com/show_bug.cgi?id=2318927", "https://bugzilla.redhat.com/show_bug.cgi?id=2331191", "https://bugzilla.redhat.com/show_bug.cgi?id=2339218", "https://bugzilla.redhat.com/show_bug.cgi?id=2339220", "https://bugzilla.redhat.com/show_bug.cgi?id=2339221", "https://bugzilla.redhat.com/show_bug.cgi?id=2339226", "https://bugzilla.redhat.com/show_bug.cgi?id=2339231", "https://bugzilla.redhat.com/show_bug.cgi?id=2339236", "https://bugzilla.redhat.com/show_bug.cgi?id=2339238", "https://bugzilla.redhat.com/show_bug.cgi?id=2339243", "https://bugzilla.redhat.com/show_bug.cgi?id=2339247", "https://bugzilla.redhat.com/show_bug.cgi?id=2339252", "https://bugzilla.redhat.com/show_bug.cgi?id=2339259", "https://bugzilla.redhat.com/show_bug.cgi?id=2339266", "https://bugzilla.redhat.com/show_bug.cgi?id=2339270", "https://bugzilla.redhat.com/show_bug.cgi?id=2339271", "https://bugzilla.redhat.com/show_bug.cgi?id=2339275", "https://bugzilla.redhat.com/show_bug.cgi?id=2339277", "https://bugzilla.redhat.com/show_bug.cgi?id=2339281", "https://bugzilla.redhat.com/show_bug.cgi?id=2339284", "https://bugzilla.redhat.com/show_bug.cgi?id=2339291", "https://bugzilla.redhat.com/show_bug.cgi?id=2339293", "https://bugzilla.redhat.com/show_bug.cgi?id=2339295", "https://bugzilla.redhat.com/show_bug.cgi?id=2339299", "https://bugzilla.redhat.com/show_bug.cgi?id=2339300", "https://bugzilla.redhat.com/show_bug.cgi?id=2339304", "https://bugzilla.redhat.com/show_bug.cgi?id=2339305", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21193", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21194", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21197", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21198", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21201", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21203", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21212", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21213", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21218", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21219", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21230", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21231", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21236", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21238", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21239", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21241", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21247", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21497", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21500", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21501", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21503", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21504", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21505", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21518", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21519", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21520", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21521", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21522", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21525", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21529", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21531", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21534", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21536", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21540", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21543", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21546", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21555", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21559", "https://errata.almalinux.org/9/ALSA-2025-1671.html", "https://errata.rockylinux.org/RLSA-2025:1671", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37371.html", "https://linux.oracle.com/errata/ELSA-2025-1673.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37371", "https://security.netapp.com/advisory/ntap-20241108-0009/", "https://security.netapp.com/advisory/ntap-20250124-0010/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37371", "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL" ], "PublishedDate": "2024-06-28T23:15:11.603Z", "LastModifiedDate": "2025-11-03T21:16:13.997Z" }, { "VulnerabilityID": "CVE-2025-24528", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-24528", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ced489bb0a7fd95c8df40702d70a3746da9c52d9fc572365abfad7954575c8c5", "Title": "krb5: overflow when calculating ulog block size", "Description": "In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:7067", "https://access.redhat.com/security/cve/CVE-2025-24528", "https://bugzilla.redhat.com/2342796", "https://bugzilla.redhat.com/show_bug.cgi?id=2342796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528", "https://errata.almalinux.org/9/ALSA-2025-7067.html", "https://errata.rockylinux.org/RLSA-2025:7067", "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0", "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final", "https://linux.oracle.com/cve/CVE-2025-24528.html", "https://linux.oracle.com/errata/ELSA-2025-7067.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-24528", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2025-24528" ], "PublishedDate": "2026-01-16T18:16:06.633Z", "LastModifiedDate": "2026-01-26T15:05:57.19Z" }, { "VulnerabilityID": "CVE-2025-3576", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-3576", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7c5ec159a5eee7e9014f795496f153c37692c318501e23291e13c9ae5f5c2940", "Title": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions", "Description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "Severity": "MEDIUM", "CweIDs": [ "CWE-328" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:13664", "https://access.redhat.com/errata/RHSA-2025:13777", "https://access.redhat.com/errata/RHSA-2025:15000", "https://access.redhat.com/errata/RHSA-2025:15001", "https://access.redhat.com/errata/RHSA-2025:15002", "https://access.redhat.com/errata/RHSA-2025:15003", "https://access.redhat.com/errata/RHSA-2025:15004", "https://access.redhat.com/errata/RHSA-2025:8411", "https://access.redhat.com/errata/RHSA-2025:9418", "https://access.redhat.com/errata/RHSA-2025:9430", "https://access.redhat.com/security/cve/CVE-2025-3576", "https://bugzilla.redhat.com/2359465", "https://bugzilla.redhat.com/show_bug.cgi?id=2359465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576", "https://errata.almalinux.org/9/ALSA-2025-9430.html", "https://errata.rockylinux.org/RLSA-2025:9430", "https://linux.oracle.com/cve/CVE-2025-3576.html", "https://linux.oracle.com/errata/ELSA-2025-9430.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-3576", "https://ubuntu.com/security/notices/USN-7542-1", "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html", "https://www.cve.org/CVERecord?id=CVE-2025-3576" ], "PublishedDate": "2025-04-15T06:15:44.047Z", "LastModifiedDate": "2025-09-02T10:15:34.32Z" }, { "VulnerabilityID": "CVE-2024-26458", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f23d1947d984959d65a52151f51503f292c521ce6885767dcf4bd0c4a4429122", "Title": "krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "Severity": "LOW", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26458", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md", "https://linux.oracle.com/cve/CVE-2024-26458.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26458", "https://security.netapp.com/advisory/ntap-20240415-0010/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26458" ], "PublishedDate": "2024-02-29T01:44:18.78Z", "LastModifiedDate": "2025-05-23T15:39:31.357Z" }, { "VulnerabilityID": "CVE-2024-26461", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26461", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:266e182490e2a8bf2e84305df21738d096b7d469871eab9b7269ebe1314e3d73", "Title": "krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26461", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md", "https://linux.oracle.com/cve/CVE-2024-26461.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26461", "https://security.netapp.com/advisory/ntap-20240415-0011/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26461" ], "PublishedDate": "2024-02-29T01:44:18.82Z", "LastModifiedDate": "2025-05-23T15:30:30.847Z" }, { "VulnerabilityID": "CVE-2023-29932", "PkgID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "PkgName": "libllvm15", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:15.0.7-0ubuntu0.22.04.1", "FixedVersion": "1:15.0.7-0ubuntu0.22.04.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29932", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:fdf55fe1935a9d22219d10f496cdfcafd85ea511b6e499609ad8752ffb6f3a1e", "Title": "llvm: canonicalize pass crashed with segmentation fault", "Description": "llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand\u003cmlir::OpOperand.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-120" ], "VendorSeverity": { "cbl-mariner": 2, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-29932", "https://github.com/llvm/llvm-project/commit/d35fcf0e97e7bb02381506a71e61ec282b292c50", "https://github.com/llvm/llvm-project/issues/58745", "https://nvd.nist.gov/vuln/detail/CVE-2023-29932", "https://ubuntu.com/security/notices/USN-6258-1", "https://www.cve.org/CVERecord?id=CVE-2023-29932" ], "PublishedDate": "2023-05-05T15:15:09.633Z", "LastModifiedDate": "2025-01-29T21:15:16.35Z" }, { "VulnerabilityID": "CVE-2023-29933", "PkgID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "PkgName": "libllvm15", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:15.0.7-0ubuntu0.22.04.1", "FixedVersion": "1:15.0.7-0ubuntu0.22.04.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29933", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d063d238b97b0f3a51e360d82598bb7c2cb6527baa2f7e3c002d18eeedd6736d", "Title": "llvm: one shot bufferize crashed with segmentation fault", "Description": "llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "cbl-mariner": 2, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-29933", "https://github.com/llvm/llvm-project/issues/59442", "https://nvd.nist.gov/vuln/detail/CVE-2023-29933", "https://ubuntu.com/security/notices/USN-6258-1", "https://www.cve.org/CVERecord?id=CVE-2023-29933" ], "PublishedDate": "2023-05-05T15:15:09.683Z", "LastModifiedDate": "2025-01-29T21:15:16.503Z" }, { "VulnerabilityID": "CVE-2023-29934", "PkgID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "PkgName": "libllvm15", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:15.0.7-0ubuntu0.22.04.1", "FixedVersion": "1:15.0.7-0ubuntu0.22.04.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29934", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:213043cfcf8f6bfbae895f4193de51b3ddbfb19f37c536f35fa548f28f849231", "Title": "llvm: convert-scf-to-spirv Pass crashed with segmentation fault", "Description": "llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-29934", "https://github.com/llvm/llvm-project/commit/80d5400d924e543c5420f4e924f5818313605e99", "https://github.com/llvm/llvm-project/issues/59136", "https://nvd.nist.gov/vuln/detail/CVE-2023-29934", "https://ubuntu.com/security/notices/USN-6258-1", "https://www.cve.org/CVERecord?id=CVE-2023-29934" ], "PublishedDate": "2023-05-05T15:15:09.733Z", "LastModifiedDate": "2025-01-29T21:15:16.65Z" }, { "VulnerabilityID": "CVE-2023-29939", "PkgID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "PkgName": "libllvm15", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:15.0.7-0ubuntu0.22.04.1", "FixedVersion": "1:15.0.7-0ubuntu0.22.04.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29939", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8cc6043ee282c7f29b5d7fe3513d9e2f2af323ddcc1f6140b62842b3b23c91ae", "Title": "llvm-project commit a0138390 was discovered to contain a segmentation ...", "Description": "llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "nvd": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://github.com/llvm/llvm-project/commit/466aa585c6dfb096bf9a7ad9bcbc6ce8cc7abff1", "https://github.com/llvm/llvm-project/issues/59983", "https://ubuntu.com/security/notices/USN-6258-1", "https://www.cve.org/CVERecord?id=CVE-2023-29939" ], "PublishedDate": "2023-05-05T15:15:09.85Z", "LastModifiedDate": "2025-01-29T21:15:16.987Z" }, { "VulnerabilityID": "CVE-2024-7883", "PkgID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "PkgName": "libllvm15", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:15.0.7-0ubuntu0.22.04.1", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-7883", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bb2c78e8fe650025f6b5dbd40a79df59b0d33198143ce7142f88291c59771cd6", "Title": "clang: CMSE secure state may leak from stack to floating-point registers", "Description": "When using Arm Cortex-M Security Extensions (CMSE), Secure stack \ncontents can be leaked to Non-secure state via floating-point registers \nwhen a Secure to Non-secure function call is made that returns a \nfloating-point value and when this is the first use of floating-point \nsince entering Secure state. This allows an attacker to read a limited \nquantity of Secure stack contents with an impact on confidentiality. \nThis issue is specific to code generated using LLVM-based compilers.", "Severity": "LOW", "CweIDs": [ "CWE-226" ], "VendorSeverity": { "azure": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2024-7883", "https://developer.arm.com/Arm%20Security%20Center/Cortex-M%20Security%20Extensions%20Vulnerability", "https://github.com/llvm/llvm-project/pull/114433", "https://nvd.nist.gov/vuln/detail/CVE-2024-7883", "https://www.cve.org/CVERecord?id=CVE-2024-7883" ], "PublishedDate": "2024-10-31T17:15:14.013Z", "LastModifiedDate": "2025-12-23T15:30:31.55Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "libmount1@2.37.2-4ubuntu3", "PkgName": "libmount1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libmount1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "7d0178ea5aeaeed9", "BOMRef": "pkg:deb/ubuntu/libmount1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:15f4f2ab083a8109cdac4acc0cab85e2a1f9299009986b4a106dc5e88d251ce6", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2023-29491", "PkgID": "libncurses6@6.3-2", "PkgName": "libncurses6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9a860c449d03ad00", "BOMRef": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2c76316d20a55ae657c6b2341d7582c8dfb90ded14d6d591fb0ba43a146fb0ee", "Title": "ncurses: Local users can trigger security-relevant memory corruption via malformed data", "Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", "http://www.openwall.com/lists/oss-security/2023/04/19/11", "https://access.redhat.com/errata/RHSA-2023:6698", "https://access.redhat.com/security/cve/CVE-2023-29491", "https://bugzilla.redhat.com/2191704", "https://errata.almalinux.org/9/ALSA-2023-6698.html", "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", "https://linux.oracle.com/cve/CVE-2023-29491.html", "https://linux.oracle.com/errata/ELSA-2023-6698.html", "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", "https://security.netapp.com/advisory/ntap-20230517-0009/", "https://support.apple.com/kb/HT213843", "https://support.apple.com/kb/HT213844", "https://support.apple.com/kb/HT213845", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2023-29491", "https://www.openwall.com/lists/oss-security/2023/04/12/5", "https://www.openwall.com/lists/oss-security/2023/04/13/4" ], "PublishedDate": "2023-04-14T01:15:08.57Z", "LastModifiedDate": "2025-11-04T19:15:42.307Z" }, { "VulnerabilityID": "CVE-2022-29458", "PkgID": "libncurses6@6.3-2", "PkgName": "libncurses6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9a860c449d03ad00", "BOMRef": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-29458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1eaa7b5ff02dd8abfd4c089d5dcdba7410faa83978af5387eb60b7e3898246c8", "Title": "ncurses: segfaulting OOB read", "Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "V2Score": 5.8, "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "V3Score": 6.1 } }, "References": [ "http://seclists.org/fulldisclosure/2022/Oct/28", "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", "https://bugzilla.redhat.com/show_bug.cgi?id=2076483", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", "https://errata.rockylinux.org/RLSA-2025:12876", "https://invisible-island.net/ncurses/NEWS.html#t20220416", "https://linux.oracle.com/cve/CVE-2022-29458.html", "https://linux.oracle.com/errata/ELSA-2025-12876.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "https://support.apple.com/kb/HT213488", "https://ubuntu.com/security/notices/USN-5477-1", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2022-29458" ], "PublishedDate": "2022-04-18T21:15:07.6Z", "LastModifiedDate": "2025-06-09T15:15:27.43Z" }, { "VulnerabilityID": "CVE-2023-50495", "PkgID": "libncurses6@6.3-2", "PkgName": "libncurses6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9a860c449d03ad00", "BOMRef": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50495", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:34edf6a3c54d27ef20991520a84bd1cd1d1af4750be1b1e72273ce931fdc10c3", "Title": "ncurses: segmentation fault via _nc_wrap_entry()", "Description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "Severity": "LOW", "VendorSeverity": { "amazon": 2, "cbl-mariner": 2, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-50495", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-50495", "https://security.netapp.com/advisory/ntap-20240119-0008/", "https://ubuntu.com/security/notices/USN-6684-1", "https://www.cve.org/CVERecord?id=CVE-2023-50495" ], "PublishedDate": "2023-12-12T15:15:07.867Z", "LastModifiedDate": "2025-11-04T19:16:14.45Z" }, { "VulnerabilityID": "CVE-2023-29491", "PkgID": "libncursesw6@6.3-2", "PkgName": "libncursesw6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "84da8346908c9794", "BOMRef": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b6c1a9caebe6a985b4f0fdce91379be6d40f0902242fcf8401683217b92eca60", "Title": "ncurses: Local users can trigger security-relevant memory corruption via malformed data", "Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", "http://www.openwall.com/lists/oss-security/2023/04/19/11", "https://access.redhat.com/errata/RHSA-2023:6698", "https://access.redhat.com/security/cve/CVE-2023-29491", "https://bugzilla.redhat.com/2191704", "https://errata.almalinux.org/9/ALSA-2023-6698.html", "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", "https://linux.oracle.com/cve/CVE-2023-29491.html", "https://linux.oracle.com/errata/ELSA-2023-6698.html", "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", "https://security.netapp.com/advisory/ntap-20230517-0009/", "https://support.apple.com/kb/HT213843", "https://support.apple.com/kb/HT213844", "https://support.apple.com/kb/HT213845", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2023-29491", "https://www.openwall.com/lists/oss-security/2023/04/12/5", "https://www.openwall.com/lists/oss-security/2023/04/13/4" ], "PublishedDate": "2023-04-14T01:15:08.57Z", "LastModifiedDate": "2025-11-04T19:15:42.307Z" }, { "VulnerabilityID": "CVE-2022-29458", "PkgID": "libncursesw6@6.3-2", "PkgName": "libncursesw6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "84da8346908c9794", "BOMRef": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-29458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c99a25f649ff3775c8149369f17d30b35c058e6d4b07fa8d8c0b0854d67e86fe", "Title": "ncurses: segfaulting OOB read", "Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "V2Score": 5.8, "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "V3Score": 6.1 } }, "References": [ "http://seclists.org/fulldisclosure/2022/Oct/28", "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", "https://bugzilla.redhat.com/show_bug.cgi?id=2076483", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", "https://errata.rockylinux.org/RLSA-2025:12876", "https://invisible-island.net/ncurses/NEWS.html#t20220416", "https://linux.oracle.com/cve/CVE-2022-29458.html", "https://linux.oracle.com/errata/ELSA-2025-12876.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "https://support.apple.com/kb/HT213488", "https://ubuntu.com/security/notices/USN-5477-1", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2022-29458" ], "PublishedDate": "2022-04-18T21:15:07.6Z", "LastModifiedDate": "2025-06-09T15:15:27.43Z" }, { "VulnerabilityID": "CVE-2023-50495", "PkgID": "libncursesw6@6.3-2", "PkgName": "libncursesw6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "84da8346908c9794", "BOMRef": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50495", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:401b87132d9169adfa0749894f29de6375eda6a976cbc7e7eace35fb9e6807a9", "Title": "ncurses: segmentation fault via _nc_wrap_entry()", "Description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "Severity": "LOW", "VendorSeverity": { "amazon": 2, "cbl-mariner": 2, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-50495", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-50495", "https://security.netapp.com/advisory/ntap-20240119-0008/", "https://ubuntu.com/security/notices/USN-6684-1", "https://www.cve.org/CVERecord?id=CVE-2023-50495" ], "PublishedDate": "2023-12-12T15:15:07.867Z", "LastModifiedDate": "2025-11-04T19:16:14.45Z" }, { "VulnerabilityID": "CVE-2024-22365", "PkgID": "libpam-modules@1.4.0-11ubuntu2.3", "PkgName": "libpam-modules", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d8632da2ea866f12", "BOMRef": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-22365", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bcdc0acde6e35aaaed69d2013ead6a9b8777c170f2afb36fb154d63d5dc84c99", "Title": "pam: allowing unprivileged user to block another user namespace", "Description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "Severity": "MEDIUM", "CweIDs": [ "CWE-664" ], "VendorSeverity": { "alma": 2, "amazon": 1, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/18/3", "https://access.redhat.com/errata/RHSA-2024:2438", "https://access.redhat.com/security/cve/CVE-2024-22365", "https://bugzilla.redhat.com/2257722", "https://bugzilla.redhat.com/show_bug.cgi?id=2257722", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365", "https://errata.almalinux.org/9/ALSA-2024-2438.html", "https://errata.rockylinux.org/RLSA-2024:3163", "https://github.com/linux-pam/linux-pam", "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", "https://linux.oracle.com/cve/CVE-2024-22365.html", "https://linux.oracle.com/errata/ELSA-2024-3163.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-22365", "https://ubuntu.com/security/notices/USN-6588-1", "https://ubuntu.com/security/notices/USN-6588-2", "https://www.cve.org/CVERecord?id=CVE-2024-22365", "https://www.openwall.com/lists/oss-security/2024/01/18/3" ], "PublishedDate": "2024-02-06T08:15:52.203Z", "LastModifiedDate": "2025-11-03T19:15:42.857Z" }, { "VulnerabilityID": "CVE-2025-6020", "PkgID": "libpam-modules@1.4.0-11ubuntu2.3", "PkgName": "libpam-modules", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d8632da2ea866f12", "BOMRef": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6020", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1c49fe038efd4f517a7925e0315847816b5cc9e446ef39e443a4fc767d63a63c", "Title": "linux-pam: Linux-pam directory Traversal", "Description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "Severity": "MEDIUM", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/06/17/1", "https://access.redhat.com/errata/RHSA-2025:10024", "https://access.redhat.com/errata/RHSA-2025:10027", "https://access.redhat.com/errata/RHSA-2025:10180", "https://access.redhat.com/errata/RHSA-2025:10354", "https://access.redhat.com/errata/RHSA-2025:10357", "https://access.redhat.com/errata/RHSA-2025:10358", "https://access.redhat.com/errata/RHSA-2025:10359", "https://access.redhat.com/errata/RHSA-2025:10361", "https://access.redhat.com/errata/RHSA-2025:10362", "https://access.redhat.com/errata/RHSA-2025:10735", "https://access.redhat.com/errata/RHSA-2025:10823", "https://access.redhat.com/errata/RHSA-2025:11386", "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:14557", "https://access.redhat.com/errata/RHSA-2025:15099", "https://access.redhat.com/errata/RHSA-2025:15709", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:16524", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:20181", "https://access.redhat.com/errata/RHSA-2025:21885", "https://access.redhat.com/errata/RHSA-2025:22019", "https://access.redhat.com/errata/RHSA-2025:9526", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-6020", "https://bugzilla.redhat.com/2372512", "https://bugzilla.redhat.com/show_bug.cgi?id=2372512", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020", "https://errata.almalinux.org/9/ALSA-2025-9526.html", "https://errata.rockylinux.org/RLSA-2025:9526", "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx", "https://linux.oracle.com/cve/CVE-2025-6020.html", "https://linux.oracle.com/errata/ELSA-2025-9526.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6020", "https://ubuntu.com/security/notices/USN-7580-1", "https://www.cve.org/CVERecord?id=CVE-2025-6020", "https://www.openwall.com/lists/oss-security/2025/06/17/1" ], "PublishedDate": "2025-06-17T13:15:21.66Z", "LastModifiedDate": "2026-03-17T16:16:18.757Z" }, { "VulnerabilityID": "CVE-2024-22365", "PkgID": "libpam-modules-bin@1.4.0-11ubuntu2.3", "PkgName": "libpam-modules-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8c931f0fdc9b837d", "BOMRef": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-22365", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:cb9300d1f13997b051e38ae4837dfbab2fd29c9b27f3d1d807fe08525e818c78", "Title": "pam: allowing unprivileged user to block another user namespace", "Description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "Severity": "MEDIUM", "CweIDs": [ "CWE-664" ], "VendorSeverity": { "alma": 2, "amazon": 1, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/18/3", "https://access.redhat.com/errata/RHSA-2024:2438", "https://access.redhat.com/security/cve/CVE-2024-22365", "https://bugzilla.redhat.com/2257722", "https://bugzilla.redhat.com/show_bug.cgi?id=2257722", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365", "https://errata.almalinux.org/9/ALSA-2024-2438.html", "https://errata.rockylinux.org/RLSA-2024:3163", "https://github.com/linux-pam/linux-pam", "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", "https://linux.oracle.com/cve/CVE-2024-22365.html", "https://linux.oracle.com/errata/ELSA-2024-3163.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-22365", "https://ubuntu.com/security/notices/USN-6588-1", "https://ubuntu.com/security/notices/USN-6588-2", "https://www.cve.org/CVERecord?id=CVE-2024-22365", "https://www.openwall.com/lists/oss-security/2024/01/18/3" ], "PublishedDate": "2024-02-06T08:15:52.203Z", "LastModifiedDate": "2025-11-03T19:15:42.857Z" }, { "VulnerabilityID": "CVE-2025-6020", "PkgID": "libpam-modules-bin@1.4.0-11ubuntu2.3", "PkgName": "libpam-modules-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8c931f0fdc9b837d", "BOMRef": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6020", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:41825f93abb9e17c63572da2491893d2a1fa81c62370300eb69912e28ea6d1ad", "Title": "linux-pam: Linux-pam directory Traversal", "Description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "Severity": "MEDIUM", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/06/17/1", "https://access.redhat.com/errata/RHSA-2025:10024", "https://access.redhat.com/errata/RHSA-2025:10027", "https://access.redhat.com/errata/RHSA-2025:10180", "https://access.redhat.com/errata/RHSA-2025:10354", "https://access.redhat.com/errata/RHSA-2025:10357", "https://access.redhat.com/errata/RHSA-2025:10358", "https://access.redhat.com/errata/RHSA-2025:10359", "https://access.redhat.com/errata/RHSA-2025:10361", "https://access.redhat.com/errata/RHSA-2025:10362", "https://access.redhat.com/errata/RHSA-2025:10735", "https://access.redhat.com/errata/RHSA-2025:10823", "https://access.redhat.com/errata/RHSA-2025:11386", "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:14557", "https://access.redhat.com/errata/RHSA-2025:15099", "https://access.redhat.com/errata/RHSA-2025:15709", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:16524", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:20181", "https://access.redhat.com/errata/RHSA-2025:21885", "https://access.redhat.com/errata/RHSA-2025:22019", "https://access.redhat.com/errata/RHSA-2025:9526", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-6020", "https://bugzilla.redhat.com/2372512", "https://bugzilla.redhat.com/show_bug.cgi?id=2372512", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020", "https://errata.almalinux.org/9/ALSA-2025-9526.html", "https://errata.rockylinux.org/RLSA-2025:9526", "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx", "https://linux.oracle.com/cve/CVE-2025-6020.html", "https://linux.oracle.com/errata/ELSA-2025-9526.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6020", "https://ubuntu.com/security/notices/USN-7580-1", "https://www.cve.org/CVERecord?id=CVE-2025-6020", "https://www.openwall.com/lists/oss-security/2025/06/17/1" ], "PublishedDate": "2025-06-17T13:15:21.66Z", "LastModifiedDate": "2026-03-17T16:16:18.757Z" }, { "VulnerabilityID": "CVE-2024-22365", "PkgID": "libpam-runtime@1.4.0-11ubuntu2.3", "PkgName": "libpam-runtime", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04", "UID": "bbc13483c48a47f3", "BOMRef": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-22365", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8ba8f0b8968a03a6ed902f2eb56e05beadeaa61c50996c30a7ac8ece165f7f3b", "Title": "pam: allowing unprivileged user to block another user namespace", "Description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "Severity": "MEDIUM", "CweIDs": [ "CWE-664" ], "VendorSeverity": { "alma": 2, "amazon": 1, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/18/3", "https://access.redhat.com/errata/RHSA-2024:2438", "https://access.redhat.com/security/cve/CVE-2024-22365", "https://bugzilla.redhat.com/2257722", "https://bugzilla.redhat.com/show_bug.cgi?id=2257722", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365", "https://errata.almalinux.org/9/ALSA-2024-2438.html", "https://errata.rockylinux.org/RLSA-2024:3163", "https://github.com/linux-pam/linux-pam", "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", "https://linux.oracle.com/cve/CVE-2024-22365.html", "https://linux.oracle.com/errata/ELSA-2024-3163.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-22365", "https://ubuntu.com/security/notices/USN-6588-1", "https://ubuntu.com/security/notices/USN-6588-2", "https://www.cve.org/CVERecord?id=CVE-2024-22365", "https://www.openwall.com/lists/oss-security/2024/01/18/3" ], "PublishedDate": "2024-02-06T08:15:52.203Z", "LastModifiedDate": "2025-11-03T19:15:42.857Z" }, { "VulnerabilityID": "CVE-2025-6020", "PkgID": "libpam-runtime@1.4.0-11ubuntu2.3", "PkgName": "libpam-runtime", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04", "UID": "bbc13483c48a47f3", "BOMRef": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6020", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bc4370b08fef84f69a2b843df578341b6ae9bfe6aa6e22dd13ff0777182509b3", "Title": "linux-pam: Linux-pam directory Traversal", "Description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "Severity": "MEDIUM", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/06/17/1", "https://access.redhat.com/errata/RHSA-2025:10024", "https://access.redhat.com/errata/RHSA-2025:10027", "https://access.redhat.com/errata/RHSA-2025:10180", "https://access.redhat.com/errata/RHSA-2025:10354", "https://access.redhat.com/errata/RHSA-2025:10357", "https://access.redhat.com/errata/RHSA-2025:10358", "https://access.redhat.com/errata/RHSA-2025:10359", "https://access.redhat.com/errata/RHSA-2025:10361", "https://access.redhat.com/errata/RHSA-2025:10362", "https://access.redhat.com/errata/RHSA-2025:10735", "https://access.redhat.com/errata/RHSA-2025:10823", "https://access.redhat.com/errata/RHSA-2025:11386", "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:14557", "https://access.redhat.com/errata/RHSA-2025:15099", "https://access.redhat.com/errata/RHSA-2025:15709", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:16524", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:20181", "https://access.redhat.com/errata/RHSA-2025:21885", "https://access.redhat.com/errata/RHSA-2025:22019", "https://access.redhat.com/errata/RHSA-2025:9526", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-6020", "https://bugzilla.redhat.com/2372512", "https://bugzilla.redhat.com/show_bug.cgi?id=2372512", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020", "https://errata.almalinux.org/9/ALSA-2025-9526.html", "https://errata.rockylinux.org/RLSA-2025:9526", "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx", "https://linux.oracle.com/cve/CVE-2025-6020.html", "https://linux.oracle.com/errata/ELSA-2025-9526.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6020", "https://ubuntu.com/security/notices/USN-7580-1", "https://www.cve.org/CVERecord?id=CVE-2025-6020", "https://www.openwall.com/lists/oss-security/2025/06/17/1" ], "PublishedDate": "2025-06-17T13:15:21.66Z", "LastModifiedDate": "2026-03-17T16:16:18.757Z" }, { "VulnerabilityID": "CVE-2024-22365", "PkgID": "libpam0g@1.4.0-11ubuntu2.3", "PkgName": "libpam0g", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3dab8c75dfb28def", "BOMRef": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-22365", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:79504737b94d7045602a7997d8c45a2bc465a8f4963a134f6d4a92d76d142939", "Title": "pam: allowing unprivileged user to block another user namespace", "Description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "Severity": "MEDIUM", "CweIDs": [ "CWE-664" ], "VendorSeverity": { "alma": 2, "amazon": 1, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/18/3", "https://access.redhat.com/errata/RHSA-2024:2438", "https://access.redhat.com/security/cve/CVE-2024-22365", "https://bugzilla.redhat.com/2257722", "https://bugzilla.redhat.com/show_bug.cgi?id=2257722", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365", "https://errata.almalinux.org/9/ALSA-2024-2438.html", "https://errata.rockylinux.org/RLSA-2024:3163", "https://github.com/linux-pam/linux-pam", "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", "https://linux.oracle.com/cve/CVE-2024-22365.html", "https://linux.oracle.com/errata/ELSA-2024-3163.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-22365", "https://ubuntu.com/security/notices/USN-6588-1", "https://ubuntu.com/security/notices/USN-6588-2", "https://www.cve.org/CVERecord?id=CVE-2024-22365", "https://www.openwall.com/lists/oss-security/2024/01/18/3" ], "PublishedDate": "2024-02-06T08:15:52.203Z", "LastModifiedDate": "2025-11-03T19:15:42.857Z" }, { "VulnerabilityID": "CVE-2025-6020", "PkgID": "libpam0g@1.4.0-11ubuntu2.3", "PkgName": "libpam0g", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3dab8c75dfb28def", "BOMRef": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6020", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:264ffdfa970f8415a5e058a48f5c433de703566d0b435af8e92f0fdbc352eb3f", "Title": "linux-pam: Linux-pam directory Traversal", "Description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "Severity": "MEDIUM", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/06/17/1", "https://access.redhat.com/errata/RHSA-2025:10024", "https://access.redhat.com/errata/RHSA-2025:10027", "https://access.redhat.com/errata/RHSA-2025:10180", "https://access.redhat.com/errata/RHSA-2025:10354", "https://access.redhat.com/errata/RHSA-2025:10357", "https://access.redhat.com/errata/RHSA-2025:10358", "https://access.redhat.com/errata/RHSA-2025:10359", "https://access.redhat.com/errata/RHSA-2025:10361", "https://access.redhat.com/errata/RHSA-2025:10362", "https://access.redhat.com/errata/RHSA-2025:10735", "https://access.redhat.com/errata/RHSA-2025:10823", "https://access.redhat.com/errata/RHSA-2025:11386", "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:14557", "https://access.redhat.com/errata/RHSA-2025:15099", "https://access.redhat.com/errata/RHSA-2025:15709", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:16524", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:20181", "https://access.redhat.com/errata/RHSA-2025:21885", "https://access.redhat.com/errata/RHSA-2025:22019", "https://access.redhat.com/errata/RHSA-2025:9526", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-6020", "https://bugzilla.redhat.com/2372512", "https://bugzilla.redhat.com/show_bug.cgi?id=2372512", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020", "https://errata.almalinux.org/9/ALSA-2025-9526.html", "https://errata.rockylinux.org/RLSA-2025:9526", "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx", "https://linux.oracle.com/cve/CVE-2025-6020.html", "https://linux.oracle.com/errata/ELSA-2025-9526.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6020", "https://ubuntu.com/security/notices/USN-7580-1", "https://www.cve.org/CVERecord?id=CVE-2025-6020", "https://www.openwall.com/lists/oss-security/2025/06/17/1" ], "PublishedDate": "2025-06-17T13:15:21.66Z", "LastModifiedDate": "2026-03-17T16:16:18.757Z" }, { "VulnerabilityID": "CVE-2022-41409", "PkgID": "libpcre2-8-0@10.39-3ubuntu0.1", "PkgName": "libpcre2-8-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpcre2-8-0@10.39-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9eaa40b8550aa53c", "BOMRef": "pkg:deb/ubuntu/libpcre2-8-0@10.39-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "10.39-3ubuntu0.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-41409", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8d05e0b2451840c64437326e83209e295fae9b7505b5d2463121e6e5de6b3651", "Title": "pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop", "Description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "Severity": "LOW", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "amazon": 1, "cbl-mariner": 3, "nvd": 3, "photon": 3, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-41409", "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", "https://github.com/PCRE2Project/pcre2/issues/141", "https://github.com/advisories/GHSA-4qfx-v7wh-3q4j", "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "https://www.cve.org/CVERecord?id=CVE-2022-41409" ], "PublishedDate": "2023-07-18T14:15:12.197Z", "LastModifiedDate": "2024-11-21T07:23:10.577Z" }, { "VulnerabilityID": "CVE-2017-11164", "PkgID": "libpcre3@2:8.39-13ubuntu0.22.04.1", "PkgName": "libpcre3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpcre3@8.39-13ubuntu0.22.04.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "92207cfb866df534", "BOMRef": "pkg:deb/ubuntu/libpcre3@8.39-13ubuntu0.22.04.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:8.39-13ubuntu0.22.04.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2017-11164", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:916877dd1f16fed237017ff409eb8f39fad33c44a154f6f7c5fb5919aea3fb16", "Title": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "Description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", "Severity": "LOW", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "nvd": 3, "photon": 3, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V2Score": 7.8, "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "http://openwall.com/lists/oss-security/2017/07/11/3", "http://www.openwall.com/lists/oss-security/2023/04/11/1", "http://www.openwall.com/lists/oss-security/2023/04/12/1", "http://www.securityfocus.com/bid/99575", "https://access.redhat.com/security/cve/CVE-2017-11164", "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", "https://www.cve.org/CVERecord?id=CVE-2017-11164" ], "PublishedDate": "2017-07-11T03:29:00.277Z", "LastModifiedDate": "2025-04-20T01:37:25.86Z" }, { "VulnerabilityID": "CVE-2023-31484", "PkgID": "libperl5.34@5.34.0-3ubuntu1.1", "PkgName": "libperl5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-31484", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7b1ee5e7238215eab78d249908644030484c25f18c83b1b2004ee713ed15af9e", "Title": "perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS", "Description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/04/29/1", "http://www.openwall.com/lists/oss-security/2023/05/03/3", "http://www.openwall.com/lists/oss-security/2023/05/03/5", "http://www.openwall.com/lists/oss-security/2023/05/07/2", "https://access.redhat.com/errata/RHSA-2023:6539", "https://access.redhat.com/security/cve/CVE-2023-31484", "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "https://bugzilla.redhat.com/2218667", "https://bugzilla.redhat.com/show_bug.cgi?id=2218667", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", "https://errata.almalinux.org/9/ALSA-2023-6539.html", "https://errata.rockylinux.org/RLSA-2023:6539", "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", "https://github.com/andk/cpanpm/pull/175", "https://linux.oracle.com/cve/CVE-2023-31484.html", "https://linux.oracle.com/errata/ELSA-2026-0079.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00017.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/", "https://metacpan.org/dist/CPAN/changes", "https://nvd.nist.gov/vuln/detail/CVE-2023-31484", "https://security.netapp.com/advisory/ntap-20240621-0007/", "https://ubuntu.com/security/notices/USN-6112-1", "https://ubuntu.com/security/notices/USN-6112-2", "https://www.cve.org/CVERecord?id=CVE-2023-31484", "https://www.openwall.com/lists/oss-security/2023/04/18/14" ], "PublishedDate": "2023-04-29T00:15:09Z", "LastModifiedDate": "2025-11-03T22:16:19.47Z" }, { "VulnerabilityID": "CVE-2023-47038", "PkgID": "libperl5.34@5.34.0-3ubuntu1.1", "PkgName": "libperl5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-47038", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bf9569a45b9953a1c77442a91da343db581260f8ca19a44c1e5e00a67bc41b38", "Title": "perl: Write past buffer end via illegal user-defined Unicode property", "Description": "A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2228", "https://access.redhat.com/errata/RHSA-2024:3128", "https://access.redhat.com/security/cve/CVE-2023-47038", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746", "https://bugzilla.redhat.com/2249523", "https://bugzilla.redhat.com/show_bug.cgi?id=2249523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47038", "https://errata.almalinux.org/9/ALSA-2024-2228.html", "https://errata.rockylinux.org/RLSA-2024:2228", "https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010", "https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6", "https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3", "https://github.com/aquasecurity/trivy/discussions/8400", "https://linux.oracle.com/cve/CVE-2023-47038.html", "https://linux.oracle.com/errata/ELSA-2024-3128.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMDZZ4SCEW6FRWZDMXGAKZ35THTAWFG6/", "https://nvd.nist.gov/vuln/detail/CVE-2023-47038", "https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property", "https://ubuntu.com/security/CVE-2023-47100", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2023-47038", "https://www.suse.com/security/cve/CVE-2023-47100.html" ], "PublishedDate": "2023-12-18T14:15:08.933Z", "LastModifiedDate": "2025-11-04T19:16:05.573Z" }, { "VulnerabilityID": "CVE-2024-56406", "PkgID": "libperl5.34@5.34.0-3ubuntu1.1", "PkgName": "libperl5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56406", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:cf235566e6d6ad1fcef5bb9a2074fd2c7fd59e2d62d7cd677621011b2a8199ca", "Title": "perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes", "Description": "A heap buffer overflow vulnerability was discovered in Perl. \n\nRelease branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.\n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n   $ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n   Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/04/13/3", "http://www.openwall.com/lists/oss-security/2025/04/13/4", "http://www.openwall.com/lists/oss-security/2025/04/13/5", "https://access.redhat.com/security/cve/CVE-2024-56406", "https://bugzilla.redhat.com/show_bug.cgi?id=2359290", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56406", "https://errata.rockylinux.org/RLSA-2025:7500", "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch", "https://linux.oracle.com/cve/CVE-2024-56406.html", "https://linux.oracle.com/errata/ELSA-2025-7500.html", "https://metacpan.org/release/SHAY/perl-5.38.4/changes", "https://metacpan.org/release/SHAY/perl-5.40.2/changes", "https://nvd.nist.gov/vuln/detail/CVE-2024-56406", "https://ubuntu.com/security/notices/USN-7434-1", "https://ubuntu.com/security/notices/USN-7434-2", "https://www.cve.org/CVERecord?id=CVE-2024-56406" ], "PublishedDate": "2025-04-13T14:15:14.527Z", "LastModifiedDate": "2025-10-16T14:15:34.083Z" }, { "VulnerabilityID": "CVE-2025-40909", "PkgID": "libperl5.34@5.34.0-3ubuntu1.1", "PkgName": "libperl5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-40909", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e478a94fca373748e0c73582192995a4b9f50c2463f4d5db81f80205f3d62c62", "Title": "perl: Perl threads have a working directory race condition where file operations may target unintended paths", "Description": "Perl threads have a working directory race condition where file operations may target unintended paths.\n\nIf a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. \n\nThis may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit.\n\nThe bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6", "Severity": "MEDIUM", "CweIDs": [ "CWE-426", "CWE-689" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.9 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Sep/53", "http://seclists.org/fulldisclosure/2025/Sep/54", "http://seclists.org/fulldisclosure/2025/Sep/55", "http://www.openwall.com/lists/oss-security/2025/05/23/1", "http://www.openwall.com/lists/oss-security/2025/05/30/4", "http://www.openwall.com/lists/oss-security/2025/06/02/2", "http://www.openwall.com/lists/oss-security/2025/06/02/5", "http://www.openwall.com/lists/oss-security/2025/06/02/6", "http://www.openwall.com/lists/oss-security/2025/06/02/7", "http://www.openwall.com/lists/oss-security/2025/06/03/1", "https://access.redhat.com/errata/RHSA-2025:11805", "https://access.redhat.com/security/cve/CVE-2025-40909", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226", "https://bugzilla.redhat.com/2369407", "https://bugzilla.redhat.com/show_bug.cgi?id=2369407", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40909", "https://errata.almalinux.org/8/ALSA-2025-11805.html", "https://errata.rockylinux.org/RLSA-2025:11804", "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e", "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch", "https://github.com/Perl/perl5/issues/10387", "https://github.com/Perl/perl5/issues/23010", "https://linux.oracle.com/cve/CVE-2025-40909.html", "https://linux.oracle.com/errata/ELSA-2025-12056.html", "https://lists.security.metacpan.org/cve-announce/msg/30017499/", "https://nvd.nist.gov/vuln/detail/CVE-2025-40909", "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads", "https://ubuntu.com/security/notices/USN-7678-1", "https://www.cve.org/CVERecord?id=CVE-2025-40909", "https://www.openwall.com/lists/oss-security/2025/05/22/2" ], "PublishedDate": "2025-05-30T13:15:22.35Z", "LastModifiedDate": "2025-11-03T19:15:52.563Z" }, { "VulnerabilityID": "CVE-2022-48522", "PkgID": "libperl5.34@5.34.0-3ubuntu1.1", "PkgName": "libperl5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-48522", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3f3d11ee0c4811e8338df6d56ab2881e47a46fd7190b37c6db61751a3ea9cec1", "Title": "perl: stack-based crash in S_find_uninit_var()", "Description": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "nvd": 4, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-48522", "https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345", "https://github.com/Perl/perl5/commit/23cca2d1f4544cb47f1124d98c308ce1f31f09a6", "https://github.com/Perl/perl5/issues/19147", "https://nvd.nist.gov/vuln/detail/CVE-2022-48522", "https://security.netapp.com/advisory/ntap-20230915-0008/", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2022-48522" ], "PublishedDate": "2023-08-22T19:16:31.153Z", "LastModifiedDate": "2024-11-21T07:33:29.637Z" }, { "VulnerabilityID": "CVE-2023-4016", "PkgID": "libprocps8@2:3.3.17-6ubuntu2", "PkgName": "libprocps8", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libprocps8@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a5c5ac86365bc0e9", "BOMRef": "pkg:deb/ubuntu/libprocps8@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:3.3.17-6ubuntu2", "FixedVersion": "2:3.3.17-6ubuntu2.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4016", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bc3752b9bd4ceec50ff123486e024ebcd8dd79567014689d0aa4af79d5362f59", "Title": "procps: ps buffer overflow", "Description": "Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.", "Severity": "LOW", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 1, "nvd": 1, "oracle-oval": 1, "photon": 1, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6705", "https://access.redhat.com/security/cve/CVE-2023-4016", "https://bugzilla.redhat.com/2228494", "https://bugzilla.redhat.com/show_bug.cgi?id=2228494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4016", "https://errata.almalinux.org/9/ALSA-2023-6705.html", "https://errata.rockylinux.org/RLSA-2023:7187", "https://gitlab.com/procps-ng/procps", "https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413", "https://gitlab.com/procps-ng/procps/-/issues/297", "https://linux.oracle.com/cve/CVE-2023-4016.html", "https://linux.oracle.com/errata/ELSA-2023-7187.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4016", "https://ubuntu.com/security/notices/USN-6477-1", "https://www.cve.org/CVERecord?id=CVE-2023-4016", "https://www.freelists.org/post/procps/ps-buffer-overflow-CVE-20234016" ], "PublishedDate": "2023-08-02T05:15:09.85Z", "LastModifiedDate": "2024-11-21T08:34:14.073Z" }, { "VulnerabilityID": "CVE-2025-11468", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b71bb011027c80d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-11468", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f88db5975a1cec293cdb4634c9da52d67c7d8734cc7919108d804cec3dba14a9", "Title": "cpython: Missing character filtering in Python", "Description": "When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-11468", "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "https://github.com/python/cpython/issues/143935", "https://github.com/python/cpython/pull/143936", "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "https://nvd.nist.gov/vuln/detail/CVE-2025-11468", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-11468" ], "PublishedDate": "2026-01-20T22:15:50.69Z", "LastModifiedDate": "2026-03-03T15:16:13.803Z" }, { "VulnerabilityID": "CVE-2025-12084", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b71bb011027c80d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-12084", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a537a2d9c578c8ecc6b51a91d9abee83449fe71fb85e342c73bb8a20d9a2ab7a", "Title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service", "Description": "When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1478", "https://access.redhat.com/security/cve/CVE-2025-12084", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://errata.almalinux.org/9/ALSA-2026-1478.html", "https://errata.rockylinux.org/RLSA-2026:1478", "https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0", "https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4", "https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437", "https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af", "https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273", "https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907", "https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d", "https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8", "https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8", "https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0", "https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964", "https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53", "https://github.com/python/cpython/issues/142145", "https://github.com/python/cpython/pull/142146", "https://linux.oracle.com/cve/CVE-2025-12084.html", "https://linux.oracle.com/errata/ELSA-2026-2713.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-12084", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-12084" ], "PublishedDate": "2025-12-03T19:15:55.05Z", "LastModifiedDate": "2026-01-26T15:16:05.95Z" }, { "VulnerabilityID": "CVE-2025-13836", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b71bb011027c80d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.13", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13836", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2068c118792244b021d6854facb660228735c2eac5427a8c01f46084e01e5884", "Title": "cpython: Excessive read buffering DoS in http.client", "Description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 6.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1410", "https://access.redhat.com/security/cve/CVE-2025-13836", "https://bugzilla.redhat.com/2418078", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418078", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836", "https://errata.almalinux.org/9/ALSA-2026-1410.html", "https://errata.rockylinux.org/RLSA-2026:1410", "https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628", "https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155 (3.14 branch)", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5 (main)", "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0", "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c", "https://github.com/python/cpython/issues/119451", "https://github.com/python/cpython/pull/119454", "https://linux.oracle.com/cve/CVE-2025-13836.html", "https://linux.oracle.com/errata/ELSA-2026-2419.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13836", "https://ubuntu.com/security/notices/USN-7951-1", "https://www.cve.org/CVERecord?id=CVE-2025-13836" ], "PublishedDate": "2025-12-01T18:16:04.2Z", "LastModifiedDate": "2026-02-10T19:58:12.13Z" }, { "VulnerabilityID": "CVE-2025-13837", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b71bb011027c80d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13837", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0b4d90d115d2cb83363e8b7c57c879be0a25b187bc2f0a852b036807d3638507", "Title": "cpython: Out-of-memory when loading Plist", "Description": "When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 2, "azure": 1, "bitnami": 1, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N", "V40Score": 2.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-13837", "https://github.com/python/cpython/commit/568342cfc8f002d9a15f30238f26b9d2e0e79036", "https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b", "https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70", "https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba", "https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb", "https://github.com/python/cpython/commit/cefee7d118a26ef6cd43db59bb9d98ca9a331111", "https://github.com/python/cpython/issues/119342", "https://github.com/python/cpython/pull/119343", "https://mail.python.org/archives/list/security-announce@python.org/thread/2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13837", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-13837" ], "PublishedDate": "2025-12-01T18:16:04.38Z", "LastModifiedDate": "2026-03-03T15:16:14.483Z" }, { "VulnerabilityID": "CVE-2025-15282", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b71bb011027c80d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15282", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:60425b97833e2df768f198e0ba19ee1df0f3babcdb43e2a9fe47e2f25b9fe9f1", "Title": "cpython: Header injection via newlines in data URL mediatype in Python", "Description": "User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-15282", "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0", "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38", "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47", "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a", "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f", "https://github.com/python/cpython/issues/143925", "https://github.com/python/cpython/pull/143926", "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/", "https://nvd.nist.gov/vuln/detail/CVE-2025-15282", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-15282" ], "PublishedDate": "2026-01-20T22:15:50.883Z", "LastModifiedDate": "2026-01-26T15:16:06.62Z" }, { "VulnerabilityID": "CVE-2026-0672", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b71bb011027c80d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0672", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1c6a54fc1e43a43112c74e62da0771e77b6c8b7732a3acfa23ab453f6397ea9a", "Title": "cpython: Header injection in http.cookies.Morsel in Python", "Description": "When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0672", "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172", "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440", "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d", "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca", "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70", "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85", "https://github.com/python/cpython/issues/143919", "https://github.com/python/cpython/pull/143920", "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0672", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0672" ], "PublishedDate": "2026-01-20T22:15:52.68Z", "LastModifiedDate": "2026-01-26T15:16:07.033Z" }, { "VulnerabilityID": "CVE-2026-0865", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b71bb011027c80d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0865", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f7728f0498f8aa73d16c76b59b5b83b939c603de37b28a8fffa51c50b6b3b789", "Title": "cpython: wsgiref.headers.Headers allows header newline injection in Python", "Description": "User-controlled header names and values containing newlines can allow injecting HTTP headers.", "Severity": "MEDIUM", "CweIDs": [ "CWE-74" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4168", "https://access.redhat.com/security/cve/CVE-2026-0865", "https://bugzilla.redhat.com/2431368", "https://bugzilla.redhat.com/2431373", "https://bugzilla.redhat.com/2432437", "https://bugzilla.redhat.com/show_bug.cgi?id=2431367", "https://bugzilla.redhat.com/show_bug.cgi?id=2431368", "https://bugzilla.redhat.com/show_bug.cgi?id=2431373", "https://bugzilla.redhat.com/show_bug.cgi?id=2432437", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299", "https://errata.almalinux.org/9/ALSA-2026-4168.html", "https://errata.rockylinux.org/RLSA-2026:4168", "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58", "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510", "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f", "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2", "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5", "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6", "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff", "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97", "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf", "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219", "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995", "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211", "https://github.com/python/cpython/issues/143916", "https://github.com/python/cpython/pull/143917", "https://linux.oracle.com/cve/CVE-2026-0865.html", "https://linux.oracle.com/errata/ELSA-2026-4713.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0865", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0865" ], "PublishedDate": "2026-01-20T22:15:52.8Z", "LastModifiedDate": "2026-03-03T15:16:17.59Z" }, { "VulnerabilityID": "CVE-2025-11468", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "de6b03842b7636d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-11468", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:445ed63532a1c749f7dee04075b0c279d00adebd0b383d59fae611947e3b64a3", "Title": "cpython: Missing character filtering in Python", "Description": "When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-11468", "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "https://github.com/python/cpython/issues/143935", "https://github.com/python/cpython/pull/143936", "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "https://nvd.nist.gov/vuln/detail/CVE-2025-11468", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-11468" ], "PublishedDate": "2026-01-20T22:15:50.69Z", "LastModifiedDate": "2026-03-03T15:16:13.803Z" }, { "VulnerabilityID": "CVE-2025-12084", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "de6b03842b7636d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-12084", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:71544ebd44faa87948c93ca67dc861490041df0d7b1a033ec1f613cd3a17828d", "Title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service", "Description": "When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1478", "https://access.redhat.com/security/cve/CVE-2025-12084", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://errata.almalinux.org/9/ALSA-2026-1478.html", "https://errata.rockylinux.org/RLSA-2026:1478", "https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0", "https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4", "https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437", "https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af", "https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273", "https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907", "https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d", "https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8", "https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8", "https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0", "https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964", "https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53", "https://github.com/python/cpython/issues/142145", "https://github.com/python/cpython/pull/142146", "https://linux.oracle.com/cve/CVE-2025-12084.html", "https://linux.oracle.com/errata/ELSA-2026-2713.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-12084", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-12084" ], "PublishedDate": "2025-12-03T19:15:55.05Z", "LastModifiedDate": "2026-01-26T15:16:05.95Z" }, { "VulnerabilityID": "CVE-2025-13836", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "de6b03842b7636d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.13", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13836", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:33139147878244e3789180b354f115c26cd02c9a5a3a465f02c181f4a23f63a3", "Title": "cpython: Excessive read buffering DoS in http.client", "Description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 6.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1410", "https://access.redhat.com/security/cve/CVE-2025-13836", "https://bugzilla.redhat.com/2418078", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418078", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836", "https://errata.almalinux.org/9/ALSA-2026-1410.html", "https://errata.rockylinux.org/RLSA-2026:1410", "https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628", "https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155 (3.14 branch)", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5 (main)", "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0", "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c", "https://github.com/python/cpython/issues/119451", "https://github.com/python/cpython/pull/119454", "https://linux.oracle.com/cve/CVE-2025-13836.html", "https://linux.oracle.com/errata/ELSA-2026-2419.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13836", "https://ubuntu.com/security/notices/USN-7951-1", "https://www.cve.org/CVERecord?id=CVE-2025-13836" ], "PublishedDate": "2025-12-01T18:16:04.2Z", "LastModifiedDate": "2026-02-10T19:58:12.13Z" }, { "VulnerabilityID": "CVE-2025-13837", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "de6b03842b7636d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13837", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:556f24f28e2467cc94242983398cf2d93a24a923e744f250c048a1281c9739ff", "Title": "cpython: Out-of-memory when loading Plist", "Description": "When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 2, "azure": 1, "bitnami": 1, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N", "V40Score": 2.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-13837", "https://github.com/python/cpython/commit/568342cfc8f002d9a15f30238f26b9d2e0e79036", "https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b", "https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70", "https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba", "https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb", "https://github.com/python/cpython/commit/cefee7d118a26ef6cd43db59bb9d98ca9a331111", "https://github.com/python/cpython/issues/119342", "https://github.com/python/cpython/pull/119343", "https://mail.python.org/archives/list/security-announce@python.org/thread/2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13837", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-13837" ], "PublishedDate": "2025-12-01T18:16:04.38Z", "LastModifiedDate": "2026-03-03T15:16:14.483Z" }, { "VulnerabilityID": "CVE-2025-15282", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "de6b03842b7636d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15282", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e480d3b3bce6c1b43f982733f90ca8fe6790283fa435da1e1b26e2bb4dc373d7", "Title": "cpython: Header injection via newlines in data URL mediatype in Python", "Description": "User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-15282", "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0", "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38", "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47", "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a", "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f", "https://github.com/python/cpython/issues/143925", "https://github.com/python/cpython/pull/143926", "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/", "https://nvd.nist.gov/vuln/detail/CVE-2025-15282", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-15282" ], "PublishedDate": "2026-01-20T22:15:50.883Z", "LastModifiedDate": "2026-01-26T15:16:06.62Z" }, { "VulnerabilityID": "CVE-2026-0672", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "de6b03842b7636d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0672", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:62e7d135d564630cf6b1583702244f94a81afb80ea9f5cb4a97f07e14c396fa5", "Title": "cpython: Header injection in http.cookies.Morsel in Python", "Description": "When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0672", "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172", "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440", "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d", "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca", "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70", "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85", "https://github.com/python/cpython/issues/143919", "https://github.com/python/cpython/pull/143920", "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0672", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0672" ], "PublishedDate": "2026-01-20T22:15:52.68Z", "LastModifiedDate": "2026-01-26T15:16:07.033Z" }, { "VulnerabilityID": "CVE-2026-0865", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "de6b03842b7636d1", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0865", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d9454db098f8b32bd005cd75dcfcdeb5511e011fd4412ad43a6a6995aaf52aa5", "Title": "cpython: wsgiref.headers.Headers allows header newline injection in Python", "Description": "User-controlled header names and values containing newlines can allow injecting HTTP headers.", "Severity": "MEDIUM", "CweIDs": [ "CWE-74" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4168", "https://access.redhat.com/security/cve/CVE-2026-0865", "https://bugzilla.redhat.com/2431368", "https://bugzilla.redhat.com/2431373", "https://bugzilla.redhat.com/2432437", "https://bugzilla.redhat.com/show_bug.cgi?id=2431367", "https://bugzilla.redhat.com/show_bug.cgi?id=2431368", "https://bugzilla.redhat.com/show_bug.cgi?id=2431373", "https://bugzilla.redhat.com/show_bug.cgi?id=2432437", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299", "https://errata.almalinux.org/9/ALSA-2026-4168.html", "https://errata.rockylinux.org/RLSA-2026:4168", "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58", "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510", "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f", "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2", "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5", "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6", "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff", "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97", "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf", "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219", "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995", "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211", "https://github.com/python/cpython/issues/143916", "https://github.com/python/cpython/pull/143917", "https://linux.oracle.com/cve/CVE-2026-0865.html", "https://linux.oracle.com/errata/ELSA-2026-4713.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0865", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0865" ], "PublishedDate": "2026-01-20T22:15:52.8Z", "LastModifiedDate": "2026-03-03T15:16:17.59Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "libsmartcols1@2.37.2-4ubuntu3", "PkgName": "libsmartcols1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libsmartcols1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "fb3b2255a47d5ea7", "BOMRef": "pkg:deb/ubuntu/libsmartcols1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:87393fcf4081238298de90072703794edfef2ff6820199a7722c0e80107feae7", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2022-40735", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.16", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-40735", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5a0e95176bc7b9f8fc3e718deccac79a132ef38381ac3592dd6455b06723bb0b", "Description": "The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1996 van Oorschot and Wiener paper found that \"(appropriately) short exponents\" can be used when there are adequate subgroup constraints, and these short exponents can lead to less expensive calculations than for long exponents. This issue is different from CVE-2002-20001 because it is based on an observation about exponent size, rather than an observation about numbers that are not public keys. The specific situations in which calculation expense would constitute a server-side vulnerability depend on the protocol (e.g., TLS, SSH, or IKE) and the DHE implementation details. In general, there might be an availability concern because of server-side resource consumption from DHE modular-exponentiation calculations. Finally, it is possible for an attacker to exploit this vulnerability and CVE-2002-20001 together.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "nvd": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://dheatattack.gitlab.io/", "https://gist.github.com/c0r0n3r/9455ddcab985c50fd1912eabf26e058b", "https://github.com/mozilla/ssl-config-generator/issues/162", "https://github.com/openssl/openssl/pull/18480", "https://ieeexplore.ieee.org/document/10374117", "https://link.springer.com/content/pdf/10.1007/3-540-68339-9_29.pdf", "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf", "https://raw.githubusercontent.com/CVEProject/cvelist/9d7fbbcabd3f44cfedc9e8807757d31ece85a2c6/2022/40xxx/CVE-2022-40735.json", "https://ubuntu.com/security/notices/USN-6854-1", "https://www.cve.org/CVERecord?id=CVE-2022-40735", "https://www.researchgate.net/profile/Anton-Stiglic-2/publication/2401745_Security_Issues_in_the_Diffie-Hellman_Key_Agreement_Protocol/links/546c144f0cf20dedafd53e7e/Security-Issues-in-the-Diffie-Hellman-Key-Agreement-Protocol.pdf", "https://www.rfc-editor.org/rfc/rfc3526", "https://www.rfc-editor.org/rfc/rfc4419", "https://www.rfc-editor.org/rfc/rfc5114#section-4", "https://www.rfc-editor.org/rfc/rfc7919#section-5.2" ], "PublishedDate": "2022-11-14T23:15:11.423Z", "LastModifiedDate": "2024-11-21T07:21:56.9Z" }, { "VulnerabilityID": "CVE-2023-2650", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.10", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-2650", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:32139788f23f5d856f2dfdfe118470901042128cc8eb83ab7daf88a589df1f28", "Title": "openssl: Possible DoS translating ASN.1 object identifiers", "Description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or\ndata containing them may be very slow.\n\nImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\nthe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\nsize limit may experience notable to very long delays when processing those\nmessages, which may lead to a Denial of Service.\n\nAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\nmost of which have no size limit. OBJ_obj2txt() may be used to translate\nan ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\ntype ASN1_OBJECT) to its canonical numeric text form, which are the\nsub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\nperiods.\n\nWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\n(these are sizes that are seen as absurdly large, taking up tens or hundreds\nof KiBs), the translation to a decimal number in text may take a very long\ntime. The time complexity is O(n^2) with 'n' being the size of the\nsub-identifiers in bytes (*).\n\nWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\nidentifiers in string form was introduced. This includes using OBJECT\nIDENTIFIERs in canonical numeric text form as identifiers for fetching\nalgorithms.\n\nSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\nAlgorithmIdentifier, which is commonly used in multiple protocols to specify\nwhat cryptographic algorithm should be used to sign or verify, encrypt or\ndecrypt, or digest passed data.\n\nApplications that call OBJ_obj2txt() directly with untrusted data are\naffected, with any version of OpenSSL. If the use is for the mere purpose\nof display, the severity is considered low.\n\nIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\nCMS, CMP/CRMF or TS. It also impacts anything that processes X.509\ncertificates, including simple things like verifying its signature.\n\nThe impact on TLS is relatively low, because all versions of OpenSSL have a\n100KiB limit on the peer's certificate chain. Additionally, this only\nimpacts clients, or servers that have explicitly enabled client\nauthentication.\n\nIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\nsuch as X.509 certificates. This is assumed to not happen in such a way\nthat it would cause a Denial of Service, so these versions are considered\nnot affected by this issue in such a way that it would be cause for concern,\nand the severity is therefore considered low.", "Severity": "MEDIUM", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/05/30/1", "https://access.redhat.com/errata/RHSA-2023:6330", "https://access.redhat.com/security/cve/CVE-2023-2650", "https://bugzilla.redhat.com/1858038", "https://bugzilla.redhat.com/2207947", "https://errata.almalinux.org/9/ALSA-2023-6330.html", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", "https://linux.oracle.com/cve/CVE-2023-2650.html", "https://linux.oracle.com/errata/ELSA-2023-6330.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", "https://security.gentoo.org/glsa/202402-08", "https://security.netapp.com/advisory/ntap-20230703-0001/", "https://security.netapp.com/advisory/ntap-20231027-0009/", "https://ubuntu.com/security/notices/USN-6119-1", "https://ubuntu.com/security/notices/USN-6188-1", "https://ubuntu.com/security/notices/USN-6672-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2023-2650", "https://www.debian.org/security/2023/dsa-5417", "https://www.openssl.org/news/secadv/20230530.txt" ], "PublishedDate": "2023-05-30T14:15:09.683Z", "LastModifiedDate": "2025-03-19T16:15:21.89Z" }, { "VulnerabilityID": "CVE-2023-5363", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.12", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-5363", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:77b9717e9a4df881f01a43cf1fc8462843cfef84726f7bb2d54ff1d4096bb355", "Title": "openssl: Incorrect cipher key and IV length processing", "Description": "Issue summary: A bug has been identified in the processing of key and\ninitialisation vector (IV) lengths. This can lead to potential truncation\nor overruns during the initialisation of some symmetric ciphers.\n\nImpact summary: A truncation in the IV can result in non-uniqueness,\nwhich could result in loss of confidentiality for some cipher modes.\n\nWhen calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or\nEVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after\nthe key and IV have been established. Any alterations to the key length,\nvia the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter,\nwithin the OSSL_PARAM array will not take effect as intended, potentially\ncausing truncation or overreading of these values. The following ciphers\nand cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.\n\nFor the CCM, GCM and OCB cipher modes, truncation of the IV can result in\nloss of confidentiality. For example, when following NIST's SP 800-38D\nsection 8.2.1 guidance for constructing a deterministic IV for AES in\nGCM mode, truncation of the counter portion could lead to IV reuse.\n\nBoth truncations and overruns of the key and overruns of the IV will\nproduce incorrect results and could, in some cases, trigger a memory\nexception. However, these issues are not currently assessed as security\ncritical.\n\nChanging the key and/or IV lengths is not considered to be a common operation\nand the vulnerable API was recently introduced. Furthermore it is likely that\napplication developers will have spotted this problem during testing since\ndecryption would fail unless both peers in the communication were similarly\nvulnerable. For these reasons we expect the probability of an application being\nvulnerable to this to be quite low. However if an application is vulnerable then\nthis issue is considered very serious. For these reasons we have assessed this\nissue as Moderate severity overall.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because\nthe issue lies outside of the FIPS provider boundary.\n\nOpenSSL 3.1 and 3.0 are vulnerable to this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-684" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/24/1", "https://access.redhat.com/errata/RHSA-2024:0310", "https://access.redhat.com/security/cve/CVE-2023-5363", "https://bugzilla.redhat.com/2243839", "https://errata.almalinux.org/9/ALSA-2024-0310.html", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee", "https://linux.oracle.com/cve/CVE-2023-5363.html", "https://linux.oracle.com/errata/ELSA-2024-12093.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-5363", "https://security.netapp.com/advisory/ntap-20231027-0010/", "https://security.netapp.com/advisory/ntap-20240201-0003/", "https://security.netapp.com/advisory/ntap-20240201-0004/", "https://security.netapp.com/advisory/ntap-20241108-0002/", "https://ubuntu.com/security/notices/USN-6450-1", "https://www.cve.org/CVERecord?id=CVE-2023-5363", "https://www.debian.org/security/2023/dsa-5532", "https://www.openssl.org/news/secadv/20231024.txt" ], "PublishedDate": "2023-10-25T18:17:43.613Z", "LastModifiedDate": "2025-12-02T20:15:48.537Z" }, { "VulnerabilityID": "CVE-2024-6119", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.18", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-6119", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7bf90b0355408e23c5d9eab5fc64b00a5ad5cc20dcb9357c2e3ad0f6639b61f7", "Title": "openssl: Possible denial of service in X.509 name checks", "Description": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don't perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-843" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/09/03/4", "https://access.redhat.com/errata/RHSA-2024:8935", "https://access.redhat.com/security/cve/CVE-2024-6119", "https://bugzilla.redhat.com/2306158", "https://bugzilla.redhat.com/show_bug.cgi?id=2306158", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6119", "https://errata.almalinux.org/9/ALSA-2024-8935.html", "https://errata.rockylinux.org/RLSA-2024:6783", "https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f", "https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6", "https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2", "https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0", "https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj", "https://linux.oracle.com/cve/CVE-2024-6119.html", "https://linux.oracle.com/errata/ELSA-2024-8935.html", "https://lists.freebsd.org/archives/freebsd-security/2024-September/000303.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-6119", "https://openssl-library.org/news/secadv/20240903.txt", "https://security.netapp.com/advisory/ntap-20240912-0001/", "https://ubuntu.com/security/notices/USN-6986-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-6119" ], "PublishedDate": "2024-09-03T16:15:07.177Z", "LastModifiedDate": "2025-06-03T10:51:54.117Z" }, { "VulnerabilityID": "CVE-2025-15467", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15467", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1ed21436684e99d8808d87f8a328bb01fb052a8108e6111e2bb810c2c1ac32d7", "Title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing", "Description": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 4, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/27/10", "http://www.openwall.com/lists/oss-security/2026/02/25/6", "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-15467", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/guiimoraes/CVE-2025-15467", "https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703", "https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9", "https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3", "https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e", "https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc", "https://linux.oracle.com/cve/CVE-2025-15467.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-15467", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://www.cve.org/CVERecord?id=CVE-2025-15467" ], "PublishedDate": "2026-01-27T16:16:14.257Z", "LastModifiedDate": "2026-03-19T19:16:19.23Z" }, { "VulnerabilityID": "CVE-2025-9230", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.20", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-9230", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ace34223be5378d67562c91df8cb87ff9100396be1abf562132f581f44a9f8e7", "Title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap", "Description": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.6 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/09/30/5", "https://access.redhat.com/errata/RHSA-2026:2776", "https://access.redhat.com/security/cve/CVE-2025-9230", "https://bugzilla.redhat.com/2396054", "https://bugzilla.redhat.com/show_bug.cgi?id=2396054", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230", "https://errata.almalinux.org/9/ALSA-2026-2776.html", "https://errata.rockylinux.org/RLSA-2025:21255", "https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45", "https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280", "https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def", "https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd", "https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482", "https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3", "https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba", "https://linux.oracle.com/cve/CVE-2025-9230.html", "https://linux.oracle.com/errata/ELSA-2026-50114.html", "https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-9230", "https://openssl-library.org/news/secadv/20250930.txt", "https://ubuntu.com/security/notices/USN-7786-1", "https://www.cve.org/CVERecord?id=CVE-2025-9230" ], "PublishedDate": "2025-09-30T14:15:41.05Z", "LastModifiedDate": "2025-11-04T22:16:45.36Z" }, { "VulnerabilityID": "CVE-2023-1255", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.10", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-1255", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ea365c742224cb5dbd4db19a35f719d15e5fee051404faf4c9cceff088cffeee", "Title": "openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM", "Description": "Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM\nplatform contains a bug that could cause it to read past the input buffer,\nleading to a crash.\n\nImpact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM\nplatform can crash in rare circumstances. The AES-XTS algorithm is usually\nused for disk encryption.\n\nThe AES-XTS cipher decryption implementation for 64 bit ARM platform will read\npast the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16\nbyte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext\nbuffer is unmapped, this will trigger a crash which results in a denial of\nservice.\n\nIf an attacker can control the size and location of the ciphertext buffer\nbeing decrypted by an application using AES-XTS on 64 bit ARM, the\napplication is affected. This is fairly unlikely making this issue\na Low severity one.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.1 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:3722", "https://access.redhat.com/security/cve/CVE-2023-1255", "https://bugzilla.redhat.com/2181082", "https://bugzilla.redhat.com/2182561", "https://bugzilla.redhat.com/2182565", "https://bugzilla.redhat.com/2188461", "https://bugzilla.redhat.com/2207947", "https://errata.almalinux.org/9/ALSA-2023-3722.html", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=02ac9c9420275868472f33b01def01218742b8bb", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc2f61ad70971869b242fc1cb445b98bad50074a", "https://linux.oracle.com/cve/CVE-2023-1255.html", "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-1255", "https://security.netapp.com/advisory/ntap-20230908-0006/", "https://ubuntu.com/security/notices/USN-6119-1", "https://www.cve.org/CVERecord?id=CVE-2023-1255", "https://www.openssl.org/news/secadv/20230419.txt", "https://www.openssl.org/news/secadv/20230420.txt" ], "PublishedDate": "2023-04-20T17:15:06.883Z", "LastModifiedDate": "2025-02-04T22:15:39.327Z" }, { "VulnerabilityID": "CVE-2023-2975", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.12", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-2975", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b0d0b46906f709c6d2a30764996403b01679c9fb0b1e3b6036cc4c51ed380e00", "Title": "openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries", "Description": "Issue summary: The AES-SIV cipher implementation contains a bug that causes\nit to ignore empty associated data entries which are unauthenticated as\na consequence.\n\nImpact summary: Applications that use the AES-SIV algorithm and want to\nauthenticate empty data entries as associated data can be misled by removing,\nadding or reordering such empty entries as these are ignored by the OpenSSL\nimplementation. We are currently unaware of any such applications.\n\nThe AES-SIV algorithm allows for authentication of multiple associated\ndata entries along with the encryption. To authenticate empty data the\napplication has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with\nNULL pointer as the output buffer and 0 as the input buffer length.\nThe AES-SIV implementation in OpenSSL just returns success for such a call\ninstead of performing the associated data authentication operation.\nThe empty data thus will not be authenticated.\n\nAs this issue does not affect non-empty associated data authentication and\nwe expect it to be rare for an application to use empty associated data\nentries this is qualified as Low severity issue.", "Severity": "LOW", "CweIDs": [ "CWE-354", "CWE-287" ], "VendorSeverity": { "alma": 1, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/07/15/1", "http://www.openwall.com/lists/oss-security/2023/07/19/5", "https://access.redhat.com/errata/RHSA-2024:2447", "https://access.redhat.com/security/cve/CVE-2023-2975", "https://bugzilla.redhat.com/2223016", "https://bugzilla.redhat.com/2224962", "https://bugzilla.redhat.com/2227852", "https://bugzilla.redhat.com/2248616", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://errata.almalinux.org/9/ALSA-2024-2447.html", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc", "https://linux.oracle.com/cve/CVE-2023-2975.html", "https://linux.oracle.com/errata/ELSA-2024-2447.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-2975", "https://security.gentoo.org/glsa/202402-08", "https://security.netapp.com/advisory/ntap-20230725-0004/", "https://ubuntu.com/security/notices/USN-6450-1", "https://www.cve.org/CVERecord?id=CVE-2023-2975", "https://www.openssl.org/news/secadv/20230714.txt" ], "PublishedDate": "2023-07-14T12:15:09.023Z", "LastModifiedDate": "2025-04-23T17:16:32.467Z" }, { "VulnerabilityID": "CVE-2023-3446", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.12", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3446", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0ad60d9f4bc414bbed1fd70ca76d87897de1407bbf6ea94dae81728e6b425066", "Title": "openssl: Excessive time spent checking DH keys and parameters", "Description": "Issue summary: Checking excessively long DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_check(), DH_check_ex()\nor EVP_PKEY_param_check() to check a DH key or DH parameters may experience long\ndelays. Where the key or parameters that are being checked have been obtained\nfrom an untrusted source this may lead to a Denial of Service.\n\nThe function DH_check() performs various checks on DH parameters. One of those\nchecks confirms that the modulus ('p' parameter) is not too large. Trying to use\na very large modulus is slow and OpenSSL will not normally use a modulus which\nis over 10,000 bits in length.\n\nHowever the DH_check() function checks numerous aspects of the key or parameters\nthat have been supplied. Some of those checks use the supplied modulus value\neven if it has already been found to be too large.\n\nAn application that calls DH_check() and supplies a key or parameters obtained\nfrom an untrusted source could be vulernable to a Denial of Service attack.\n\nThe function DH_check() is itself called by a number of other OpenSSL functions.\nAn application calling any of those other functions may similarly be affected.\nThe other functions affected by this are DH_check_ex() and\nEVP_PKEY_param_check().\n\nAlso vulnerable are the OpenSSL dhparam and pkeyparam command line applications\nwhen using the '-check' option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-606", "CWE-1333" ], "VendorSeverity": { "alma": 1, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/07/19/4", "http://www.openwall.com/lists/oss-security/2023/07/19/5", "http://www.openwall.com/lists/oss-security/2023/07/19/6", "http://www.openwall.com/lists/oss-security/2023/07/31/1", "http://www.openwall.com/lists/oss-security/2024/05/16/1", "https://access.redhat.com/errata/RHSA-2024:2447", "https://access.redhat.com/security/cve/CVE-2023-3446", "https://bugzilla.redhat.com/2223016", "https://bugzilla.redhat.com/2224962", "https://bugzilla.redhat.com/2227852", "https://bugzilla.redhat.com/2248616", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2224962", "https://bugzilla.redhat.com/show_bug.cgi?id=2257582", "https://bugzilla.redhat.com/show_bug.cgi?id=2257583", "https://bugzilla.redhat.com/show_bug.cgi?id=2258677", "https://bugzilla.redhat.com/show_bug.cgi?id=2258688", "https://bugzilla.redhat.com/show_bug.cgi?id=2258691", "https://bugzilla.redhat.com/show_bug.cgi?id=2258694", "https://bugzilla.redhat.com/show_bug.cgi?id=2258700", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36763", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36764", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45229", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45231", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45232", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45233", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45235", "https://errata.almalinux.org/9/ALSA-2024-2447.html", "https://errata.rockylinux.org/RLSA-2024:2264", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23", "https://linux.oracle.com/cve/CVE-2023-3446.html", "https://linux.oracle.com/errata/ELSA-2024-2447.html", "https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3446", "https://security.gentoo.org/glsa/202402-08", "https://security.netapp.com/advisory/ntap-20230803-0011/", "https://ubuntu.com/security/notices/USN-6435-1", "https://ubuntu.com/security/notices/USN-6435-2", "https://ubuntu.com/security/notices/USN-6450-1", "https://ubuntu.com/security/notices/USN-6709-1", "https://ubuntu.com/security/notices/USN-7018-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2023-3446", "https://www.openssl.org/news/secadv/20230719.txt" ], "PublishedDate": "2023-07-19T12:15:10.003Z", "LastModifiedDate": "2025-04-23T17:16:36.967Z" }, { "VulnerabilityID": "CVE-2023-3817", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.12", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3817", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:30e1dac21776004aeed5e8b982cd69f89a4925fe4aa99f6c8b18e19bccd4f702", "Title": "OpenSSL: Excessive time spent checking DH q parameter value", "Description": "Issue summary: Checking excessively long DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_check(), DH_check_ex()\nor EVP_PKEY_param_check() to check a DH key or DH parameters may experience long\ndelays. Where the key or parameters that are being checked have been obtained\nfrom an untrusted source this may lead to a Denial of Service.\n\nThe function DH_check() performs various checks on DH parameters. After fixing\nCVE-2023-3446 it was discovered that a large q parameter value can also trigger\nan overly long computation during some of these checks. A correct q value,\nif present, cannot be larger than the modulus p parameter, thus it is\nunnecessary to perform these checks if q is larger than p.\n\nAn application that calls DH_check() and supplies a key or parameters obtained\nfrom an untrusted source could be vulnerable to a Denial of Service attack.\n\nThe function DH_check() is itself called by a number of other OpenSSL functions.\nAn application calling any of those other functions may similarly be affected.\nThe other functions affected by this are DH_check_ex() and\nEVP_PKEY_param_check().\n\nAlso vulnerable are the OpenSSL dhparam and pkeyparam command line applications\nwhen using the \"-check\" option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-606", "CWE-834" ], "VendorSeverity": { "alma": 1, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://seclists.org/fulldisclosure/2023/Jul/43", "http://www.openwall.com/lists/oss-security/2023/07/31/1", "http://www.openwall.com/lists/oss-security/2023/09/22/11", "http://www.openwall.com/lists/oss-security/2023/09/22/9", "http://www.openwall.com/lists/oss-security/2023/11/06/2", "https://access.redhat.com/errata/RHSA-2024:2447", "https://access.redhat.com/security/cve/CVE-2023-3817", "https://bugzilla.redhat.com/2223016", "https://bugzilla.redhat.com/2224962", "https://bugzilla.redhat.com/2227852", "https://bugzilla.redhat.com/2248616", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2224962", "https://bugzilla.redhat.com/show_bug.cgi?id=2227852", "https://bugzilla.redhat.com/show_bug.cgi?id=2248616", "https://bugzilla.redhat.com/show_bug.cgi?id=2270358", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3817", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5678", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2408", "https://errata.almalinux.org/9/ALSA-2024-2447.html", "https://errata.rockylinux.org/RLSA-2023:7877", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5", "https://linux.oracle.com/cve/CVE-2023-3817.html", "https://linux.oracle.com/errata/ELSA-2024-2447.html", "https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3817", "https://security.gentoo.org/glsa/202402-08", "https://security.netapp.com/advisory/ntap-20230818-0014/", "https://security.netapp.com/advisory/ntap-20231027-0008/", "https://security.netapp.com/advisory/ntap-20240621-0006/", "https://ubuntu.com/security/notices/USN-6435-1", "https://ubuntu.com/security/notices/USN-6435-2", "https://ubuntu.com/security/notices/USN-6450-1", "https://ubuntu.com/security/notices/USN-6709-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2023-3817", "https://www.openssl.org/news/secadv/20230731.txt" ], "PublishedDate": "2023-07-31T16:15:10.497Z", "LastModifiedDate": "2025-05-05T16:15:47.343Z" }, { "VulnerabilityID": "CVE-2023-5678", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.14", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-5678", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a7b27f89dc7c08907501d316c0e4700f424914e2adfc36d2a8866b9a030508fb", "Title": "openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow", "Description": "Issue summary: Generating excessively long X9.42 DH keys or checking\nexcessively long X9.42 DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_generate_key() to\ngenerate an X9.42 DH key may experience long delays. Likewise, applications\nthat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\nto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\nWhere the key or parameters that are being checked have been obtained from\nan untrusted source this may lead to a Denial of Service.\n\nWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\nDH_check_pub_key() doesn't make any of these checks, and is therefore\nvulnerable for excessively large P and Q parameters.\n\nLikewise, while DH_generate_key() performs a check for an excessively large\nP, it doesn't check for an excessively large Q.\n\nAn application that calls DH_generate_key() or DH_check_pub_key() and\nsupplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nDH_generate_key() and DH_check_pub_key() are also called by a number of\nother OpenSSL functions. An application calling any of those other\nfunctions may similarly be affected. The other functions affected by this\nare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\n\nAlso vulnerable are the OpenSSL pkey command line application when using the\n\"-pubcheck\" option, as well as the OpenSSL genpkey command line application.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-606", "CWE-754" ], "VendorSeverity": { "alma": 1, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/11/1", "https://access.redhat.com/errata/RHSA-2024:2447", "https://access.redhat.com/security/cve/CVE-2023-5678", "https://bugzilla.redhat.com/2223016", "https://bugzilla.redhat.com/2224962", "https://bugzilla.redhat.com/2227852", "https://bugzilla.redhat.com/2248616", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2224962", "https://bugzilla.redhat.com/show_bug.cgi?id=2227852", "https://bugzilla.redhat.com/show_bug.cgi?id=2248616", "https://bugzilla.redhat.com/show_bug.cgi?id=2270358", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3817", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5678", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2408", "https://errata.almalinux.org/9/ALSA-2024-2447.html", "https://errata.rockylinux.org/RLSA-2023:7877", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6", "https://linux.oracle.com/cve/CVE-2023-5678.html", "https://linux.oracle.com/errata/ELSA-2024-2447.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-5678", "https://security.netapp.com/advisory/ntap-20231130-0010/", "https://ubuntu.com/security/notices/USN-6622-1", "https://ubuntu.com/security/notices/USN-6632-1", "https://ubuntu.com/security/notices/USN-6709-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2023-5678", "https://www.openssl.org/news/secadv/20231106.txt" ], "PublishedDate": "2023-11-06T16:15:42.67Z", "LastModifiedDate": "2025-12-02T20:15:49.157Z" }, { "VulnerabilityID": "CVE-2023-6129", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.14", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-6129", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3117c8489eb031d5cc63be0f50bd8d2a574637811a9c1b685092397db98cc936", "Title": "openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC", "Description": "Issue summary: The POLY1305 MAC (message authentication code) implementation\ncontains a bug that might corrupt the internal state of applications running\non PowerPC CPU based platforms if the CPU provides vector instructions.\n\nImpact summary: If an attacker can influence whether the POLY1305 MAC\nalgorithm is used, the application state might be corrupted with various\napplication dependent consequences.\n\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL for\nPowerPC CPUs restores the contents of vector registers in a different order\nthan they are saved. Thus the contents of some of these vector registers\nare corrupted when returning to the caller. The vulnerable code is used only\non newer PowerPC processors supporting the PowerISA 2.07 instructions.\n\nThe consequences of this kind of internal application state corruption can\nbe various - from no consequences, if the calling application does not\ndepend on the contents of non-volatile XMM registers at all, to the worst\nconsequences, where the attacker could get complete control of the application\nprocess. However unless the compiler uses the vector registers for storing\npointers, the most likely consequence, if any, would be an incorrect result\nof some application dependent calculations or a crash leading to a denial of\nservice.\n\nThe POLY1305 MAC algorithm is most frequently used as part of the\nCHACHA20-POLY1305 AEAD (authenticated encryption with associated data)\nalgorithm. The most common usage of this AEAD cipher is with TLS protocol\nversions 1.2 and 1.3. If this cipher is enabled on the server a malicious\nclient can influence whether this AEAD cipher is used. This implies that\nTLS server applications using OpenSSL can be potentially impacted. However\nwe are currently not aware of any concrete application that would be affected\nby this issue therefore we consider this a Low severity security issue.", "Severity": "LOW", "CweIDs": [ "CWE-440", "CWE-787" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 6.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/11/1", "https://access.redhat.com/errata/RHSA-2024:9088", "https://access.redhat.com/security/cve/CVE-2023-6129", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/2284243", "https://bugzilla.redhat.com/show_bug.cgi?id=2257571", "https://bugzilla.redhat.com/show_bug.cgi?id=2258502", "https://bugzilla.redhat.com/show_bug.cgi?id=2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2284243", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6129", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1298", "https://errata.almalinux.org/9/ALSA-2024-9088.html", "https://errata.rockylinux.org/RLSA-2024:9088", "https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35", "https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04", "https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015", "https://linux.oracle.com/cve/CVE-2023-6129.html", "https://linux.oracle.com/errata/ELSA-2024-9088.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-6129", "https://security.netapp.com/advisory/ntap-20240216-0009/", "https://security.netapp.com/advisory/ntap-20240426-0008/", "https://security.netapp.com/advisory/ntap-20240426-0013/", "https://security.netapp.com/advisory/ntap-20240503-0011/", "https://ubuntu.com/security/notices/USN-6622-1", "https://www.cve.org/CVERecord?id=CVE-2023-6129", "https://www.openssl.org/news/secadv/20240109.txt", "https://www.openwall.com/lists/oss-security/2024/01/09/1" ], "PublishedDate": "2024-01-09T17:15:12.147Z", "LastModifiedDate": "2025-06-20T16:15:27.797Z" }, { "VulnerabilityID": "CVE-2023-6237", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.14", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-6237", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9ad491f3fcf4468d0ba3d7c7222c6708bbd6609af979c30f90348a04f67c08fe", "Title": "openssl: Excessive time spent checking invalid RSA public keys", "Description": "Issue summary: Checking excessively long invalid RSA public keys may take\na long time.\n\nImpact summary: Applications that use the function EVP_PKEY_public_check()\nto check RSA public keys may experience long delays. Where the key that\nis being checked has been obtained from an untrusted source this may lead\nto a Denial of Service.\n\nWhen function EVP_PKEY_public_check() is called on RSA public keys,\na computation is done to confirm that the RSA modulus, n, is composite.\nFor valid RSA keys, n is a product of two or more large primes and this\ncomputation completes quickly. However, if n is an overly large prime,\nthen this computation would take a long time.\n\nAn application that calls EVP_PKEY_public_check() and supplies an RSA key\nobtained from an untrusted source could be vulnerable to a Denial of Service\nattack.\n\nThe function EVP_PKEY_public_check() is not called from other OpenSSL\nfunctions however it is called from the OpenSSL pkey command line\napplication. For that reason that application is also vulnerable if used\nwith the '-pubin' and '-check' options on untrusted data.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-606" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/11/1", "https://access.redhat.com/errata/RHSA-2024:9088", "https://access.redhat.com/security/cve/CVE-2023-6237", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/2284243", "https://bugzilla.redhat.com/show_bug.cgi?id=2257571", "https://bugzilla.redhat.com/show_bug.cgi?id=2258502", "https://bugzilla.redhat.com/show_bug.cgi?id=2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2284243", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6129", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1298", "https://errata.almalinux.org/9/ALSA-2024-9088.html", "https://errata.rockylinux.org/RLSA-2024:9088", "https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d", "https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a", "https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294", "https://linux.oracle.com/cve/CVE-2023-6237.html", "https://linux.oracle.com/errata/ELSA-2024-9088.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-6237", "https://security.netapp.com/advisory/ntap-20240531-0007/", "https://ubuntu.com/security/notices/USN-6622-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2023-6237", "https://www.openssl.org/news/secadv/20240115.txt", "https://www.openwall.com/lists/oss-security/2024/01/15/2" ], "PublishedDate": "2024-04-25T07:15:45.27Z", "LastModifiedDate": "2024-11-21T08:43:25.997Z" }, { "VulnerabilityID": "CVE-2024-0727", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.14", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-0727", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9e87294fe583ef89997cf2ad09fe5a87292f98930d86926e5faf7e61d82c4419", "Title": "openssl: denial of service via null dereference", "Description": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL\nto crash leading to a potential Denial of Service attack\n\nImpact summary: Applications loading files in the PKCS12 format from untrusted\nsources might terminate abruptly.\n\nA file in PKCS12 format can contain certificates and keys and may come from an\nuntrusted source. The PKCS12 specification allows certain fields to be NULL, but\nOpenSSL does not correctly check for this case. This can lead to a NULL pointer\ndereference that results in OpenSSL crashing. If an application processes PKCS12\nfiles from an untrusted source using the OpenSSL APIs then that application will\nbe vulnerable to this issue.\n\nOpenSSL APIs that are vulnerable to this are: PKCS12_parse(),\nPKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()\nand PKCS12_newpass().\n\nWe have also fixed a similar issue in SMIME_write_PKCS7(). However since this\nfunction is related to writing data we do not consider it security significant.\n\nThe FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "ghsa": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/11/1", "https://access.redhat.com/errata/RHSA-2024:9088", "https://access.redhat.com/security/cve/CVE-2024-0727", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/2284243", "https://bugzilla.redhat.com/show_bug.cgi?id=2257571", "https://bugzilla.redhat.com/show_bug.cgi?id=2258502", "https://bugzilla.redhat.com/show_bug.cgi?id=2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2284243", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6129", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1298", "https://errata.almalinux.org/9/ALSA-2024-9088.html", "https://errata.rockylinux.org/RLSA-2024:9088", "https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2", "https://github.com/github/advisory-database/pull/3472", "https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2", "https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a", "https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c", "https://github.com/openssl/openssl/pull/23362", "https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d", "https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8", "https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539", "https://linux.oracle.com/cve/CVE-2024-0727.html", "https://linux.oracle.com/errata/ELSA-2024-9088.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-0727", "https://security.netapp.com/advisory/ntap-20240208-0006", "https://security.netapp.com/advisory/ntap-20240208-0006/", "https://ubuntu.com/security/notices/USN-6622-1", "https://ubuntu.com/security/notices/USN-6632-1", "https://ubuntu.com/security/notices/USN-6709-1", "https://ubuntu.com/security/notices/USN-7018-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-0727", "https://www.openssl.org/news/secadv/20240125.txt" ], "PublishedDate": "2024-01-26T09:15:07.637Z", "LastModifiedDate": "2025-11-03T22:16:34.223Z" }, { "VulnerabilityID": "CVE-2024-13176", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.19", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-13176", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e6670a08f892b20c7d62ab4e11c88282855c9b9355774a34c8da8eda13f1cf17", "Title": "openssl: Timing side-channel in ECDSA signature computation", "Description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-385" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/01/20/2", "https://access.redhat.com/errata/RHSA-2025:16046", "https://access.redhat.com/security/cve/CVE-2024-13176", "https://bugzilla.redhat.com/2359885", "https://bugzilla.redhat.com/2359888", "https://bugzilla.redhat.com/2359892", "https://bugzilla.redhat.com/2359894", "https://bugzilla.redhat.com/2359895", "https://bugzilla.redhat.com/2359899", "https://bugzilla.redhat.com/2359900", "https://bugzilla.redhat.com/2359902", "https://bugzilla.redhat.com/2359903", "https://bugzilla.redhat.com/2359911", "https://bugzilla.redhat.com/2359918", "https://bugzilla.redhat.com/2359920", "https://bugzilla.redhat.com/2359924", "https://bugzilla.redhat.com/2359928", "https://bugzilla.redhat.com/2359930", "https://bugzilla.redhat.com/2359932", "https://bugzilla.redhat.com/2359934", "https://bugzilla.redhat.com/2359938", "https://bugzilla.redhat.com/2359940", "https://bugzilla.redhat.com/2359943", "https://bugzilla.redhat.com/2359944", "https://bugzilla.redhat.com/2359945", "https://bugzilla.redhat.com/2359947", "https://bugzilla.redhat.com/2359950", "https://bugzilla.redhat.com/2359963", "https://bugzilla.redhat.com/2359964", "https://bugzilla.redhat.com/2359972", "https://bugzilla.redhat.com/2370920", "https://bugzilla.redhat.com/2380264", "https://bugzilla.redhat.com/2380273", "https://bugzilla.redhat.com/2380274", "https://bugzilla.redhat.com/2380278", "https://bugzilla.redhat.com/2380280", "https://bugzilla.redhat.com/2380283", "https://bugzilla.redhat.com/2380284", "https://bugzilla.redhat.com/2380290", "https://bugzilla.redhat.com/2380291", "https://bugzilla.redhat.com/2380295", "https://bugzilla.redhat.com/2380298", "https://bugzilla.redhat.com/2380306", "https://bugzilla.redhat.com/2380308", "https://bugzilla.redhat.com/2380309", "https://bugzilla.redhat.com/2380310", "https://bugzilla.redhat.com/2380312", "https://bugzilla.redhat.com/2380313", "https://bugzilla.redhat.com/2380320", "https://bugzilla.redhat.com/2380321", "https://bugzilla.redhat.com/2380322", "https://bugzilla.redhat.com/2380326", "https://bugzilla.redhat.com/2380327", "https://bugzilla.redhat.com/2380334", "https://bugzilla.redhat.com/2380335", "https://bugzilla.redhat.com/show_bug.cgi?id=2338999", "https://bugzilla.redhat.com/show_bug.cgi?id=2359885", "https://bugzilla.redhat.com/show_bug.cgi?id=2359888", "https://bugzilla.redhat.com/show_bug.cgi?id=2359892", "https://bugzilla.redhat.com/show_bug.cgi?id=2359894", "https://bugzilla.redhat.com/show_bug.cgi?id=2359895", "https://bugzilla.redhat.com/show_bug.cgi?id=2359899", "https://bugzilla.redhat.com/show_bug.cgi?id=2359900", "https://bugzilla.redhat.com/show_bug.cgi?id=2359902", "https://bugzilla.redhat.com/show_bug.cgi?id=2359903", "https://bugzilla.redhat.com/show_bug.cgi?id=2359911", "https://bugzilla.redhat.com/show_bug.cgi?id=2359918", "https://bugzilla.redhat.com/show_bug.cgi?id=2359920", "https://bugzilla.redhat.com/show_bug.cgi?id=2359924", "https://bugzilla.redhat.com/show_bug.cgi?id=2359928", "https://bugzilla.redhat.com/show_bug.cgi?id=2359930", "https://bugzilla.redhat.com/show_bug.cgi?id=2359932", "https://bugzilla.redhat.com/show_bug.cgi?id=2359934", "https://bugzilla.redhat.com/show_bug.cgi?id=2359938", "https://bugzilla.redhat.com/show_bug.cgi?id=2359940", "https://bugzilla.redhat.com/show_bug.cgi?id=2359943", "https://bugzilla.redhat.com/show_bug.cgi?id=2359944", "https://bugzilla.redhat.com/show_bug.cgi?id=2359945", "https://bugzilla.redhat.com/show_bug.cgi?id=2359947", "https://bugzilla.redhat.com/show_bug.cgi?id=2359950", "https://bugzilla.redhat.com/show_bug.cgi?id=2359963", "https://bugzilla.redhat.com/show_bug.cgi?id=2359964", "https://bugzilla.redhat.com/show_bug.cgi?id=2359972", "https://bugzilla.redhat.com/show_bug.cgi?id=2370920", "https://bugzilla.redhat.com/show_bug.cgi?id=2380264", "https://bugzilla.redhat.com/show_bug.cgi?id=2380273", "https://bugzilla.redhat.com/show_bug.cgi?id=2380274", "https://bugzilla.redhat.com/show_bug.cgi?id=2380278", "https://bugzilla.redhat.com/show_bug.cgi?id=2380280", "https://bugzilla.redhat.com/show_bug.cgi?id=2380283", "https://bugzilla.redhat.com/show_bug.cgi?id=2380284", "https://bugzilla.redhat.com/show_bug.cgi?id=2380290", "https://bugzilla.redhat.com/show_bug.cgi?id=2380291", "https://bugzilla.redhat.com/show_bug.cgi?id=2380295", "https://bugzilla.redhat.com/show_bug.cgi?id=2380298", "https://bugzilla.redhat.com/show_bug.cgi?id=2380306", "https://bugzilla.redhat.com/show_bug.cgi?id=2380308", "https://bugzilla.redhat.com/show_bug.cgi?id=2380309", "https://bugzilla.redhat.com/show_bug.cgi?id=2380310", "https://bugzilla.redhat.com/show_bug.cgi?id=2380312", "https://bugzilla.redhat.com/show_bug.cgi?id=2380313", "https://bugzilla.redhat.com/show_bug.cgi?id=2380320", "https://bugzilla.redhat.com/show_bug.cgi?id=2380321", "https://bugzilla.redhat.com/show_bug.cgi?id=2380322", "https://bugzilla.redhat.com/show_bug.cgi?id=2380326", "https://bugzilla.redhat.com/show_bug.cgi?id=2380327", "https://bugzilla.redhat.com/show_bug.cgi?id=2380334", "https://bugzilla.redhat.com/show_bug.cgi?id=2380335", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21574", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21575", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21577", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21579", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21580", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21581", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21584", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21585", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21588", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30681", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30682", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30683", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30684", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30685", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30687", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30688", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30689", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30693", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30695", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30696", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30699", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30703", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30704", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30705", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30715", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30721", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30722", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50077", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50078", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50079", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50080", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50081", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50082", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50083", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50085", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50086", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50087", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50088", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50091", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50092", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50093", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50094", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50096", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50097", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50098", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50099", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50100", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50101", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50102", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50104", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5399", "https://errata.almalinux.org/9/ALSA-2025-16046.html", "https://errata.rockylinux.org/RLSA-2025:15699", "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", "https://linux.oracle.com/cve/CVE-2024-13176.html", "https://linux.oracle.com/errata/ELSA-2025-16046.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", "https://openssl-library.org/news/secadv/20250120.txt", "https://security.netapp.com/advisory/ntap-20250124-0005/", "https://security.netapp.com/advisory/ntap-20250418-0010/", "https://security.netapp.com/advisory/ntap-20250502-0006/", "https://ubuntu.com/security/notices/USN-7264-1", "https://ubuntu.com/security/notices/USN-7278-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-13176", "https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL" ], "PublishedDate": "2025-01-20T14:15:26.247Z", "LastModifiedDate": "2025-11-03T20:16:08.203Z" }, { "VulnerabilityID": "CVE-2024-2511", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.17", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-2511", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bab44a7ec6184592d04832a37cb3c9cfa225ff8996ae304237694ac1841047b2", "Title": "openssl: Unbounded memory growth with session handling in TLSv1.3", "Description": "Issue summary: Some non-default TLS server configurations can cause unbounded\nmemory growth when processing TLSv1.3 sessions\n\nImpact summary: An attacker may exploit certain server configurations to trigger\nunbounded memory growth that would lead to a Denial of Service\n\nThis problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is\nbeing used (but not if early_data support is also configured and the default\nanti-replay protection is in use). In this case, under certain conditions, the\nsession cache can get into an incorrect state and it will fail to flush properly\nas it fills. The session cache will continue to grow in an unbounded manner. A\nmalicious client could deliberately create the scenario for this failure to\nforce a Denial of Service. It may also happen by accident in normal operation.\n\nThis issue only affects TLS servers supporting TLSv1.3. It does not affect TLS\nclients.\n\nThe FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL\n1.0.2 is also not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-1325" ], "VendorSeverity": { "alma": 1, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/04/08/5", "https://access.redhat.com/errata/RHSA-2024:9333", "https://access.redhat.com/security/cve/CVE-2024-2511", "https://bugzilla.redhat.com/2274020", "https://bugzilla.redhat.com/2281029", "https://bugzilla.redhat.com/2283757", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4603", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://errata.almalinux.org/9/ALSA-2024-9333.html", "https://errata.rockylinux.org/RLSA-2024:9333", "https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce", "https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d", "https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08", "https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640", "https://linux.oracle.com/cve/CVE-2024-2511.html", "https://linux.oracle.com/errata/ELSA-2024-9333.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", "https://security.netapp.com/advisory/ntap-20240503-0013/", "https://ubuntu.com/security/notices/USN-6937-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-2511", "https://www.openssl.org/news/secadv/20240408.txt", "https://www.openssl.org/news/vulnerabilities.html" ], "PublishedDate": "2024-04-08T14:15:07.66Z", "LastModifiedDate": "2025-11-03T22:16:50.9Z" }, { "VulnerabilityID": "CVE-2024-4603", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.17", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-4603", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e33555aae22ecce179c20a5731474931a1fff62ccd7c096137fbe317392abe3c", "Title": "openssl: Excessive time spent checking DSA keys and parameters", "Description": "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-606", "CWE-834" ], "VendorSeverity": { "alma": 1, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 1, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/05/16/2", "https://access.redhat.com/errata/RHSA-2024:9333", "https://access.redhat.com/security/cve/CVE-2024-4603", "https://bugzilla.redhat.com/2274020", "https://bugzilla.redhat.com/2281029", "https://bugzilla.redhat.com/2283757", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4603", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://errata.almalinux.org/9/ALSA-2024-9333.html", "https://errata.rockylinux.org/RLSA-2024:9333", "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397", "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e", "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d", "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740", "https://linux.oracle.com/cve/CVE-2024-4603.html", "https://linux.oracle.com/errata/ELSA-2024-9333.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", "https://security.netapp.com/advisory/ntap-20240621-0001/", "https://ubuntu.com/security/notices/USN-6937-1", "https://www.cve.org/CVERecord?id=CVE-2024-4603", "https://www.openssl.org/news/secadv/20240516.txt" ], "PublishedDate": "2024-05-16T16:15:10.643Z", "LastModifiedDate": "2024-11-21T09:43:11.753Z" }, { "VulnerabilityID": "CVE-2024-4741", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.17", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-4741", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1de763170fd062532d7750e40273aff014bb2abeb323b83d1d7b08c869e085f2", "Title": "openssl: Use After Free with SSL_free_buffers", "Description": "Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause\nmemory to be accessed that was previously freed in some situations\n\nImpact summary: A use after free can have a range of potential consequences such\nas the corruption of valid data, crashes or execution of arbitrary code.\nHowever, only applications that directly call the SSL_free_buffers function are\naffected by this issue. Applications that do not call this function are not\nvulnerable. Our investigations indicate that this function is rarely used by\napplications.\n\nThe SSL_free_buffers function is used to free the internal OpenSSL buffer used\nwhen processing an incoming record from the network. The call is only expected\nto succeed if the buffer is not currently in use. However, two scenarios have\nbeen identified where the buffer is freed even when still in use.\n\nThe first scenario occurs where a record header has been received from the\nnetwork and processed by OpenSSL, but the full record body has not yet arrived.\nIn this case calling SSL_free_buffers will succeed even though a record has only\nbeen partially processed and the buffer is still in use.\n\nThe second scenario occurs where a full record containing application data has\nbeen received and processed by OpenSSL but the application has only read part of\nthis data. Again a call to SSL_free_buffers will succeed even though the buffer\nis still in use.\n\nWhile these scenarios could occur accidentally during normal operation a\nmalicious attacker could attempt to engineer a stituation where this occurs.\nWe are not aware of this issue being actively exploited.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 1, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9333", "https://access.redhat.com/security/cve/CVE-2024-4741", "https://bugzilla.redhat.com/2274020", "https://bugzilla.redhat.com/2281029", "https://bugzilla.redhat.com/2283757", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4603", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://errata.almalinux.org/9/ALSA-2024-9333.html", "https://errata.rockylinux.org/RLSA-2024:9333", "https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177", "https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d", "https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac", "https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8", "https://github.openssl.org/openssl/extended-releases/commit/f7a045f3143fc6da2ee66bf52d8df04829590dd4", "https://linux.oracle.com/cve/CVE-2024-4741.html", "https://linux.oracle.com/errata/ELSA-2024-9333.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-4741", "https://security.netapp.com/advisory/ntap-20240621-0004/", "https://ubuntu.com/security/notices/USN-6937-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-4741", "https://www.openssl.org/news/secadv/20240528.txt" ], "PublishedDate": "2024-11-13T11:15:04.48Z", "LastModifiedDate": "2025-11-04T18:16:42.5Z" }, { "VulnerabilityID": "CVE-2024-5535", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.17", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-5535", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:87d22d3be7d4facfec3ad5e7ea7f9c4f51c5c5a9f280ed6185145a53a48387d2", "Title": "openssl: SSL_select_next_proto buffer overread", "Description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\nempty supported client protocols buffer may cause a crash or memory contents to\nbe sent to the peer.\n\nImpact summary: A buffer overread can have a range of potential consequences\nsuch as unexpected application beahviour or a crash. In particular this issue\ncould result in up to 255 bytes of arbitrary private data from memory being sent\nto the peer leading to a loss of confidentiality. However, only applications\nthat directly call the SSL_select_next_proto function with a 0 length list of\nsupported client protocols are affected by this issue. This would normally never\nbe a valid scenario and is typically not under attacker control but may occur by\naccident in the case of a configuration or programming error in the calling\napplication.\n\nThe OpenSSL API function SSL_select_next_proto is typically used by TLS\napplications that support ALPN (Application Layer Protocol Negotiation) or NPN\n(Next Protocol Negotiation). NPN is older, was never standardised and\nis deprecated in favour of ALPN. We believe that ALPN is significantly more\nwidely deployed than NPN. The SSL_select_next_proto function accepts a list of\nprotocols from the server and a list of protocols from the client and returns\nthe first protocol that appears in the server list that also appears in the\nclient list. In the case of no overlap between the two lists it returns the\nfirst item in the client list. In either case it will signal whether an overlap\nbetween the two lists was found. In the case where SSL_select_next_proto is\ncalled with a zero length client list it fails to notice this condition and\nreturns the memory immediately following the client list pointer (and reports\nthat there was no overlap in the lists).\n\nThis function is typically called from a server side application callback for\nALPN or a client side application callback for NPN. In the case of ALPN the list\nof protocols supplied by the client is guaranteed by libssl to never be zero in\nlength. The list of server protocols comes from the application and should never\nnormally be expected to be of zero length. In this case if the\nSSL_select_next_proto function has been called as expected (with the list\nsupplied by the client passed in the client/client_len parameters), then the\napplication will not be vulnerable to this issue. If the application has\naccidentally been configured with a zero length server list, and has\naccidentally passed that zero length server list in the client/client_len\nparameters, and has additionally failed to correctly handle a \"no overlap\"\nresponse (which would normally result in a handshake failure in ALPN) then it\nwill be vulnerable to this problem.\n\nIn the case of NPN, the protocol permits the client to opportunistically select\na protocol when there is no overlap. OpenSSL returns the first client protocol\nin the no overlap case in support of this. The list of client protocols comes\nfrom the application and should never normally be expected to be of zero length.\nHowever if the SSL_select_next_proto function is accidentally called with a\nclient_len of 0 then an invalid memory pointer will be returned instead. If the\napplication uses this output as the opportunistic protocol then the loss of\nconfidentiality will occur.\n\nThis issue has been assessed as Low severity because applications are most\nlikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\nwidely used. It also requires an application configuration or programming error.\nFinally, this issue would not typically be under attacker control making active\nexploitation unlikely.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\n\nDue to the low severity of this issue we are not issuing new releases of\nOpenSSL at this time. The fix will be included in the next releases when they\nbecome available.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 4, "cbl-mariner": 4, "oracle-oval": 3, "photon": 4, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/06/27/1", "http://www.openwall.com/lists/oss-security/2024/06/28/4", "http://www.openwall.com/lists/oss-security/2024/08/15/1", "https://access.redhat.com/errata/RHSA-2025:1671", "https://access.redhat.com/security/cve/CVE-2024-5535", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2301888", "https://bugzilla.redhat.com/2318857", "https://bugzilla.redhat.com/2318858", "https://bugzilla.redhat.com/2318870", "https://bugzilla.redhat.com/2318873", "https://bugzilla.redhat.com/2318874", "https://bugzilla.redhat.com/2318876", "https://bugzilla.redhat.com/2318882", "https://bugzilla.redhat.com/2318883", "https://bugzilla.redhat.com/2318884", "https://bugzilla.redhat.com/2318885", "https://bugzilla.redhat.com/2318886", "https://bugzilla.redhat.com/2318897", "https://bugzilla.redhat.com/2318900", "https://bugzilla.redhat.com/2318905", "https://bugzilla.redhat.com/2318914", "https://bugzilla.redhat.com/2318922", "https://bugzilla.redhat.com/2318923", "https://bugzilla.redhat.com/2318925", "https://bugzilla.redhat.com/2318926", "https://bugzilla.redhat.com/2318927", "https://bugzilla.redhat.com/2331191", "https://bugzilla.redhat.com/2339218", "https://bugzilla.redhat.com/2339220", "https://bugzilla.redhat.com/2339221", "https://bugzilla.redhat.com/2339226", "https://bugzilla.redhat.com/2339231", "https://bugzilla.redhat.com/2339236", "https://bugzilla.redhat.com/2339238", "https://bugzilla.redhat.com/2339243", "https://bugzilla.redhat.com/2339247", "https://bugzilla.redhat.com/2339252", "https://bugzilla.redhat.com/2339259", "https://bugzilla.redhat.com/2339266", "https://bugzilla.redhat.com/2339270", "https://bugzilla.redhat.com/2339271", "https://bugzilla.redhat.com/2339275", "https://bugzilla.redhat.com/2339277", "https://bugzilla.redhat.com/2339281", "https://bugzilla.redhat.com/2339284", "https://bugzilla.redhat.com/2339291", "https://bugzilla.redhat.com/2339293", "https://bugzilla.redhat.com/2339295", "https://bugzilla.redhat.com/2339299", "https://bugzilla.redhat.com/2339300", "https://bugzilla.redhat.com/2339304", "https://bugzilla.redhat.com/2339305", "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4603", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://errata.almalinux.org/9/ALSA-2025-1671.html", "https://errata.rockylinux.org/RLSA-2024:9333", "https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37", "https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e", "https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c", "https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c", "https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c", "https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87", "https://linux.oracle.com/cve/CVE-2024-5535.html", "https://linux.oracle.com/errata/ELSA-2025-1673.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-5535", "https://openssl.org/news/secadv/20240627.txt", "https://security.netapp.com/advisory/ntap-20240712-0005/", "https://security.netapp.com/advisory/ntap-20241025-0006/", "https://security.netapp.com/advisory/ntap-20241025-0010/", "https://ubuntu.com/security/notices/USN-6937-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-5535", "https://www.openssl.org/news/secadv/20240627.txt", "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL" ], "PublishedDate": "2024-06-27T11:15:24.447Z", "LastModifiedDate": "2025-11-03T23:17:30.51Z" }, { "VulnerabilityID": "CVE-2024-9143", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.19", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-9143", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:907bb36befa9e159b1ec4f07f044bbe702081e0efd60817cec960586fa8957c8", "Title": "openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access", "Description": "Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted\nexplicit values for the field polynomial can lead to out-of-bounds memory reads\nor writes.\n\nImpact summary: Out of bound memory writes can lead to an application crash or\neven a possibility of a remote code execution, however, in all the protocols\ninvolving Elliptic Curve Cryptography that we're aware of, either only \"named\ncurves\" are supported, or, if explicit curve parameters are supported, they\nspecify an X9.62 encoding of binary (GF(2^m)) curves that can't represent\nproblematic input values. Thus the likelihood of existence of a vulnerable\napplication is low.\n\nIn particular, the X9.62 encoding is used for ECC keys in X.509 certificates,\nso problematic inputs cannot occur in the context of processing X.509\ncertificates. Any problematic use-cases would have to be using an \"exotic\"\ncurve encoding.\n\nThe affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(),\nand various supporting BN_GF2m_*() functions.\n\nApplications working with \"exotic\" explicit binary (GF(2^m)) curve parameters,\nthat make it possible to represent invalid field polynomials with a zero\nconstant term, via the above or similar APIs, may terminate abruptly as a\nresult of reading or writing outside of array bounds. Remote code execution\ncannot easily be ruled out.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-125", "CWE-787" ], "VendorSeverity": { "amazon": 3, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/10/16/1", "http://www.openwall.com/lists/oss-security/2024/10/23/1", "http://www.openwall.com/lists/oss-security/2024/10/24/1", "https://access.redhat.com/security/cve/CVE-2024-9143", "https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712", "https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700", "https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4", "https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154", "https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a", "https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-9143", "https://openssl-library.org/news/secadv/20241016.txt", "https://security.netapp.com/advisory/ntap-20241101-0001/", "https://ubuntu.com/security/notices/USN-7264-1", "https://ubuntu.com/security/notices/USN-7278-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-9143" ], "PublishedDate": "2024-10-16T17:15:18.13Z", "LastModifiedDate": "2025-11-03T23:17:33.46Z" }, { "VulnerabilityID": "CVE-2025-68160", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-68160", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:97c7c24d192bb8f8c8d14c691064d98dedefe16f9b445e311d2a28d1b41d64e9", "Title": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter", "Description": "Issue summary: Writing large, newline-free data into a BIO chain using the\nline-buffering filter where the next BIO performs short writes can trigger\na heap-based out-of-bounds write.\n\nImpact summary: This out-of-bounds write can cause memory corruption which\ntypically results in a crash, leading to Denial of Service for an application.\n\nThe line-buffering BIO filter (BIO_f_linebuffer) is not used by default in\nTLS/SSL data paths. In OpenSSL command-line applications, it is typically\nonly pushed onto stdout/stderr on VMS systems. Third-party applications that\nexplicitly use this filter with a BIO chain that can short-write and that\nwrite large, newline-free data influenced by an attacker would be affected.\nHowever, the circumstances where this could happen are unlikely to be under\nattacker control, and BIO_f_linebuffer is unlikely to be handling non-curated\ndata controlled by an attacker. For that reason the issue was assessed as\nLow severity.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the BIO implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 4.7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-68160", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/384011202af92605d926fafe4a0bcd6b65d162ad", "https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6", "https://github.com/openssl/openssl/commit/4c96fbba618e1940f038012506ee9e21d32ee12c", "https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0", "https://github.com/openssl/openssl/commit/68a7cd2e2816c3a02f4d45a2ce43fc04fac97096", "https://linux.oracle.com/cve/CVE-2025-68160.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-68160", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-68160" ], "PublishedDate": "2026-01-27T16:16:15.9Z", "LastModifiedDate": "2026-02-02T18:36:57.727Z" }, { "VulnerabilityID": "CVE-2025-69418", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69418", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:986c472e1dfdc28258ff3b4a97916254cd4b8a964dab4d73e3a3fd49d6200931", "Title": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls", "Description": "Issue summary: When using the low-level OCB API directly with AES-NI or\u003cbr\u003eother hardware-accelerated code paths, inputs whose length is not a multiple\u003cbr\u003eof 16 bytes can leave the final partial block unencrypted and unauthenticated.\u003cbr\u003e\u003cbr\u003eImpact summary: The trailing 1-15 bytes of a message may be exposed in\u003cbr\u003ecleartext on encryption and are not covered by the authentication tag,\u003cbr\u003eallowing an attacker to read or tamper with those bytes without detection.\u003cbr\u003e\u003cbr\u003eThe low-level OCB encrypt and decrypt routines in the hardware-accelerated\u003cbr\u003estream path process full 16-byte blocks but do not advance the input/output\u003cbr\u003epointers. The subsequent tail-handling code then operates on the original\u003cbr\u003ebase pointers, effectively reprocessing the beginning of the buffer while\u003cbr\u003eleaving the actual trailing bytes unprocessed. The authentication checksum\u003cbr\u003ealso excludes the true tail bytes.\u003cbr\u003e\u003cbr\u003eHowever, typical OpenSSL consumers using EVP are not affected because the\u003cbr\u003ehigher-level EVP and provider OCB implementations split inputs so that full\u003cbr\u003eblocks and trailing partial blocks are processed in separate calls, avoiding\u003cbr\u003ethe problematic code path. Additionally, TLS does not use OCB ciphersuites.\u003cbr\u003eThe vulnerability only affects applications that call the low-level\u003cbr\u003eCRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with\u003cbr\u003enon-block-aligned lengths in a single call on hardware-accelerated builds.\u003cbr\u003eFor these reasons the issue was assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected\u003cbr\u003eby this issue, as OCB mode is not a FIPS-approved algorithm.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-325" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69418", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/372fc5c77529695b05b4f5b5187691a57ef5dffc", "https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8", "https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347", "https://github.com/openssl/openssl/commit/a7589230356d908c0eca4b969ec4f62106f4f5ae", "https://github.com/openssl/openssl/commit/ed40856d7d4ba6cb42779b6770666a65f19cb977", "https://linux.oracle.com/cve/CVE-2025-69418.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69418", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69418" ], "PublishedDate": "2026-01-27T16:16:33.253Z", "LastModifiedDate": "2026-02-02T18:36:03.557Z" }, { "VulnerabilityID": "CVE-2025-69419", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69419", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7b377114d49213cd198edc0ab440e2a1274dffc16c560e77cbc822599d8d4c6b", "Title": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing", "Description": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously\ncrafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing\nnon-ASCII BMP code point can trigger a one byte write before the allocated\nbuffer.\n\nImpact summary: The out-of-bounds write can cause a memory corruption\nwhich can have various consequences including a Denial of Service.\n\nThe OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12\nBMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes,\nthe helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16\nsource byte count as the destination buffer capacity to UTF8_putc(). For BMP\ncode points above U+07FF, UTF-8 requires three bytes, but the forwarded\ncapacity can be just two bytes. UTF8_putc() then returns -1, and this negative\nvalue is added to the output length without validation, causing the\nlength to become negative. The subsequent trailing NUL byte is then written\nat a negative offset, causing write outside of heap allocated buffer.\n\nThe vulnerability is reachable via the public PKCS12_get_friendlyname() API\nwhen parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a\ndifferent code path that avoids this issue, PKCS12_get_friendlyname() directly\ninvokes the vulnerable function. Exploitation requires an attacker to provide\na malicious PKCS#12 file to be parsed by the application and the attacker\ncan just trigger a one zero byte write before the allocated buffer.\nFor that reason the issue was assessed as Low severity according to our\nSecurity Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4472", "https://access.redhat.com/security/cve/CVE-2025-69419", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-4472.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296", "https://github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecb", "https://github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2", "https://github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015", "https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535", "https://linux.oracle.com/cve/CVE-2025-69419.html", "https://linux.oracle.com/errata/ELSA-2026-50131.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69419", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69419" ], "PublishedDate": "2026-01-27T16:16:34.113Z", "LastModifiedDate": "2026-02-02T18:35:02.177Z" }, { "VulnerabilityID": "CVE-2025-69420", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69420", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:87df7f0947d44f3e690412fe1d3293a9c025d2cdb5768f4470750403c8db11a2", "Title": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response", "Description": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response\nverification code where an ASN1_TYPE union member is accessed without first\nvalidating the type, causing an invalid or NULL pointer dereference when\nprocessing a malformed TimeStamp Response file.\n\nImpact summary: An application calling TS_RESP_verify_response() with a\nmalformed TimeStamp Response can be caused to dereference an invalid or\nNULL pointer when reading, resulting in a Denial of Service.\n\nThe functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2()\naccess the signing cert attribute value without validating its type.\nWhen the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory\nthrough the ASN1_TYPE union, causing a crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nTimeStamp Response to an application that verifies timestamp responses. The\nTimeStamp protocol (RFC 3161) is not widely used and the impact of the\nexploit is just a Denial of Service. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the TimeStamp Response implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69420", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/27c7012c91cc986a598d7540f3079dfde2416eb9", "https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a", "https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e", "https://github.com/openssl/openssl/commit/5eb0770ffcf11b785cf374ff3c19196245e54f1b", "https://github.com/openssl/openssl/commit/a99349ebfc519999edc50620abe24d599b9eb085", "https://linux.oracle.com/cve/CVE-2025-69420.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69420", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69420" ], "PublishedDate": "2026-01-27T16:16:34.317Z", "LastModifiedDate": "2026-02-02T18:33:30.557Z" }, { "VulnerabilityID": "CVE-2025-69421", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69421", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:39375b7fb51beaed96f623b66f7159f9f3b19da74628859c32bd5b6f98dfb51c", "Title": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing", "Description": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer\ndereference in the PKCS12_item_decrypt_d2i_ex() function.\n\nImpact summary: A NULL pointer dereference can trigger a crash which leads to\nDenial of Service for an application processing PKCS#12 files.\n\nThe PKCS12_item_decrypt_d2i_ex() function does not check whether the oct\nparameter is NULL before dereferencing it. When called from\nPKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can\nbe NULL, causing a crash. The vulnerability is limited to Denial of Service\nand cannot be escalated to achieve code execution or memory disclosure.\n\nExploiting this issue requires an attacker to provide a malformed PKCS#12 file\nto an application that processes it. For that reason the issue was assessed as\nLow severity according to our Security Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69421", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b", "https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7", "https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd", "https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3", "https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c", "https://linux.oracle.com/cve/CVE-2025-69421.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69421", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69421" ], "PublishedDate": "2026-01-27T16:16:34.437Z", "LastModifiedDate": "2026-02-28T04:16:17.457Z" }, { "VulnerabilityID": "CVE-2026-22795", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22795", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:fa11c44f2fd09298ff878e37bad0e0f88d91f515540fde3e4930c9e7cec66298", "Title": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing", "Description": "Issue summary: An invalid or NULL pointer dereference can happen in\nan application processing a malformed PKCS#12 file.\n\nImpact summary: An application processing a malformed PKCS#12 file can be\ncaused to dereference an invalid or NULL pointer on memory read, resulting\nin a Denial of Service.\n\nA type confusion vulnerability exists in PKCS#12 parsing code where\nan ASN1_TYPE union member is accessed without first validating the type,\ncausing an invalid pointer read.\n\nThe location is constrained to a 1-byte address space, meaning any\nattempted pointer manipulation can only target addresses between 0x00 and 0xFF.\nThis range corresponds to the zero page, which is unmapped on most modern\noperating systems and will reliably result in a crash, leading only to a\nDenial of Service. Exploiting this issue also requires a user or application\nto process a maliciously crafted PKCS#12 file. It is uncommon to accept\nuntrusted PKCS#12 files in applications as they are usually used to store\nprivate keys which are trusted by definition. For these reasons, the issue\nwas assessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2026-22795", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49", "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12", "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e", "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "https://linux.oracle.com/cve/CVE-2026-22795.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-22795", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2026-22795" ], "PublishedDate": "2026-01-27T16:16:35.43Z", "LastModifiedDate": "2026-02-02T18:41:14.917Z" }, { "VulnerabilityID": "CVE-2026-22796", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22796", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:53e568b52aab2be9488264803572b107800a7df3f817c7596ee15f3367c5aa61", "Title": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification", "Description": "Issue summary: A type confusion vulnerability exists in the signature\nverification of signed PKCS#7 data where an ASN1_TYPE union member is\naccessed without first validating the type, causing an invalid or NULL\npointer dereference when processing malformed PKCS#7 data.\n\nImpact summary: An application performing signature verification of PKCS#7\ndata or calling directly the PKCS7_digest_from_attributes() function can be\ncaused to dereference an invalid or NULL pointer when reading, resulting in\na Denial of Service.\n\nThe function PKCS7_digest_from_attributes() accesses the message digest attribute\nvalue without validating its type. When the type is not V_ASN1_OCTET_STRING,\nthis results in accessing invalid memory through the ASN1_TYPE union, causing\na crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nsigned PKCS#7 to an application that verifies it. The impact of the\nexploit is just a Denial of Service, the PKCS7 API is legacy and applications\nshould be using the CMS API instead. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#7 parsing implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2026-22796", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49", "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12", "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e", "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "https://linux.oracle.com/cve/CVE-2026-22796.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-22796", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2026-22796" ], "PublishedDate": "2026-01-27T16:16:35.543Z", "LastModifiedDate": "2026-02-02T18:40:27.467Z" }, { "VulnerabilityID": "CVE-2022-27943", "PkgID": "libstdc++6@12.1.0-2ubuntu1~22.04", "PkgName": "libstdc++6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0e795624f7a9e39", "BOMRef": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-27943", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e0c3b1187fe8666e5b55a103f86f0de50d4c655a1c83b6f6fe1b49f36c3890ed", "Title": "binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const", "Description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "Severity": "LOW", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 1, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V2Score": 4.3, "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-27943", "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead", "https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "https://sourceware.org/bugzilla/show_bug.cgi?id=28995", "https://www.cve.org/CVERecord?id=CVE-2022-27943" ], "PublishedDate": "2022-03-26T13:15:07.9Z", "LastModifiedDate": "2024-11-21T06:56:31.04Z" }, { "VulnerabilityID": "CVE-2023-4039", "PkgID": "libstdc++6@12.1.0-2ubuntu1~22.04", "PkgName": "libstdc++6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0e795624f7a9e39", "BOMRef": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "FixedVersion": "12.3.0-1ubuntu1~22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4039", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:09a5b14bbd1ab3e3375faf5246d79487b494c553f88333b7ceced0fa924e4c0a", "Title": "gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64", "Description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "Severity": "LOW", "CweIDs": [ "CWE-693" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-4039", "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64", "https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt", "https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html", "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf", "https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org", "https://linux.oracle.com/cve/CVE-2023-4039.html", "https://linux.oracle.com/errata/ELSA-2023-28766.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4039", "https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html", "https://ubuntu.com/security/notices/USN-7700-1", "https://www.cve.org/CVERecord?id=CVE-2023-4039" ], "PublishedDate": "2023-09-13T09:15:15.69Z", "LastModifiedDate": "2025-02-13T17:17:14.717Z" }, { "VulnerabilityID": "CVE-2025-4598", "PkgID": "libsystemd0@249.11-0ubuntu3.9", "PkgName": "libsystemd0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8fc50e9d6218a3c5", "BOMRef": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "FixedVersion": "249.11-0ubuntu3.16", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-4598", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5ca256f25a6a09e5bc5652f6f3cd8c70afbc4fc3cb14577b48cf958baf9ef197", "Title": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump", "Description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "Severity": "MEDIUM", "CweIDs": [ "CWE-364" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.7 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Jun/9", "http://www.openwall.com/lists/oss-security/2025/06/05/1", "http://www.openwall.com/lists/oss-security/2025/06/05/3", "http://www.openwall.com/lists/oss-security/2025/08/18/3", "https://access.redhat.com/errata/RHSA-2025:22660", "https://access.redhat.com/errata/RHSA-2025:22868", "https://access.redhat.com/errata/RHSA-2025:23227", "https://access.redhat.com/errata/RHSA-2025:23234", "https://access.redhat.com/errata/RHSA-2026:0414", "https://access.redhat.com/errata/RHSA-2026:1652", "https://access.redhat.com/security/cve/CVE-2025-4598", "https://blogs.oracle.com/linux/post/analysis-of-cve-2025-4598", "https://bugzilla.redhat.com/2369242", "https://bugzilla.redhat.com/show_bug.cgi?id=2369242", "https://ciq.com/blog/the-real-danger-of-systemd-coredump-cve-2025-4598/", "https://errata.almalinux.org/9/ALSA-2025-22660.html", "https://git.kernel.org/linus/b5325b2a270fcaf7b2a9a0f23d422ca8a5a8bdea", "https://github.com/systemd/systemd/commit/0c49e0049b7665bb7769a13ef346fef92e1ad4d6 (main)", "https://github.com/systemd/systemd/commit/13902e025321242b1d95c6d8b4e482b37f58cdef (main)", "https://github.com/systemd/systemd/commit/49f1f2d4a7612bbed5211a73d11d6a94fbe3bb69 (main)", "https://github.com/systemd/systemd/commit/76e0ab49c47965877c19772a2b3bf55f6417ca39 (main)", "https://github.com/systemd/systemd/commit/868d95577ec9f862580ad365726515459be582fc (main)", "https://github.com/systemd/systemd/commit/8fc7b2a211eb13ef1a94250b28e1c79cab8bdcb9 (main)", "https://github.com/systemd/systemd/commit/9ce8e3e449def92c75ada41b7d10c5bc3946be77 (main)", "https://github.com/systemd/systemd/commit/e6a8687b939ab21854f12f59a3cce703e32768cf (main)", "https://linux.oracle.com/cve/CVE-2025-4598.html", "https://linux.oracle.com/errata/ELSA-2025-22660.html", "https://lists.debian.org/debian-lts-announce/2025/07/msg00022.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-4598", "https://ubuntu.com/security/notices/USN-7559-1", "https://www.cve.org/CVERecord?id=CVE-2025-4598", "https://www.openwall.com/lists/oss-security/2025/05/29/3", "https://www.openwall.com/lists/oss-security/2025/08/18/3", "https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt" ], "PublishedDate": "2025-05-30T14:15:23.557Z", "LastModifiedDate": "2026-02-02T10:16:05.983Z" }, { "VulnerabilityID": "CVE-2026-29111", "PkgID": "libsystemd0@249.11-0ubuntu3.9", "PkgName": "libsystemd0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8fc50e9d6218a3c5", "BOMRef": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "FixedVersion": "249.11-0ubuntu3.19", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29111", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:66cd981a03175d67c27ee9d3dcbc46d59b725e5749bd603eaef99f5f69dfc8db", "Title": "systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data", "Description": "systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.", "Severity": "MEDIUM", "CweIDs": [ "CWE-269" ], "VendorSeverity": { "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29111", "https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a", "https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6", "https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412", "https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd", "https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f", "https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f", "https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69", "https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6", "https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c", "https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8", "https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764", "https://nvd.nist.gov/vuln/detail/CVE-2026-29111", "https://ubuntu.com/security/notices/USN-8119-1", "https://ubuntu.com/security/notices/USN-8119-2", "https://www.cve.org/CVERecord?id=CVE-2026-29111" ], "PublishedDate": "2026-03-23T22:16:26.267Z", "LastModifiedDate": "2026-03-24T15:53:48.067Z" }, { "VulnerabilityID": "CVE-2023-7008", "PkgID": "libsystemd0@249.11-0ubuntu3.9", "PkgName": "libsystemd0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8fc50e9d6218a3c5", "BOMRef": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-7008", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:09d1bc41a587c62b9dd6eb4004e02d3fc543ae4c814e8197a1a3cb8b37f9a859", "Title": "systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes", "Description": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", "Severity": "LOW", "CweIDs": [ "CWE-300" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2463", "https://access.redhat.com/errata/RHSA-2024:3203", "https://access.redhat.com/security/cve/CVE-2023-7008", "https://bugzilla.redhat.com/2222672", "https://bugzilla.redhat.com/show_bug.cgi?id=2222261", "https://bugzilla.redhat.com/show_bug.cgi?id=2222672", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7008", "https://errata.almalinux.org/9/ALSA-2024-2463.html", "https://errata.rockylinux.org/RLSA-2024:2463", "https://github.com/systemd/systemd/issues/25676", "https://linux.oracle.com/cve/CVE-2023-7008.html", "https://linux.oracle.com/errata/ELSA-2024-3203.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMDEG5PKONWNHOEYSUDRT6JEOISRMN2/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHNBXGKJWISJETTTDTZKTBFIBJUOSLKL/", "https://nvd.nist.gov/vuln/detail/CVE-2023-7008", "https://security.netapp.com/advisory/ntap-20241122-0004/", "https://www.cve.org/CVERecord?id=CVE-2023-7008" ], "PublishedDate": "2023-12-23T13:15:07.573Z", "LastModifiedDate": "2025-11-04T17:15:43.4Z" }, { "VulnerabilityID": "CVE-2024-12133", "PkgID": "libtasn1-6@4.18.0-4build1", "PkgName": "libtasn1-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "293e71af62e5b4c1", "BOMRef": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "4.18.0-4build1", "FixedVersion": "4.18.0-4ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-12133", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a8f5e94a3bc20869c26d7304ab278bbcd4f0b3372c4c97a667561e94bb6c9de4", "Title": "libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS", "Description": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/02/06/6", "https://access.redhat.com/errata/RHSA-2025:17347", "https://access.redhat.com/errata/RHSA-2025:4049", "https://access.redhat.com/errata/RHSA-2025:7077", "https://access.redhat.com/errata/RHSA-2025:8021", "https://access.redhat.com/errata/RHSA-2025:8385", "https://access.redhat.com/security/cve/CVE-2024-12133", "https://bugzilla.redhat.com/2344611", "https://bugzilla.redhat.com/show_bug.cgi?id=2344611", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12133", "https://errata.almalinux.org/9/ALSA-2025-7077.html", "https://errata.rockylinux.org/RLSA-2025:7077", "https://gitlab.com/gnutls/libtasn1/-/blob/master/doc/security/CVE-2024-12133.md", "https://gitlab.com/gnutls/libtasn1/-/blob/master/doc/security/CVE-2024-12133.md?ref_type=heads", "https://gitlab.com/gnutls/libtasn1/-/issues/52", "https://linux.oracle.com/cve/CVE-2024-12133.html", "https://linux.oracle.com/errata/ELSA-2025-7077.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-12133", "https://security.netapp.com/advisory/ntap-20250523-0003/", "https://ubuntu.com/security/notices/USN-7275-1", "https://ubuntu.com/security/notices/USN-7275-2", "https://www.cve.org/CVERecord?id=CVE-2024-12133" ], "PublishedDate": "2025-02-10T16:15:37.26Z", "LastModifiedDate": "2026-03-24T23:17:06.61Z" }, { "VulnerabilityID": "CVE-2025-13151", "PkgID": "libtasn1-6@4.18.0-4build1", "PkgName": "libtasn1-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "293e71af62e5b4c1", "BOMRef": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "4.18.0-4build1", "FixedVersion": "4.18.0-4ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13151", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:00d6b9e3a05bfe5c254a55f51486e3000151a515ca1310a93f204497b2a4bf2b", "Title": "libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string", "Description": "Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "amazon": 3, "azure": 1, "cbl-mariner": 1, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/08/5", "https://access.redhat.com/security/cve/CVE-2025-13151", "https://gitlab.com/gnutls/libtasn1", "https://gitlab.com/gnutls/libtasn1/-/merge_requests/121", "https://nvd.nist.gov/vuln/detail/CVE-2025-13151", "https://ubuntu.com/security/notices/USN-7954-1", "https://ubuntu.com/security/notices/USN-7954-2", "https://www.cve.org/CVERecord?id=CVE-2025-13151", "https://www.kb.cert.org/vuls/id/271649" ], "PublishedDate": "2026-01-07T22:15:43.2Z", "LastModifiedDate": "2026-02-02T19:27:23.07Z" }, { "VulnerabilityID": "CVE-2021-46848", "PkgID": "libtasn1-6@4.18.0-4build1", "PkgName": "libtasn1-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "293e71af62e5b4c1", "BOMRef": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "4.18.0-4build1", "FixedVersion": "4.18.0-4ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-46848", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e31d0f49c3d76b646cd6e1b43fdb88c6bdf73fc3603dd15d3f58e36508886f22", "Title": "libtasn1: Out-of-bound access in ETYPE_OK", "Description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "Severity": "LOW", "CweIDs": [ "CWE-193" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 2, "photon": 4, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:0343", "https://access.redhat.com/security/cve/CVE-2021-46848", "https://bugs.gentoo.org/866237", "https://bugzilla.redhat.com/2140058", "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", "https://errata.almalinux.org/9/ALSA-2023-0343.html", "https://errata.rockylinux.org/RLSA-2023:0343", "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", "https://gitlab.com/gnutls/libtasn1/-/issues/32", "https://linux.oracle.com/cve/CVE-2021-46848.html", "https://linux.oracle.com/errata/ELSA-2023-0343.html", "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", "https://security.netapp.com/advisory/ntap-20221118-0006/", "https://ubuntu.com/security/notices/USN-5707-1", "https://ubuntu.com/security/notices/USN-7954-1", "https://ubuntu.com/security/notices/USN-7954-2", "https://www.cve.org/CVERecord?id=CVE-2021-46848" ], "PublishedDate": "2022-10-24T14:15:49.973Z", "LastModifiedDate": "2025-05-07T15:15:52.307Z" }, { "VulnerabilityID": "CVE-2023-29491", "PkgID": "libtinfo6@6.3-2", "PkgName": "libtinfo6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "fa7375b15eaca5cc", "BOMRef": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:905e1aee185925149247cb0158a2fbe0d909d27db26ee96ce22ef5092b48c0cf", "Title": "ncurses: Local users can trigger security-relevant memory corruption via malformed data", "Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", "http://www.openwall.com/lists/oss-security/2023/04/19/11", "https://access.redhat.com/errata/RHSA-2023:6698", "https://access.redhat.com/security/cve/CVE-2023-29491", "https://bugzilla.redhat.com/2191704", "https://errata.almalinux.org/9/ALSA-2023-6698.html", "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", "https://linux.oracle.com/cve/CVE-2023-29491.html", "https://linux.oracle.com/errata/ELSA-2023-6698.html", "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", "https://security.netapp.com/advisory/ntap-20230517-0009/", "https://support.apple.com/kb/HT213843", "https://support.apple.com/kb/HT213844", "https://support.apple.com/kb/HT213845", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2023-29491", "https://www.openwall.com/lists/oss-security/2023/04/12/5", "https://www.openwall.com/lists/oss-security/2023/04/13/4" ], "PublishedDate": "2023-04-14T01:15:08.57Z", "LastModifiedDate": "2025-11-04T19:15:42.307Z" }, { "VulnerabilityID": "CVE-2022-29458", "PkgID": "libtinfo6@6.3-2", "PkgName": "libtinfo6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "fa7375b15eaca5cc", "BOMRef": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-29458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:88151003e40561d407b58f35a5c3d9921c213abf8faba40fcc4f83f75ac0c8fb", "Title": "ncurses: segfaulting OOB read", "Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "V2Score": 5.8, "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "V3Score": 6.1 } }, "References": [ "http://seclists.org/fulldisclosure/2022/Oct/28", "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", "https://bugzilla.redhat.com/show_bug.cgi?id=2076483", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", "https://errata.rockylinux.org/RLSA-2025:12876", "https://invisible-island.net/ncurses/NEWS.html#t20220416", "https://linux.oracle.com/cve/CVE-2022-29458.html", "https://linux.oracle.com/errata/ELSA-2025-12876.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "https://support.apple.com/kb/HT213488", "https://ubuntu.com/security/notices/USN-5477-1", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2022-29458" ], "PublishedDate": "2022-04-18T21:15:07.6Z", "LastModifiedDate": "2025-06-09T15:15:27.43Z" }, { "VulnerabilityID": "CVE-2023-50495", "PkgID": "libtinfo6@6.3-2", "PkgName": "libtinfo6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "fa7375b15eaca5cc", "BOMRef": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50495", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ccc0e7971d06c6a7e905950473e9541ea61d7035c287824f23dc8f118c2a1850", "Title": "ncurses: segmentation fault via _nc_wrap_entry()", "Description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "Severity": "LOW", "VendorSeverity": { "amazon": 2, "cbl-mariner": 2, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-50495", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-50495", "https://security.netapp.com/advisory/ntap-20240119-0008/", "https://ubuntu.com/security/notices/USN-6684-1", "https://www.cve.org/CVERecord?id=CVE-2023-50495" ], "PublishedDate": "2023-12-12T15:15:07.867Z", "LastModifiedDate": "2025-11-04T19:16:14.45Z" }, { "VulnerabilityID": "CVE-2025-4598", "PkgID": "libudev1@249.11-0ubuntu3.9", "PkgName": "libudev1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "31f61eb9b05df0f1", "BOMRef": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "FixedVersion": "249.11-0ubuntu3.16", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-4598", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:da0bd3554cac4593a05884e82f7453b90e4a59685cd105496980434cf040256f", "Title": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump", "Description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "Severity": "MEDIUM", "CweIDs": [ "CWE-364" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.7 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Jun/9", "http://www.openwall.com/lists/oss-security/2025/06/05/1", "http://www.openwall.com/lists/oss-security/2025/06/05/3", "http://www.openwall.com/lists/oss-security/2025/08/18/3", "https://access.redhat.com/errata/RHSA-2025:22660", "https://access.redhat.com/errata/RHSA-2025:22868", "https://access.redhat.com/errata/RHSA-2025:23227", "https://access.redhat.com/errata/RHSA-2025:23234", "https://access.redhat.com/errata/RHSA-2026:0414", "https://access.redhat.com/errata/RHSA-2026:1652", "https://access.redhat.com/security/cve/CVE-2025-4598", "https://blogs.oracle.com/linux/post/analysis-of-cve-2025-4598", "https://bugzilla.redhat.com/2369242", "https://bugzilla.redhat.com/show_bug.cgi?id=2369242", "https://ciq.com/blog/the-real-danger-of-systemd-coredump-cve-2025-4598/", "https://errata.almalinux.org/9/ALSA-2025-22660.html", "https://git.kernel.org/linus/b5325b2a270fcaf7b2a9a0f23d422ca8a5a8bdea", "https://github.com/systemd/systemd/commit/0c49e0049b7665bb7769a13ef346fef92e1ad4d6 (main)", "https://github.com/systemd/systemd/commit/13902e025321242b1d95c6d8b4e482b37f58cdef (main)", "https://github.com/systemd/systemd/commit/49f1f2d4a7612bbed5211a73d11d6a94fbe3bb69 (main)", "https://github.com/systemd/systemd/commit/76e0ab49c47965877c19772a2b3bf55f6417ca39 (main)", "https://github.com/systemd/systemd/commit/868d95577ec9f862580ad365726515459be582fc (main)", "https://github.com/systemd/systemd/commit/8fc7b2a211eb13ef1a94250b28e1c79cab8bdcb9 (main)", "https://github.com/systemd/systemd/commit/9ce8e3e449def92c75ada41b7d10c5bc3946be77 (main)", "https://github.com/systemd/systemd/commit/e6a8687b939ab21854f12f59a3cce703e32768cf (main)", "https://linux.oracle.com/cve/CVE-2025-4598.html", "https://linux.oracle.com/errata/ELSA-2025-22660.html", "https://lists.debian.org/debian-lts-announce/2025/07/msg00022.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-4598", "https://ubuntu.com/security/notices/USN-7559-1", "https://www.cve.org/CVERecord?id=CVE-2025-4598", "https://www.openwall.com/lists/oss-security/2025/05/29/3", "https://www.openwall.com/lists/oss-security/2025/08/18/3", "https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt" ], "PublishedDate": "2025-05-30T14:15:23.557Z", "LastModifiedDate": "2026-02-02T10:16:05.983Z" }, { "VulnerabilityID": "CVE-2026-29111", "PkgID": "libudev1@249.11-0ubuntu3.9", "PkgName": "libudev1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "31f61eb9b05df0f1", "BOMRef": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "FixedVersion": "249.11-0ubuntu3.19", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29111", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:eeb553282f21717553acc78e0b8ad6c6a45fad3c9af882e69004b8a140d43d15", "Title": "systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data", "Description": "systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.", "Severity": "MEDIUM", "CweIDs": [ "CWE-269" ], "VendorSeverity": { "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29111", "https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a", "https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6", "https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412", "https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd", "https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f", "https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f", "https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69", "https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6", "https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c", "https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8", "https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764", "https://nvd.nist.gov/vuln/detail/CVE-2026-29111", "https://ubuntu.com/security/notices/USN-8119-1", "https://ubuntu.com/security/notices/USN-8119-2", "https://www.cve.org/CVERecord?id=CVE-2026-29111" ], "PublishedDate": "2026-03-23T22:16:26.267Z", "LastModifiedDate": "2026-03-24T15:53:48.067Z" }, { "VulnerabilityID": "CVE-2023-7008", "PkgID": "libudev1@249.11-0ubuntu3.9", "PkgName": "libudev1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "31f61eb9b05df0f1", "BOMRef": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-7008", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:49c8d3fb23651fdf394a305dbbef1cb1b00a4d2598bd1bf5a35a2d31a1360660", "Title": "systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes", "Description": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", "Severity": "LOW", "CweIDs": [ "CWE-300" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2463", "https://access.redhat.com/errata/RHSA-2024:3203", "https://access.redhat.com/security/cve/CVE-2023-7008", "https://bugzilla.redhat.com/2222672", "https://bugzilla.redhat.com/show_bug.cgi?id=2222261", "https://bugzilla.redhat.com/show_bug.cgi?id=2222672", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7008", "https://errata.almalinux.org/9/ALSA-2024-2463.html", "https://errata.rockylinux.org/RLSA-2024:2463", "https://github.com/systemd/systemd/issues/25676", "https://linux.oracle.com/cve/CVE-2023-7008.html", "https://linux.oracle.com/errata/ELSA-2024-3203.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMDEG5PKONWNHOEYSUDRT6JEOISRMN2/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHNBXGKJWISJETTTDTZKTBFIBJUOSLKL/", "https://nvd.nist.gov/vuln/detail/CVE-2023-7008", "https://security.netapp.com/advisory/ntap-20241122-0004/", "https://www.cve.org/CVERecord?id=CVE-2023-7008" ], "PublishedDate": "2023-12-23T13:15:07.573Z", "LastModifiedDate": "2025-11-04T17:15:43.4Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "libuuid1@2.37.2-4ubuntu3", "PkgName": "libuuid1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libuuid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "189fc01c7ee1cffd", "BOMRef": "pkg:deb/ubuntu/libuuid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e384a6bf36ce66a60697803ee4362f5dfc7af8f809ba0eede5270f1661f71ffe", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2023-3138", "PkgID": "libx11-6@2:1.7.5-1", "PkgName": "libx11-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a327a803ee8e21f7", "BOMRef": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3138", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ffdfe2673674ed345380899f2ffc0b07e938af2b577554f83179bf157ba55d37", "Title": "libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow", "Description": "A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", "V3Score": 7.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6497", "https://access.redhat.com/security/cve/CVE-2023-3138", "https://bugzilla.redhat.com/2213748", "https://errata.almalinux.org/9/ALSA-2023-6497.html", "https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c", "https://linux.oracle.com/cve/CVE-2023-3138.html", "https://linux.oracle.com/errata/ELSA-2023-7029.html", "https://lists.x.org/archives/xorg-announce/2023-June/003406.html", "https://lists.x.org/archives/xorg-announce/2023-June/003407.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3138", "https://security.netapp.com/advisory/ntap-20231208-0008/", "https://ubuntu.com/security/notices/USN-6168-1", "https://ubuntu.com/security/notices/USN-6168-2", "https://www.cve.org/CVERecord?id=CVE-2023-3138" ], "PublishedDate": "2023-06-28T21:15:10.247Z", "LastModifiedDate": "2024-11-21T08:16:32.423Z" }, { "VulnerabilityID": "CVE-2023-43785", "PkgID": "libx11-6@2:1.7.5-1", "PkgName": "libx11-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a327a803ee8e21f7", "BOMRef": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43785", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f59d01b849dbb3d326d4c8c65e1293824df4567ff45a336988e2cd4d91dcadd5", "Title": "libX11: out-of-bounds memory access in _XkbReadKeySyms()", "Description": "A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787", "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43785", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43785.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00004.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43785", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://www.cve.org/CVERecord?id=CVE-2023-43785" ], "PublishedDate": "2023-10-10T13:15:21.877Z", "LastModifiedDate": "2025-11-04T20:17:07.24Z" }, { "VulnerabilityID": "CVE-2023-43786", "PkgID": "libx11-6@2:1.7.5-1", "PkgName": "libx11-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a327a803ee8e21f7", "BOMRef": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43786", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b36fdf21d7c201ae971082438515b7d89ec241b0505806c5d061a4db2d15b197", "Title": "libX11: stack exhaustion from infinite recursion in PutSubImage()", "Description": "A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-835" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43786", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43786.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/", "https://nvd.nist.gov/vuln/detail/CVE-2023-43786", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43786" ], "PublishedDate": "2023-10-10T13:15:22.023Z", "LastModifiedDate": "2025-11-04T20:17:07.39Z" }, { "VulnerabilityID": "CVE-2023-43787", "PkgID": "libx11-6@2:1.7.5-1", "PkgName": "libx11-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a327a803ee8e21f7", "BOMRef": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43787", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c192166266862ff58646132969d976399f6a1a09dc2b4046a9d2fffdeb2dd2f0", "Title": "libX11: integer overflow in XCreateImage() leading to a heap overflow", "Description": "A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43787", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/", "https://linux.oracle.com/cve/CVE-2023-43787.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43787", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43787" ], "PublishedDate": "2023-10-10T13:15:22.083Z", "LastModifiedDate": "2025-11-04T20:17:07.523Z" }, { "VulnerabilityID": "CVE-2023-3138", "PkgID": "libx11-data@2:1.7.5-1", "PkgName": "libx11-data", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f83eeb7f13e45a5", "BOMRef": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3138", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:38c75cc41183a1f2972eb67b3b601b1f4275f43c23c0237ab748e6c71be9556f", "Title": "libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow", "Description": "A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", "V3Score": 7.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6497", "https://access.redhat.com/security/cve/CVE-2023-3138", "https://bugzilla.redhat.com/2213748", "https://errata.almalinux.org/9/ALSA-2023-6497.html", "https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c", "https://linux.oracle.com/cve/CVE-2023-3138.html", "https://linux.oracle.com/errata/ELSA-2023-7029.html", "https://lists.x.org/archives/xorg-announce/2023-June/003406.html", "https://lists.x.org/archives/xorg-announce/2023-June/003407.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3138", "https://security.netapp.com/advisory/ntap-20231208-0008/", "https://ubuntu.com/security/notices/USN-6168-1", "https://ubuntu.com/security/notices/USN-6168-2", "https://www.cve.org/CVERecord?id=CVE-2023-3138" ], "PublishedDate": "2023-06-28T21:15:10.247Z", "LastModifiedDate": "2024-11-21T08:16:32.423Z" }, { "VulnerabilityID": "CVE-2023-43785", "PkgID": "libx11-data@2:1.7.5-1", "PkgName": "libx11-data", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f83eeb7f13e45a5", "BOMRef": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43785", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3698e00328a6c6b58a6383414cd457c26c02d1215f8407d6598420ba0731fb14", "Title": "libX11: out-of-bounds memory access in _XkbReadKeySyms()", "Description": "A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787", "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43785", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43785.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00004.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43785", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://www.cve.org/CVERecord?id=CVE-2023-43785" ], "PublishedDate": "2023-10-10T13:15:21.877Z", "LastModifiedDate": "2025-11-04T20:17:07.24Z" }, { "VulnerabilityID": "CVE-2023-43786", "PkgID": "libx11-data@2:1.7.5-1", "PkgName": "libx11-data", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f83eeb7f13e45a5", "BOMRef": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43786", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b8274369ed5cef00ea7f22f45d25bf7ef7652fc435111b8096b8cde07103f28c", "Title": "libX11: stack exhaustion from infinite recursion in PutSubImage()", "Description": "A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-835" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43786", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43786.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/", "https://nvd.nist.gov/vuln/detail/CVE-2023-43786", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43786" ], "PublishedDate": "2023-10-10T13:15:22.023Z", "LastModifiedDate": "2025-11-04T20:17:07.39Z" }, { "VulnerabilityID": "CVE-2023-43787", "PkgID": "libx11-data@2:1.7.5-1", "PkgName": "libx11-data", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f83eeb7f13e45a5", "BOMRef": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43787", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9f2423ac1d3a8c3553be71d11d850793d3f027b8aa8e3ea70207924e524bda0d", "Title": "libX11: integer overflow in XCreateImage() leading to a heap overflow", "Description": "A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43787", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/", "https://linux.oracle.com/cve/CVE-2023-43787.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43787", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43787" ], "PublishedDate": "2023-10-10T13:15:22.083Z", "LastModifiedDate": "2025-11-04T20:17:07.523Z" }, { "VulnerabilityID": "CVE-2023-3138", "PkgID": "libx11-dev@2:1.7.5-1", "PkgName": "libx11-dev", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "67b6ce2121379529", "BOMRef": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3138", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d190ad7aa419417168ecb1eda89bfae742474dcd6e0385a7db6ffd6f61ba4920", "Title": "libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow", "Description": "A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", "V3Score": 7.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6497", "https://access.redhat.com/security/cve/CVE-2023-3138", "https://bugzilla.redhat.com/2213748", "https://errata.almalinux.org/9/ALSA-2023-6497.html", "https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c", "https://linux.oracle.com/cve/CVE-2023-3138.html", "https://linux.oracle.com/errata/ELSA-2023-7029.html", "https://lists.x.org/archives/xorg-announce/2023-June/003406.html", "https://lists.x.org/archives/xorg-announce/2023-June/003407.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3138", "https://security.netapp.com/advisory/ntap-20231208-0008/", "https://ubuntu.com/security/notices/USN-6168-1", "https://ubuntu.com/security/notices/USN-6168-2", "https://www.cve.org/CVERecord?id=CVE-2023-3138" ], "PublishedDate": "2023-06-28T21:15:10.247Z", "LastModifiedDate": "2024-11-21T08:16:32.423Z" }, { "VulnerabilityID": "CVE-2023-43785", "PkgID": "libx11-dev@2:1.7.5-1", "PkgName": "libx11-dev", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "67b6ce2121379529", "BOMRef": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43785", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3fcd534dfafb28d21159e08138968a55989ae5452964bc9ab04777cefd3cf3a2", "Title": "libX11: out-of-bounds memory access in _XkbReadKeySyms()", "Description": "A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787", "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43785", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43785.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00004.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43785", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://www.cve.org/CVERecord?id=CVE-2023-43785" ], "PublishedDate": "2023-10-10T13:15:21.877Z", "LastModifiedDate": "2025-11-04T20:17:07.24Z" }, { "VulnerabilityID": "CVE-2023-43786", "PkgID": "libx11-dev@2:1.7.5-1", "PkgName": "libx11-dev", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "67b6ce2121379529", "BOMRef": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43786", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e2c453e8bf48216ff7b170f3aa8e112f3f6b0b448258801a17a6fc20c4419922", "Title": "libX11: stack exhaustion from infinite recursion in PutSubImage()", "Description": "A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-835" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43786", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43786.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/", "https://nvd.nist.gov/vuln/detail/CVE-2023-43786", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43786" ], "PublishedDate": "2023-10-10T13:15:22.023Z", "LastModifiedDate": "2025-11-04T20:17:07.39Z" }, { "VulnerabilityID": "CVE-2023-43787", "PkgID": "libx11-dev@2:1.7.5-1", "PkgName": "libx11-dev", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "67b6ce2121379529", "BOMRef": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43787", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:592a4fe00b126d385e357e19f5f8349b311e11082fcfaf95fb159cc3de525247", "Title": "libX11: integer overflow in XCreateImage() leading to a heap overflow", "Description": "A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43787", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/", "https://linux.oracle.com/cve/CVE-2023-43787.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43787", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43787" ], "PublishedDate": "2023-10-10T13:15:22.083Z", "LastModifiedDate": "2025-11-04T20:17:07.523Z" }, { "VulnerabilityID": "CVE-2023-3138", "PkgID": "libx11-xcb1@2:1.7.5-1", "PkgName": "libx11-xcb1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "ea45f5e41b8d25a5", "BOMRef": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3138", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a8ff7fcda22244f082d5e7035ddb59a1df9ae2af39c0326b6d57f9246cc1990e", "Title": "libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow", "Description": "A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", "V3Score": 7.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6497", "https://access.redhat.com/security/cve/CVE-2023-3138", "https://bugzilla.redhat.com/2213748", "https://errata.almalinux.org/9/ALSA-2023-6497.html", "https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c", "https://linux.oracle.com/cve/CVE-2023-3138.html", "https://linux.oracle.com/errata/ELSA-2023-7029.html", "https://lists.x.org/archives/xorg-announce/2023-June/003406.html", "https://lists.x.org/archives/xorg-announce/2023-June/003407.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3138", "https://security.netapp.com/advisory/ntap-20231208-0008/", "https://ubuntu.com/security/notices/USN-6168-1", "https://ubuntu.com/security/notices/USN-6168-2", "https://www.cve.org/CVERecord?id=CVE-2023-3138" ], "PublishedDate": "2023-06-28T21:15:10.247Z", "LastModifiedDate": "2024-11-21T08:16:32.423Z" }, { "VulnerabilityID": "CVE-2023-43785", "PkgID": "libx11-xcb1@2:1.7.5-1", "PkgName": "libx11-xcb1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "ea45f5e41b8d25a5", "BOMRef": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43785", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0796cb16315cd144d9122eafb488d3339da0d66de3753927cef08e524e9f51ba", "Title": "libX11: out-of-bounds memory access in _XkbReadKeySyms()", "Description": "A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787", "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43785", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43785.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00004.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43785", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://www.cve.org/CVERecord?id=CVE-2023-43785" ], "PublishedDate": "2023-10-10T13:15:21.877Z", "LastModifiedDate": "2025-11-04T20:17:07.24Z" }, { "VulnerabilityID": "CVE-2023-43786", "PkgID": "libx11-xcb1@2:1.7.5-1", "PkgName": "libx11-xcb1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "ea45f5e41b8d25a5", "BOMRef": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43786", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6924f7b2e1317959c95717199ac46d60dbe799fd4fa583f1bd32bb19399ae340", "Title": "libX11: stack exhaustion from infinite recursion in PutSubImage()", "Description": "A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-835" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43786", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43786.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/", "https://nvd.nist.gov/vuln/detail/CVE-2023-43786", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43786" ], "PublishedDate": "2023-10-10T13:15:22.023Z", "LastModifiedDate": "2025-11-04T20:17:07.39Z" }, { "VulnerabilityID": "CVE-2023-43787", "PkgID": "libx11-xcb1@2:1.7.5-1", "PkgName": "libx11-xcb1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "ea45f5e41b8d25a5", "BOMRef": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43787", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:061211b8190161d4b0b39a291d464dc752aa6360ac296d82fa140a27f0abb7a9", "Title": "libX11: integer overflow in XCreateImage() leading to a heap overflow", "Description": "A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43787", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/", "https://linux.oracle.com/cve/CVE-2023-43787.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43787", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43787" ], "PublishedDate": "2023-10-10T13:15:22.083Z", "LastModifiedDate": "2025-11-04T20:17:07.523Z" }, { "VulnerabilityID": "CVE-2022-49043", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-49043", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:dbbc3128a7f134a06bdad3ea9957c9811d425778900695dfad3136c2e68e6cc3", "Title": "libxml: use-after-free in xmlXIncludeAddNode", "Description": "xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.", "Severity": "MEDIUM", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "cbl-mariner": 4, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:1350", "https://access.redhat.com/security/cve/CVE-2022-49043", "https://bugzilla.redhat.com/2342118", "https://bugzilla.redhat.com/show_bug.cgi?id=2342118", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043", "https://errata.almalinux.org/9/ALSA-2025-1350.html", "https://errata.rockylinux.org/RLSA-2025:1517", "https://github.com/php/php-src/issues/17467", "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b", "https://linux.oracle.com/cve/CVE-2022-49043.html", "https://linux.oracle.com/errata/ELSA-2025-1517.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-49043", "https://ubuntu.com/security/notices/USN-7240-1", "https://ubuntu.com/security/notices/USN-7302-1", "https://www.cve.org/CVERecord?id=CVE-2022-49043" ], "PublishedDate": "2025-01-26T06:15:21Z", "LastModifiedDate": "2025-11-03T21:15:55.003Z" }, { "VulnerabilityID": "CVE-2024-25062", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-25062", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:726d2291f07bfba0d45f69b4bdaa92586dfecb9af6a6af91c20bded65d0e9365", "Title": "libxml2: use-after-free in XMLReader", "Description": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", "Severity": "MEDIUM", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2679", "https://access.redhat.com/security/cve/CVE-2024-25062", "https://bugzilla.redhat.com/2262726", "https://bugzilla.redhat.com/show_bug.cgi?id=2262726", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062", "https://errata.almalinux.org/9/ALSA-2024-2679.html", "https://errata.rockylinux.org/RLSA-2024:2679", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/604", "https://gitlab.gnome.org/GNOME/libxml2/-/tags", "https://linux.oracle.com/cve/CVE-2024-25062.html", "https://linux.oracle.com/errata/ELSA-2024-3626.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-25062", "https://security.netapp.com/advisory/ntap-20241018-0009/", "https://ubuntu.com/security/notices/USN-6658-1", "https://ubuntu.com/security/notices/USN-6658-2", "https://www.cve.org/CVERecord?id=CVE-2024-25062" ], "PublishedDate": "2024-02-04T16:15:45.12Z", "LastModifiedDate": "2025-11-03T22:16:47.667Z" }, { "VulnerabilityID": "CVE-2024-56171", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56171", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7952a6b2627df188fc349b3173636242d0e12352d53a3ad9c6bfb10cd9f56635", "Title": "libxml2: Use-After-Free in libxml2", "Description": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 8.1 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Apr/10", "http://seclists.org/fulldisclosure/2025/Apr/11", "http://seclists.org/fulldisclosure/2025/Apr/12", "http://seclists.org/fulldisclosure/2025/Apr/13", "http://seclists.org/fulldisclosure/2025/Apr/4", "http://seclists.org/fulldisclosure/2025/Apr/5", "http://seclists.org/fulldisclosure/2025/Apr/8", "http://seclists.org/fulldisclosure/2025/Apr/9", "https://access.redhat.com/errata/RHSA-2025:2679", "https://access.redhat.com/security/cve/CVE-2024-56171", "https://bugzilla.redhat.com/2346416", "https://bugzilla.redhat.com/2346421", "https://bugzilla.redhat.com/show_bug.cgi?id=2346416", "https://bugzilla.redhat.com/show_bug.cgi?id=2346421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928", "https://errata.almalinux.org/9/ALSA-2025-2679.html", "https://errata.rockylinux.org/RLSA-2025:2679", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828", "https://linux.oracle.com/cve/CVE-2024-56171.html", "https://linux.oracle.com/errata/ELSA-2025-2686.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-56171", "https://security.netapp.com/advisory/ntap-20250328-0010/", "https://ubuntu.com/security/notices/USN-7302-1", "https://www.cve.org/CVERecord?id=CVE-2024-56171", "https://www.openwall.com/lists/oss-security/2025/02/18/2" ], "PublishedDate": "2025-02-18T22:15:12.797Z", "LastModifiedDate": "2025-11-03T21:17:50.75Z" }, { "VulnerabilityID": "CVE-2025-24928", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-24928", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:01b692a6f8a7c6f6b2cecf140e51a21c2f5001f8784277c202e22d949944ec44", "Title": "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2", "Description": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047.", "Severity": "MEDIUM", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "V3Score": 7.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:2679", "https://access.redhat.com/security/cve/CVE-2025-24928", "https://bugzilla.redhat.com/2346416", "https://bugzilla.redhat.com/2346421", "https://bugzilla.redhat.com/show_bug.cgi?id=2346416", "https://bugzilla.redhat.com/show_bug.cgi?id=2346421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928", "https://errata.almalinux.org/9/ALSA-2025-2679.html", "https://errata.rockylinux.org/RLSA-2025:2679", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847", "https://issues.oss-fuzz.com/issues/392687022", "https://linux.oracle.com/cve/CVE-2025-24928.html", "https://linux.oracle.com/errata/ELSA-2025-2686.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-24928", "https://security.netapp.com/advisory/ntap-20250321-0006/", "https://ubuntu.com/security/notices/USN-7302-1", "https://www.cve.org/CVERecord?id=CVE-2025-24928", "https://www.openwall.com/lists/oss-security/2025/02/18/2" ], "PublishedDate": "2025-02-18T23:15:10.25Z", "LastModifiedDate": "2025-11-03T22:18:40.877Z" }, { "VulnerabilityID": "CVE-2025-27113", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-27113", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3fa2ad59e084a21a4c0ea4f8b815729680a20228d339e9d4cd4abd4b9531e35c", "Title": "libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch", "Description": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.", "Severity": "MEDIUM", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "amazon": 3, "azure": 1, "cbl-mariner": 1, "nvd": 3, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 3.1 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Apr/10", "http://seclists.org/fulldisclosure/2025/Apr/11", "http://seclists.org/fulldisclosure/2025/Apr/12", "http://seclists.org/fulldisclosure/2025/Apr/13", "http://seclists.org/fulldisclosure/2025/Apr/4", "http://seclists.org/fulldisclosure/2025/Apr/5", "http://seclists.org/fulldisclosure/2025/Apr/8", "http://seclists.org/fulldisclosure/2025/Apr/9", "https://access.redhat.com/security/cve/CVE-2025-27113", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/861", "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-27113", "https://security.netapp.com/advisory/ntap-20250306-0004/", "https://ubuntu.com/security/notices/USN-7302-1", "https://www.cve.org/CVERecord?id=CVE-2025-27113", "https://www.openwall.com/lists/oss-security/2025/02/18/2" ], "PublishedDate": "2025-02-18T23:15:10.96Z", "LastModifiedDate": "2025-11-03T22:18:43.34Z" }, { "VulnerabilityID": "CVE-2025-32414", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32414", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:75d97ff3e3ebf0504cd48027e7c879e5aa38b69442c48c8d8395e3faf11a1614", "Title": "libxml2: Out-of-Bounds Read in libxml2", "Description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.", "Severity": "MEDIUM", "CweIDs": [ "CWE-393", "CWE-252" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "V3Score": 5.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:13428", "https://access.redhat.com/security/cve/CVE-2025-32414", "https://bugzilla.redhat.com/2358121", "https://bugzilla.redhat.com/2360768", "https://bugzilla.redhat.com/show_bug.cgi?id=2358121", "https://bugzilla.redhat.com/show_bug.cgi?id=2360768", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415", "https://errata.almalinux.org/9/ALSA-2025-13428.html", "https://errata.rockylinux.org/RLSA-2025:13428", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889", "https://linux.oracle.com/cve/CVE-2025-32414.html", "https://linux.oracle.com/errata/ELSA-2025-8958.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-32414", "https://ubuntu.com/security/notices/USN-7467-1", "https://ubuntu.com/security/notices/USN-7467-2", "https://ubuntu.com/security/notices/USN-7896-1", "https://www.cve.org/CVERecord?id=CVE-2025-32414" ], "PublishedDate": "2025-04-08T03:15:15.94Z", "LastModifiedDate": "2025-11-03T20:18:27.087Z" }, { "VulnerabilityID": "CVE-2025-32415", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32415", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e9b1dd6a38d7b7ca447ae5dda4250b810f31ea2ccb88e1d81fc5411e63d0399f", "Title": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables", "Description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1284", "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 1, "cbl-mariner": 1, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:13428", "https://access.redhat.com/security/cve/CVE-2025-32415", "https://bugzilla.redhat.com/2358121", "https://bugzilla.redhat.com/2360768", "https://bugzilla.redhat.com/show_bug.cgi?id=2358121", "https://bugzilla.redhat.com/show_bug.cgi?id=2360768", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415", "https://errata.almalinux.org/9/ALSA-2025-13428.html", "https://errata.rockylinux.org/RLSA-2025:13428", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/890", "https://linux.oracle.com/cve/CVE-2025-32415.html", "https://linux.oracle.com/errata/ELSA-2025-13789.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-32415", "https://ubuntu.com/security/notices/USN-7467-1", "https://ubuntu.com/security/notices/USN-7467-2", "https://ubuntu.com/security/notices/USN-7896-1", "https://www.cve.org/CVERecord?id=CVE-2025-32415" ], "PublishedDate": "2025-04-17T17:15:33.733Z", "LastModifiedDate": "2025-11-03T20:18:27.213Z" }, { "VulnerabilityID": "CVE-2025-49794", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.8", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-49794", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8833434cf5446d3e4670ba0657202b09cd4eb3f7731d55f5c99822fe40734ad3", "Title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)", "Description": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.", "Severity": "MEDIUM", "CweIDs": [ "CWE-825" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 4, "cbl-mariner": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "V3Score": 9.1 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:10630", "https://access.redhat.com/errata/RHSA-2025:10698", "https://access.redhat.com/errata/RHSA-2025:10699", "https://access.redhat.com/errata/RHSA-2025:11580", "https://access.redhat.com/errata/RHSA-2025:12098", "https://access.redhat.com/errata/RHSA-2025:12099", "https://access.redhat.com/errata/RHSA-2025:12199", "https://access.redhat.com/errata/RHSA-2025:12237", "https://access.redhat.com/errata/RHSA-2025:12239", "https://access.redhat.com/errata/RHSA-2025:12240", "https://access.redhat.com/errata/RHSA-2025:12241", "https://access.redhat.com/errata/RHSA-2025:13335", "https://access.redhat.com/errata/RHSA-2025:15397", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:18217", "https://access.redhat.com/errata/RHSA-2025:18218", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:18240", "https://access.redhat.com/errata/RHSA-2025:19020", "https://access.redhat.com/errata/RHSA-2025:19041", "https://access.redhat.com/errata/RHSA-2025:19046", "https://access.redhat.com/errata/RHSA-2025:19894", "https://access.redhat.com/errata/RHSA-2025:21913", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-49794", "https://bugzilla.redhat.com/2372373", "https://bugzilla.redhat.com/2372385", "https://bugzilla.redhat.com/2372406", "https://bugzilla.redhat.com/show_bug.cgi?id=2372373", "https://bugzilla.redhat.com/show_bug.cgi?id=2372385", "https://bugzilla.redhat.com/show_bug.cgi?id=2372406", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021", "https://errata.almalinux.org/9/ALSA-2025-10699.html", "https://errata.rockylinux.org/RLSA-2025:10699", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931", "https://linux.oracle.com/cve/CVE-2025-49794.html", "https://linux.oracle.com/errata/ELSA-2025-12240.html", "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-49794", "https://ubuntu.com/security/notices/USN-7694-1", "https://www.cve.org/CVERecord?id=CVE-2025-49794" ], "PublishedDate": "2025-06-16T16:15:18.997Z", "LastModifiedDate": "2026-03-20T20:16:45.907Z" }, { "VulnerabilityID": "CVE-2025-49796", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.8", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-49796", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b98da64ed4376fe52b102b0d645f97b43215a8a68fad4f3f57167082cb477dd4", "Title": "libxml: Type confusion leads to Denial of service (DoS)", "Description": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 4, "cbl-mariner": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "V3Score": 9.1 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:10630", "https://access.redhat.com/errata/RHSA-2025:10698", "https://access.redhat.com/errata/RHSA-2025:10699", "https://access.redhat.com/errata/RHSA-2025:11580", "https://access.redhat.com/errata/RHSA-2025:12098", "https://access.redhat.com/errata/RHSA-2025:12099", "https://access.redhat.com/errata/RHSA-2025:12199", "https://access.redhat.com/errata/RHSA-2025:12237", "https://access.redhat.com/errata/RHSA-2025:12239", "https://access.redhat.com/errata/RHSA-2025:12240", "https://access.redhat.com/errata/RHSA-2025:12241", "https://access.redhat.com/errata/RHSA-2025:13267", "https://access.redhat.com/errata/RHSA-2025:13335", "https://access.redhat.com/errata/RHSA-2025:15397", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:18217", "https://access.redhat.com/errata/RHSA-2025:18218", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:18240", "https://access.redhat.com/errata/RHSA-2025:19020", "https://access.redhat.com/errata/RHSA-2025:19041", "https://access.redhat.com/errata/RHSA-2025:19046", "https://access.redhat.com/errata/RHSA-2025:19894", "https://access.redhat.com/errata/RHSA-2025:21913", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-49796", "https://bugzilla.redhat.com/2372373", "https://bugzilla.redhat.com/2372385", "https://bugzilla.redhat.com/2372406", "https://bugzilla.redhat.com/show_bug.cgi?id=2372373", "https://bugzilla.redhat.com/show_bug.cgi?id=2372385", "https://bugzilla.redhat.com/show_bug.cgi?id=2372406", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021", "https://errata.almalinux.org/9/ALSA-2025-10699.html", "https://errata.rockylinux.org/RLSA-2025:10699", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933", "https://linux.oracle.com/cve/CVE-2025-49796.html", "https://linux.oracle.com/errata/ELSA-2025-12240.html", "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-49796", "https://ubuntu.com/security/notices/USN-7694-1", "https://www.cve.org/CVERecord?id=CVE-2025-49796" ], "PublishedDate": "2025-06-16T16:15:19.37Z", "LastModifiedDate": "2026-03-20T20:16:46.507Z" }, { "VulnerabilityID": "CVE-2025-6021", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.8", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6021", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:751cd8b4c557742289b15fb5bc5769ba63b6411afcaf8d2916251a07ec06fa9f", "Title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2", "Description": "A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 3, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:10630", "https://access.redhat.com/errata/RHSA-2025:10698", "https://access.redhat.com/errata/RHSA-2025:10699", "https://access.redhat.com/errata/RHSA-2025:11580", "https://access.redhat.com/errata/RHSA-2025:11673", "https://access.redhat.com/errata/RHSA-2025:12098", "https://access.redhat.com/errata/RHSA-2025:12099", "https://access.redhat.com/errata/RHSA-2025:12199", "https://access.redhat.com/errata/RHSA-2025:12237", "https://access.redhat.com/errata/RHSA-2025:12239", "https://access.redhat.com/errata/RHSA-2025:12240", "https://access.redhat.com/errata/RHSA-2025:12241", "https://access.redhat.com/errata/RHSA-2025:13267", "https://access.redhat.com/errata/RHSA-2025:13289", "https://access.redhat.com/errata/RHSA-2025:13325", "https://access.redhat.com/errata/RHSA-2025:13335", "https://access.redhat.com/errata/RHSA-2025:13336", "https://access.redhat.com/errata/RHSA-2025:14059", "https://access.redhat.com/errata/RHSA-2025:14396", "https://access.redhat.com/errata/RHSA-2025:15308", "https://access.redhat.com/errata/RHSA-2025:15672", "https://access.redhat.com/errata/RHSA-2025:19020", "https://access.redhat.com/security/cve/CVE-2025-6021", "https://bugzilla.redhat.com/2372373", "https://bugzilla.redhat.com/2372385", "https://bugzilla.redhat.com/2372406", "https://bugzilla.redhat.com/show_bug.cgi?id=2372373", "https://bugzilla.redhat.com/show_bug.cgi?id=2372385", "https://bugzilla.redhat.com/show_bug.cgi?id=2372406", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021", "https://errata.almalinux.org/9/ALSA-2025-10699.html", "https://errata.rockylinux.org/RLSA-2025:10699", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926", "https://linux.oracle.com/cve/CVE-2025-6021.html", "https://linux.oracle.com/errata/ELSA-2025-12240.html", "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6021", "https://ubuntu.com/security/notices/USN-7694-1", "https://www.cve.org/CVERecord?id=CVE-2025-6021" ], "PublishedDate": "2025-06-12T13:15:25.59Z", "LastModifiedDate": "2026-03-24T12:16:12.097Z" }, { "VulnerabilityID": "CVE-2025-6170", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.8", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6170", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b797e570aa5de0a7cd425db22743cb3d1f41fd2fa658b4deaf966f20a32085f9", "Title": "libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling", "Description": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.", "Severity": "MEDIUM", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "nvd": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 2.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 2.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-6170", "https://bugzilla.redhat.com/show_bug.cgi?id=2372952", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/941", "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6170", "https://ubuntu.com/security/notices/USN-7694-1", "https://www.cve.org/CVERecord?id=CVE-2025-6170" ], "PublishedDate": "2025-06-16T16:15:20.43Z", "LastModifiedDate": "2026-03-24T05:16:23.043Z" }, { "VulnerabilityID": "CVE-2025-7425", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.10", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-7425", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e2ff1d6559b211fc46902ab66875c890b27a975e59a904f3792c3562870e4d69", "Title": "libxslt: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr", "Description": "A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.", "Severity": "MEDIUM", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Aug/0", "http://seclists.org/fulldisclosure/2025/Jul/30", "http://seclists.org/fulldisclosure/2025/Jul/32", "http://seclists.org/fulldisclosure/2025/Jul/35", "http://seclists.org/fulldisclosure/2025/Jul/37", "http://www.openwall.com/lists/oss-security/2025/07/11/2", "https://access.redhat.com/errata/RHSA-2025:12447", "https://access.redhat.com/errata/RHSA-2025:12450", "https://access.redhat.com/errata/RHSA-2025:13267", "https://access.redhat.com/errata/RHSA-2025:13308", "https://access.redhat.com/errata/RHSA-2025:13309", "https://access.redhat.com/errata/RHSA-2025:13310", "https://access.redhat.com/errata/RHSA-2025:13311", "https://access.redhat.com/errata/RHSA-2025:13312", "https://access.redhat.com/errata/RHSA-2025:13313", "https://access.redhat.com/errata/RHSA-2025:13314", "https://access.redhat.com/errata/RHSA-2025:13335", "https://access.redhat.com/errata/RHSA-2025:13464", "https://access.redhat.com/errata/RHSA-2025:13622", "https://access.redhat.com/errata/RHSA-2025:14059", "https://access.redhat.com/errata/RHSA-2025:14396", "https://access.redhat.com/errata/RHSA-2025:14818", "https://access.redhat.com/errata/RHSA-2025:14819", "https://access.redhat.com/errata/RHSA-2025:14853", "https://access.redhat.com/errata/RHSA-2025:14858", "https://access.redhat.com/errata/RHSA-2025:15308", "https://access.redhat.com/errata/RHSA-2025:15672", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:21885", "https://access.redhat.com/errata/RHSA-2025:21913", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-7425", "https://bugzilla.redhat.com/2379274", "https://bugzilla.redhat.com/show_bug.cgi?id=2379274", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7425", "https://errata.almalinux.org/9/ALSA-2025-12447.html", "https://errata.rockylinux.org/RLSA-2025:12447", "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140", "https://linux.oracle.com/cve/CVE-2025-7425.html", "https://linux.oracle.com/errata/ELSA-2025-13464.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00035.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-7425", "https://ubuntu.com/security/notices/USN-7852-1", "https://ubuntu.com/security/notices/USN-7852-2", "https://ubuntu.com/security/notices/USN-7896-1", "https://www.cve.org/CVERecord?id=CVE-2025-7425" ], "PublishedDate": "2025-07-10T14:15:27.877Z", "LastModifiedDate": "2026-01-22T05:16:19.96Z" }, { "VulnerabilityID": "CVE-2025-9714", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.9", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-9714", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:79f639c12b3972c4f7bb7b3a16cbe41537ab007fcf2ce87b628fe52d84e6ae76", "Title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c", "Description": "Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "alma": 2, "nvd": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:22376", "https://access.redhat.com/security/cve/CVE-2025-9714", "https://bugzilla.redhat.com/2392605", "https://bugzilla.redhat.com/show_bug.cgi?id=2392605", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714", "https://errata.almalinux.org/9/ALSA-2025-22376.html", "https://errata.rockylinux.org/RLSA-2025:22376", "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21", "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148", "https://linux.oracle.com/cve/CVE-2025-9714.html", "https://linux.oracle.com/errata/ELSA-2025-22376.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00035.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-9714", "https://ubuntu.com/security/notices/USN-7743-1", "https://www.cve.org/CVERecord?id=CVE-2025-9714" ], "PublishedDate": "2025-09-10T19:15:42.707Z", "LastModifiedDate": "2025-11-03T19:16:17.563Z" }, { "VulnerabilityID": "CVE-2026-0989", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.11", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0989", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:eab496967d57d742469c43372a0e35db16560286e6ae50588bd4ed7bee0d205a", "Title": "libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow", "Description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested \u003cinclude\u003e directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0989", "https://bugzilla.redhat.com/show_bug.cgi?id=2429933", "https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/374", "https://nvd.nist.gov/vuln/detail/CVE-2026-0989", "https://ubuntu.com/security/notices/USN-7974-1", "https://www.cve.org/CVERecord?id=CVE-2026-0989" ], "PublishedDate": "2026-01-15T15:15:52.35Z", "LastModifiedDate": "2026-01-16T15:55:33.063Z" }, { "VulnerabilityID": "CVE-2026-0990", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.11", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0990", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:dba6c5c264e3f2a9dea6cbd33899e7b3917ea757de19fafdf899248507ffedb9", "Title": "libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing", "Description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0990", "https://bugzilla.redhat.com/show_bug.cgi?id=2429959", "https://nvd.nist.gov/vuln/detail/CVE-2026-0990", "https://ubuntu.com/security/notices/USN-7974-1", "https://www.cve.org/CVERecord?id=CVE-2026-0990" ], "PublishedDate": "2026-01-15T15:15:52.503Z", "LastModifiedDate": "2026-01-16T15:55:33.063Z" }, { "VulnerabilityID": "CVE-2026-0992", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.11", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0992", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:92690bb3fb26ab916b6737a65f7da4719cc08dbc0a18f1d2ac263b3ca0ded18a", "Title": "libxml2: libxml2: Denial of Service via crafted XML catalogs", "Description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated \u003cnextCatalog\u003e elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 2, "azure": 1, "cbl-mariner": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 2.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0992", "https://bugzilla.redhat.com/show_bug.cgi?id=2429975", "https://nvd.nist.gov/vuln/detail/CVE-2026-0992", "https://ubuntu.com/security/notices/USN-7974-1", "https://www.cve.org/CVERecord?id=CVE-2026-0992" ], "PublishedDate": "2026-01-15T15:15:52.657Z", "LastModifiedDate": "2026-01-16T15:55:33.063Z" }, { "VulnerabilityID": "CVE-2024-34459", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-34459", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:829604036921f0a271c3acb482e8394c84616453222d8e7257d3308b3684cc17", "Title": "libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c", "Description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "Severity": "LOW", "CweIDs": [ "CWE-122" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 3, "photon": 3, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2024-34459", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "https://ubuntu.com/security/notices/USN-7240-1", "https://ubuntu.com/security/notices/USN-7302-1", "https://www.cve.org/CVERecord?id=CVE-2024-34459" ], "PublishedDate": "2024-05-14T15:39:11.917Z", "LastModifiedDate": "2025-11-04T22:16:01.42Z" }, { "VulnerabilityID": "CVE-2025-8732", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.11", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-8732", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:185cecf1c9d4919d5f7777f9c0c53789bbcb7bdfe195c885a1e32e8a235a9c36", "Title": "libxml2: libxml2: Uncontrolled Recursion Vulnerability", "Description": "A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that \"[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all.\"", "Severity": "LOW", "CweIDs": [ "CWE-404", "CWE-674" ], "VendorSeverity": { "amazon": 1, "azure": 1, "cbl-mariner": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-8732", "https://drive.google.com/file/d/1woIeYVcSQB_NwfEhaVnX6MedpWJ_nqWl/view?usp=drive_link", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/958", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/958#note_2505853", "https://nvd.nist.gov/vuln/detail/CVE-2025-8732", "https://ubuntu.com/security/notices/USN-7974-1", "https://vuldb.com/?ctiid.319228", "https://vuldb.com/?id.319228", "https://vuldb.com/?submit.622285", "https://www.cve.org/CVERecord?id=CVE-2025-8732" ], "PublishedDate": "2025-08-08T17:15:30.583Z", "LastModifiedDate": "2025-08-08T20:30:18.18Z" }, { "VulnerabilityID": "CVE-2022-4899", "PkgID": "libzstd1@1.4.8+dfsg-3build1", "PkgName": "libzstd1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libzstd1@1.4.8%2Bdfsg-3build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "efbf7875f9285a06", "BOMRef": "pkg:deb/ubuntu/libzstd1@1.4.8%2Bdfsg-3build1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.8+dfsg-3build1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-4899", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5583cfa28d96d2f623d3b42faa6e705a6d9e806a64cb048866849d55480cccce", "Title": "zstd: mysql: buffer overrun in util.c", "Description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", "Severity": "LOW", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "ghsa": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:1141", "https://access.redhat.com/security/cve/CVE-2022-4899", "https://bugzilla.redhat.com/2179864", "https://bugzilla.redhat.com/2188109", "https://bugzilla.redhat.com/2188113", "https://bugzilla.redhat.com/2188115", "https://bugzilla.redhat.com/2188116", "https://bugzilla.redhat.com/2188117", "https://bugzilla.redhat.com/2188118", "https://bugzilla.redhat.com/2188119", "https://bugzilla.redhat.com/2188120", "https://bugzilla.redhat.com/2188121", "https://bugzilla.redhat.com/2188122", "https://bugzilla.redhat.com/2188123", "https://bugzilla.redhat.com/2188124", "https://bugzilla.redhat.com/2188125", "https://bugzilla.redhat.com/2188127", "https://bugzilla.redhat.com/2188128", "https://bugzilla.redhat.com/2188129", "https://bugzilla.redhat.com/2188130", "https://bugzilla.redhat.com/2188131", "https://bugzilla.redhat.com/2188132", "https://bugzilla.redhat.com/2224211", "https://bugzilla.redhat.com/2224212", "https://bugzilla.redhat.com/2224213", "https://bugzilla.redhat.com/2224214", "https://bugzilla.redhat.com/2224215", "https://bugzilla.redhat.com/2224216", "https://bugzilla.redhat.com/2224217", "https://bugzilla.redhat.com/2224218", "https://bugzilla.redhat.com/2224219", "https://bugzilla.redhat.com/2224220", "https://bugzilla.redhat.com/2224221", "https://bugzilla.redhat.com/2224222", "https://bugzilla.redhat.com/2245014", "https://bugzilla.redhat.com/2245015", "https://bugzilla.redhat.com/2245016", "https://bugzilla.redhat.com/2245017", "https://bugzilla.redhat.com/2245018", "https://bugzilla.redhat.com/2245019", "https://bugzilla.redhat.com/2245020", "https://bugzilla.redhat.com/2245021", "https://bugzilla.redhat.com/2245022", "https://bugzilla.redhat.com/2245023", "https://bugzilla.redhat.com/2245024", "https://bugzilla.redhat.com/2245026", "https://bugzilla.redhat.com/2245027", "https://bugzilla.redhat.com/2245028", "https://bugzilla.redhat.com/2245029", "https://bugzilla.redhat.com/2245030", "https://bugzilla.redhat.com/2245031", "https://bugzilla.redhat.com/2245032", "https://bugzilla.redhat.com/2245033", "https://bugzilla.redhat.com/2245034", "https://bugzilla.redhat.com/2258771", "https://bugzilla.redhat.com/2258772", "https://bugzilla.redhat.com/2258773", "https://bugzilla.redhat.com/2258774", "https://bugzilla.redhat.com/2258775", "https://bugzilla.redhat.com/2258776", "https://bugzilla.redhat.com/2258777", "https://bugzilla.redhat.com/2258778", "https://bugzilla.redhat.com/2258779", "https://bugzilla.redhat.com/2258780", "https://bugzilla.redhat.com/2258781", "https://bugzilla.redhat.com/2258782", "https://bugzilla.redhat.com/2258783", "https://bugzilla.redhat.com/2258784", "https://bugzilla.redhat.com/2258785", "https://bugzilla.redhat.com/2258787", "https://bugzilla.redhat.com/2258788", "https://bugzilla.redhat.com/2258789", "https://bugzilla.redhat.com/2258790", "https://bugzilla.redhat.com/2258791", "https://bugzilla.redhat.com/2258792", "https://bugzilla.redhat.com/2258793", "https://bugzilla.redhat.com/2258794", "https://bugzilla.redhat.com/show_bug.cgi?id=2179864", "https://bugzilla.redhat.com/show_bug.cgi?id=2188109", "https://bugzilla.redhat.com/show_bug.cgi?id=2188113", "https://bugzilla.redhat.com/show_bug.cgi?id=2188115", "https://bugzilla.redhat.com/show_bug.cgi?id=2188116", "https://bugzilla.redhat.com/show_bug.cgi?id=2188117", "https://bugzilla.redhat.com/show_bug.cgi?id=2188118", "https://bugzilla.redhat.com/show_bug.cgi?id=2188119", "https://bugzilla.redhat.com/show_bug.cgi?id=2188120", "https://bugzilla.redhat.com/show_bug.cgi?id=2188121", "https://bugzilla.redhat.com/show_bug.cgi?id=2188122", "https://bugzilla.redhat.com/show_bug.cgi?id=2188123", "https://bugzilla.redhat.com/show_bug.cgi?id=2188124", "https://bugzilla.redhat.com/show_bug.cgi?id=2188125", "https://bugzilla.redhat.com/show_bug.cgi?id=2188127", "https://bugzilla.redhat.com/show_bug.cgi?id=2188128", "https://bugzilla.redhat.com/show_bug.cgi?id=2188129", "https://bugzilla.redhat.com/show_bug.cgi?id=2188130", "https://bugzilla.redhat.com/show_bug.cgi?id=2188131", "https://bugzilla.redhat.com/show_bug.cgi?id=2188132", "https://bugzilla.redhat.com/show_bug.cgi?id=2224211", "https://bugzilla.redhat.com/show_bug.cgi?id=2224212", "https://bugzilla.redhat.com/show_bug.cgi?id=2224213", "https://bugzilla.redhat.com/show_bug.cgi?id=2224214", "https://bugzilla.redhat.com/show_bug.cgi?id=2224215", "https://bugzilla.redhat.com/show_bug.cgi?id=2224216", "https://bugzilla.redhat.com/show_bug.cgi?id=2224217", "https://bugzilla.redhat.com/show_bug.cgi?id=2224218", "https://bugzilla.redhat.com/show_bug.cgi?id=2224219", "https://bugzilla.redhat.com/show_bug.cgi?id=2224220", "https://bugzilla.redhat.com/show_bug.cgi?id=2224221", "https://bugzilla.redhat.com/show_bug.cgi?id=2224222", "https://bugzilla.redhat.com/show_bug.cgi?id=2245014", "https://bugzilla.redhat.com/show_bug.cgi?id=2245015", "https://bugzilla.redhat.com/show_bug.cgi?id=2245016", "https://bugzilla.redhat.com/show_bug.cgi?id=2245017", "https://bugzilla.redhat.com/show_bug.cgi?id=2245018", "https://bugzilla.redhat.com/show_bug.cgi?id=2245019", "https://bugzilla.redhat.com/show_bug.cgi?id=2245020", "https://bugzilla.redhat.com/show_bug.cgi?id=2245021", "https://bugzilla.redhat.com/show_bug.cgi?id=2245022", "https://bugzilla.redhat.com/show_bug.cgi?id=2245023", "https://bugzilla.redhat.com/show_bug.cgi?id=2245024", "https://bugzilla.redhat.com/show_bug.cgi?id=2245026", "https://bugzilla.redhat.com/show_bug.cgi?id=2245027", "https://bugzilla.redhat.com/show_bug.cgi?id=2245028", "https://bugzilla.redhat.com/show_bug.cgi?id=2245029", "https://bugzilla.redhat.com/show_bug.cgi?id=2245030", "https://bugzilla.redhat.com/show_bug.cgi?id=2245031", "https://bugzilla.redhat.com/show_bug.cgi?id=2245032", "https://bugzilla.redhat.com/show_bug.cgi?id=2245033", "https://bugzilla.redhat.com/show_bug.cgi?id=2245034", "https://bugzilla.redhat.com/show_bug.cgi?id=2258771", "https://bugzilla.redhat.com/show_bug.cgi?id=2258772", "https://bugzilla.redhat.com/show_bug.cgi?id=2258773", "https://bugzilla.redhat.com/show_bug.cgi?id=2258774", "https://bugzilla.redhat.com/show_bug.cgi?id=2258775", "https://bugzilla.redhat.com/show_bug.cgi?id=2258776", "https://bugzilla.redhat.com/show_bug.cgi?id=2258777", "https://bugzilla.redhat.com/show_bug.cgi?id=2258778", "https://bugzilla.redhat.com/show_bug.cgi?id=2258779", "https://bugzilla.redhat.com/show_bug.cgi?id=2258780", "https://bugzilla.redhat.com/show_bug.cgi?id=2258781", "https://bugzilla.redhat.com/show_bug.cgi?id=2258782", "https://bugzilla.redhat.com/show_bug.cgi?id=2258783", "https://bugzilla.redhat.com/show_bug.cgi?id=2258784", "https://bugzilla.redhat.com/show_bug.cgi?id=2258785", "https://bugzilla.redhat.com/show_bug.cgi?id=2258787", "https://bugzilla.redhat.com/show_bug.cgi?id=2258788", "https://bugzilla.redhat.com/show_bug.cgi?id=2258789", "https://bugzilla.redhat.com/show_bug.cgi?id=2258790", "https://bugzilla.redhat.com/show_bug.cgi?id=2258791", "https://bugzilla.redhat.com/show_bug.cgi?id=2258792", "https://bugzilla.redhat.com/show_bug.cgi?id=2258793", "https://bugzilla.redhat.com/show_bug.cgi?id=2258794", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21911", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21919", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21920", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21929", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21933", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21935", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21940", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21945", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21946", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21947", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21953", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21955", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21962", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21966", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21972", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21976", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21977", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21980", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21982", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22005", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22007", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22008", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22032", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22033", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22038", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22046", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22048", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22054", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22056", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22057", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22058", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22059", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22064", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22065", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22066", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22068", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22070", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22078", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22079", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22092", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22097", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22103", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22104", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22110", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22111", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22112", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22113", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22114", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22115", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20960", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20962", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20963", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20964", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20965", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20966", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20967", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20968", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20969", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20970", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20971", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20972", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20973", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20974", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20976", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20977", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20978", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20981", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20982", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20983", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20984", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20985", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20993", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21049", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21050", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21051", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21052", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21055", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21056", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21057", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21061", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21137", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21200", "https://errata.almalinux.org/9/ALSA-2024-1141.html", "https://errata.rockylinux.org/RLSA-2024:0894", "https://github.com/facebook/zstd", "https://github.com/facebook/zstd/issues/3200", "https://github.com/facebook/zstd/pull/3220", "https://github.com/pypa/advisory-database/tree/main/vulns/zstd/PYSEC-2023-121.yaml", "https://github.com/sergey-dryabzhinsky/python-zstd/commit/c8a619aebdbd6b838fbfef6e19325a70f631a4c6", "https://linux.oracle.com/cve/CVE-2022-4899.html", "https://linux.oracle.com/errata/ELSA-2024-1141.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN", "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", "https://security.netapp.com/advisory/ntap-20230725-0005", "https://security.netapp.com/advisory/ntap-20230725-0005/", "https://www.cve.org/CVERecord?id=CVE-2022-4899" ], "PublishedDate": "2023-03-31T20:15:07.213Z", "LastModifiedDate": "2025-02-18T18:15:14.023Z" }, { "VulnerabilityID": "CVE-2023-29383", "PkgID": "login@1:4.8.1-2ubuntu2.1", "PkgName": "login", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "f6b18d3c8eaf4120", "BOMRef": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29383", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a9b9ece8af81f6ce75e4224fffb4487d5dae891a37f90a707ca60f095a940b0f", "Title": "shadow: Improper input validation in shadow-utils package utility chfn", "Description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.", "Severity": "LOW", "CweIDs": [ "CWE-74", "CWE-125" ], "VendorSeverity": { "cbl-mariner": 1, "nvd": 1, "photon": 1, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-29383", "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", "https://github.com/shadow-maint/shadow/pull/687", "https://lists.debian.org/debian-lts-announce/2025/04/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", "https://www.cve.org/CVERecord?id=CVE-2023-29383", "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797" ], "PublishedDate": "2023-04-14T22:15:07.68Z", "LastModifiedDate": "2025-11-03T20:16:01.283Z" }, { "VulnerabilityID": "CVE-2023-4641", "PkgID": "login@1:4.8.1-2ubuntu2.1", "PkgName": "login", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "f6b18d3c8eaf4120", "BOMRef": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "FixedVersion": "1:4.8.1-2ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4641", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ffda2491f3c0eb561fd31eedb0c70f2211108092771ec230e3c019172c0001cb", "Title": "shadow-utils: possible password leak during passwd(1) change", "Description": "A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.", "Severity": "LOW", "CweIDs": [ "CWE-303", "CWE-287" ], "VendorSeverity": { "alma": 1, "amazon": 1, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6632", "https://access.redhat.com/errata/RHSA-2023:7112", "https://access.redhat.com/errata/RHSA-2024:0417", "https://access.redhat.com/errata/RHSA-2024:2577", "https://access.redhat.com/security/cve/CVE-2023-4641", "https://bugzilla.redhat.com/2215945", "https://bugzilla.redhat.com/show_bug.cgi?id=2215945", "https://errata.almalinux.org/9/ALSA-2023-6632.html", "https://linux.oracle.com/cve/CVE-2023-4641.html", "https://linux.oracle.com/errata/ELSA-2023-7112.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4641", "https://ubuntu.com/security/notices/USN-6640-1", "https://www.cve.org/CVERecord?id=CVE-2023-4641" ], "PublishedDate": "2023-12-27T16:15:13.363Z", "LastModifiedDate": "2025-11-03T20:16:05.017Z" }, { "VulnerabilityID": "CVE-2024-56433", "PkgID": "login@1:4.8.1-2ubuntu2.1", "PkgName": "login", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "f6b18d3c8eaf4120", "BOMRef": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56433", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a8a39f5a729d6e250b8bec1e2eee371b73d59db40edc79084d4dc0d3f61e89e5", "Title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise", "Description": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "Severity": "LOW", "CweIDs": [ "CWE-1188" ], "VendorSeverity": { "alma": 1, "azure": 1, "oracle-oval": 1, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 3.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:20559", "https://access.redhat.com/security/cve/CVE-2024-56433", "https://bugzilla.redhat.com/2334165", "https://bugzilla.redhat.com/show_bug.cgi?id=2334165", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433", "https://errata.almalinux.org/9/ALSA-2025-20559.html", "https://errata.rockylinux.org/RLSA-2025:20559", "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241", "https://github.com/shadow-maint/shadow/issues/1157", "https://github.com/shadow-maint/shadow/releases/tag/4.4", "https://linux.oracle.com/cve/CVE-2024-56433.html", "https://linux.oracle.com/errata/ELSA-2025-20559-0.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-56433", "https://www.cve.org/CVERecord?id=CVE-2024-56433" ], "PublishedDate": "2024-12-26T09:15:07.267Z", "LastModifiedDate": "2024-12-26T09:15:07.267Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "mount@2.37.2-4ubuntu3", "PkgName": "mount", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/mount@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f67614957785e847", "BOMRef": "pkg:deb/ubuntu/mount@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a81acbf8a5d7efd24029ad0e979b6f026485908388dc9a806aaf34407b605c88", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2023-29491", "PkgID": "ncurses-base@6.3-2", "PkgName": "ncurses-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04", "UID": "3a589d901234074a", "BOMRef": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e2a3cb1a5fd0ee46e3b2e9f8df8fd493650043e8f934c638a47cbce8506b448f", "Title": "ncurses: Local users can trigger security-relevant memory corruption via malformed data", "Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", "http://www.openwall.com/lists/oss-security/2023/04/19/11", "https://access.redhat.com/errata/RHSA-2023:6698", "https://access.redhat.com/security/cve/CVE-2023-29491", "https://bugzilla.redhat.com/2191704", "https://errata.almalinux.org/9/ALSA-2023-6698.html", "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", "https://linux.oracle.com/cve/CVE-2023-29491.html", "https://linux.oracle.com/errata/ELSA-2023-6698.html", "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", "https://security.netapp.com/advisory/ntap-20230517-0009/", "https://support.apple.com/kb/HT213843", "https://support.apple.com/kb/HT213844", "https://support.apple.com/kb/HT213845", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2023-29491", "https://www.openwall.com/lists/oss-security/2023/04/12/5", "https://www.openwall.com/lists/oss-security/2023/04/13/4" ], "PublishedDate": "2023-04-14T01:15:08.57Z", "LastModifiedDate": "2025-11-04T19:15:42.307Z" }, { "VulnerabilityID": "CVE-2022-29458", "PkgID": "ncurses-base@6.3-2", "PkgName": "ncurses-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04", "UID": "3a589d901234074a", "BOMRef": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-29458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e9149866adf12944856895bce3e756fe89c9dc9ceeac64158933378e4adf019f", "Title": "ncurses: segfaulting OOB read", "Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "V2Score": 5.8, "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "V3Score": 6.1 } }, "References": [ "http://seclists.org/fulldisclosure/2022/Oct/28", "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", "https://bugzilla.redhat.com/show_bug.cgi?id=2076483", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", "https://errata.rockylinux.org/RLSA-2025:12876", "https://invisible-island.net/ncurses/NEWS.html#t20220416", "https://linux.oracle.com/cve/CVE-2022-29458.html", "https://linux.oracle.com/errata/ELSA-2025-12876.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "https://support.apple.com/kb/HT213488", "https://ubuntu.com/security/notices/USN-5477-1", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2022-29458" ], "PublishedDate": "2022-04-18T21:15:07.6Z", "LastModifiedDate": "2025-06-09T15:15:27.43Z" }, { "VulnerabilityID": "CVE-2023-50495", "PkgID": "ncurses-base@6.3-2", "PkgName": "ncurses-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04", "UID": "3a589d901234074a", "BOMRef": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50495", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bb0137daf92489ed56eb80e32fb97190a770ce06c0c2ef6e066aea279fcbb619", "Title": "ncurses: segmentation fault via _nc_wrap_entry()", "Description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "Severity": "LOW", "VendorSeverity": { "amazon": 2, "cbl-mariner": 2, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-50495", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-50495", "https://security.netapp.com/advisory/ntap-20240119-0008/", "https://ubuntu.com/security/notices/USN-6684-1", "https://www.cve.org/CVERecord?id=CVE-2023-50495" ], "PublishedDate": "2023-12-12T15:15:07.867Z", "LastModifiedDate": "2025-11-04T19:16:14.45Z" }, { "VulnerabilityID": "CVE-2023-29491", "PkgID": "ncurses-bin@6.3-2", "PkgName": "ncurses-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e68a54a2be1b49a3", "BOMRef": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6348e93296a374afd13bede456e1a657ed9e03f146f2228e2b0210356e0b4832", "Title": "ncurses: Local users can trigger security-relevant memory corruption via malformed data", "Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", "http://www.openwall.com/lists/oss-security/2023/04/19/11", "https://access.redhat.com/errata/RHSA-2023:6698", "https://access.redhat.com/security/cve/CVE-2023-29491", "https://bugzilla.redhat.com/2191704", "https://errata.almalinux.org/9/ALSA-2023-6698.html", "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", "https://linux.oracle.com/cve/CVE-2023-29491.html", "https://linux.oracle.com/errata/ELSA-2023-6698.html", "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", "https://security.netapp.com/advisory/ntap-20230517-0009/", "https://support.apple.com/kb/HT213843", "https://support.apple.com/kb/HT213844", "https://support.apple.com/kb/HT213845", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2023-29491", "https://www.openwall.com/lists/oss-security/2023/04/12/5", "https://www.openwall.com/lists/oss-security/2023/04/13/4" ], "PublishedDate": "2023-04-14T01:15:08.57Z", "LastModifiedDate": "2025-11-04T19:15:42.307Z" }, { "VulnerabilityID": "CVE-2022-29458", "PkgID": "ncurses-bin@6.3-2", "PkgName": "ncurses-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e68a54a2be1b49a3", "BOMRef": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-29458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b1d9b0056470b6ee5549734812615ca27712df5f977c30c5350b7c6639bde047", "Title": "ncurses: segfaulting OOB read", "Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "V2Score": 5.8, "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "V3Score": 6.1 } }, "References": [ "http://seclists.org/fulldisclosure/2022/Oct/28", "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", "https://bugzilla.redhat.com/show_bug.cgi?id=2076483", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", "https://errata.rockylinux.org/RLSA-2025:12876", "https://invisible-island.net/ncurses/NEWS.html#t20220416", "https://linux.oracle.com/cve/CVE-2022-29458.html", "https://linux.oracle.com/errata/ELSA-2025-12876.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "https://support.apple.com/kb/HT213488", "https://ubuntu.com/security/notices/USN-5477-1", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2022-29458" ], "PublishedDate": "2022-04-18T21:15:07.6Z", "LastModifiedDate": "2025-06-09T15:15:27.43Z" }, { "VulnerabilityID": "CVE-2023-50495", "PkgID": "ncurses-bin@6.3-2", "PkgName": "ncurses-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e68a54a2be1b49a3", "BOMRef": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50495", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bea03f354d03ce62e12b85f71403ae38d69170024d016403f1b6b9fba908820f", "Title": "ncurses: segmentation fault via _nc_wrap_entry()", "Description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "Severity": "LOW", "VendorSeverity": { "amazon": 2, "cbl-mariner": 2, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-50495", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-50495", "https://security.netapp.com/advisory/ntap-20240119-0008/", "https://ubuntu.com/security/notices/USN-6684-1", "https://www.cve.org/CVERecord?id=CVE-2023-50495" ], "PublishedDate": "2023-12-12T15:15:07.867Z", "LastModifiedDate": "2025-11-04T19:16:14.45Z" }, { "VulnerabilityID": "CVE-2025-15467", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f6550cbc0dbed022", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15467", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2f88ffa39032b435b7b18527a8bf171841f42ee25395777d9c32db48a5b2f34f", "Title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing", "Description": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 4, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/27/10", "http://www.openwall.com/lists/oss-security/2026/02/25/6", "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-15467", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/guiimoraes/CVE-2025-15467", "https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703", "https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9", "https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3", "https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e", "https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc", "https://linux.oracle.com/cve/CVE-2025-15467.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-15467", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://www.cve.org/CVERecord?id=CVE-2025-15467" ], "PublishedDate": "2026-01-27T16:16:14.257Z", "LastModifiedDate": "2026-03-19T19:16:19.23Z" }, { "VulnerabilityID": "CVE-2025-68160", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f6550cbc0dbed022", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-68160", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5dceeeef958390165746ceff65edcdc661d8df66d0f1e74a78edca7fd5d2429c", "Title": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter", "Description": "Issue summary: Writing large, newline-free data into a BIO chain using the\nline-buffering filter where the next BIO performs short writes can trigger\na heap-based out-of-bounds write.\n\nImpact summary: This out-of-bounds write can cause memory corruption which\ntypically results in a crash, leading to Denial of Service for an application.\n\nThe line-buffering BIO filter (BIO_f_linebuffer) is not used by default in\nTLS/SSL data paths. In OpenSSL command-line applications, it is typically\nonly pushed onto stdout/stderr on VMS systems. Third-party applications that\nexplicitly use this filter with a BIO chain that can short-write and that\nwrite large, newline-free data influenced by an attacker would be affected.\nHowever, the circumstances where this could happen are unlikely to be under\nattacker control, and BIO_f_linebuffer is unlikely to be handling non-curated\ndata controlled by an attacker. For that reason the issue was assessed as\nLow severity.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the BIO implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 4.7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-68160", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/384011202af92605d926fafe4a0bcd6b65d162ad", "https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6", "https://github.com/openssl/openssl/commit/4c96fbba618e1940f038012506ee9e21d32ee12c", "https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0", "https://github.com/openssl/openssl/commit/68a7cd2e2816c3a02f4d45a2ce43fc04fac97096", "https://linux.oracle.com/cve/CVE-2025-68160.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-68160", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-68160" ], "PublishedDate": "2026-01-27T16:16:15.9Z", "LastModifiedDate": "2026-02-02T18:36:57.727Z" }, { "VulnerabilityID": "CVE-2025-69418", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f6550cbc0dbed022", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69418", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e29212d62c2bcce2a9a488e89d70e5f5f39ad874aa0118ed1f8552ef340a753b", "Title": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls", "Description": "Issue summary: When using the low-level OCB API directly with AES-NI or\u003cbr\u003eother hardware-accelerated code paths, inputs whose length is not a multiple\u003cbr\u003eof 16 bytes can leave the final partial block unencrypted and unauthenticated.\u003cbr\u003e\u003cbr\u003eImpact summary: The trailing 1-15 bytes of a message may be exposed in\u003cbr\u003ecleartext on encryption and are not covered by the authentication tag,\u003cbr\u003eallowing an attacker to read or tamper with those bytes without detection.\u003cbr\u003e\u003cbr\u003eThe low-level OCB encrypt and decrypt routines in the hardware-accelerated\u003cbr\u003estream path process full 16-byte blocks but do not advance the input/output\u003cbr\u003epointers. The subsequent tail-handling code then operates on the original\u003cbr\u003ebase pointers, effectively reprocessing the beginning of the buffer while\u003cbr\u003eleaving the actual trailing bytes unprocessed. The authentication checksum\u003cbr\u003ealso excludes the true tail bytes.\u003cbr\u003e\u003cbr\u003eHowever, typical OpenSSL consumers using EVP are not affected because the\u003cbr\u003ehigher-level EVP and provider OCB implementations split inputs so that full\u003cbr\u003eblocks and trailing partial blocks are processed in separate calls, avoiding\u003cbr\u003ethe problematic code path. Additionally, TLS does not use OCB ciphersuites.\u003cbr\u003eThe vulnerability only affects applications that call the low-level\u003cbr\u003eCRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with\u003cbr\u003enon-block-aligned lengths in a single call on hardware-accelerated builds.\u003cbr\u003eFor these reasons the issue was assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected\u003cbr\u003eby this issue, as OCB mode is not a FIPS-approved algorithm.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-325" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69418", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/372fc5c77529695b05b4f5b5187691a57ef5dffc", "https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8", "https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347", "https://github.com/openssl/openssl/commit/a7589230356d908c0eca4b969ec4f62106f4f5ae", "https://github.com/openssl/openssl/commit/ed40856d7d4ba6cb42779b6770666a65f19cb977", "https://linux.oracle.com/cve/CVE-2025-69418.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69418", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69418" ], "PublishedDate": "2026-01-27T16:16:33.253Z", "LastModifiedDate": "2026-02-02T18:36:03.557Z" }, { "VulnerabilityID": "CVE-2025-69419", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f6550cbc0dbed022", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69419", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:69ef79b27dd8ac03513d81aa37551d240130c52d06ac3aaf29b46b20d63b996c", "Title": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing", "Description": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously\ncrafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing\nnon-ASCII BMP code point can trigger a one byte write before the allocated\nbuffer.\n\nImpact summary: The out-of-bounds write can cause a memory corruption\nwhich can have various consequences including a Denial of Service.\n\nThe OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12\nBMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes,\nthe helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16\nsource byte count as the destination buffer capacity to UTF8_putc(). For BMP\ncode points above U+07FF, UTF-8 requires three bytes, but the forwarded\ncapacity can be just two bytes. UTF8_putc() then returns -1, and this negative\nvalue is added to the output length without validation, causing the\nlength to become negative. The subsequent trailing NUL byte is then written\nat a negative offset, causing write outside of heap allocated buffer.\n\nThe vulnerability is reachable via the public PKCS12_get_friendlyname() API\nwhen parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a\ndifferent code path that avoids this issue, PKCS12_get_friendlyname() directly\ninvokes the vulnerable function. Exploitation requires an attacker to provide\na malicious PKCS#12 file to be parsed by the application and the attacker\ncan just trigger a one zero byte write before the allocated buffer.\nFor that reason the issue was assessed as Low severity according to our\nSecurity Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4472", "https://access.redhat.com/security/cve/CVE-2025-69419", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-4472.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296", "https://github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecb", "https://github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2", "https://github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015", "https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535", "https://linux.oracle.com/cve/CVE-2025-69419.html", "https://linux.oracle.com/errata/ELSA-2026-50131.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69419", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69419" ], "PublishedDate": "2026-01-27T16:16:34.113Z", "LastModifiedDate": "2026-02-02T18:35:02.177Z" }, { "VulnerabilityID": "CVE-2025-69420", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f6550cbc0dbed022", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69420", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e0ba26805690c6f4b4685fe47201c86fd45986eaad6f4abb58c75c3a599d93e1", "Title": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response", "Description": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response\nverification code where an ASN1_TYPE union member is accessed without first\nvalidating the type, causing an invalid or NULL pointer dereference when\nprocessing a malformed TimeStamp Response file.\n\nImpact summary: An application calling TS_RESP_verify_response() with a\nmalformed TimeStamp Response can be caused to dereference an invalid or\nNULL pointer when reading, resulting in a Denial of Service.\n\nThe functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2()\naccess the signing cert attribute value without validating its type.\nWhen the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory\nthrough the ASN1_TYPE union, causing a crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nTimeStamp Response to an application that verifies timestamp responses. The\nTimeStamp protocol (RFC 3161) is not widely used and the impact of the\nexploit is just a Denial of Service. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the TimeStamp Response implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69420", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/27c7012c91cc986a598d7540f3079dfde2416eb9", "https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a", "https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e", "https://github.com/openssl/openssl/commit/5eb0770ffcf11b785cf374ff3c19196245e54f1b", "https://github.com/openssl/openssl/commit/a99349ebfc519999edc50620abe24d599b9eb085", "https://linux.oracle.com/cve/CVE-2025-69420.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69420", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69420" ], "PublishedDate": "2026-01-27T16:16:34.317Z", "LastModifiedDate": "2026-02-02T18:33:30.557Z" }, { "VulnerabilityID": "CVE-2025-69421", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f6550cbc0dbed022", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69421", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ad44e9f9ccc46295a23ac15fef014c24f7e23a49aabe5323e09eee71fc7e56c2", "Title": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing", "Description": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer\ndereference in the PKCS12_item_decrypt_d2i_ex() function.\n\nImpact summary: A NULL pointer dereference can trigger a crash which leads to\nDenial of Service for an application processing PKCS#12 files.\n\nThe PKCS12_item_decrypt_d2i_ex() function does not check whether the oct\nparameter is NULL before dereferencing it. When called from\nPKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can\nbe NULL, causing a crash. The vulnerability is limited to Denial of Service\nand cannot be escalated to achieve code execution or memory disclosure.\n\nExploiting this issue requires an attacker to provide a malformed PKCS#12 file\nto an application that processes it. For that reason the issue was assessed as\nLow severity according to our Security Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69421", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b", "https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7", "https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd", "https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3", "https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c", "https://linux.oracle.com/cve/CVE-2025-69421.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69421", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69421" ], "PublishedDate": "2026-01-27T16:16:34.437Z", "LastModifiedDate": "2026-02-28T04:16:17.457Z" }, { "VulnerabilityID": "CVE-2026-22795", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f6550cbc0dbed022", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22795", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:308b6c616b017b0876584dff54d89700baaa44c2df4f466239a13394cacf894b", "Title": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing", "Description": "Issue summary: An invalid or NULL pointer dereference can happen in\nan application processing a malformed PKCS#12 file.\n\nImpact summary: An application processing a malformed PKCS#12 file can be\ncaused to dereference an invalid or NULL pointer on memory read, resulting\nin a Denial of Service.\n\nA type confusion vulnerability exists in PKCS#12 parsing code where\nan ASN1_TYPE union member is accessed without first validating the type,\ncausing an invalid pointer read.\n\nThe location is constrained to a 1-byte address space, meaning any\nattempted pointer manipulation can only target addresses between 0x00 and 0xFF.\nThis range corresponds to the zero page, which is unmapped on most modern\noperating systems and will reliably result in a crash, leading only to a\nDenial of Service. Exploiting this issue also requires a user or application\nto process a maliciously crafted PKCS#12 file. It is uncommon to accept\nuntrusted PKCS#12 files in applications as they are usually used to store\nprivate keys which are trusted by definition. For these reasons, the issue\nwas assessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2026-22795", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49", "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12", "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e", "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "https://linux.oracle.com/cve/CVE-2026-22795.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-22795", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2026-22795" ], "PublishedDate": "2026-01-27T16:16:35.43Z", "LastModifiedDate": "2026-02-02T18:41:14.917Z" }, { "VulnerabilityID": "CVE-2026-22796", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f6550cbc0dbed022", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:10a6e94fefbcce2da9eb8be2774bf94827cf5dcc967fe7e0f80d38f64d9fbf18", "DiffID": "sha256:683e877e5fc87479d27bfbbb81b80a203ffbf48dd299ca14400cfa7d2605adea" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22796", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9cf632b06a6bc8028f544a046b0380354ede656030c71746caad05bae019a2da", "Title": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification", "Description": "Issue summary: A type confusion vulnerability exists in the signature\nverification of signed PKCS#7 data where an ASN1_TYPE union member is\naccessed without first validating the type, causing an invalid or NULL\npointer dereference when processing malformed PKCS#7 data.\n\nImpact summary: An application performing signature verification of PKCS#7\ndata or calling directly the PKCS7_digest_from_attributes() function can be\ncaused to dereference an invalid or NULL pointer when reading, resulting in\na Denial of Service.\n\nThe function PKCS7_digest_from_attributes() accesses the message digest attribute\nvalue without validating its type. When the type is not V_ASN1_OCTET_STRING,\nthis results in accessing invalid memory through the ASN1_TYPE union, causing\na crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nsigned PKCS#7 to an application that verifies it. The impact of the\nexploit is just a Denial of Service, the PKCS7 API is legacy and applications\nshould be using the CMS API instead. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#7 parsing implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2026-22796", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49", "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12", "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e", "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "https://linux.oracle.com/cve/CVE-2026-22796.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-22796", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2026-22796" ], "PublishedDate": "2026-01-27T16:16:35.543Z", "LastModifiedDate": "2026-02-02T18:40:27.467Z" }, { "VulnerabilityID": "CVE-2023-29383", "PkgID": "passwd@1:4.8.1-2ubuntu2.1", "PkgName": "passwd", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "4b89c00035057c2", "BOMRef": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29383", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0cb7766f77157e1ef58f104c5f7c4f45fcdcc19e5a626d4b2c23d61761403352", "Title": "shadow: Improper input validation in shadow-utils package utility chfn", "Description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.", "Severity": "LOW", "CweIDs": [ "CWE-74", "CWE-125" ], "VendorSeverity": { "cbl-mariner": 1, "nvd": 1, "photon": 1, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-29383", "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", "https://github.com/shadow-maint/shadow/pull/687", "https://lists.debian.org/debian-lts-announce/2025/04/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", "https://www.cve.org/CVERecord?id=CVE-2023-29383", "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797" ], "PublishedDate": "2023-04-14T22:15:07.68Z", "LastModifiedDate": "2025-11-03T20:16:01.283Z" }, { "VulnerabilityID": "CVE-2023-4641", "PkgID": "passwd@1:4.8.1-2ubuntu2.1", "PkgName": "passwd", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "4b89c00035057c2", "BOMRef": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "FixedVersion": "1:4.8.1-2ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4641", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:594133d8e5fb7ed44657a95e1bdb2abb0de2f7ba98792a50721d394452008427", "Title": "shadow-utils: possible password leak during passwd(1) change", "Description": "A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.", "Severity": "LOW", "CweIDs": [ "CWE-303", "CWE-287" ], "VendorSeverity": { "alma": 1, "amazon": 1, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6632", "https://access.redhat.com/errata/RHSA-2023:7112", "https://access.redhat.com/errata/RHSA-2024:0417", "https://access.redhat.com/errata/RHSA-2024:2577", "https://access.redhat.com/security/cve/CVE-2023-4641", "https://bugzilla.redhat.com/2215945", "https://bugzilla.redhat.com/show_bug.cgi?id=2215945", "https://errata.almalinux.org/9/ALSA-2023-6632.html", "https://linux.oracle.com/cve/CVE-2023-4641.html", "https://linux.oracle.com/errata/ELSA-2023-7112.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4641", "https://ubuntu.com/security/notices/USN-6640-1", "https://www.cve.org/CVERecord?id=CVE-2023-4641" ], "PublishedDate": "2023-12-27T16:15:13.363Z", "LastModifiedDate": "2025-11-03T20:16:05.017Z" }, { "VulnerabilityID": "CVE-2024-56433", "PkgID": "passwd@1:4.8.1-2ubuntu2.1", "PkgName": "passwd", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "4b89c00035057c2", "BOMRef": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56433", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3036f95511c457756c10bca42dba3cfcfc2a3755ca291eb1e3503caefe0f581f", "Title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise", "Description": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "Severity": "LOW", "CweIDs": [ "CWE-1188" ], "VendorSeverity": { "alma": 1, "azure": 1, "oracle-oval": 1, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 3.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:20559", "https://access.redhat.com/security/cve/CVE-2024-56433", "https://bugzilla.redhat.com/2334165", "https://bugzilla.redhat.com/show_bug.cgi?id=2334165", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433", "https://errata.almalinux.org/9/ALSA-2025-20559.html", "https://errata.rockylinux.org/RLSA-2025:20559", "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241", "https://github.com/shadow-maint/shadow/issues/1157", "https://github.com/shadow-maint/shadow/releases/tag/4.4", "https://linux.oracle.com/cve/CVE-2024-56433.html", "https://linux.oracle.com/errata/ELSA-2025-20559-0.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-56433", "https://www.cve.org/CVERecord?id=CVE-2024-56433" ], "PublishedDate": "2024-12-26T09:15:07.267Z", "LastModifiedDate": "2024-12-26T09:15:07.267Z" }, { "VulnerabilityID": "CVE-2023-31484", "PkgID": "perl@5.34.0-3ubuntu1.1", "PkgName": "perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-31484", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:12073ee20d0f96597b633764a8804b2f4d216b0333e28b3a5aa8cee36dc2da86", "Title": "perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS", "Description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/04/29/1", "http://www.openwall.com/lists/oss-security/2023/05/03/3", "http://www.openwall.com/lists/oss-security/2023/05/03/5", "http://www.openwall.com/lists/oss-security/2023/05/07/2", "https://access.redhat.com/errata/RHSA-2023:6539", "https://access.redhat.com/security/cve/CVE-2023-31484", "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "https://bugzilla.redhat.com/2218667", "https://bugzilla.redhat.com/show_bug.cgi?id=2218667", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", "https://errata.almalinux.org/9/ALSA-2023-6539.html", "https://errata.rockylinux.org/RLSA-2023:6539", "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", "https://github.com/andk/cpanpm/pull/175", "https://linux.oracle.com/cve/CVE-2023-31484.html", "https://linux.oracle.com/errata/ELSA-2026-0079.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00017.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/", "https://metacpan.org/dist/CPAN/changes", "https://nvd.nist.gov/vuln/detail/CVE-2023-31484", "https://security.netapp.com/advisory/ntap-20240621-0007/", "https://ubuntu.com/security/notices/USN-6112-1", "https://ubuntu.com/security/notices/USN-6112-2", "https://www.cve.org/CVERecord?id=CVE-2023-31484", "https://www.openwall.com/lists/oss-security/2023/04/18/14" ], "PublishedDate": "2023-04-29T00:15:09Z", "LastModifiedDate": "2025-11-03T22:16:19.47Z" }, { "VulnerabilityID": "CVE-2023-47038", "PkgID": "perl@5.34.0-3ubuntu1.1", "PkgName": "perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-47038", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c6380ddabe5b1bdbfc1f11e5af50edc66634ddc4ad4405527d2fdf3d54358a80", "Title": "perl: Write past buffer end via illegal user-defined Unicode property", "Description": "A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2228", "https://access.redhat.com/errata/RHSA-2024:3128", "https://access.redhat.com/security/cve/CVE-2023-47038", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746", "https://bugzilla.redhat.com/2249523", "https://bugzilla.redhat.com/show_bug.cgi?id=2249523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47038", "https://errata.almalinux.org/9/ALSA-2024-2228.html", "https://errata.rockylinux.org/RLSA-2024:2228", "https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010", "https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6", "https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3", "https://github.com/aquasecurity/trivy/discussions/8400", "https://linux.oracle.com/cve/CVE-2023-47038.html", "https://linux.oracle.com/errata/ELSA-2024-3128.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMDZZ4SCEW6FRWZDMXGAKZ35THTAWFG6/", "https://nvd.nist.gov/vuln/detail/CVE-2023-47038", "https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property", "https://ubuntu.com/security/CVE-2023-47100", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2023-47038", "https://www.suse.com/security/cve/CVE-2023-47100.html" ], "PublishedDate": "2023-12-18T14:15:08.933Z", "LastModifiedDate": "2025-11-04T19:16:05.573Z" }, { "VulnerabilityID": "CVE-2024-56406", "PkgID": "perl@5.34.0-3ubuntu1.1", "PkgName": "perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56406", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b54b51c6d7adeb331c1017a531fe06689a64d0a2bfe6a8a1ee6a45e55aa2ce20", "Title": "perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes", "Description": "A heap buffer overflow vulnerability was discovered in Perl. \n\nRelease branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.\n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n   $ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n   Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/04/13/3", "http://www.openwall.com/lists/oss-security/2025/04/13/4", "http://www.openwall.com/lists/oss-security/2025/04/13/5", "https://access.redhat.com/security/cve/CVE-2024-56406", "https://bugzilla.redhat.com/show_bug.cgi?id=2359290", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56406", "https://errata.rockylinux.org/RLSA-2025:7500", "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch", "https://linux.oracle.com/cve/CVE-2024-56406.html", "https://linux.oracle.com/errata/ELSA-2025-7500.html", "https://metacpan.org/release/SHAY/perl-5.38.4/changes", "https://metacpan.org/release/SHAY/perl-5.40.2/changes", "https://nvd.nist.gov/vuln/detail/CVE-2024-56406", "https://ubuntu.com/security/notices/USN-7434-1", "https://ubuntu.com/security/notices/USN-7434-2", "https://www.cve.org/CVERecord?id=CVE-2024-56406" ], "PublishedDate": "2025-04-13T14:15:14.527Z", "LastModifiedDate": "2025-10-16T14:15:34.083Z" }, { "VulnerabilityID": "CVE-2025-40909", "PkgID": "perl@5.34.0-3ubuntu1.1", "PkgName": "perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-40909", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:467a8f40827345ac56bfd59342e6bb3755ce3ba9ef05c2b0971636b4de2c3d8c", "Title": "perl: Perl threads have a working directory race condition where file operations may target unintended paths", "Description": "Perl threads have a working directory race condition where file operations may target unintended paths.\n\nIf a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. \n\nThis may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit.\n\nThe bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6", "Severity": "MEDIUM", "CweIDs": [ "CWE-426", "CWE-689" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.9 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Sep/53", "http://seclists.org/fulldisclosure/2025/Sep/54", "http://seclists.org/fulldisclosure/2025/Sep/55", "http://www.openwall.com/lists/oss-security/2025/05/23/1", "http://www.openwall.com/lists/oss-security/2025/05/30/4", "http://www.openwall.com/lists/oss-security/2025/06/02/2", "http://www.openwall.com/lists/oss-security/2025/06/02/5", "http://www.openwall.com/lists/oss-security/2025/06/02/6", "http://www.openwall.com/lists/oss-security/2025/06/02/7", "http://www.openwall.com/lists/oss-security/2025/06/03/1", "https://access.redhat.com/errata/RHSA-2025:11805", "https://access.redhat.com/security/cve/CVE-2025-40909", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226", "https://bugzilla.redhat.com/2369407", "https://bugzilla.redhat.com/show_bug.cgi?id=2369407", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40909", "https://errata.almalinux.org/8/ALSA-2025-11805.html", "https://errata.rockylinux.org/RLSA-2025:11804", "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e", "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch", "https://github.com/Perl/perl5/issues/10387", "https://github.com/Perl/perl5/issues/23010", "https://linux.oracle.com/cve/CVE-2025-40909.html", "https://linux.oracle.com/errata/ELSA-2025-12056.html", "https://lists.security.metacpan.org/cve-announce/msg/30017499/", "https://nvd.nist.gov/vuln/detail/CVE-2025-40909", "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads", "https://ubuntu.com/security/notices/USN-7678-1", "https://www.cve.org/CVERecord?id=CVE-2025-40909", "https://www.openwall.com/lists/oss-security/2025/05/22/2" ], "PublishedDate": "2025-05-30T13:15:22.35Z", "LastModifiedDate": "2025-11-03T19:15:52.563Z" }, { "VulnerabilityID": "CVE-2022-48522", "PkgID": "perl@5.34.0-3ubuntu1.1", "PkgName": "perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-48522", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:80451dc161259e90d2328cbe60d2cebbdbe8964c090add45db439719cd1860c7", "Title": "perl: stack-based crash in S_find_uninit_var()", "Description": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "nvd": 4, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-48522", "https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345", "https://github.com/Perl/perl5/commit/23cca2d1f4544cb47f1124d98c308ce1f31f09a6", "https://github.com/Perl/perl5/issues/19147", "https://nvd.nist.gov/vuln/detail/CVE-2022-48522", "https://security.netapp.com/advisory/ntap-20230915-0008/", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2022-48522" ], "PublishedDate": "2023-08-22T19:16:31.153Z", "LastModifiedDate": "2024-11-21T07:33:29.637Z" }, { "VulnerabilityID": "CVE-2023-31484", "PkgID": "perl-base@5.34.0-3ubuntu1.1", "PkgName": "perl-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-31484", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5c74ac2e490e01e9fdc1c63c211e0fa93d0100d9318f8d60eb92476a0bee090f", "Title": "perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS", "Description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/04/29/1", "http://www.openwall.com/lists/oss-security/2023/05/03/3", "http://www.openwall.com/lists/oss-security/2023/05/03/5", "http://www.openwall.com/lists/oss-security/2023/05/07/2", "https://access.redhat.com/errata/RHSA-2023:6539", "https://access.redhat.com/security/cve/CVE-2023-31484", "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "https://bugzilla.redhat.com/2218667", "https://bugzilla.redhat.com/show_bug.cgi?id=2218667", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", "https://errata.almalinux.org/9/ALSA-2023-6539.html", "https://errata.rockylinux.org/RLSA-2023:6539", "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", "https://github.com/andk/cpanpm/pull/175", "https://linux.oracle.com/cve/CVE-2023-31484.html", "https://linux.oracle.com/errata/ELSA-2026-0079.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00017.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/", "https://metacpan.org/dist/CPAN/changes", "https://nvd.nist.gov/vuln/detail/CVE-2023-31484", "https://security.netapp.com/advisory/ntap-20240621-0007/", "https://ubuntu.com/security/notices/USN-6112-1", "https://ubuntu.com/security/notices/USN-6112-2", "https://www.cve.org/CVERecord?id=CVE-2023-31484", "https://www.openwall.com/lists/oss-security/2023/04/18/14" ], "PublishedDate": "2023-04-29T00:15:09Z", "LastModifiedDate": "2025-11-03T22:16:19.47Z" }, { "VulnerabilityID": "CVE-2023-47038", "PkgID": "perl-base@5.34.0-3ubuntu1.1", "PkgName": "perl-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-47038", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:583cf35002d058e290c574f8560405bb84bdfa871977ad4934309032f2b88d2d", "Title": "perl: Write past buffer end via illegal user-defined Unicode property", "Description": "A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2228", "https://access.redhat.com/errata/RHSA-2024:3128", "https://access.redhat.com/security/cve/CVE-2023-47038", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746", "https://bugzilla.redhat.com/2249523", "https://bugzilla.redhat.com/show_bug.cgi?id=2249523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47038", "https://errata.almalinux.org/9/ALSA-2024-2228.html", "https://errata.rockylinux.org/RLSA-2024:2228", "https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010", "https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6", "https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3", "https://github.com/aquasecurity/trivy/discussions/8400", "https://linux.oracle.com/cve/CVE-2023-47038.html", "https://linux.oracle.com/errata/ELSA-2024-3128.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMDZZ4SCEW6FRWZDMXGAKZ35THTAWFG6/", "https://nvd.nist.gov/vuln/detail/CVE-2023-47038", "https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property", "https://ubuntu.com/security/CVE-2023-47100", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2023-47038", "https://www.suse.com/security/cve/CVE-2023-47100.html" ], "PublishedDate": "2023-12-18T14:15:08.933Z", "LastModifiedDate": "2025-11-04T19:16:05.573Z" }, { "VulnerabilityID": "CVE-2024-56406", "PkgID": "perl-base@5.34.0-3ubuntu1.1", "PkgName": "perl-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56406", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e01253e9fde6372aa06c11c8d066cba28287b7c39e1d353caaf6782a68be9870", "Title": "perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes", "Description": "A heap buffer overflow vulnerability was discovered in Perl. \n\nRelease branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.\n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n   $ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n   Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/04/13/3", "http://www.openwall.com/lists/oss-security/2025/04/13/4", "http://www.openwall.com/lists/oss-security/2025/04/13/5", "https://access.redhat.com/security/cve/CVE-2024-56406", "https://bugzilla.redhat.com/show_bug.cgi?id=2359290", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56406", "https://errata.rockylinux.org/RLSA-2025:7500", "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch", "https://linux.oracle.com/cve/CVE-2024-56406.html", "https://linux.oracle.com/errata/ELSA-2025-7500.html", "https://metacpan.org/release/SHAY/perl-5.38.4/changes", "https://metacpan.org/release/SHAY/perl-5.40.2/changes", "https://nvd.nist.gov/vuln/detail/CVE-2024-56406", "https://ubuntu.com/security/notices/USN-7434-1", "https://ubuntu.com/security/notices/USN-7434-2", "https://www.cve.org/CVERecord?id=CVE-2024-56406" ], "PublishedDate": "2025-04-13T14:15:14.527Z", "LastModifiedDate": "2025-10-16T14:15:34.083Z" }, { "VulnerabilityID": "CVE-2025-40909", "PkgID": "perl-base@5.34.0-3ubuntu1.1", "PkgName": "perl-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-40909", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5867f5fa2c7ecbe1f4d046ec3c20a0b11611ef67c38684c46e3f024249d17fa1", "Title": "perl: Perl threads have a working directory race condition where file operations may target unintended paths", "Description": "Perl threads have a working directory race condition where file operations may target unintended paths.\n\nIf a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. \n\nThis may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit.\n\nThe bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6", "Severity": "MEDIUM", "CweIDs": [ "CWE-426", "CWE-689" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.9 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Sep/53", "http://seclists.org/fulldisclosure/2025/Sep/54", "http://seclists.org/fulldisclosure/2025/Sep/55", "http://www.openwall.com/lists/oss-security/2025/05/23/1", "http://www.openwall.com/lists/oss-security/2025/05/30/4", "http://www.openwall.com/lists/oss-security/2025/06/02/2", "http://www.openwall.com/lists/oss-security/2025/06/02/5", "http://www.openwall.com/lists/oss-security/2025/06/02/6", "http://www.openwall.com/lists/oss-security/2025/06/02/7", "http://www.openwall.com/lists/oss-security/2025/06/03/1", "https://access.redhat.com/errata/RHSA-2025:11805", "https://access.redhat.com/security/cve/CVE-2025-40909", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226", "https://bugzilla.redhat.com/2369407", "https://bugzilla.redhat.com/show_bug.cgi?id=2369407", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40909", "https://errata.almalinux.org/8/ALSA-2025-11805.html", "https://errata.rockylinux.org/RLSA-2025:11804", "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e", "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch", "https://github.com/Perl/perl5/issues/10387", "https://github.com/Perl/perl5/issues/23010", "https://linux.oracle.com/cve/CVE-2025-40909.html", "https://linux.oracle.com/errata/ELSA-2025-12056.html", "https://lists.security.metacpan.org/cve-announce/msg/30017499/", "https://nvd.nist.gov/vuln/detail/CVE-2025-40909", "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads", "https://ubuntu.com/security/notices/USN-7678-1", "https://www.cve.org/CVERecord?id=CVE-2025-40909", "https://www.openwall.com/lists/oss-security/2025/05/22/2" ], "PublishedDate": "2025-05-30T13:15:22.35Z", "LastModifiedDate": "2025-11-03T19:15:52.563Z" }, { "VulnerabilityID": "CVE-2022-48522", "PkgID": "perl-base@5.34.0-3ubuntu1.1", "PkgName": "perl-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-48522", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5dce65d823e6b18dcb3de2a2a7c0c748fcecb3de7f8ae99dc6f78316a2126109", "Title": "perl: stack-based crash in S_find_uninit_var()", "Description": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "nvd": 4, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-48522", "https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345", "https://github.com/Perl/perl5/commit/23cca2d1f4544cb47f1124d98c308ce1f31f09a6", "https://github.com/Perl/perl5/issues/19147", "https://nvd.nist.gov/vuln/detail/CVE-2022-48522", "https://security.netapp.com/advisory/ntap-20230915-0008/", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2022-48522" ], "PublishedDate": "2023-08-22T19:16:31.153Z", "LastModifiedDate": "2024-11-21T07:33:29.637Z" }, { "VulnerabilityID": "CVE-2023-31484", "PkgID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "PkgName": "perl-modules-5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-31484", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3bd39617646d1df643e1d8fc00e73bb1b3230e93b92915c2302172b1e1e3fe31", "Title": "perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS", "Description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/04/29/1", "http://www.openwall.com/lists/oss-security/2023/05/03/3", "http://www.openwall.com/lists/oss-security/2023/05/03/5", "http://www.openwall.com/lists/oss-security/2023/05/07/2", "https://access.redhat.com/errata/RHSA-2023:6539", "https://access.redhat.com/security/cve/CVE-2023-31484", "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "https://bugzilla.redhat.com/2218667", "https://bugzilla.redhat.com/show_bug.cgi?id=2218667", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", "https://errata.almalinux.org/9/ALSA-2023-6539.html", "https://errata.rockylinux.org/RLSA-2023:6539", "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", "https://github.com/andk/cpanpm/pull/175", "https://linux.oracle.com/cve/CVE-2023-31484.html", "https://linux.oracle.com/errata/ELSA-2026-0079.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00017.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/", "https://metacpan.org/dist/CPAN/changes", "https://nvd.nist.gov/vuln/detail/CVE-2023-31484", "https://security.netapp.com/advisory/ntap-20240621-0007/", "https://ubuntu.com/security/notices/USN-6112-1", "https://ubuntu.com/security/notices/USN-6112-2", "https://www.cve.org/CVERecord?id=CVE-2023-31484", "https://www.openwall.com/lists/oss-security/2023/04/18/14" ], "PublishedDate": "2023-04-29T00:15:09Z", "LastModifiedDate": "2025-11-03T22:16:19.47Z" }, { "VulnerabilityID": "CVE-2023-47038", "PkgID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "PkgName": "perl-modules-5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-47038", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6b349f7635e838a5cc95c165ad185a4c96cead0ab9dddff65435a151e67cc862", "Title": "perl: Write past buffer end via illegal user-defined Unicode property", "Description": "A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2228", "https://access.redhat.com/errata/RHSA-2024:3128", "https://access.redhat.com/security/cve/CVE-2023-47038", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746", "https://bugzilla.redhat.com/2249523", "https://bugzilla.redhat.com/show_bug.cgi?id=2249523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47038", "https://errata.almalinux.org/9/ALSA-2024-2228.html", "https://errata.rockylinux.org/RLSA-2024:2228", "https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010", "https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6", "https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3", "https://github.com/aquasecurity/trivy/discussions/8400", "https://linux.oracle.com/cve/CVE-2023-47038.html", "https://linux.oracle.com/errata/ELSA-2024-3128.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMDZZ4SCEW6FRWZDMXGAKZ35THTAWFG6/", "https://nvd.nist.gov/vuln/detail/CVE-2023-47038", "https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property", "https://ubuntu.com/security/CVE-2023-47100", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2023-47038", "https://www.suse.com/security/cve/CVE-2023-47100.html" ], "PublishedDate": "2023-12-18T14:15:08.933Z", "LastModifiedDate": "2025-11-04T19:16:05.573Z" }, { "VulnerabilityID": "CVE-2024-56406", "PkgID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "PkgName": "perl-modules-5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56406", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:dd49483f8fbb0c6a6fb60f48f216865da1067e83fcc29d86e7903f5cf0952feb", "Title": "perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes", "Description": "A heap buffer overflow vulnerability was discovered in Perl. \n\nRelease branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.\n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n   $ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n   Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/04/13/3", "http://www.openwall.com/lists/oss-security/2025/04/13/4", "http://www.openwall.com/lists/oss-security/2025/04/13/5", "https://access.redhat.com/security/cve/CVE-2024-56406", "https://bugzilla.redhat.com/show_bug.cgi?id=2359290", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56406", "https://errata.rockylinux.org/RLSA-2025:7500", "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch", "https://linux.oracle.com/cve/CVE-2024-56406.html", "https://linux.oracle.com/errata/ELSA-2025-7500.html", "https://metacpan.org/release/SHAY/perl-5.38.4/changes", "https://metacpan.org/release/SHAY/perl-5.40.2/changes", "https://nvd.nist.gov/vuln/detail/CVE-2024-56406", "https://ubuntu.com/security/notices/USN-7434-1", "https://ubuntu.com/security/notices/USN-7434-2", "https://www.cve.org/CVERecord?id=CVE-2024-56406" ], "PublishedDate": "2025-04-13T14:15:14.527Z", "LastModifiedDate": "2025-10-16T14:15:34.083Z" }, { "VulnerabilityID": "CVE-2025-40909", "PkgID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "PkgName": "perl-modules-5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-40909", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:420404cce87e00f99e5a3bee175beafdd94f94a5db37d325009a1922e96a06e9", "Title": "perl: Perl threads have a working directory race condition where file operations may target unintended paths", "Description": "Perl threads have a working directory race condition where file operations may target unintended paths.\n\nIf a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. \n\nThis may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit.\n\nThe bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6", "Severity": "MEDIUM", "CweIDs": [ "CWE-426", "CWE-689" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.9 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Sep/53", "http://seclists.org/fulldisclosure/2025/Sep/54", "http://seclists.org/fulldisclosure/2025/Sep/55", "http://www.openwall.com/lists/oss-security/2025/05/23/1", "http://www.openwall.com/lists/oss-security/2025/05/30/4", "http://www.openwall.com/lists/oss-security/2025/06/02/2", "http://www.openwall.com/lists/oss-security/2025/06/02/5", "http://www.openwall.com/lists/oss-security/2025/06/02/6", "http://www.openwall.com/lists/oss-security/2025/06/02/7", "http://www.openwall.com/lists/oss-security/2025/06/03/1", "https://access.redhat.com/errata/RHSA-2025:11805", "https://access.redhat.com/security/cve/CVE-2025-40909", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226", "https://bugzilla.redhat.com/2369407", "https://bugzilla.redhat.com/show_bug.cgi?id=2369407", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40909", "https://errata.almalinux.org/8/ALSA-2025-11805.html", "https://errata.rockylinux.org/RLSA-2025:11804", "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e", "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch", "https://github.com/Perl/perl5/issues/10387", "https://github.com/Perl/perl5/issues/23010", "https://linux.oracle.com/cve/CVE-2025-40909.html", "https://linux.oracle.com/errata/ELSA-2025-12056.html", "https://lists.security.metacpan.org/cve-announce/msg/30017499/", "https://nvd.nist.gov/vuln/detail/CVE-2025-40909", "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads", "https://ubuntu.com/security/notices/USN-7678-1", "https://www.cve.org/CVERecord?id=CVE-2025-40909", "https://www.openwall.com/lists/oss-security/2025/05/22/2" ], "PublishedDate": "2025-05-30T13:15:22.35Z", "LastModifiedDate": "2025-11-03T19:15:52.563Z" }, { "VulnerabilityID": "CVE-2022-48522", "PkgID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "PkgName": "perl-modules-5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-48522", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4c6bb6d062a8e6997905af8e7ba23e278ee2e66f0e0d36f8eaaba85688a859be", "Title": "perl: stack-based crash in S_find_uninit_var()", "Description": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "nvd": 4, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-48522", "https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345", "https://github.com/Perl/perl5/commit/23cca2d1f4544cb47f1124d98c308ce1f31f09a6", "https://github.com/Perl/perl5/issues/19147", "https://nvd.nist.gov/vuln/detail/CVE-2022-48522", "https://security.netapp.com/advisory/ntap-20230915-0008/", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2022-48522" ], "PublishedDate": "2023-08-22T19:16:31.153Z", "LastModifiedDate": "2024-11-21T07:33:29.637Z" }, { "VulnerabilityID": "CVE-2023-4016", "PkgID": "procps@2:3.3.17-6ubuntu2", "PkgName": "procps", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/procps@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f7508553e0c13459", "BOMRef": "pkg:deb/ubuntu/procps@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:3.3.17-6ubuntu2", "FixedVersion": "2:3.3.17-6ubuntu2.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4016", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5ebe34711fbda64ca09da4d170ed8aab3ccd1333a6d7bf016e884c9d9ad13869", "Title": "procps: ps buffer overflow", "Description": "Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.", "Severity": "LOW", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 1, "nvd": 1, "oracle-oval": 1, "photon": 1, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6705", "https://access.redhat.com/security/cve/CVE-2023-4016", "https://bugzilla.redhat.com/2228494", "https://bugzilla.redhat.com/show_bug.cgi?id=2228494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4016", "https://errata.almalinux.org/9/ALSA-2023-6705.html", "https://errata.rockylinux.org/RLSA-2023:7187", "https://gitlab.com/procps-ng/procps", "https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413", "https://gitlab.com/procps-ng/procps/-/issues/297", "https://linux.oracle.com/cve/CVE-2023-4016.html", "https://linux.oracle.com/errata/ELSA-2023-7187.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4016", "https://ubuntu.com/security/notices/USN-6477-1", "https://www.cve.org/CVERecord?id=CVE-2023-4016", "https://www.freelists.org/post/procps/ps-buffer-overflow-CVE-20234016" ], "PublishedDate": "2023-08-02T05:15:09.85Z", "LastModifiedDate": "2024-11-21T08:34:14.073Z" }, { "VulnerabilityID": "CVE-2025-11468", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b000e578d82c9f49", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-11468", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9ca29a0c1fda74e4753eb02f790a2a178517200c8642aff92e89accc64257fe5", "Title": "cpython: Missing character filtering in Python", "Description": "When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-11468", "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "https://github.com/python/cpython/issues/143935", "https://github.com/python/cpython/pull/143936", "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "https://nvd.nist.gov/vuln/detail/CVE-2025-11468", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-11468" ], "PublishedDate": "2026-01-20T22:15:50.69Z", "LastModifiedDate": "2026-03-03T15:16:13.803Z" }, { "VulnerabilityID": "CVE-2025-12084", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b000e578d82c9f49", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-12084", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f3fdb31ad8f2f2e6a4e7f3c23159a938496b13164e3db8f4aeb5c1780651a7fc", "Title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service", "Description": "When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1478", "https://access.redhat.com/security/cve/CVE-2025-12084", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://errata.almalinux.org/9/ALSA-2026-1478.html", "https://errata.rockylinux.org/RLSA-2026:1478", "https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0", "https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4", "https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437", "https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af", "https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273", "https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907", "https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d", "https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8", "https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8", "https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0", "https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964", "https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53", "https://github.com/python/cpython/issues/142145", "https://github.com/python/cpython/pull/142146", "https://linux.oracle.com/cve/CVE-2025-12084.html", "https://linux.oracle.com/errata/ELSA-2026-2713.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-12084", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-12084" ], "PublishedDate": "2025-12-03T19:15:55.05Z", "LastModifiedDate": "2026-01-26T15:16:05.95Z" }, { "VulnerabilityID": "CVE-2025-13836", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b000e578d82c9f49", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.13", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13836", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:94800d3d427aec5249a44de097e6665dfea47d395eb99e8a21a1fa52653cd21b", "Title": "cpython: Excessive read buffering DoS in http.client", "Description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 6.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1410", "https://access.redhat.com/security/cve/CVE-2025-13836", "https://bugzilla.redhat.com/2418078", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418078", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836", "https://errata.almalinux.org/9/ALSA-2026-1410.html", "https://errata.rockylinux.org/RLSA-2026:1410", "https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628", "https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155 (3.14 branch)", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5 (main)", "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0", "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c", "https://github.com/python/cpython/issues/119451", "https://github.com/python/cpython/pull/119454", "https://linux.oracle.com/cve/CVE-2025-13836.html", "https://linux.oracle.com/errata/ELSA-2026-2419.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13836", "https://ubuntu.com/security/notices/USN-7951-1", "https://www.cve.org/CVERecord?id=CVE-2025-13836" ], "PublishedDate": "2025-12-01T18:16:04.2Z", "LastModifiedDate": "2026-02-10T19:58:12.13Z" }, { "VulnerabilityID": "CVE-2025-13837", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b000e578d82c9f49", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13837", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:42eb86bab94d0b1b0e22b514da5e118db91d16cfe7c1a36818aba1c4cf8e05c8", "Title": "cpython: Out-of-memory when loading Plist", "Description": "When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 2, "azure": 1, "bitnami": 1, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N", "V40Score": 2.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-13837", "https://github.com/python/cpython/commit/568342cfc8f002d9a15f30238f26b9d2e0e79036", "https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b", "https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70", "https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba", "https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb", "https://github.com/python/cpython/commit/cefee7d118a26ef6cd43db59bb9d98ca9a331111", "https://github.com/python/cpython/issues/119342", "https://github.com/python/cpython/pull/119343", "https://mail.python.org/archives/list/security-announce@python.org/thread/2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13837", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-13837" ], "PublishedDate": "2025-12-01T18:16:04.38Z", "LastModifiedDate": "2026-03-03T15:16:14.483Z" }, { "VulnerabilityID": "CVE-2025-15282", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b000e578d82c9f49", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15282", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ef00fa5032e044f483c5c610fc5149467dd87e04413a23dc5c7d0a39f97b43fc", "Title": "cpython: Header injection via newlines in data URL mediatype in Python", "Description": "User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-15282", "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0", "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38", "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47", "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a", "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f", "https://github.com/python/cpython/issues/143925", "https://github.com/python/cpython/pull/143926", "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/", "https://nvd.nist.gov/vuln/detail/CVE-2025-15282", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-15282" ], "PublishedDate": "2026-01-20T22:15:50.883Z", "LastModifiedDate": "2026-01-26T15:16:06.62Z" }, { "VulnerabilityID": "CVE-2026-0672", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b000e578d82c9f49", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0672", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1d8106faf002a4ef5b1bc394657ff58bb58040b15fa2d357538e92b2565c856d", "Title": "cpython: Header injection in http.cookies.Morsel in Python", "Description": "When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0672", "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172", "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440", "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d", "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca", "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70", "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85", "https://github.com/python/cpython/issues/143919", "https://github.com/python/cpython/pull/143920", "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0672", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0672" ], "PublishedDate": "2026-01-20T22:15:52.68Z", "LastModifiedDate": "2026-01-26T15:16:07.033Z" }, { "VulnerabilityID": "CVE-2026-0865", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b000e578d82c9f49", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0865", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:810fa7b2b39067b5ecd2e6efbe254bb39905bf95f60f9941ed2e3b002e236bbb", "Title": "cpython: wsgiref.headers.Headers allows header newline injection in Python", "Description": "User-controlled header names and values containing newlines can allow injecting HTTP headers.", "Severity": "MEDIUM", "CweIDs": [ "CWE-74" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4168", "https://access.redhat.com/security/cve/CVE-2026-0865", "https://bugzilla.redhat.com/2431368", "https://bugzilla.redhat.com/2431373", "https://bugzilla.redhat.com/2432437", "https://bugzilla.redhat.com/show_bug.cgi?id=2431367", "https://bugzilla.redhat.com/show_bug.cgi?id=2431368", "https://bugzilla.redhat.com/show_bug.cgi?id=2431373", "https://bugzilla.redhat.com/show_bug.cgi?id=2432437", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299", "https://errata.almalinux.org/9/ALSA-2026-4168.html", "https://errata.rockylinux.org/RLSA-2026:4168", "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58", "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510", "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f", "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2", "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5", "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6", "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff", "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97", "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf", "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219", "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995", "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211", "https://github.com/python/cpython/issues/143916", "https://github.com/python/cpython/pull/143917", "https://linux.oracle.com/cve/CVE-2026-0865.html", "https://linux.oracle.com/errata/ELSA-2026-4713.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0865", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0865" ], "PublishedDate": "2026-01-20T22:15:52.8Z", "LastModifiedDate": "2026-03-03T15:16:17.59Z" }, { "VulnerabilityID": "CVE-2025-11468", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1ff2f5f6352c24cd", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-11468", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:47265626167c45c166b7ef65cfab0017432183f246e5ae4cac740e3376df4947", "Title": "cpython: Missing character filtering in Python", "Description": "When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-11468", "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "https://github.com/python/cpython/issues/143935", "https://github.com/python/cpython/pull/143936", "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "https://nvd.nist.gov/vuln/detail/CVE-2025-11468", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-11468" ], "PublishedDate": "2026-01-20T22:15:50.69Z", "LastModifiedDate": "2026-03-03T15:16:13.803Z" }, { "VulnerabilityID": "CVE-2025-12084", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1ff2f5f6352c24cd", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-12084", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4eafa435a0b650673e3f86c963f83c227a85f67473074435e72187b09c485f08", "Title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service", "Description": "When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1478", "https://access.redhat.com/security/cve/CVE-2025-12084", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://errata.almalinux.org/9/ALSA-2026-1478.html", "https://errata.rockylinux.org/RLSA-2026:1478", "https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0", "https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4", "https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437", "https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af", "https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273", "https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907", "https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d", "https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8", "https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8", "https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0", "https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964", "https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53", "https://github.com/python/cpython/issues/142145", "https://github.com/python/cpython/pull/142146", "https://linux.oracle.com/cve/CVE-2025-12084.html", "https://linux.oracle.com/errata/ELSA-2026-2713.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-12084", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-12084" ], "PublishedDate": "2025-12-03T19:15:55.05Z", "LastModifiedDate": "2026-01-26T15:16:05.95Z" }, { "VulnerabilityID": "CVE-2025-13836", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1ff2f5f6352c24cd", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.13", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13836", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9dfc371a774de7f24258a3894f13d938395c80b5a04bd9fa0a275a35c170f771", "Title": "cpython: Excessive read buffering DoS in http.client", "Description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 6.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1410", "https://access.redhat.com/security/cve/CVE-2025-13836", "https://bugzilla.redhat.com/2418078", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418078", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836", "https://errata.almalinux.org/9/ALSA-2026-1410.html", "https://errata.rockylinux.org/RLSA-2026:1410", "https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628", "https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155 (3.14 branch)", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5 (main)", "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0", "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c", "https://github.com/python/cpython/issues/119451", "https://github.com/python/cpython/pull/119454", "https://linux.oracle.com/cve/CVE-2025-13836.html", "https://linux.oracle.com/errata/ELSA-2026-2419.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13836", "https://ubuntu.com/security/notices/USN-7951-1", "https://www.cve.org/CVERecord?id=CVE-2025-13836" ], "PublishedDate": "2025-12-01T18:16:04.2Z", "LastModifiedDate": "2026-02-10T19:58:12.13Z" }, { "VulnerabilityID": "CVE-2025-13837", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1ff2f5f6352c24cd", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13837", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8337f549fe68a5280bbd2441145c3df3e585b7b842bd539ae4329fda756c56a5", "Title": "cpython: Out-of-memory when loading Plist", "Description": "When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 2, "azure": 1, "bitnami": 1, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N", "V40Score": 2.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-13837", "https://github.com/python/cpython/commit/568342cfc8f002d9a15f30238f26b9d2e0e79036", "https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b", "https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70", "https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba", "https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb", "https://github.com/python/cpython/commit/cefee7d118a26ef6cd43db59bb9d98ca9a331111", "https://github.com/python/cpython/issues/119342", "https://github.com/python/cpython/pull/119343", "https://mail.python.org/archives/list/security-announce@python.org/thread/2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13837", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-13837" ], "PublishedDate": "2025-12-01T18:16:04.38Z", "LastModifiedDate": "2026-03-03T15:16:14.483Z" }, { "VulnerabilityID": "CVE-2025-15282", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1ff2f5f6352c24cd", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15282", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8c2520e122402e329869f4ab2c1422b1e74c07d967df1f46d909f218b99a7a5d", "Title": "cpython: Header injection via newlines in data URL mediatype in Python", "Description": "User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-15282", "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0", "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38", "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47", "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a", "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f", "https://github.com/python/cpython/issues/143925", "https://github.com/python/cpython/pull/143926", "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/", "https://nvd.nist.gov/vuln/detail/CVE-2025-15282", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-15282" ], "PublishedDate": "2026-01-20T22:15:50.883Z", "LastModifiedDate": "2026-01-26T15:16:06.62Z" }, { "VulnerabilityID": "CVE-2026-0672", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1ff2f5f6352c24cd", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0672", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b35ddffcdb2ffa88c6fdcf80824031f93a8538241b1e8ff83af3f9d4535aa17d", "Title": "cpython: Header injection in http.cookies.Morsel in Python", "Description": "When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0672", "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172", "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440", "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d", "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca", "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70", "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85", "https://github.com/python/cpython/issues/143919", "https://github.com/python/cpython/pull/143920", "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0672", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0672" ], "PublishedDate": "2026-01-20T22:15:52.68Z", "LastModifiedDate": "2026-01-26T15:16:07.033Z" }, { "VulnerabilityID": "CVE-2026-0865", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1ff2f5f6352c24cd", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:a0449078c8b8f297d345eb9e455918667ac023b198e810a83f2ee5db10345597", "DiffID": "sha256:57c93d8d341c9bb818fc72a8feeae1384ad685e33239c2c1d09585fde1c11b37" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0865", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:67d9b312d68002c97c9184584890dc0b96e8b1fe12bef2b6d41dca484e595c5e", "Title": "cpython: wsgiref.headers.Headers allows header newline injection in Python", "Description": "User-controlled header names and values containing newlines can allow injecting HTTP headers.", "Severity": "MEDIUM", "CweIDs": [ "CWE-74" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4168", "https://access.redhat.com/security/cve/CVE-2026-0865", "https://bugzilla.redhat.com/2431368", "https://bugzilla.redhat.com/2431373", "https://bugzilla.redhat.com/2432437", "https://bugzilla.redhat.com/show_bug.cgi?id=2431367", "https://bugzilla.redhat.com/show_bug.cgi?id=2431368", "https://bugzilla.redhat.com/show_bug.cgi?id=2431373", "https://bugzilla.redhat.com/show_bug.cgi?id=2432437", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299", "https://errata.almalinux.org/9/ALSA-2026-4168.html", "https://errata.rockylinux.org/RLSA-2026:4168", "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58", "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510", "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f", "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2", "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5", "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6", "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff", "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97", "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf", "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219", "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995", "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211", "https://github.com/python/cpython/issues/143916", "https://github.com/python/cpython/pull/143917", "https://linux.oracle.com/cve/CVE-2026-0865.html", "https://linux.oracle.com/errata/ELSA-2026-4713.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0865", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0865" ], "PublishedDate": "2026-01-20T22:15:52.8Z", "LastModifiedDate": "2026-03-03T15:16:17.59Z" }, { "VulnerabilityID": "CVE-2023-39804", "PkgID": "tar@1.34+dfsg-1ubuntu0.1.22.04.1", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9b61a5f18e49d407", "BOMRef": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.34+dfsg-1ubuntu0.1.22.04.1", "FixedVersion": "1.34+dfsg-1ubuntu0.1.22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-39804", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a58bea0976fc9f810d9245cc3874b0fb18ffce3240d29fc9dfb98b39a2e00390", "Title": "tar: Incorrectly handled extension attributes in PAX archives can lead to a crash", "Description": "In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.", "Severity": "MEDIUM", "VendorSeverity": { "amazon": 1, "cbl-mariner": 2, "photon": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-39804", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058079", "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4", "https://git.savannah.gnu.org/cgit/tar.git/tree/src/xheader.c?h=release_1_34#n1723", "https://lists.debian.org/debian-lts-announce/2024/03/msg00008.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-39804", "https://ubuntu.com/security/notices/USN-6543-1", "https://www.cve.org/CVERecord?id=CVE-2023-39804" ], "PublishedDate": "2024-03-27T04:15:08.897Z", "LastModifiedDate": "2025-11-04T19:15:55.43Z" }, { "VulnerabilityID": "CVE-2025-45582", "PkgID": "tar@1.34+dfsg-1ubuntu0.1.22.04.1", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9b61a5f18e49d407", "BOMRef": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.34+dfsg-1ubuntu0.1.22.04.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-45582", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:80bfad9ba8b6271cf7c2c8f2a0917cf708873d5f93791a4ba00b0d9f7e4d5099", "Title": "tar: Tar path traversal", "Description": "GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of \"Member name contains '..'\" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain \"x -\u003e ../../../../../home/victim/.ssh\" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which \"tar xf\" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each \"tar xf\" in its Security Rules of Thumb; however, third-party advice leads users to run \"tar xf\" more than once into the same directory.", "Severity": "MEDIUM", "CweIDs": [ "CWE-24" ], "VendorSeverity": { "alma": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.6 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/11/01/6", "https://access.redhat.com/errata/RHSA-2026:0067", "https://access.redhat.com/security/cve/CVE-2025-45582", "https://bugzilla.redhat.com/2379592", "https://bugzilla.redhat.com/show_bug.cgi?id=2379592", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-45582", "https://errata.almalinux.org/9/ALSA-2026-0067.html", "https://errata.rockylinux.org/RLSA-2026:0067", "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md", "https://linux.oracle.com/cve/CVE-2025-45582.html", "https://linux.oracle.com/errata/ELSA-2026-0067.html", "https://lists.gnu.org/archive/html/bug-tar/2025-08/msg00012.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-45582", "https://www.cve.org/CVERecord?id=CVE-2025-45582", "https://www.gnu.org/software/tar/", "https://www.gnu.org/software/tar/manual/html_node/Integrity.html", "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity", "https://www.gnu.org/software/tar/manual/html_node/Security-rules-of-thumb.html" ], "PublishedDate": "2025-07-11T17:15:37.183Z", "LastModifiedDate": "2025-11-02T01:15:32.307Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "util-linux@2.37.2-4ubuntu3", "PkgName": "util-linux", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/util-linux@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "87365d9d2616f051", "BOMRef": "pkg:deb/ubuntu/util-linux@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d96b0ef40a521b23b93b5051d88d3c354ec876e9712d816a437aacaa1621f16d", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" } ] }, { "Target": "Node.js", "Class": "lang-pkgs", "Type": "node-pkg", "Packages": [ { "ID": "@adobe/css-tools@4.4.3", "Name": "@adobe/css-tools", "Identifier": { "PURL": "pkg:npm/%40adobe/css-tools@4.4.3", "UID": "f66a182a2bbb15be", "BOMRef": "pkg:npm/%40adobe/css-tools@4.4.3" }, "Version": "4.4.3", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@ampproject/remapping@2.3.0", "Name": "@ampproject/remapping", "Identifier": { "PURL": "pkg:npm/%40ampproject/remapping@2.3.0", "UID": "5f6e6382b48c6fd1", "BOMRef": "pkg:npm/%40ampproject/remapping@2.3.0" }, "Version": "2.3.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@babel/core@7.28.0", "@tailwindcss/node@4.1.11" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/code-frame@7.27.1", "Name": "@babel/code-frame", "Identifier": { "PURL": "pkg:npm/%40babel/code-frame@7.27.1", "UID": "48181c101292a67d", "BOMRef": "pkg:npm/%40babel/code-frame@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/template@7.27.2", "@babel/traverse@7.28.0", "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1", "jest-message-util@30.0.2", "parse-json@5.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/compat-data@7.28.0", "Name": "@babel/compat-data", "Identifier": { "PURL": "pkg:npm/%40babel/compat-data@7.28.0", "UID": "e670e1b8493e1bf2", "BOMRef": "pkg:npm/%40babel/compat-data@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/helper-compilation-targets@7.27.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/core@7.28.0", "Name": "@babel/core", "Identifier": { "PURL": "pkg:npm/%40babel/core@7.28.0", "UID": "177230f20b7107c5", "BOMRef": "pkg:npm/%40babel/core@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/helper-module-transforms@7.27.3", "@babel/plugin-transform-react-jsx-self@7.27.1", "@babel/plugin-transform-react-jsx-source@7.27.1", "@svgr/babel-plugin-add-jsx-attribute@8.0.0", "@svgr/babel-plugin-remove-jsx-attribute@8.0.0", "@svgr/babel-plugin-remove-jsx-empty-expression@8.0.0", "@svgr/babel-plugin-replace-jsx-attribute-value@8.0.0", "@svgr/babel-plugin-svg-dynamic-title@8.0.0", "@svgr/babel-plugin-svg-em-dimensions@8.0.0", "@svgr/babel-plugin-transform-react-native-svg@8.1.0", "@svgr/babel-plugin-transform-svg-component@8.0.0", "@svgr/babel-preset@8.1.0", "@svgr/core@8.1.0", "@svgr/plugin-jsx@8.1.0", "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/generator@7.28.0", "Name": "@babel/generator", "Identifier": { "PURL": "pkg:npm/%40babel/generator@7.28.0", "UID": "73a5d5fc052f1c59", "BOMRef": "pkg:npm/%40babel/generator@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/traverse@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/helper-compilation-targets@7.27.2", "Name": "@babel/helper-compilation-targets", "Identifier": { "PURL": "pkg:npm/%40babel/helper-compilation-targets@7.27.2", "UID": "1bbff8801b596bfe", "BOMRef": "pkg:npm/%40babel/helper-compilation-targets@7.27.2" }, "Version": "7.27.2", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/helper-globals@7.28.0", "Name": "@babel/helper-globals", "Identifier": { "PURL": "pkg:npm/%40babel/helper-globals@7.28.0", "UID": "aeaafe5f22e5018", "BOMRef": "pkg:npm/%40babel/helper-globals@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/traverse@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/helper-module-imports@7.27.1", "Name": "@babel/helper-module-imports", "Identifier": { "PURL": "pkg:npm/%40babel/helper-module-imports@7.27.1", "UID": "776b226b3780e72", "BOMRef": "pkg:npm/%40babel/helper-module-imports@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/helper-module-transforms@7.27.3", "@emotion/babel-plugin@11.13.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/helper-module-transforms@7.27.3", "Name": "@babel/helper-module-transforms", "Identifier": { "PURL": "pkg:npm/%40babel/helper-module-transforms@7.27.3", "UID": "fac3d31ca1092328", "BOMRef": "pkg:npm/%40babel/helper-module-transforms@7.27.3" }, "Version": "7.27.3", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/helper-plugin-utils@7.27.1", "Name": "@babel/helper-plugin-utils", "Identifier": { "PURL": "pkg:npm/%40babel/helper-plugin-utils@7.27.1", "UID": "22241a2a03728c45", "BOMRef": "pkg:npm/%40babel/helper-plugin-utils@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/plugin-transform-react-jsx-self@7.27.1", "@babel/plugin-transform-react-jsx-source@7.27.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/helper-string-parser@7.27.1", "Name": "@babel/helper-string-parser", "Identifier": { "PURL": "pkg:npm/%40babel/helper-string-parser@7.27.1", "UID": "9a0c6430d33839c7", "BOMRef": "pkg:npm/%40babel/helper-string-parser@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/types@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/helper-validator-identifier@7.27.1", "Name": "@babel/helper-validator-identifier", "Identifier": { "PURL": "pkg:npm/%40babel/helper-validator-identifier@7.27.1", "UID": "50cd28dc34407f92", "BOMRef": "pkg:npm/%40babel/helper-validator-identifier@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/code-frame@7.27.1", "@babel/helper-module-transforms@7.27.3", "@babel/types@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/helper-validator-option@7.27.1", "Name": "@babel/helper-validator-option", "Identifier": { "PURL": "pkg:npm/%40babel/helper-validator-option@7.27.1", "UID": "7085bd65bf8d5626", "BOMRef": "pkg:npm/%40babel/helper-validator-option@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/helper-compilation-targets@7.27.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/helpers@7.27.6", "Name": "@babel/helpers", "Identifier": { "PURL": "pkg:npm/%40babel/helpers@7.27.6", "UID": "3446bf95ee394b51", "BOMRef": "pkg:npm/%40babel/helpers@7.27.6" }, "Version": "7.27.6", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/parser@7.28.0", "Name": "@babel/parser", "Identifier": { "PURL": "pkg:npm/%40babel/parser@7.28.0", "UID": "4c1133eac9ec6044", "BOMRef": "pkg:npm/%40babel/parser@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/generator@7.28.0", "@babel/template@7.27.2", "@babel/traverse@7.28.0", "@types/babel__core@7.20.5", "@types/babel__template@7.4.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/plugin-transform-react-jsx-self@7.27.1", "Name": "@babel/plugin-transform-react-jsx-self", "Identifier": { "PURL": "pkg:npm/%40babel/plugin-transform-react-jsx-self@7.27.1", "UID": "1c95b6894ef69913", "BOMRef": "pkg:npm/%40babel/plugin-transform-react-jsx-self@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/plugin-transform-react-jsx-source@7.27.1", "Name": "@babel/plugin-transform-react-jsx-source", "Identifier": { "PURL": "pkg:npm/%40babel/plugin-transform-react-jsx-source@7.27.1", "UID": "3ad56332bf368ea8", "BOMRef": "pkg:npm/%40babel/plugin-transform-react-jsx-source@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/runtime@7.27.6", "Name": "@babel/runtime", "Identifier": { "PURL": "pkg:npm/%40babel/runtime@7.27.6", "UID": "ece211a6ac6d0dde", "BOMRef": "pkg:npm/%40babel/runtime@7.27.6" }, "Version": "7.27.6", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "@emotion/react@11.14.0", "@emotion/styled@11.14.1", "@mui/icons-material@7.2.0", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/private-theming@5.17.1", "@mui/private-theming@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/types@7.4.4", "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@mui/x-data-grid@7.29.8", "@mui/x-internals@7.29.0", "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1", "@testing-library/jest-dom@5.17.0", "@testing-library/react@13.4.0", "@testing-library/user-event@13.5.0", "babel-plugin-macros@3.1.0", "dom-helpers@5.2.1", "react-transition-group@4.4.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/template@7.27.2", "Name": "@babel/template", "Identifier": { "PURL": "pkg:npm/%40babel/template@7.27.2", "UID": "d0bc6ee82cb70be7", "BOMRef": "pkg:npm/%40babel/template@7.27.2" }, "Version": "7.27.2", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/helpers@7.27.6", "@babel/traverse@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/traverse@7.28.0", "Name": "@babel/traverse", "Identifier": { "PURL": "pkg:npm/%40babel/traverse@7.28.0", "UID": "55bd233638c533a2", "BOMRef": "pkg:npm/%40babel/traverse@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/helper-module-imports@7.27.1", "@babel/helper-module-transforms@7.27.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@babel/types@7.28.0", "Name": "@babel/types", "Identifier": { "PURL": "pkg:npm/%40babel/types@7.28.0", "UID": "b6b0ba6679325c90", "BOMRef": "pkg:npm/%40babel/types@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/generator@7.28.0", "@babel/helper-module-imports@7.27.1", "@babel/helpers@7.27.6", "@babel/parser@7.28.0", "@babel/template@7.27.2", "@babel/traverse@7.28.0", "@svgr/hast-util-to-babel-ast@8.0.0", "@types/babel__core@7.20.5", "@types/babel__generator@7.27.0", "@types/babel__template@7.4.4", "@types/babel__traverse@7.20.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/babel-plugin@11.13.5", "Name": "@emotion/babel-plugin", "Identifier": { "PURL": "pkg:npm/%40emotion/babel-plugin@11.13.5", "UID": "13b2488c8a94f8fc", "BOMRef": "pkg:npm/%40emotion/babel-plugin@11.13.5" }, "Version": "11.13.5", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/css@11.13.5", "@emotion/react@11.14.0", "@emotion/styled@11.14.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/cache@11.14.0", "Name": "@emotion/cache", "Identifier": { "PURL": "pkg:npm/%40emotion/cache@11.14.0", "UID": "5382dc7f8de37b89", "BOMRef": "pkg:npm/%40emotion/cache@11.14.0" }, "Version": "11.14.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/css@11.13.5", "@emotion/react@11.14.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/css@11.13.5", "Name": "@emotion/css", "Identifier": { "PURL": "pkg:npm/%40emotion/css@11.13.5", "UID": "dd7dba7dad7ab000", "BOMRef": "pkg:npm/%40emotion/css@11.13.5" }, "Version": "11.13.5", "Licenses": [ "MIT" ], "DependsOn": [ "react-diff-viewer-continued@3.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/hash@0.9.2", "Name": "@emotion/hash", "Identifier": { "PURL": "pkg:npm/%40emotion/hash@0.9.2", "UID": "98b921a69172def6", "BOMRef": "pkg:npm/%40emotion/hash@0.9.2" }, "Version": "0.9.2", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "@emotion/serialize@1.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/is-prop-valid@1.3.1", "Name": "@emotion/is-prop-valid", "Identifier": { "PURL": "pkg:npm/%40emotion/is-prop-valid@1.3.1", "UID": "beda34e8a258a4d7", "BOMRef": "pkg:npm/%40emotion/is-prop-valid@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/styled@11.14.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/memoize@0.9.0", "Name": "@emotion/memoize", "Identifier": { "PURL": "pkg:npm/%40emotion/memoize@0.9.0", "UID": "b2e0aed8b23208a7", "BOMRef": "pkg:npm/%40emotion/memoize@0.9.0" }, "Version": "0.9.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "@emotion/cache@11.14.0", "@emotion/is-prop-valid@1.3.1", "@emotion/serialize@1.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/react@11.14.0", "Name": "@emotion/react", "Identifier": { "PURL": "pkg:npm/%40emotion/react@11.14.0", "UID": "948bc1e08f046ae0", "BOMRef": "pkg:npm/%40emotion/react@11.14.0" }, "Version": "11.14.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/styled@11.14.1", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/x-data-grid@7.29.8", "@textea/json-viewer@2.17.2", "create-collection-form@0.0.0", "mui-chips-input@7.0.1", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/serialize@1.3.3", "Name": "@emotion/serialize", "Identifier": { "PURL": "pkg:npm/%40emotion/serialize@1.3.3", "UID": "4f7008eacff63cef", "BOMRef": "pkg:npm/%40emotion/serialize@1.3.3" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "@emotion/css@11.13.5", "@emotion/react@11.14.0", "@emotion/styled@11.14.1", "@mui/styled-engine@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/sheet@1.4.0", "Name": "@emotion/sheet", "Identifier": { "PURL": "pkg:npm/%40emotion/sheet@1.4.0", "UID": "7bf3212f6ed7cc93", "BOMRef": "pkg:npm/%40emotion/sheet@1.4.0" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/cache@11.14.0", "@emotion/css@11.13.5", "@mui/styled-engine@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/styled@11.14.1", "Name": "@emotion/styled", "Identifier": { "PURL": "pkg:npm/%40emotion/styled@11.14.1", "UID": "d5e17abd3b4b251d", "BOMRef": "pkg:npm/%40emotion/styled@11.14.1" }, "Version": "11.14.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/x-data-grid@7.29.8", "@textea/json-viewer@2.17.2", "create-collection-form@0.0.0", "mui-chips-input@7.0.1", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/unitless@0.10.0", "Name": "@emotion/unitless", "Identifier": { "PURL": "pkg:npm/%40emotion/unitless@0.10.0", "UID": "2242d6f4ab8e2401", "BOMRef": "pkg:npm/%40emotion/unitless@0.10.0" }, "Version": "0.10.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/serialize@1.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/use-insertion-effect-with-fallbacks@1.2.0", "Name": "@emotion/use-insertion-effect-with-fallbacks", "Identifier": { "PURL": "pkg:npm/%40emotion/use-insertion-effect-with-fallbacks@1.2.0", "UID": "e8e19c1b50afa11", "BOMRef": "pkg:npm/%40emotion/use-insertion-effect-with-fallbacks@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/react@11.14.0", "@emotion/styled@11.14.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/utils@1.4.2", "Name": "@emotion/utils", "Identifier": { "PURL": "pkg:npm/%40emotion/utils@1.4.2", "UID": "85df37f2ba2663c4", "BOMRef": "pkg:npm/%40emotion/utils@1.4.2" }, "Version": "1.4.2", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/cache@11.14.0", "@emotion/css@11.13.5", "@emotion/react@11.14.0", "@emotion/serialize@1.3.3", "@emotion/styled@11.14.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@emotion/weak-memoize@0.4.0", "Name": "@emotion/weak-memoize", "Identifier": { "PURL": "pkg:npm/%40emotion/weak-memoize@0.4.0", "UID": "9c6f8b3f4e59b6d3", "BOMRef": "pkg:npm/%40emotion/weak-memoize@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/cache@11.14.0", "@emotion/react@11.14.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@eslint-community/eslint-utils@4.7.0", "Name": "@eslint-community/eslint-utils", "Identifier": { "PURL": "pkg:npm/%40eslint-community/eslint-utils@4.7.0", "UID": "14c3cf6c5693a0b1", "BOMRef": "pkg:npm/%40eslint-community/eslint-utils@4.7.0" }, "Version": "4.7.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@eslint-community/regexpp@4.12.1", "Name": "@eslint-community/regexpp", "Identifier": { "PURL": "pkg:npm/%40eslint-community/regexpp@4.12.1", "UID": "b2068c62c82060e4", "BOMRef": "pkg:npm/%40eslint-community/regexpp@4.12.1" }, "Version": "4.12.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@eslint/eslintrc@2.1.4", "Name": "@eslint/eslintrc", "Identifier": { "PURL": "pkg:npm/%40eslint/eslintrc@2.1.4", "UID": "c8737630767de948", "BOMRef": "pkg:npm/%40eslint/eslintrc@2.1.4" }, "Version": "2.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@eslint/js@8.57.1", "Name": "@eslint/js", "Identifier": { "PURL": "pkg:npm/%40eslint/js@8.57.1", "UID": "ac213a2e017ed7e7", "BOMRef": "pkg:npm/%40eslint/js@8.57.1" }, "Version": "8.57.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@humanwhocodes/config-array@0.13.0", "Name": "@humanwhocodes/config-array", "Identifier": { "PURL": "pkg:npm/%40humanwhocodes/config-array@0.13.0", "UID": "3c1b3bc428b2e36c", "BOMRef": "pkg:npm/%40humanwhocodes/config-array@0.13.0" }, "Version": "0.13.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@humanwhocodes/module-importer@1.0.1", "Name": "@humanwhocodes/module-importer", "Identifier": { "PURL": "pkg:npm/%40humanwhocodes/module-importer@1.0.1", "UID": "525cc81874102105", "BOMRef": "pkg:npm/%40humanwhocodes/module-importer@1.0.1" }, "Version": "1.0.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@humanwhocodes/object-schema@2.0.3", "Name": "@humanwhocodes/object-schema", "Identifier": { "PURL": "pkg:npm/%40humanwhocodes/object-schema@2.0.3", "UID": "a9868d19565fcd59", "BOMRef": "pkg:npm/%40humanwhocodes/object-schema@2.0.3" }, "Version": "2.0.3", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@humanwhocodes/config-array@0.13.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "2dfbeb0b6e74f7cc", "BOMRef": "pkg:npm/%40isaacs/fs-minipass@4.0.1" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "tar@7.4.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@jest/diff-sequences@30.0.1", "Name": "@jest/diff-sequences", "Identifier": { "PURL": "pkg:npm/%40jest/diff-sequences@30.0.1", "UID": "134106d551d44d8b", "BOMRef": "pkg:npm/%40jest/diff-sequences@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "jest-diff@30.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@jest/expect-utils@30.0.4", "Name": "@jest/expect-utils", "Identifier": { "PURL": "pkg:npm/%40jest/expect-utils@30.0.4", "UID": "78cd5352a2b3b", "BOMRef": "pkg:npm/%40jest/expect-utils@30.0.4" }, "Version": "30.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "expect@30.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@jest/get-type@30.0.1", "Name": "@jest/get-type", "Identifier": { "PURL": "pkg:npm/%40jest/get-type@30.0.1", "UID": "9373f5512de8e0ed", "BOMRef": "pkg:npm/%40jest/get-type@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/expect-utils@30.0.4", "expect@30.0.4", "jest-diff@30.0.4", "jest-matcher-utils@30.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@jest/pattern@30.0.1", "Name": "@jest/pattern", "Identifier": { "PURL": "pkg:npm/%40jest/pattern@30.0.1", "UID": "fb85f791afcbdea1", "BOMRef": "pkg:npm/%40jest/pattern@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/types@30.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@jest/schemas@30.0.1", "Name": "@jest/schemas", "Identifier": { "PURL": "pkg:npm/%40jest/schemas@30.0.1", "UID": "10a90066b256458b", "BOMRef": "pkg:npm/%40jest/schemas@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2", "@jest/types@30.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@jest/types@30.0.1", "Name": "@jest/types", "Identifier": { "PURL": "pkg:npm/%40jest/types@30.0.1", "UID": "743cb7d49c0743aa", "BOMRef": "pkg:npm/%40jest/types@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "jest-message-util@30.0.2", "jest-mock@30.0.2", "jest-util@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@jridgewell/gen-mapping@0.3.12", "Name": "@jridgewell/gen-mapping", "Identifier": { "PURL": "pkg:npm/%40jridgewell/gen-mapping@0.3.12", "UID": "353ab4cab237f21d", "BOMRef": "pkg:npm/%40jridgewell/gen-mapping@0.3.12" }, "Version": "0.3.12", "Licenses": [ "MIT" ], "DependsOn": [ "@ampproject/remapping@2.3.0", "@babel/generator@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@jridgewell/resolve-uri@3.1.2", "Name": "@jridgewell/resolve-uri", "Identifier": { "PURL": "pkg:npm/%40jridgewell/resolve-uri@3.1.2", "UID": "406e94935286dbbb", "BOMRef": "pkg:npm/%40jridgewell/resolve-uri@3.1.2" }, "Version": "3.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "@jridgewell/trace-mapping@0.3.29" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@jridgewell/sourcemap-codec@1.5.4", "Name": "@jridgewell/sourcemap-codec", "Identifier": { "PURL": "pkg:npm/%40jridgewell/sourcemap-codec@1.5.4", "UID": "a79dce8422a5c974", "BOMRef": "pkg:npm/%40jridgewell/sourcemap-codec@1.5.4" }, "Version": "1.5.4", "Licenses": [ "MIT" ], "DependsOn": [ "@jridgewell/gen-mapping@0.3.12", "@jridgewell/trace-mapping@0.3.29", "magic-string@0.30.17" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@jridgewell/trace-mapping@0.3.29", "Name": "@jridgewell/trace-mapping", "Identifier": { "PURL": "pkg:npm/%40jridgewell/trace-mapping@0.3.29", "UID": "63ec446c36d66bf5", "BOMRef": "pkg:npm/%40jridgewell/trace-mapping@0.3.29" }, "Version": "0.3.29", "Licenses": [ "MIT" ], "DependsOn": [ "@ampproject/remapping@2.3.0", "@babel/generator@7.28.0", "@jridgewell/gen-mapping@0.3.12" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@kurkle/color@0.3.4", "Name": "@kurkle/color", "Identifier": { "PURL": "pkg:npm/%40kurkle/color@0.3.4", "UID": "e018cff0e26b5931", "BOMRef": "pkg:npm/%40kurkle/color@0.3.4" }, "Version": "0.3.4", "Licenses": [ "MIT" ], "DependsOn": [ "chart.js@4.5.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mdx-js/mdx@2.3.0", "Name": "@mdx-js/mdx", "Identifier": { "PURL": "pkg:npm/%40mdx-js/mdx@2.3.0", "UID": "d1a4fc57d8d77067", "BOMRef": "pkg:npm/%40mdx-js/mdx@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/rollup@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mdx-js/react@2.3.0", "Name": "@mdx-js/react", "Identifier": { "PURL": "pkg:npm/%40mdx-js/react@2.3.0", "UID": "1ac096387a3d5cdf", "BOMRef": "pkg:npm/%40mdx-js/react@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mdx-js/rollup@2.3.0", "Name": "@mdx-js/rollup", "Identifier": { "PURL": "pkg:npm/%40mdx-js/rollup@2.3.0", "UID": "3ff04a726dbe9624", "BOMRef": "pkg:npm/%40mdx-js/rollup@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@monaco-editor/loader@1.5.0", "Name": "@monaco-editor/loader", "Identifier": { "PURL": "pkg:npm/%40monaco-editor/loader@1.5.0", "UID": "1c113083ef44d7ad", "BOMRef": "pkg:npm/%40monaco-editor/loader@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "@monaco-editor/react@4.7.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@monaco-editor/react@4.7.0", "Name": "@monaco-editor/react", "Identifier": { "PURL": "pkg:npm/%40monaco-editor/react@4.7.0", "UID": "9456d624f204b5b4", "BOMRef": "pkg:npm/%40monaco-editor/react@4.7.0" }, "Version": "4.7.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/core-downloads-tracker@5.17.1", "Name": "@mui/core-downloads-tracker", "Identifier": { "PURL": "pkg:npm/%40mui/core-downloads-tracker@5.17.1", "UID": "c4c4054db80077f", "BOMRef": "pkg:npm/%40mui/core-downloads-tracker@5.17.1" }, "Version": "5.17.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/core-downloads-tracker@7.2.0", "Name": "@mui/core-downloads-tracker", "Identifier": { "PURL": "pkg:npm/%40mui/core-downloads-tracker@7.2.0", "UID": "ba2357b40d0fbf40", "BOMRef": "pkg:npm/%40mui/core-downloads-tracker@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/icons-material@7.2.0", "Name": "@mui/icons-material", "Identifier": { "PURL": "pkg:npm/%40mui/icons-material@7.2.0", "UID": "76fb075fccd08343", "BOMRef": "pkg:npm/%40mui/icons-material@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "create-collection-form@0.0.0", "mui-chips-input@7.0.1", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/material@5.17.1", "Name": "@mui/material", "Identifier": { "PURL": "pkg:npm/%40mui/material@5.17.1", "UID": "b7bb625718b6406b", "BOMRef": "pkg:npm/%40mui/material@5.17.1" }, "Version": "5.17.1", "Licenses": [ "MIT" ], "DependsOn": [ "@textea/json-viewer@2.17.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/material@7.2.0", "Name": "@mui/material", "Identifier": { "PURL": "pkg:npm/%40mui/material@7.2.0", "UID": "1731f464b1857c49", "BOMRef": "pkg:npm/%40mui/material@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/icons-material@7.2.0", "@mui/x-data-grid@7.29.8", "create-collection-form@0.0.0", "mui-chips-input@7.0.1", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/private-theming@5.17.1", "Name": "@mui/private-theming", "Identifier": { "PURL": "pkg:npm/%40mui/private-theming@5.17.1", "UID": "a54955392ec7715c", "BOMRef": "pkg:npm/%40mui/private-theming@5.17.1" }, "Version": "5.17.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/system@5.17.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/private-theming@7.2.0", "Name": "@mui/private-theming", "Identifier": { "PURL": "pkg:npm/%40mui/private-theming@7.2.0", "UID": "bd7f4af8798888ff", "BOMRef": "pkg:npm/%40mui/private-theming@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/system@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/styled-engine@5.16.14", "Name": "@mui/styled-engine", "Identifier": { "PURL": "pkg:npm/%40mui/styled-engine@5.16.14", "UID": "b54eee14a67977bc", "BOMRef": "pkg:npm/%40mui/styled-engine@5.16.14" }, "Version": "5.16.14", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/system@5.17.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/styled-engine@7.2.0", "Name": "@mui/styled-engine", "Identifier": { "PURL": "pkg:npm/%40mui/styled-engine@7.2.0", "UID": "7f1c8e06f7f31b52", "BOMRef": "pkg:npm/%40mui/styled-engine@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/system@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/system@5.17.1", "Name": "@mui/system", "Identifier": { "PURL": "pkg:npm/%40mui/system@5.17.1", "UID": "2651f91f13ac50d6", "BOMRef": "pkg:npm/%40mui/system@5.17.1" }, "Version": "5.17.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/system@7.2.0", "Name": "@mui/system", "Identifier": { "PURL": "pkg:npm/%40mui/system@7.2.0", "UID": "10a028bea8e6aeb3", "BOMRef": "pkg:npm/%40mui/system@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@7.2.0", "@mui/x-data-grid@7.29.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/types@7.2.24", "Name": "@mui/types", "Identifier": { "PURL": "pkg:npm/%40mui/types@7.2.24", "UID": "ba8e8b1017c1570f", "BOMRef": "pkg:npm/%40mui/types@7.2.24" }, "Version": "7.2.24", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/system@5.17.1", "@mui/utils@5.17.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/types@7.4.4", "Name": "@mui/types", "Identifier": { "PURL": "pkg:npm/%40mui/types@7.4.4", "UID": "8dc207eddd990739", "BOMRef": "pkg:npm/%40mui/types@7.4.4" }, "Version": "7.4.4", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@7.2.0", "@mui/system@7.2.0", "@mui/utils@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/utils@5.17.1", "Name": "@mui/utils", "Identifier": { "PURL": "pkg:npm/%40mui/utils@5.17.1", "UID": "89829368130bb9f0", "BOMRef": "pkg:npm/%40mui/utils@5.17.1" }, "Version": "5.17.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/private-theming@5.17.1", "@mui/system@5.17.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/utils@7.2.0", "Name": "@mui/utils", "Identifier": { "PURL": "pkg:npm/%40mui/utils@7.2.0", "UID": "788c6c4a12aa0103", "BOMRef": "pkg:npm/%40mui/utils@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@7.2.0", "@mui/private-theming@7.2.0", "@mui/system@7.2.0", "@mui/x-data-grid@7.29.8", "@mui/x-internals@7.29.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/x-data-grid@7.29.8", "Name": "@mui/x-data-grid", "Identifier": { "PURL": "pkg:npm/%40mui/x-data-grid@7.29.8", "UID": "62e5836a9cc2293d", "BOMRef": "pkg:npm/%40mui/x-data-grid@7.29.8" }, "Version": "7.29.8", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@mui/x-internals@7.29.0", "Name": "@mui/x-internals", "Identifier": { "PURL": "pkg:npm/%40mui/x-internals@7.29.0", "UID": "2acbcf48cee5ec60", "BOMRef": "pkg:npm/%40mui/x-internals@7.29.0" }, "Version": "7.29.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/x-data-grid@7.29.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@nodelib/fs.scandir@2.1.5", "Name": "@nodelib/fs.scandir", "Identifier": { "PURL": "pkg:npm/%40nodelib/fs.scandir@2.1.5", "UID": "a4eee23f61b937ff", "BOMRef": "pkg:npm/%40nodelib/fs.scandir@2.1.5" }, "Version": "2.1.5", "Licenses": [ "MIT" ], "DependsOn": [ "@nodelib/fs.walk@1.2.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@nodelib/fs.stat@2.0.5", "Name": "@nodelib/fs.stat", "Identifier": { "PURL": "pkg:npm/%40nodelib/fs.stat@2.0.5", "UID": "d9a4469c97acbcb2", "BOMRef": "pkg:npm/%40nodelib/fs.stat@2.0.5" }, "Version": "2.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "@nodelib/fs.scandir@2.1.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@nodelib/fs.walk@1.2.8", "Name": "@nodelib/fs.walk", "Identifier": { "PURL": "pkg:npm/%40nodelib/fs.walk@1.2.8", "UID": "f8d80a97f3a74d6c", "BOMRef": "pkg:npm/%40nodelib/fs.walk@1.2.8" }, "Version": "1.2.8", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@parcel/watcher@2.5.1", "Name": "@parcel/watcher", "Identifier": { "PURL": "pkg:npm/%40parcel/watcher@2.5.1", "UID": "83ac30288dbd9e81", "BOMRef": "pkg:npm/%40parcel/watcher@2.5.1" }, "Version": "2.5.1", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@popperjs/core@2.11.8", "Name": "@popperjs/core", "Identifier": { "PURL": "pkg:npm/%40popperjs/core@2.11.8", "UID": "38ad4b8526416fe9", "BOMRef": "pkg:npm/%40popperjs/core@2.11.8" }, "Version": "2.11.8", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@qdrant/js-client-rest@1.15.1", "Name": "@qdrant/js-client-rest", "Identifier": { "PURL": "pkg:npm/%40qdrant/js-client-rest@1.15.1", "UID": "89998259d1946c68", "BOMRef": "pkg:npm/%40qdrant/js-client-rest@1.15.1" }, "Version": "1.15.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@qdrant/openapi-typescript-fetch@1.2.6", "Name": "@qdrant/openapi-typescript-fetch", "Identifier": { "PURL": "pkg:npm/%40qdrant/openapi-typescript-fetch@1.2.6", "UID": "ce74f3e7d3cec746", "BOMRef": "pkg:npm/%40qdrant/openapi-typescript-fetch@1.2.6" }, "Version": "1.2.6", "Licenses": [ "MIT" ], "DependsOn": [ "@qdrant/js-client-rest@1.15.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@remix-run/router@1.23.0", "Name": "@remix-run/router", "Identifier": { "PURL": "pkg:npm/%40remix-run/router@1.23.0", "UID": "63f70bfe982681d9", "BOMRef": "pkg:npm/%40remix-run/router@1.23.0" }, "Version": "1.23.0", "Licenses": [ "MIT" ], "DependsOn": [ "react-router-dom@6.30.1", "react-router@6.30.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@rolldown/pluginutils@1.0.0-beta.19", "Name": "@rolldown/pluginutils", "Identifier": { "PURL": "pkg:npm/%40rolldown/pluginutils@1.0.0-beta.19", "UID": "618e70865245b545", "BOMRef": "pkg:npm/%40rolldown/pluginutils@1.0.0-beta.19" }, "Version": "1.0.0-beta.19", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@rollup/pluginutils@4.2.1", "Name": "@rollup/pluginutils", "Identifier": { "PURL": "pkg:npm/%40rollup/pluginutils@4.2.1", "UID": "e48053b54db6a2b3", "BOMRef": "pkg:npm/%40rollup/pluginutils@4.2.1" }, "Version": "4.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "vite-plugin-eslint@1.8.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@rollup/pluginutils@5.2.0", "Name": "@rollup/pluginutils", "Identifier": { "PURL": "pkg:npm/%40rollup/pluginutils@5.2.0", "UID": "61244ea26a6740c8", "BOMRef": "pkg:npm/%40rollup/pluginutils@5.2.0" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/rollup@2.3.0", "vite-plugin-svgr@4.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@rollup/rollup-linux-x64-gnu@4.44.2", "Name": "@rollup/rollup-linux-x64-gnu", "Identifier": { "PURL": "pkg:npm/%40rollup/rollup-linux-x64-gnu@4.44.2", "UID": "fd3dfb016e20a428", "BOMRef": "pkg:npm/%40rollup/rollup-linux-x64-gnu@4.44.2" }, "Version": "4.44.2", "Licenses": [ "MIT" ], "DependsOn": [ "rollup@4.44.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@rollup/rollup-linux-x64-gnu@4.52.4", "Name": "@rollup/rollup-linux-x64-gnu", "Identifier": { "PURL": "pkg:npm/%40rollup/rollup-linux-x64-gnu@4.52.4", "UID": "3a225c964e035f51", "BOMRef": "pkg:npm/%40rollup/rollup-linux-x64-gnu@4.52.4" }, "Version": "4.52.4", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@rollup/rollup-linux-x64-musl@4.44.2", "Name": "@rollup/rollup-linux-x64-musl", "Identifier": { "PURL": "pkg:npm/%40rollup/rollup-linux-x64-musl@4.44.2", "UID": "e29d9d14a2de9276", "BOMRef": "pkg:npm/%40rollup/rollup-linux-x64-musl@4.44.2" }, "Version": "4.44.2", "Licenses": [ "MIT" ], "DependsOn": [ "rollup@4.44.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@saehrimnir/druidjs@0.6.3", "Name": "@saehrimnir/druidjs", "Identifier": { "PURL": "pkg:npm/%40saehrimnir/druidjs@0.6.3", "UID": "15ac8f019f38ef6e", "BOMRef": "pkg:npm/%40saehrimnir/druidjs@0.6.3" }, "Version": "0.6.3", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@sevinf/maybe@0.5.0", "Name": "@sevinf/maybe", "Identifier": { "PURL": "pkg:npm/%40sevinf/maybe@0.5.0", "UID": "df0b4859e0c1e1f3", "BOMRef": "pkg:npm/%40sevinf/maybe@0.5.0" }, "Version": "0.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "@qdrant/js-client-rest@1.15.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@sinclair/typebox@0.34.37", "Name": "@sinclair/typebox", "Identifier": { "PURL": "pkg:npm/%40sinclair/typebox@0.34.37", "UID": "65aaf26c47a8d24c", "BOMRef": "pkg:npm/%40sinclair/typebox@0.34.37" }, "Version": "0.34.37", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/schemas@30.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/babel-plugin-add-jsx-attribute@8.0.0", "Name": "@svgr/babel-plugin-add-jsx-attribute", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-add-jsx-attribute@8.0.0", "UID": "7b14870f24880d9a", "BOMRef": "pkg:npm/%40svgr/babel-plugin-add-jsx-attribute@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/babel-plugin-remove-jsx-attribute@8.0.0", "Name": "@svgr/babel-plugin-remove-jsx-attribute", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-remove-jsx-attribute@8.0.0", "UID": "896d1bc1e42d7f", "BOMRef": "pkg:npm/%40svgr/babel-plugin-remove-jsx-attribute@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/babel-plugin-remove-jsx-empty-expression@8.0.0", "Name": "@svgr/babel-plugin-remove-jsx-empty-expression", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-remove-jsx-empty-expression@8.0.0", "UID": "994d048169e9d6a3", "BOMRef": "pkg:npm/%40svgr/babel-plugin-remove-jsx-empty-expression@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/babel-plugin-replace-jsx-attribute-value@8.0.0", "Name": "@svgr/babel-plugin-replace-jsx-attribute-value", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-replace-jsx-attribute-value@8.0.0", "UID": "5a0839dbfb7c8f5d", "BOMRef": "pkg:npm/%40svgr/babel-plugin-replace-jsx-attribute-value@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/babel-plugin-svg-dynamic-title@8.0.0", "Name": "@svgr/babel-plugin-svg-dynamic-title", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-svg-dynamic-title@8.0.0", "UID": "cbfdeb31153ed9a7", "BOMRef": "pkg:npm/%40svgr/babel-plugin-svg-dynamic-title@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/babel-plugin-svg-em-dimensions@8.0.0", "Name": "@svgr/babel-plugin-svg-em-dimensions", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-svg-em-dimensions@8.0.0", "UID": "2e86f2a8309b3575", "BOMRef": "pkg:npm/%40svgr/babel-plugin-svg-em-dimensions@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/babel-plugin-transform-react-native-svg@8.1.0", "Name": "@svgr/babel-plugin-transform-react-native-svg", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-transform-react-native-svg@8.1.0", "UID": "fbe7f903ccda4802", "BOMRef": "pkg:npm/%40svgr/babel-plugin-transform-react-native-svg@8.1.0" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/babel-plugin-transform-svg-component@8.0.0", "Name": "@svgr/babel-plugin-transform-svg-component", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-transform-svg-component@8.0.0", "UID": "a112ee90b7aa9a33", "BOMRef": "pkg:npm/%40svgr/babel-plugin-transform-svg-component@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/babel-preset@8.1.0", "Name": "@svgr/babel-preset", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-preset@8.1.0", "UID": "81498acdc8caf7c8", "BOMRef": "pkg:npm/%40svgr/babel-preset@8.1.0" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/core@8.1.0", "@svgr/plugin-jsx@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/core@8.1.0", "Name": "@svgr/core", "Identifier": { "PURL": "pkg:npm/%40svgr/core@8.1.0", "UID": "fe1ccbf9c9836ad4", "BOMRef": "pkg:npm/%40svgr/core@8.1.0" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/plugin-jsx@8.1.0", "vite-plugin-svgr@4.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/hast-util-to-babel-ast@8.0.0", "Name": "@svgr/hast-util-to-babel-ast", "Identifier": { "PURL": "pkg:npm/%40svgr/hast-util-to-babel-ast@8.0.0", "UID": "c4218f3305e87", "BOMRef": "pkg:npm/%40svgr/hast-util-to-babel-ast@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/plugin-jsx@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@svgr/plugin-jsx@8.1.0", "Name": "@svgr/plugin-jsx", "Identifier": { "PURL": "pkg:npm/%40svgr/plugin-jsx@8.1.0", "UID": "a5ecac51681fb550", "BOMRef": "pkg:npm/%40svgr/plugin-jsx@8.1.0" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "vite-plugin-svgr@4.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@tailwindcss/cli@4.1.11", "Name": "@tailwindcss/cli", "Identifier": { "PURL": "pkg:npm/%40tailwindcss/cli@4.1.11", "UID": "17bc6e438452d42d", "BOMRef": "pkg:npm/%40tailwindcss/cli@4.1.11" }, "Version": "4.1.11", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/components@0.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@tailwindcss/node@4.1.11", "Name": "@tailwindcss/node", "Identifier": { "PURL": "pkg:npm/%40tailwindcss/node@4.1.11", "UID": "4c8d92e1dc0e9480", "BOMRef": "pkg:npm/%40tailwindcss/node@4.1.11" }, "Version": "4.1.11", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@tailwindcss/oxide@4.1.11", "Name": "@tailwindcss/oxide", "Identifier": { "PURL": "pkg:npm/%40tailwindcss/oxide@4.1.11", "UID": "931d0171d98c318b", "BOMRef": "pkg:npm/%40tailwindcss/oxide@4.1.11" }, "Version": "4.1.11", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@tailwindcss/oxide-linux-x64-gnu@4.1.11", "Name": "@tailwindcss/oxide-linux-x64-gnu", "Identifier": { "PURL": "pkg:npm/%40tailwindcss/oxide-linux-x64-gnu@4.1.11", "UID": "2765d04ed88d6ce8", "BOMRef": "pkg:npm/%40tailwindcss/oxide-linux-x64-gnu@4.1.11" }, "Version": "4.1.11", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/oxide@4.1.11" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@testing-library/dom@10.4.0", "Name": "@testing-library/dom", "Identifier": { "PURL": "pkg:npm/%40testing-library/dom@10.4.0", "UID": "4d8e2e2353514efd", "BOMRef": "pkg:npm/%40testing-library/dom@10.4.0" }, "Version": "10.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/user-event@13.5.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@testing-library/dom@8.20.1", "Name": "@testing-library/dom", "Identifier": { "PURL": "pkg:npm/%40testing-library/dom@8.20.1", "UID": "2743171f66f438eb", "BOMRef": "pkg:npm/%40testing-library/dom@8.20.1" }, "Version": "8.20.1", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/react@13.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@testing-library/jest-dom@5.17.0", "Name": "@testing-library/jest-dom", "Identifier": { "PURL": "pkg:npm/%40testing-library/jest-dom@5.17.0", "UID": "993c5ba743fbd325", "BOMRef": "pkg:npm/%40testing-library/jest-dom@5.17.0" }, "Version": "5.17.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@testing-library/react@13.4.0", "Name": "@testing-library/react", "Identifier": { "PURL": "pkg:npm/%40testing-library/react@13.4.0", "UID": "90cf3ecb30cfdfc5", "BOMRef": "pkg:npm/%40testing-library/react@13.4.0" }, "Version": "13.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@testing-library/user-event@13.5.0", "Name": "@testing-library/user-event", "Identifier": { "PURL": "pkg:npm/%40testing-library/user-event@13.5.0", "UID": "239f0007010e1d88", "BOMRef": "pkg:npm/%40testing-library/user-event@13.5.0" }, "Version": "13.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@textea/json-viewer@2.17.2", "Name": "@textea/json-viewer", "Identifier": { "PURL": "pkg:npm/%40textea/json-viewer@2.17.2", "UID": "1d486896a90d0015", "BOMRef": "pkg:npm/%40textea/json-viewer@2.17.2" }, "Version": "2.17.2", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@tootallnate/once@2.0.0", "Name": "@tootallnate/once", "Identifier": { "PURL": "pkg:npm/%40tootallnate/once@2.0.0", "UID": "4353fd8b939add18", "BOMRef": "pkg:npm/%40tootallnate/once@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "http-proxy-agent@5.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@transloadit/prettier-bytes@0.3.5", "Name": "@transloadit/prettier-bytes", "Identifier": { "PURL": "pkg:npm/%40transloadit/prettier-bytes@0.3.5", "UID": "fb02e5b338bac6c8", "BOMRef": "pkg:npm/%40transloadit/prettier-bytes@0.3.5" }, "Version": "0.3.5", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/core@4.4.7", "@uppy/dashboard@4.3.4", "@uppy/status-bar@4.1.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@tweenjs/tween.js@25.0.0", "Name": "@tweenjs/tween.js", "Identifier": { "PURL": "pkg:npm/%40tweenjs/tween.js@25.0.0", "UID": "1174eafff27fab4b", "BOMRef": "pkg:npm/%40tweenjs/tween.js@25.0.0" }, "Version": "25.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/acorn@4.0.6", "Name": "@types/acorn", "Identifier": { "PURL": "pkg:npm/%40types/acorn@4.0.6", "UID": "692d61e9e110698f", "BOMRef": "pkg:npm/%40types/acorn@4.0.6" }, "Version": "4.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdx-jsx@1.0.5", "micromark-util-events-to-acorn@1.2.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/aria-query@5.0.4", "Name": "@types/aria-query", "Identifier": { "PURL": "pkg:npm/%40types/aria-query@5.0.4", "UID": "96fe98d0ed51cbc3", "BOMRef": "pkg:npm/%40types/aria-query@5.0.4" }, "Version": "5.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/babel__core@7.20.5", "Name": "@types/babel__core", "Identifier": { "PURL": "pkg:npm/%40types/babel__core@7.20.5", "UID": "ceba9bdc8bd9e81b", "BOMRef": "pkg:npm/%40types/babel__core@7.20.5" }, "Version": "7.20.5", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/babel__generator@7.27.0", "Name": "@types/babel__generator", "Identifier": { "PURL": "pkg:npm/%40types/babel__generator@7.27.0", "UID": "cdb3140dcadb6378", "BOMRef": "pkg:npm/%40types/babel__generator@7.27.0" }, "Version": "7.27.0", "Licenses": [ "MIT" ], "DependsOn": [ "@types/babel__core@7.20.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/babel__template@7.4.4", "Name": "@types/babel__template", "Identifier": { "PURL": "pkg:npm/%40types/babel__template@7.4.4", "UID": "87335dd96e32b039", "BOMRef": "pkg:npm/%40types/babel__template@7.4.4" }, "Version": "7.4.4", "Licenses": [ "MIT" ], "DependsOn": [ "@types/babel__core@7.20.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/babel__traverse@7.20.7", "Name": "@types/babel__traverse", "Identifier": { "PURL": "pkg:npm/%40types/babel__traverse@7.20.7", "UID": "a35b969b9b364dda", "BOMRef": "pkg:npm/%40types/babel__traverse@7.20.7" }, "Version": "7.20.7", "Licenses": [ "MIT" ], "DependsOn": [ "@types/babel__core@7.20.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/chai@5.2.2", "Name": "@types/chai", "Identifier": { "PURL": "pkg:npm/%40types/chai@5.2.2", "UID": "fa83e76f7ef99edb", "BOMRef": "pkg:npm/%40types/chai@5.2.2" }, "Version": "5.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/expect@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/debug@4.1.12", "Name": "@types/debug", "Identifier": { "PURL": "pkg:npm/%40types/debug@4.1.12", "UID": "b2f40928b7c9a8a3", "BOMRef": "pkg:npm/%40types/debug@4.1.12" }, "Version": "4.1.12", "Licenses": [ "MIT" ], "DependsOn": [ "micromark@3.2.0", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/deep-eql@4.0.2", "Name": "@types/deep-eql", "Identifier": { "PURL": "pkg:npm/%40types/deep-eql@4.0.2", "UID": "90d48e06851c8e48", "BOMRef": "pkg:npm/%40types/deep-eql@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "@types/chai@5.2.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/eslint@8.56.12", "Name": "@types/eslint", "Identifier": { "PURL": "pkg:npm/%40types/eslint@8.56.12", "UID": "f9d5f433973c8605", "BOMRef": "pkg:npm/%40types/eslint@8.56.12" }, "Version": "8.56.12", "Licenses": [ "MIT" ], "DependsOn": [ "vite-plugin-eslint@1.8.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/estree@1.0.8", "Name": "@types/estree", "Identifier": { "PURL": "pkg:npm/%40types/estree@1.0.8", "UID": "b72feb1a94b7670d", "BOMRef": "pkg:npm/%40types/estree@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "@rollup/pluginutils@5.2.0", "@types/acorn@4.0.6", "@types/eslint@8.56.12", "@types/estree-jsx@1.0.5", "estree-util-attach-comments@2.1.1", "estree-walker@3.0.3", "hast-util-to-estree@2.3.3", "is-reference@3.0.3", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-mdx-expression@1.0.9", "micromark-util-events-to-acorn@1.2.3", "periscopic@3.1.0", "rollup@4.44.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/estree-jsx@1.0.5", "Name": "@types/estree-jsx", "Identifier": { "PURL": "pkg:npm/%40types/estree-jsx@1.0.5", "UID": "ebd0ee165cc697e6", "BOMRef": "pkg:npm/%40types/estree-jsx@1.0.5" }, "Version": "1.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "estree-util-build-jsx@2.2.2", "estree-util-to-js@1.2.0", "estree-util-visit@1.2.1", "hast-util-to-estree@2.3.3", "mdast-util-mdx-expression@1.3.2", "mdast-util-mdx-jsx@2.1.4", "mdast-util-mdxjs-esm@1.3.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/hast@2.3.10", "Name": "@types/hast", "Identifier": { "PURL": "pkg:npm/%40types/hast@2.3.10", "UID": "55f00299dc2642ef", "BOMRef": "pkg:npm/%40types/hast@2.3.10" }, "Version": "2.3.10", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3", "mdast-util-mdx-expression@1.3.2", "mdast-util-mdx-jsx@2.1.4", "mdast-util-mdxjs-esm@1.3.1", "mdast-util-to-hast@12.3.0", "remark-rehype@10.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/istanbul-lib-coverage@2.0.6", "Name": "@types/istanbul-lib-coverage", "Identifier": { "PURL": "pkg:npm/%40types/istanbul-lib-coverage@2.0.6", "UID": "6bb6c05956015390", "BOMRef": "pkg:npm/%40types/istanbul-lib-coverage@2.0.6" }, "Version": "2.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/types@30.0.1", "@types/istanbul-lib-report@3.0.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/istanbul-lib-report@3.0.3", "Name": "@types/istanbul-lib-report", "Identifier": { "PURL": "pkg:npm/%40types/istanbul-lib-report@3.0.3", "UID": "b3d92dc68dedf3a1", "BOMRef": "pkg:npm/%40types/istanbul-lib-report@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@types/istanbul-reports@3.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/istanbul-reports@3.0.4", "Name": "@types/istanbul-reports", "Identifier": { "PURL": "pkg:npm/%40types/istanbul-reports@3.0.4", "UID": "a78b3e803ed160ea", "BOMRef": "pkg:npm/%40types/istanbul-reports@3.0.4" }, "Version": "3.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/types@30.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/jest@30.0.0", "Name": "@types/jest", "Identifier": { "PURL": "pkg:npm/%40types/jest@30.0.0", "UID": "e79b622bd54ac9f3", "BOMRef": "pkg:npm/%40types/jest@30.0.0" }, "Version": "30.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@types/testing-library__jest-dom@5.14.9" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/json-schema@7.0.15", "Name": "@types/json-schema", "Identifier": { "PURL": "pkg:npm/%40types/json-schema@7.0.15", "UID": "871c76b286291706", "BOMRef": "pkg:npm/%40types/json-schema@7.0.15" }, "Version": "7.0.15", "Licenses": [ "MIT" ], "DependsOn": [ "@types/eslint@8.56.12" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/mdast@3.0.15", "Name": "@types/mdast", "Identifier": { "PURL": "pkg:npm/%40types/mdast@3.0.15", "UID": "2fe3c9079236d6fc", "BOMRef": "pkg:npm/%40types/mdast@3.0.15" }, "Version": "3.0.15", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-definitions@5.1.2", "mdast-util-from-markdown@1.3.1", "mdast-util-mdx-expression@1.3.2", "mdast-util-mdx-jsx@2.1.4", "mdast-util-mdxjs-esm@1.3.1", "mdast-util-phrasing@3.0.1", "mdast-util-to-hast@12.3.0", "mdast-util-to-markdown@1.5.0", "mdast-util-to-string@3.2.0", "remark-parse@10.0.2", "remark-rehype@10.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/mdx@2.0.13", "Name": "@types/mdx", "Identifier": { "PURL": "pkg:npm/%40types/mdx@2.0.13", "UID": "1f6c94de9d9db87e", "BOMRef": "pkg:npm/%40types/mdx@2.0.13" }, "Version": "2.0.13", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "@mdx-js/react@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/ms@2.1.0", "Name": "@types/ms", "Identifier": { "PURL": "pkg:npm/%40types/ms@2.1.0", "UID": "a866d4ac609f7ba9", "BOMRef": "pkg:npm/%40types/ms@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@types/debug@4.1.12" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/node@24.0.10", "Name": "@types/node", "Identifier": { "PURL": "pkg:npm/%40types/node@24.0.10", "UID": "e214a7f00a532d42", "BOMRef": "pkg:npm/%40types/node@24.0.10" }, "Version": "24.0.10", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/pattern@30.0.1", "@jest/types@30.0.1", "jest-mock@30.0.2", "jest-util@30.0.2", "vite@6.4.1", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/parse-json@4.0.2", "Name": "@types/parse-json", "Identifier": { "PURL": "pkg:npm/%40types/parse-json@4.0.2", "UID": "838e2a8e6a576ebe", "BOMRef": "pkg:npm/%40types/parse-json@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "cosmiconfig@7.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/prismjs@1.26.5", "Name": "@types/prismjs", "Identifier": { "PURL": "pkg:npm/%40types/prismjs@1.26.5", "UID": "d28735d815fa3d99", "BOMRef": "pkg:npm/%40types/prismjs@1.26.5" }, "Version": "1.26.5", "Licenses": [ "MIT" ], "DependsOn": [ "prism-react-renderer@2.4.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/prop-types@15.7.15", "Name": "@types/prop-types", "Identifier": { "PURL": "pkg:npm/%40types/prop-types@15.7.15", "UID": "f7b6804af5c60eda", "BOMRef": "pkg:npm/%40types/prop-types@15.7.15" }, "Version": "15.7.15", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@types/react@18.3.23" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/react@18.3.23", "Name": "@types/react", "Identifier": { "PURL": "pkg:npm/%40types/react@18.3.23", "UID": "91457c71c5d3665e", "BOMRef": "pkg:npm/%40types/react@18.3.23" }, "Version": "18.3.23", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/react@2.3.0", "@mui/icons-material@7.2.0", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/private-theming@5.17.1", "@mui/private-theming@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/types@7.2.24", "@mui/types@7.4.4", "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@types/react-dom@18.3.7", "@types/react-transition-group@4.4.12", "mui-chips-input@7.0.1", "react-archer@4.4.0", "zustand@4.5.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/react-dom@18.3.7", "Name": "@types/react-dom", "Identifier": { "PURL": "pkg:npm/%40types/react-dom@18.3.7", "UID": "e38751841061be1", "BOMRef": "pkg:npm/%40types/react-dom@18.3.7" }, "Version": "18.3.7", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/react@13.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/react-transition-group@4.4.12", "Name": "@types/react-transition-group", "Identifier": { "PURL": "pkg:npm/%40types/react-transition-group@4.4.12", "UID": "6cf47f0db05cd770", "BOMRef": "pkg:npm/%40types/react-transition-group@4.4.12" }, "Version": "4.4.12", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/retry@0.12.2", "Name": "@types/retry", "Identifier": { "PURL": "pkg:npm/%40types/retry@0.12.2", "UID": "48a4172a499a3930", "BOMRef": "pkg:npm/%40types/retry@0.12.2" }, "Version": "0.12.2", "Licenses": [ "MIT" ], "DependsOn": [ "p-retry@6.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/stack-utils@2.0.3", "Name": "@types/stack-utils", "Identifier": { "PURL": "pkg:npm/%40types/stack-utils@2.0.3", "UID": "5fa52236c0c66818", "BOMRef": "pkg:npm/%40types/stack-utils@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "jest-message-util@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/testing-library__jest-dom@5.14.9", "Name": "@types/testing-library__jest-dom", "Identifier": { "PURL": "pkg:npm/%40types/testing-library__jest-dom@5.14.9", "UID": "96d7350b9bdfec28", "BOMRef": "pkg:npm/%40types/testing-library__jest-dom@5.14.9" }, "Version": "5.14.9", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/unist@2.0.11", "Name": "@types/unist", "Identifier": { "PURL": "pkg:npm/%40types/unist@2.0.11", "UID": "6827a47e8de9b60f", "BOMRef": "pkg:npm/%40types/unist@2.0.11" }, "Version": "2.0.11", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "@types/hast@2.3.10", "@types/mdast@3.0.15", "estree-util-visit@1.2.1", "hast-util-to-estree@2.3.3", "mdast-util-definitions@5.1.2", "mdast-util-from-markdown@1.3.1", "mdast-util-mdx-jsx@2.1.4", "mdast-util-to-markdown@1.5.0", "micromark-util-events-to-acorn@1.2.3", "parse-entities@4.0.2", "unified@10.1.2", "unist-util-is@5.2.1", "unist-util-position-from-estree@1.1.2", "unist-util-position@4.0.4", "unist-util-remove-position@4.0.2", "unist-util-stringify-position@3.0.3", "vfile-message@3.1.4", "vfile@5.3.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/unist@3.0.3", "Name": "@types/unist", "Identifier": { "PURL": "pkg:npm/%40types/unist@3.0.3", "UID": "6c0090525773fe6f", "BOMRef": "6c3a20c9-182b-4175-9db1-b1a609aa936d" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-is@6.0.0", "unist-util-is@6.0.0", "unist-util-visit-parents@6.0.1", "unist-util-visit@5.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/unist@3.0.3", "Name": "@types/unist", "Identifier": { "PURL": "pkg:npm/%40types/unist@3.0.3", "UID": "ac000d3ea30efc32", "BOMRef": "77d638e1-6a7c-4677-8f5b-96658e153424" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/yargs@17.0.33", "Name": "@types/yargs", "Identifier": { "PURL": "pkg:npm/%40types/yargs@17.0.33", "UID": "cfd450e605ca99e8", "BOMRef": "pkg:npm/%40types/yargs@17.0.33" }, "Version": "17.0.33", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/types@30.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@types/yargs-parser@21.0.3", "Name": "@types/yargs-parser", "Identifier": { "PURL": "pkg:npm/%40types/yargs-parser@21.0.3", "UID": "da5cd072fdfcf805", "BOMRef": "pkg:npm/%40types/yargs-parser@21.0.3" }, "Version": "21.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@types/yargs@17.0.33" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@ungap/structured-clone@1.3.0", "Name": "@ungap/structured-clone", "Identifier": { "PURL": "pkg:npm/%40ungap/structured-clone@1.3.0", "UID": "c319a5e6f35e4166", "BOMRef": "pkg:npm/%40ungap/structured-clone@1.3.0" }, "Version": "1.3.0", "Licenses": [ "ISC" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/companion-client@4.4.2", "Name": "@uppy/companion-client", "Identifier": { "PURL": "pkg:npm/%40uppy/companion-client@4.4.2", "UID": "657c151187639a52", "BOMRef": "pkg:npm/%40uppy/companion-client@4.4.2" }, "Version": "4.4.2", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/xhr-upload@4.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/components@0.2.0", "Name": "@uppy/components", "Identifier": { "PURL": "pkg:npm/%40uppy/components@0.2.0", "UID": "67a7ea1f13f9ae34", "BOMRef": "pkg:npm/%40uppy/components@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/react@4.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/core@4.4.7", "Name": "@uppy/core", "Identifier": { "PURL": "pkg:npm/%40uppy/core@4.4.7", "UID": "5ede20510192002c", "BOMRef": "pkg:npm/%40uppy/core@4.4.7" }, "Version": "4.4.7", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/companion-client@4.4.2", "@uppy/components@0.2.0", "@uppy/dashboard@4.3.4", "@uppy/drag-drop@4.1.3", "@uppy/informer@4.2.1", "@uppy/progress-bar@4.2.1", "@uppy/provider-views@4.4.5", "@uppy/react@4.4.0", "@uppy/status-bar@4.1.3", "@uppy/thumbnail-generator@4.1.1", "@uppy/xhr-upload@4.3.3", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/dashboard@4.3.4", "Name": "@uppy/dashboard", "Identifier": { "PURL": "pkg:npm/%40uppy/dashboard@4.3.4", "UID": "4db2a44cf467c9d", "BOMRef": "pkg:npm/%40uppy/dashboard@4.3.4" }, "Version": "4.3.4", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/react@4.4.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/drag-drop@4.1.3", "Name": "@uppy/drag-drop", "Identifier": { "PURL": "pkg:npm/%40uppy/drag-drop@4.1.3", "UID": "2ec136f782552c38", "BOMRef": "pkg:npm/%40uppy/drag-drop@4.1.3" }, "Version": "4.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/react@4.4.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/informer@4.2.1", "Name": "@uppy/informer", "Identifier": { "PURL": "pkg:npm/%40uppy/informer@4.2.1", "UID": "3d6822ab32e77356", "BOMRef": "pkg:npm/%40uppy/informer@4.2.1" }, "Version": "4.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/progress-bar@4.2.1", "Name": "@uppy/progress-bar", "Identifier": { "PURL": "pkg:npm/%40uppy/progress-bar@4.2.1", "UID": "7dcad4abe632878b", "BOMRef": "pkg:npm/%40uppy/progress-bar@4.2.1" }, "Version": "4.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/react@4.4.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/provider-views@4.4.5", "Name": "@uppy/provider-views", "Identifier": { "PURL": "pkg:npm/%40uppy/provider-views@4.4.5", "UID": "1e0a0a7369b631a6", "BOMRef": "pkg:npm/%40uppy/provider-views@4.4.5" }, "Version": "4.4.5", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/react@4.4.0", "Name": "@uppy/react", "Identifier": { "PURL": "pkg:npm/%40uppy/react@4.4.0", "UID": "a4cbcaf131d4cebf", "BOMRef": "pkg:npm/%40uppy/react@4.4.0" }, "Version": "4.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/status-bar@4.1.3", "Name": "@uppy/status-bar", "Identifier": { "PURL": "pkg:npm/%40uppy/status-bar@4.1.3", "UID": "a5f3e2d5e00452e1", "BOMRef": "pkg:npm/%40uppy/status-bar@4.1.3" }, "Version": "4.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4", "@uppy/react@4.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/store-default@4.2.0", "Name": "@uppy/store-default", "Identifier": { "PURL": "pkg:npm/%40uppy/store-default@4.2.0", "UID": "51a6b49b453a51ff", "BOMRef": "pkg:npm/%40uppy/store-default@4.2.0" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/core@4.4.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/thumbnail-generator@4.1.1", "Name": "@uppy/thumbnail-generator", "Identifier": { "PURL": "pkg:npm/%40uppy/thumbnail-generator@4.1.1", "UID": "b6f92668b2f730b8", "BOMRef": "pkg:npm/%40uppy/thumbnail-generator@4.1.1" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/utils@6.1.5", "Name": "@uppy/utils", "Identifier": { "PURL": "pkg:npm/%40uppy/utils@6.1.5", "UID": "860b9bedd92db776", "BOMRef": "pkg:npm/%40uppy/utils@6.1.5" }, "Version": "6.1.5", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/companion-client@4.4.2", "@uppy/core@4.4.7", "@uppy/dashboard@4.3.4", "@uppy/drag-drop@4.1.3", "@uppy/informer@4.2.1", "@uppy/progress-bar@4.2.1", "@uppy/provider-views@4.4.5", "@uppy/react@4.4.0", "@uppy/status-bar@4.1.3", "@uppy/thumbnail-generator@4.1.1", "@uppy/xhr-upload@4.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@uppy/xhr-upload@4.3.3", "Name": "@uppy/xhr-upload", "Identifier": { "PURL": "pkg:npm/%40uppy/xhr-upload@4.3.3", "UID": "199a023e5562f04b", "BOMRef": "pkg:npm/%40uppy/xhr-upload@4.3.3" }, "Version": "4.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@vitejs/plugin-react@4.6.0", "Name": "@vitejs/plugin-react", "Identifier": { "PURL": "pkg:npm/%40vitejs/plugin-react@4.6.0", "UID": "48aa269e65355d05", "BOMRef": "pkg:npm/%40vitejs/plugin-react@4.6.0" }, "Version": "4.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@vitest/expect@3.2.4", "Name": "@vitest/expect", "Identifier": { "PURL": "pkg:npm/%40vitest/expect@3.2.4", "UID": "15d7fd2469a3901", "BOMRef": "pkg:npm/%40vitest/expect@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@vitest/mocker@3.2.4", "Name": "@vitest/mocker", "Identifier": { "PURL": "pkg:npm/%40vitest/mocker@3.2.4", "UID": "d5be67865f7c4517", "BOMRef": "pkg:npm/%40vitest/mocker@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@vitest/pretty-format@3.2.4", "Name": "@vitest/pretty-format", "Identifier": { "PURL": "pkg:npm/%40vitest/pretty-format@3.2.4", "UID": "e04034ea41ac7089", "BOMRef": "pkg:npm/%40vitest/pretty-format@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/snapshot@3.2.4", "@vitest/utils@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@vitest/runner@3.2.4", "Name": "@vitest/runner", "Identifier": { "PURL": "pkg:npm/%40vitest/runner@3.2.4", "UID": "97f3c5647b097068", "BOMRef": "pkg:npm/%40vitest/runner@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@vitest/snapshot@3.2.4", "Name": "@vitest/snapshot", "Identifier": { "PURL": "pkg:npm/%40vitest/snapshot@3.2.4", "UID": "6c07bf7a77a68627", "BOMRef": "pkg:npm/%40vitest/snapshot@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@vitest/spy@3.2.4", "Name": "@vitest/spy", "Identifier": { "PURL": "pkg:npm/%40vitest/spy@3.2.4", "UID": "110b2871549488fe", "BOMRef": "pkg:npm/%40vitest/spy@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/expect@3.2.4", "@vitest/mocker@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@vitest/utils@3.2.4", "Name": "@vitest/utils", "Identifier": { "PURL": "pkg:npm/%40vitest/utils@3.2.4", "UID": "cec6897292e8d08e", "BOMRef": "pkg:npm/%40vitest/utils@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/expect@3.2.4", "@vitest/runner@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "@webcam/core@1.0.1", "Name": "@webcam/core", "Identifier": { "PURL": "pkg:npm/%40webcam/core@1.0.1", "UID": "3ecba81fc66d7b99", "BOMRef": "pkg:npm/%40webcam/core@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/components@0.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "abab@2.0.6", "Name": "abab", "Identifier": { "PURL": "pkg:npm/abab@2.0.6", "UID": "e649d819a5d929c9", "BOMRef": "pkg:npm/abab@2.0.6" }, "Version": "2.0.6", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "data-urls@4.0.0", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "accessor-fn@1.5.3", "Name": "accessor-fn", "Identifier": { "PURL": "pkg:npm/accessor-fn@1.5.3", "UID": "ce5afa68785fa965", "BOMRef": "pkg:npm/accessor-fn@1.5.3" }, "Version": "1.5.3", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "acorn@8.15.0", "Name": "acorn", "Identifier": { "PURL": "pkg:npm/acorn@8.15.0", "UID": "16389353b8c6d3f7", "BOMRef": "pkg:npm/acorn@8.15.0" }, "Version": "8.15.0", "Licenses": [ "MIT" ], "DependsOn": [ "acorn-jsx@5.3.2", "espree@9.6.1", "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "acorn-jsx@5.3.2", "Name": "acorn-jsx", "Identifier": { "PURL": "pkg:npm/acorn-jsx@5.3.2", "UID": "9a2da36cbb06173d", "BOMRef": "pkg:npm/acorn-jsx@5.3.2" }, "Version": "5.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "espree@9.6.1", "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "agent-base@6.0.2", "Name": "agent-base", "Identifier": { "PURL": "pkg:npm/agent-base@6.0.2", "UID": "49f2a6586d9ed185", "BOMRef": "pkg:npm/agent-base@6.0.2" }, "Version": "6.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "http-proxy-agent@5.0.0", "https-proxy-agent@5.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ajv@6.12.6", "Name": "ajv", "Identifier": { "PURL": "pkg:npm/ajv@6.12.6", "UID": "c9e63e342e120617", "BOMRef": "pkg:npm/ajv@6.12.6" }, "Version": "6.12.6", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ansi-regex@5.0.1", "Name": "ansi-regex", "Identifier": { "PURL": "pkg:npm/ansi-regex@5.0.1", "UID": "dcc0d9ce3b959dbe", "BOMRef": "pkg:npm/ansi-regex@5.0.1" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "pretty-format@27.5.1", "strip-ansi@6.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ansi-styles@4.3.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@4.3.0", "UID": "fbd27bc7ea76d8cc", "BOMRef": "pkg:npm/ansi-styles@4.3.0" }, "Version": "4.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "chalk@3.0.0", "chalk@4.1.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ansi-styles@5.2.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@5.2.0", "UID": "2b5a77b9174a6819", "BOMRef": "7723f2b1-d209-4cfe-88aa-2ad89ef7dbd2" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ansi-styles@5.2.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@5.2.0", "UID": "1493e62051d39ad3", "BOMRef": "ca9ce7cf-4188-4b5f-8808-02520bd8d2d2" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ansi-styles@5.2.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@5.2.0", "UID": "d3f7b8dcab6bae8c", "BOMRef": "4ec343c9-f11a-4621-aa57-f9b42b5a6144" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ansi-styles@5.2.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@5.2.0", "UID": "57cfd4500183490a", "BOMRef": "bbfa55bc-a206-4dd2-89bd-63737322af64" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ansi-styles@5.2.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@5.2.0", "UID": "d569147d5e9cd8f6", "BOMRef": "306dceff-746c-46fd-8897-0b8dafb96bf9" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@27.5.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "argparse@2.0.1", "Name": "argparse", "Identifier": { "PURL": "pkg:npm/argparse@2.0.1", "UID": "3305e9341cd0659f", "BOMRef": "pkg:npm/argparse@2.0.1" }, "Version": "2.0.1", "Licenses": [ "Python-2.0" ], "DependsOn": [ "js-yaml@4.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "aria-query@5.1.3", "Name": "aria-query", "Identifier": { "PURL": "pkg:npm/aria-query@5.1.3", "UID": "93c3811233808660", "BOMRef": "pkg:npm/aria-query@5.1.3" }, "Version": "5.1.3", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@testing-library/dom@8.20.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "aria-query@5.3.0", "Name": "aria-query", "Identifier": { "PURL": "pkg:npm/aria-query@5.3.0", "UID": "ae0b05a2e2153db9", "BOMRef": "pkg:npm/aria-query@5.3.0" }, "Version": "5.3.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@testing-library/dom@10.4.0", "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "array-buffer-byte-length@1.0.2", "Name": "array-buffer-byte-length", "Identifier": { "PURL": "pkg:npm/array-buffer-byte-length@1.0.2", "UID": "446bc03c9584f7fa", "BOMRef": "pkg:npm/array-buffer-byte-length@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "arraybuffer.prototype.slice@1.0.4", "deep-equal@2.2.3", "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "array-includes@3.1.9", "Name": "array-includes", "Identifier": { "PURL": "pkg:npm/array-includes@3.1.9", "UID": "94a273c3c46d6f54", "BOMRef": "pkg:npm/array-includes@3.1.9" }, "Version": "3.1.9", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5", "jsx-ast-utils@3.3.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "array.prototype.findlast@1.2.5", "Name": "array.prototype.findlast", "Identifier": { "PURL": "pkg:npm/array.prototype.findlast@1.2.5", "UID": "60f42c442f5fbb51", "BOMRef": "pkg:npm/array.prototype.findlast@1.2.5" }, "Version": "1.2.5", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "array.prototype.flat@1.3.3", "Name": "array.prototype.flat", "Identifier": { "PURL": "pkg:npm/array.prototype.flat@1.3.3", "UID": "f4c8240b6ecbbbb1", "BOMRef": "pkg:npm/array.prototype.flat@1.3.3" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "jsx-ast-utils@3.3.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "array.prototype.flatmap@1.3.3", "Name": "array.prototype.flatmap", "Identifier": { "PURL": "pkg:npm/array.prototype.flatmap@1.3.3", "UID": "30621eea514dab1f", "BOMRef": "pkg:npm/array.prototype.flatmap@1.3.3" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "array.prototype.tosorted@1.1.4", "Name": "array.prototype.tosorted", "Identifier": { "PURL": "pkg:npm/array.prototype.tosorted@1.1.4", "UID": "fefe89fa000331ad", "BOMRef": "pkg:npm/array.prototype.tosorted@1.1.4" }, "Version": "1.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "arraybuffer.prototype.slice@1.0.4", "Name": "arraybuffer.prototype.slice", "Identifier": { "PURL": "pkg:npm/arraybuffer.prototype.slice@1.0.4", "UID": "eea6d239cd909914", "BOMRef": "pkg:npm/arraybuffer.prototype.slice@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "assertion-error@2.0.1", "Name": "assertion-error", "Identifier": { "PURL": "pkg:npm/assertion-error@2.0.1", "UID": "eda45aec89702d1", "BOMRef": "pkg:npm/assertion-error@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "chai@5.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "astring@1.9.0", "Name": "astring", "Identifier": { "PURL": "pkg:npm/astring@1.9.0", "UID": "139300e4a5b6daae", "BOMRef": "pkg:npm/astring@1.9.0" }, "Version": "1.9.0", "Licenses": [ "MIT" ], "DependsOn": [ "estree-util-to-js@1.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "async-function@1.0.0", "Name": "async-function", "Identifier": { "PURL": "pkg:npm/async-function@1.0.0", "UID": "27518d2aea5c6986", "BOMRef": "pkg:npm/async-function@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "is-async-function@2.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "asynckit@0.4.0", "Name": "asynckit", "Identifier": { "PURL": "pkg:npm/asynckit@0.4.0", "UID": "81fc8d96eb807869", "BOMRef": "pkg:npm/asynckit@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "form-data@4.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "autocomplete-openapi@0.1.6", "Name": "autocomplete-openapi", "Identifier": { "PURL": "pkg:npm/autocomplete-openapi@0.1.6", "UID": "e945c0b8177a2e46", "BOMRef": "pkg:npm/autocomplete-openapi@0.1.6" }, "Version": "0.1.6", "Licenses": [ "ISC" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "available-typed-arrays@1.0.7", "Name": "available-typed-arrays", "Identifier": { "PURL": "pkg:npm/available-typed-arrays@1.0.7", "UID": "4746b07e50e45985", "BOMRef": "pkg:npm/available-typed-arrays@1.0.7" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "typed-array-byte-offset@1.0.4", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "axios@1.12.2", "Name": "axios", "Identifier": { "PURL": "pkg:npm/axios@1.12.2", "UID": "b4456dd8fd957812", "BOMRef": "pkg:npm/axios@1.12.2" }, "Version": "1.12.2", "Licenses": [ "MIT" ], "DependsOn": [ "openapi-client-axios@7.6.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "babel-plugin-macros@3.1.0", "Name": "babel-plugin-macros", "Identifier": { "PURL": "pkg:npm/babel-plugin-macros@3.1.0", "UID": "10822cab2729ac89", "BOMRef": "pkg:npm/babel-plugin-macros@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "bail@2.0.2", "Name": "bail", "Identifier": { "PURL": "pkg:npm/bail@2.0.2", "UID": "b5f27792b67aed7d", "BOMRef": "pkg:npm/bail@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "unified@10.1.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "balanced-match@1.0.2", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@1.0.2", "UID": "cd451bd35d14d97b", "BOMRef": "pkg:npm/balanced-match@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "brace-expansion@1.1.12" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "bath-es5@3.0.3", "Name": "bath-es5", "Identifier": { "PURL": "pkg:npm/bath-es5@3.0.3", "UID": "7420aa594f69b8f6", "BOMRef": "pkg:npm/bath-es5@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "openapi-client-axios@7.6.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "bezier-js@6.1.4", "Name": "bezier-js", "Identifier": { "PURL": "pkg:npm/bezier-js@6.1.4", "UID": "8929406847463f9e", "BOMRef": "pkg:npm/bezier-js@6.1.4" }, "Version": "6.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "brace-expansion@1.1.12", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@1.1.12", "UID": "7aa13ca51d352d3c", "BOMRef": "pkg:npm/brace-expansion@1.1.12" }, "Version": "1.1.12", "Licenses": [ "MIT" ], "DependsOn": [ "minimatch@3.1.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "braces@3.0.3", "Name": "braces", "Identifier": { "PURL": "pkg:npm/braces@3.0.3", "UID": "f51c376472675e4c", "BOMRef": "pkg:npm/braces@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "micromatch@4.0.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "browserslist@4.25.1", "Name": "browserslist", "Identifier": { "PURL": "pkg:npm/browserslist@4.25.1", "UID": "7f751d99cb3386c3", "BOMRef": "pkg:npm/browserslist@4.25.1" }, "Version": "4.25.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/helper-compilation-targets@7.27.2", "update-browserslist-db@1.1.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "cac@6.7.14", "Name": "cac", "Identifier": { "PURL": "pkg:npm/cac@6.7.14", "UID": "8dfb2aeca5daa01a", "BOMRef": "pkg:npm/cac@6.7.14" }, "Version": "6.7.14", "Licenses": [ "MIT" ], "DependsOn": [ "vite-node@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "call-bind@1.0.8", "Name": "call-bind", "Identifier": { "PURL": "pkg:npm/call-bind@1.0.8", "UID": "d077ad2045825f7d", "BOMRef": "pkg:npm/call-bind@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "array.prototype.findlast@1.2.5", "array.prototype.flat@1.3.3", "array.prototype.flatmap@1.3.3", "array.prototype.tosorted@1.1.4", "arraybuffer.prototype.slice@1.0.4", "deep-equal@2.2.3", "es-abstract@1.24.0", "es-get-iterator@1.1.3", "es-iterator-helpers@1.2.1", "function.prototype.name@1.1.8", "is-array-buffer@3.0.5", "object-is@1.1.6", "object.assign@4.1.7", "object.entries@1.1.9", "object.fromentries@2.0.8", "object.values@1.2.1", "reflect.getprototypeof@1.0.10", "regexp.prototype.flags@1.5.4", "safe-array-concat@1.1.3", "string.prototype.matchall@4.0.12", "string.prototype.trim@1.2.10", "string.prototype.trimend@1.0.9", "string.prototype.trimstart@1.0.8", "typed-array-byte-length@1.0.3", "typed-array-byte-offset@1.0.4", "typed-array-length@1.0.7", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "call-bind-apply-helpers@1.0.2", "Name": "call-bind-apply-helpers", "Identifier": { "PURL": "pkg:npm/call-bind-apply-helpers@1.0.2", "UID": "fe1c86b4962e84c2", "BOMRef": "pkg:npm/call-bind-apply-helpers@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "call-bind@1.0.8", "call-bound@1.0.4", "dunder-proto@1.0.1", "get-intrinsic@1.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "call-bound@1.0.4", "Name": "call-bound", "Identifier": { "PURL": "pkg:npm/call-bound@1.0.4", "UID": "b3dc4d7ae160e252", "BOMRef": "pkg:npm/call-bound@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "array-buffer-byte-length@1.0.2", "array-includes@3.1.9", "data-view-buffer@1.0.2", "data-view-byte-length@1.0.2", "data-view-byte-offset@1.0.1", "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "function.prototype.name@1.1.8", "get-symbol-description@1.1.0", "is-arguments@1.2.0", "is-array-buffer@3.0.5", "is-async-function@2.1.1", "is-boolean-object@1.2.2", "is-data-view@1.0.2", "is-date-object@1.1.0", "is-finalizationregistry@1.1.1", "is-generator-function@1.1.0", "is-number-object@1.1.1", "is-regex@1.2.1", "is-shared-array-buffer@1.0.4", "is-string@1.1.1", "is-symbol@1.1.1", "is-weakref@1.1.1", "is-weakset@2.0.4", "object.assign@4.1.7", "object.entries@1.1.9", "object.values@1.2.1", "safe-array-concat@1.1.3", "safe-regex-test@1.1.0", "side-channel-map@1.0.1", "side-channel-weakmap@1.0.2", "string.prototype.matchall@4.0.12", "string.prototype.trim@1.2.10", "string.prototype.trimend@1.0.9", "typed-array-buffer@1.0.3", "unbox-primitive@1.1.0", "which-builtin-type@1.2.1", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "callsites@3.1.0", "Name": "callsites", "Identifier": { "PURL": "pkg:npm/callsites@3.1.0", "UID": "712debec20ffe64", "BOMRef": "pkg:npm/callsites@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "parent-module@1.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "camelcase@6.3.0", "Name": "camelcase", "Identifier": { "PURL": "pkg:npm/camelcase@6.3.0", "UID": "c20793a12eff338a", "BOMRef": "pkg:npm/camelcase@6.3.0" }, "Version": "6.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/core@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "caniuse-lite@1.0.30001726", "Name": "caniuse-lite", "Identifier": { "PURL": "pkg:npm/caniuse-lite@1.0.30001726", "UID": "9286a9dbb482c323", "BOMRef": "pkg:npm/caniuse-lite@1.0.30001726" }, "Version": "1.0.30001726", "Licenses": [ "CC-BY-4.0" ], "DependsOn": [ "browserslist@4.25.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "canvas-color-tracker@1.3.2", "Name": "canvas-color-tracker", "Identifier": { "PURL": "pkg:npm/canvas-color-tracker@1.3.2", "UID": "47db5d1310e7b9ef", "BOMRef": "pkg:npm/canvas-color-tracker@1.3.2" }, "Version": "1.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ccount@2.0.1", "Name": "ccount", "Identifier": { "PURL": "pkg:npm/ccount@2.0.1", "UID": "f67e529827fc1b45", "BOMRef": "pkg:npm/ccount@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-jsx@2.1.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "chai@5.2.0", "Name": "chai", "Identifier": { "PURL": "pkg:npm/chai@5.2.0", "UID": "8217e6ae4c5dc54a", "BOMRef": "pkg:npm/chai@5.2.0" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/expect@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "chalk@3.0.0", "Name": "chalk", "Identifier": { "PURL": "pkg:npm/chalk@3.0.0", "UID": "ae2abf7531551fa2", "BOMRef": "pkg:npm/chalk@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "chalk@4.1.2", "Name": "chalk", "Identifier": { "PURL": "pkg:npm/chalk@4.1.2", "UID": "1db6bd8423e01069", "BOMRef": "pkg:npm/chalk@4.1.2" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/types@30.0.1", "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1", "eslint@8.57.1", "jest-diff@30.0.4", "jest-matcher-utils@30.0.4", "jest-message-util@30.0.2", "jest-util@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "character-entities@2.0.2", "Name": "character-entities", "Identifier": { "PURL": "pkg:npm/character-entities@2.0.2", "UID": "aabf9652a2ed92bf", "BOMRef": "pkg:npm/character-entities@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "decode-named-character-reference@1.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "character-entities-html4@2.1.0", "Name": "character-entities-html4", "Identifier": { "PURL": "pkg:npm/character-entities-html4@2.1.0", "UID": "191bb772e19033f0", "BOMRef": "pkg:npm/character-entities-html4@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "stringify-entities@4.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "character-entities-legacy@3.0.0", "Name": "character-entities-legacy", "Identifier": { "PURL": "pkg:npm/character-entities-legacy@3.0.0", "UID": "2570cbe841f87267", "BOMRef": "pkg:npm/character-entities-legacy@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "parse-entities@4.0.2", "stringify-entities@4.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "character-reference-invalid@2.0.1", "Name": "character-reference-invalid", "Identifier": { "PURL": "pkg:npm/character-reference-invalid@2.0.1", "UID": "99a67820035603a0", "BOMRef": "pkg:npm/character-reference-invalid@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "parse-entities@4.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "chart.js@4.5.0", "Name": "chart.js", "Identifier": { "PURL": "pkg:npm/chart.js@4.5.0", "UID": "f671d7477e85963b", "BOMRef": "pkg:npm/chart.js@4.5.0" }, "Version": "4.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "check-error@2.1.1", "Name": "check-error", "Identifier": { "PURL": "pkg:npm/check-error@2.1.1", "UID": "50a48cbddf415475", "BOMRef": "pkg:npm/check-error@2.1.1" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "chai@5.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "bcd27c1292b5933c", "BOMRef": "pkg:npm/chownr@3.0.0" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "DependsOn": [ "tar@7.4.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "chroma-js@2.6.0", "Name": "chroma-js", "Identifier": { "PURL": "pkg:npm/chroma-js@2.6.0", "UID": "e71d2b31940d4c04", "BOMRef": "pkg:npm/chroma-js@2.6.0" }, "Version": "2.6.0", "Licenses": [ "BSD-3-Clause AND Apache-2.0" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ci-info@4.2.0", "Name": "ci-info", "Identifier": { "PURL": "pkg:npm/ci-info@4.2.0", "UID": "1e8d861091796d90", "BOMRef": "pkg:npm/ci-info@4.2.0" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "jest-util@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "classnames@2.5.1", "Name": "classnames", "Identifier": { "PURL": "pkg:npm/classnames@2.5.1", "UID": "67ce327ea9e34792", "BOMRef": "pkg:npm/classnames@2.5.1" }, "Version": "2.5.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4", "@uppy/provider-views@4.4.5", "@uppy/status-bar@4.1.3", "react-diff-viewer-continued@3.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "clsx@1.2.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@1.2.1", "UID": "1c69b71c6a6fc35a", "BOMRef": "3c42ab90-737d-4a5a-b067-b6315473e76d" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "clsx@1.2.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@1.2.1", "UID": "306d8bedd654baca", "BOMRef": "1138f2da-8c14-4539-83dd-8e73f160c25d" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "@textea/json-viewer@2.17.2", "notistack@3.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "clsx@2.1.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@2.1.1", "UID": "6b3b4469e77a71b4", "BOMRef": "71938c29-bd92-4b30-8729-ea364e9a9d5d" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@mui/x-data-grid@7.29.8", "@uppy/components@0.2.0", "prism-react-renderer@2.4.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "clsx@2.1.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@2.1.1", "UID": "a474201dcf02dc5d", "BOMRef": "5ca0077e-8e34-4e18-ab48-c0b0d6c26309" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "clsx@2.1.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@2.1.1", "UID": "554ea1fc9ccaf8ee", "BOMRef": "2adb307e-bc4a-419f-bea4-b9114a4ea096" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "clsx@2.1.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@2.1.1", "UID": "36128a360343ed0", "BOMRef": "9a10d665-bdd8-4e24-95a1-2c45e2cbb11a" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "color-convert@2.0.1", "Name": "color-convert", "Identifier": { "PURL": "pkg:npm/color-convert@2.0.1", "UID": "70f8a96c81ba6e6d", "BOMRef": "pkg:npm/color-convert@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "ansi-styles@4.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "color-name@1.1.4", "Name": "color-name", "Identifier": { "PURL": "pkg:npm/color-name@1.1.4", "UID": "4d8c6192f75a0cdf", "BOMRef": "pkg:npm/color-name@1.1.4" }, "Version": "1.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "color-convert@2.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "combined-stream@1.0.8", "Name": "combined-stream", "Identifier": { "PURL": "pkg:npm/combined-stream@1.0.8", "UID": "62171044054cacaf", "BOMRef": "pkg:npm/combined-stream@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "form-data@4.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "comma-separated-tokens@2.0.3", "Name": "comma-separated-tokens", "Identifier": { "PURL": "pkg:npm/comma-separated-tokens@2.0.3", "UID": "df9e86e6358b46b3", "BOMRef": "pkg:npm/comma-separated-tokens@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "concat-map@0.0.1", "Name": "concat-map", "Identifier": { "PURL": "pkg:npm/concat-map@0.0.1", "UID": "b75e7b9a9993f69b", "BOMRef": "pkg:npm/concat-map@0.0.1" }, "Version": "0.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "brace-expansion@1.1.12" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "convert-source-map@1.9.0", "Name": "convert-source-map", "Identifier": { "PURL": "pkg:npm/convert-source-map@1.9.0", "UID": "6c8b02bb2eca5e0", "BOMRef": "pkg:npm/convert-source-map@1.9.0" }, "Version": "1.9.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "convert-source-map@2.0.0", "Name": "convert-source-map", "Identifier": { "PURL": "pkg:npm/convert-source-map@2.0.0", "UID": "590dfd72c1c3a3c4", "BOMRef": "pkg:npm/convert-source-map@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "copy-to-clipboard@3.3.3", "Name": "copy-to-clipboard", "Identifier": { "PURL": "pkg:npm/copy-to-clipboard@3.3.3", "UID": "a170103fd9e202bb", "BOMRef": "pkg:npm/copy-to-clipboard@3.3.3" }, "Version": "3.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "@textea/json-viewer@2.17.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "cosmiconfig@7.1.0", "Name": "cosmiconfig", "Identifier": { "PURL": "pkg:npm/cosmiconfig@7.1.0", "UID": "d198d9592a4c90be", "BOMRef": "pkg:npm/cosmiconfig@7.1.0" }, "Version": "7.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "babel-plugin-macros@3.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "cosmiconfig@8.3.6", "Name": "cosmiconfig", "Identifier": { "PURL": "pkg:npm/cosmiconfig@8.3.6", "UID": "5cb9970a25d7d210", "BOMRef": "pkg:npm/cosmiconfig@8.3.6" }, "Version": "8.3.6", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/core@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "create-collection-form@0.0.0", "Name": "create-collection-form", "Identifier": { "PURL": "pkg:npm/create-collection-form@0.0.0?vcs_url=git+ssh%3A%2F%2Fgit%40github.com%2Fqdrant%2Fcreate-collection-form.git#a3f1e13059f334bf0c9eb2514fcd26bd01cfc59b", "UID": "ed66fad1662d144a", "BOMRef": "pkg:npm/create-collection-form@0.0.0?vcs_url=git+ssh%3A%2F%2Fgit%40github.com%2Fqdrant%2Fcreate-collection-form.git#a3f1e13059f334bf0c9eb2514fcd26bd01cfc59b" }, "Version": "0.0.0", "Licenses": [ "NOASSERTION" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "a3a59a48962c4efa", "BOMRef": "pkg:npm/cross-spawn@7.0.6" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "css.escape@1.5.1", "Name": "css.escape", "Identifier": { "PURL": "pkg:npm/css.escape@1.5.1", "UID": "bd793808faa5862d", "BOMRef": "pkg:npm/css.escape@1.5.1" }, "Version": "1.5.1", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "cssstyle@3.0.0", "Name": "cssstyle", "Identifier": { "PURL": "pkg:npm/cssstyle@3.0.0", "UID": "3346ec5abc6b2889", "BOMRef": "pkg:npm/cssstyle@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "csstype@3.1.3", "Name": "csstype", "Identifier": { "PURL": "pkg:npm/csstype@3.1.3", "UID": "33e607f195d7920a", "BOMRef": "pkg:npm/csstype@3.1.3" }, "Version": "3.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/serialize@1.3.3", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@types/react@18.3.23", "dom-helpers@5.2.1", "goober@2.1.16" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-array@3.2.4", "Name": "d3-array", "Identifier": { "PURL": "pkg:npm/d3-array@3.2.4", "UID": "f55143dfbaf0c3d1", "BOMRef": "pkg:npm/d3-array@3.2.4" }, "Version": "3.2.4", "Licenses": [ "ISC" ], "DependsOn": [ "d3-scale@4.0.2", "d3-time@3.1.0", "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-binarytree@1.0.2", "Name": "d3-binarytree", "Identifier": { "PURL": "pkg:npm/d3-binarytree@1.0.2", "UID": "6f66c8b8bc3becdf", "BOMRef": "pkg:npm/d3-binarytree@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "d3-force-3d@3.0.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-color@3.1.0", "Name": "d3-color", "Identifier": { "PURL": "pkg:npm/d3-color@3.1.0", "UID": "b9344e6a421ce73e", "BOMRef": "pkg:npm/d3-color@3.1.0" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-interpolate@3.0.1", "d3-scale-chromatic@3.1.0", "d3-transition@3.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-dispatch@3.0.1", "Name": "d3-dispatch", "Identifier": { "PURL": "pkg:npm/d3-dispatch@3.0.1", "UID": "b96247a7543f3dc0", "BOMRef": "pkg:npm/d3-dispatch@3.0.1" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "d3-drag@3.0.0", "d3-force-3d@3.0.6", "d3-transition@3.0.1", "d3-zoom@3.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-drag@3.0.0", "Name": "d3-drag", "Identifier": { "PURL": "pkg:npm/d3-drag@3.0.0", "UID": "2021cc0b15025bbe", "BOMRef": "pkg:npm/d3-drag@3.0.0" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-zoom@3.0.0", "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-ease@3.0.1", "Name": "d3-ease", "Identifier": { "PURL": "pkg:npm/d3-ease@3.0.1", "UID": "694e0397a2af9b39", "BOMRef": "pkg:npm/d3-ease@3.0.1" }, "Version": "3.0.1", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "d3-transition@3.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-force-3d@3.0.6", "Name": "d3-force-3d", "Identifier": { "PURL": "pkg:npm/d3-force-3d@3.0.6", "UID": "9b71f998fc7b0ede", "BOMRef": "pkg:npm/d3-force-3d@3.0.6" }, "Version": "3.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-format@3.1.0", "Name": "d3-format", "Identifier": { "PURL": "pkg:npm/d3-format@3.1.0", "UID": "ee93b21407976706", "BOMRef": "pkg:npm/d3-format@3.1.0" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-scale@4.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-interpolate@3.0.1", "Name": "d3-interpolate", "Identifier": { "PURL": "pkg:npm/d3-interpolate@3.0.1", "UID": "803621abeb4fba4e", "BOMRef": "pkg:npm/d3-interpolate@3.0.1" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "d3-scale-chromatic@3.1.0", "d3-scale@4.0.2", "d3-transition@3.0.1", "d3-zoom@3.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-octree@1.1.0", "Name": "d3-octree", "Identifier": { "PURL": "pkg:npm/d3-octree@1.1.0", "UID": "dccf13a896489e7f", "BOMRef": "pkg:npm/d3-octree@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "d3-force-3d@3.0.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-quadtree@3.0.1", "Name": "d3-quadtree", "Identifier": { "PURL": "pkg:npm/d3-quadtree@3.0.1", "UID": "83728e5fc346d076", "BOMRef": "pkg:npm/d3-quadtree@3.0.1" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "d3-force-3d@3.0.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-scale@4.0.2", "Name": "d3-scale", "Identifier": { "PURL": "pkg:npm/d3-scale@4.0.2", "UID": "fcc7399b06d87f47", "BOMRef": "pkg:npm/d3-scale@4.0.2" }, "Version": "4.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-scale-chromatic@3.1.0", "Name": "d3-scale-chromatic", "Identifier": { "PURL": "pkg:npm/d3-scale-chromatic@3.1.0", "UID": "cf11bf1c7b8ab8f3", "BOMRef": "pkg:npm/d3-scale-chromatic@3.1.0" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-selection@3.0.0", "Name": "d3-selection", "Identifier": { "PURL": "pkg:npm/d3-selection@3.0.0", "UID": "cd6cf6124d617e18", "BOMRef": "pkg:npm/d3-selection@3.0.0" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-drag@3.0.0", "d3-transition@3.0.1", "d3-zoom@3.0.0", "float-tooltip@1.7.5", "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-time@3.1.0", "Name": "d3-time", "Identifier": { "PURL": "pkg:npm/d3-time@3.1.0", "UID": "75fac347703ea5c1", "BOMRef": "pkg:npm/d3-time@3.1.0" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-scale@4.0.2", "d3-time-format@4.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-time-format@4.1.0", "Name": "d3-time-format", "Identifier": { "PURL": "pkg:npm/d3-time-format@4.1.0", "UID": "e9ec5442111b7ff8", "BOMRef": "pkg:npm/d3-time-format@4.1.0" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-scale@4.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-timer@3.0.1", "Name": "d3-timer", "Identifier": { "PURL": "pkg:npm/d3-timer@3.0.1", "UID": "da48b082d3902f23", "BOMRef": "pkg:npm/d3-timer@3.0.1" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "d3-force-3d@3.0.6", "d3-transition@3.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-transition@3.0.1", "Name": "d3-transition", "Identifier": { "PURL": "pkg:npm/d3-transition@3.0.1", "UID": "849a507579541027", "BOMRef": "pkg:npm/d3-transition@3.0.1" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "d3-zoom@3.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "d3-zoom@3.0.0", "Name": "d3-zoom", "Identifier": { "PURL": "pkg:npm/d3-zoom@3.0.0", "UID": "6b323c54a1a6480", "BOMRef": "pkg:npm/d3-zoom@3.0.0" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "data-urls@4.0.0", "Name": "data-urls", "Identifier": { "PURL": "pkg:npm/data-urls@4.0.0", "UID": "57292aaaccfe8a20", "BOMRef": "pkg:npm/data-urls@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "data-view-buffer@1.0.2", "Name": "data-view-buffer", "Identifier": { "PURL": "pkg:npm/data-view-buffer@1.0.2", "UID": "de692254a094771a", "BOMRef": "pkg:npm/data-view-buffer@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "data-view-byte-length@1.0.2", "Name": "data-view-byte-length", "Identifier": { "PURL": "pkg:npm/data-view-byte-length@1.0.2", "UID": "51a2763f8af2f908", "BOMRef": "pkg:npm/data-view-byte-length@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "data-view-byte-offset@1.0.1", "Name": "data-view-byte-offset", "Identifier": { "PURL": "pkg:npm/data-view-byte-offset@1.0.1", "UID": "6f922673cd07296d", "BOMRef": "pkg:npm/data-view-byte-offset@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "debug@4.4.1", "Name": "debug", "Identifier": { "PURL": "pkg:npm/debug@4.4.1", "UID": "d37cdd9c16c889ab", "BOMRef": "pkg:npm/debug@4.4.1" }, "Version": "4.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/traverse@7.28.0", "@eslint/eslintrc@2.1.4", "@humanwhocodes/config-array@0.13.0", "agent-base@6.0.2", "eslint@8.57.1", "http-proxy-agent@5.0.0", "https-proxy-agent@5.0.1", "micromark@3.2.0", "vite-node@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "decimal.js@10.5.0", "Name": "decimal.js", "Identifier": { "PURL": "pkg:npm/decimal.js@10.5.0", "UID": "5a9336c59e7bacd4", "BOMRef": "pkg:npm/decimal.js@10.5.0" }, "Version": "10.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "decode-named-character-reference@1.2.0", "Name": "decode-named-character-reference", "Identifier": { "PURL": "pkg:npm/decode-named-character-reference@1.2.0", "UID": "a7d2eef372d26c0e", "BOMRef": "pkg:npm/decode-named-character-reference@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-core-commonmark@1.1.0", "micromark-util-decode-string@1.1.0", "micromark@3.2.0", "parse-entities@4.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "deep-eql@5.0.2", "Name": "deep-eql", "Identifier": { "PURL": "pkg:npm/deep-eql@5.0.2", "UID": "ced7c1242d188112", "BOMRef": "pkg:npm/deep-eql@5.0.2" }, "Version": "5.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "chai@5.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "deep-equal@2.2.3", "Name": "deep-equal", "Identifier": { "PURL": "pkg:npm/deep-equal@2.2.3", "UID": "1311860ee2e90dd4", "BOMRef": "pkg:npm/deep-equal@2.2.3" }, "Version": "2.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "aria-query@5.1.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "deep-is@0.1.4", "Name": "deep-is", "Identifier": { "PURL": "pkg:npm/deep-is@0.1.4", "UID": "6bb1e2b9c2315aeb", "BOMRef": "pkg:npm/deep-is@0.1.4" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "optionator@0.9.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "define-data-property@1.1.4", "Name": "define-data-property", "Identifier": { "PURL": "pkg:npm/define-data-property@1.1.4", "UID": "856d999316dda307", "BOMRef": "pkg:npm/define-data-property@1.1.4" }, "Version": "1.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "define-properties@1.2.1", "iterator.prototype@1.1.5", "set-function-length@1.2.2", "set-function-name@2.0.2", "string.prototype.trim@1.2.10" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "define-properties@1.2.1", "Name": "define-properties", "Identifier": { "PURL": "pkg:npm/define-properties@1.2.1", "UID": "ebf0ee7e8fac5365", "BOMRef": "pkg:npm/define-properties@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "array.prototype.findlast@1.2.5", "array.prototype.flat@1.3.3", "array.prototype.flatmap@1.3.3", "array.prototype.tosorted@1.1.4", "arraybuffer.prototype.slice@1.0.4", "es-iterator-helpers@1.2.1", "function.prototype.name@1.1.8", "globalthis@1.0.4", "object-is@1.1.6", "object.assign@4.1.7", "object.entries@1.1.9", "object.fromentries@2.0.8", "object.values@1.2.1", "reflect.getprototypeof@1.0.10", "regexp.prototype.flags@1.5.4", "string.prototype.matchall@4.0.12", "string.prototype.repeat@1.0.0", "string.prototype.trim@1.2.10", "string.prototype.trimend@1.0.9", "string.prototype.trimstart@1.0.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "delayed-stream@1.0.0", "Name": "delayed-stream", "Identifier": { "PURL": "pkg:npm/delayed-stream@1.0.0", "UID": "a0c2571abdfae24c", "BOMRef": "pkg:npm/delayed-stream@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "combined-stream@1.0.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "dequal@2.0.3", "Name": "dequal", "Identifier": { "PURL": "pkg:npm/dequal@2.0.3", "UID": "f480c97b13534c8a", "BOMRef": "pkg:npm/dequal@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/components@0.2.0", "aria-query@5.3.0", "uvu@0.5.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "dereference-json-schema@0.2.1", "Name": "dereference-json-schema", "Identifier": { "PURL": "pkg:npm/dereference-json-schema@0.2.1", "UID": "56807fe669a2a24e", "BOMRef": "pkg:npm/dereference-json-schema@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "openapi-client-axios@7.6.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "detect-libc@1.0.3", "Name": "detect-libc", "Identifier": { "PURL": "pkg:npm/detect-libc@1.0.3", "UID": "5212a6cdcc5d37", "BOMRef": "pkg:npm/detect-libc@1.0.3" }, "Version": "1.0.3", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@parcel/watcher@2.5.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "detect-libc@2.0.4", "Name": "detect-libc", "Identifier": { "PURL": "pkg:npm/detect-libc@2.0.4", "UID": "1b8455857480eb26", "BOMRef": "33def98c-9bea-49fd-9dd8-6d8e2655f876" }, "Version": "2.0.4", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@tailwindcss/oxide@4.1.11", "lightningcss@1.30.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "detect-libc@2.0.4", "Name": "detect-libc", "Identifier": { "PURL": "pkg:npm/detect-libc@2.0.4", "UID": "13049fd0933f1380", "BOMRef": "aa3e3d7a-3759-4d6f-abbd-a968cab292d4" }, "Version": "2.0.4", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "diff@5.2.0", "Name": "diff", "Identifier": { "PURL": "pkg:npm/diff@5.2.0", "UID": "f3def297fdc1a9bb", "BOMRef": "pkg:npm/diff@5.2.0" }, "Version": "5.2.0", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "react-diff-viewer-continued@3.4.0", "uvu@0.5.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "doctrine@2.1.0", "Name": "doctrine", "Identifier": { "PURL": "pkg:npm/doctrine@2.1.0", "UID": "b017a01b114778bc", "BOMRef": "pkg:npm/doctrine@2.1.0" }, "Version": "2.1.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "doctrine@3.0.0", "Name": "doctrine", "Identifier": { "PURL": "pkg:npm/doctrine@3.0.0", "UID": "985120df83ea93b9", "BOMRef": "pkg:npm/doctrine@3.0.0" }, "Version": "3.0.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "dom-accessibility-api@0.5.16", "Name": "dom-accessibility-api", "Identifier": { "PURL": "pkg:npm/dom-accessibility-api@0.5.16", "UID": "636822fe0539ee68", "BOMRef": "pkg:npm/dom-accessibility-api@0.5.16" }, "Version": "0.5.16", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1", "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "dom-helpers@5.2.1", "Name": "dom-helpers", "Identifier": { "PURL": "pkg:npm/dom-helpers@5.2.1", "UID": "9111c597e1e75dde", "BOMRef": "pkg:npm/dom-helpers@5.2.1" }, "Version": "5.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "react-transition-group@4.4.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "domexception@4.0.0", "Name": "domexception", "Identifier": { "PURL": "pkg:npm/domexception@4.0.0", "UID": "992317496dda8bc7", "BOMRef": "pkg:npm/domexception@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "dot-case@3.0.4", "Name": "dot-case", "Identifier": { "PURL": "pkg:npm/dot-case@3.0.4", "UID": "8589cff0db522a3d", "BOMRef": "pkg:npm/dot-case@3.0.4" }, "Version": "3.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "snake-case@3.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "dunder-proto@1.0.1", "Name": "dunder-proto", "Identifier": { "PURL": "pkg:npm/dunder-proto@1.0.1", "UID": "d4fc5cb96e4bb10a", "BOMRef": "pkg:npm/dunder-proto@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "get-proto@1.0.1", "has-proto@1.2.0", "set-proto@1.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "electron-to-chromium@1.5.179", "Name": "electron-to-chromium", "Identifier": { "PURL": "pkg:npm/electron-to-chromium@1.5.179", "UID": "f0da42e4036cf9cf", "BOMRef": "pkg:npm/electron-to-chromium@1.5.179" }, "Version": "1.5.179", "Licenses": [ "ISC" ], "DependsOn": [ "browserslist@4.25.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "enhanced-resolve@5.18.2", "Name": "enhanced-resolve", "Identifier": { "PURL": "pkg:npm/enhanced-resolve@5.18.2", "UID": "d241412e4cb61c11", "BOMRef": "pkg:npm/enhanced-resolve@5.18.2" }, "Version": "5.18.2", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11", "@tailwindcss/node@4.1.11" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "entities@4.5.0", "Name": "entities", "Identifier": { "PURL": "pkg:npm/entities@4.5.0", "UID": "c4fc8635f23e4219", "BOMRef": "pkg:npm/entities@4.5.0" }, "Version": "4.5.0", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "@svgr/hast-util-to-babel-ast@8.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "entities@6.0.1", "Name": "entities", "Identifier": { "PURL": "pkg:npm/entities@6.0.1", "UID": "f1c7af2581c1f666", "BOMRef": "pkg:npm/entities@6.0.1" }, "Version": "6.0.1", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "parse5@7.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "error-ex@1.3.2", "Name": "error-ex", "Identifier": { "PURL": "pkg:npm/error-ex@1.3.2", "UID": "18aaca34745b8b86", "BOMRef": "pkg:npm/error-ex@1.3.2" }, "Version": "1.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "parse-json@5.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "es-abstract@1.24.0", "Name": "es-abstract", "Identifier": { "PURL": "pkg:npm/es-abstract@1.24.0", "UID": "a34248579f735252", "BOMRef": "pkg:npm/es-abstract@1.24.0" }, "Version": "1.24.0", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "array.prototype.findlast@1.2.5", "array.prototype.flat@1.3.3", "array.prototype.flatmap@1.3.3", "array.prototype.tosorted@1.1.4", "arraybuffer.prototype.slice@1.0.4", "es-iterator-helpers@1.2.1", "object.fromentries@2.0.8", "reflect.getprototypeof@1.0.10", "string.prototype.matchall@4.0.12", "string.prototype.repeat@1.0.0", "string.prototype.trim@1.2.10" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "es-define-property@1.0.1", "Name": "es-define-property", "Identifier": { "PURL": "pkg:npm/es-define-property@1.0.1", "UID": "a55a9f12e7185a8d", "BOMRef": "pkg:npm/es-define-property@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "call-bind@1.0.8", "define-data-property@1.1.4", "es-abstract@1.24.0", "get-intrinsic@1.3.0", "has-property-descriptors@1.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "es-errors@1.3.0", "Name": "es-errors", "Identifier": { "PURL": "pkg:npm/es-errors@1.3.0", "UID": "eb74db947947d956", "BOMRef": "pkg:npm/es-errors@1.3.0" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "array.prototype.findlast@1.2.5", "array.prototype.tosorted@1.1.4", "arraybuffer.prototype.slice@1.0.4", "call-bind-apply-helpers@1.0.2", "data-view-buffer@1.0.2", "data-view-byte-length@1.0.2", "data-view-byte-offset@1.0.1", "define-data-property@1.1.4", "dunder-proto@1.0.1", "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "es-object-atoms@1.1.1", "es-set-tostringtag@2.1.0", "get-intrinsic@1.3.0", "get-symbol-description@1.1.0", "internal-slot@1.1.0", "reflect.getprototypeof@1.0.10", "regexp.prototype.flags@1.5.4", "safe-push-apply@1.0.0", "safe-regex-test@1.1.0", "set-function-length@1.2.2", "set-function-name@2.0.2", "set-proto@1.0.0", "side-channel-list@1.0.0", "side-channel-map@1.0.1", "side-channel-weakmap@1.0.2", "side-channel@1.1.0", "stop-iteration-iterator@1.1.0", "string.prototype.matchall@4.0.12", "typed-array-buffer@1.0.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "es-get-iterator@1.1.3", "Name": "es-get-iterator", "Identifier": { "PURL": "pkg:npm/es-get-iterator@1.1.3", "UID": "a5641292e1ca2454", "BOMRef": "pkg:npm/es-get-iterator@1.1.3" }, "Version": "1.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "es-iterator-helpers@1.2.1", "Name": "es-iterator-helpers", "Identifier": { "PURL": "pkg:npm/es-iterator-helpers@1.2.1", "UID": "37cd200a6fcb470e", "BOMRef": "pkg:npm/es-iterator-helpers@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "es-module-lexer@1.7.0", "Name": "es-module-lexer", "Identifier": { "PURL": "pkg:npm/es-module-lexer@1.7.0", "UID": "c6fe09f514b627b0", "BOMRef": "pkg:npm/es-module-lexer@1.7.0" }, "Version": "1.7.0", "Licenses": [ "MIT" ], "DependsOn": [ "vite-node@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "es-object-atoms@1.1.1", "Name": "es-object-atoms", "Identifier": { "PURL": "pkg:npm/es-object-atoms@1.1.1", "UID": "cd6a059e6e2c5751", "BOMRef": "pkg:npm/es-object-atoms@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "array.prototype.findlast@1.2.5", "es-abstract@1.24.0", "get-intrinsic@1.3.0", "get-proto@1.0.1", "iterator.prototype@1.1.5", "object.assign@4.1.7", "object.entries@1.1.9", "object.fromentries@2.0.8", "object.values@1.2.1", "reflect.getprototypeof@1.0.10", "set-proto@1.0.0", "string.prototype.matchall@4.0.12", "string.prototype.trim@1.2.10", "string.prototype.trimend@1.0.9", "string.prototype.trimstart@1.0.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "es-set-tostringtag@2.1.0", "Name": "es-set-tostringtag", "Identifier": { "PURL": "pkg:npm/es-set-tostringtag@2.1.0", "UID": "474c57b0467c8ea4", "BOMRef": "pkg:npm/es-set-tostringtag@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "form-data@4.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "es-shim-unscopables@1.1.0", "Name": "es-shim-unscopables", "Identifier": { "PURL": "pkg:npm/es-shim-unscopables@1.1.0", "UID": "44cb7ef66eee10b0", "BOMRef": "pkg:npm/es-shim-unscopables@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "array.prototype.findlast@1.2.5", "array.prototype.flat@1.3.3", "array.prototype.flatmap@1.3.3", "array.prototype.tosorted@1.1.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "es-to-primitive@1.3.0", "Name": "es-to-primitive", "Identifier": { "PURL": "pkg:npm/es-to-primitive@1.3.0", "UID": "3ce27cb191f2a633", "BOMRef": "pkg:npm/es-to-primitive@1.3.0" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "esbuild@0.25.5", "Name": "esbuild", "Identifier": { "PURL": "pkg:npm/esbuild@0.25.5", "UID": "5cbf7f27ea5441e6", "BOMRef": "pkg:npm/esbuild@0.25.5" }, "Version": "0.25.5", "Licenses": [ "MIT" ], "DependsOn": [ "vite@6.4.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "escalade@3.2.0", "Name": "escalade", "Identifier": { "PURL": "pkg:npm/escalade@3.2.0", "UID": "3891bbac4ccca059", "BOMRef": "pkg:npm/escalade@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "update-browserslist-db@1.1.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "escape-string-regexp@2.0.0", "Name": "escape-string-regexp", "Identifier": { "PURL": "pkg:npm/escape-string-regexp@2.0.0", "UID": "7098a4f70c1884b1", "BOMRef": "pkg:npm/escape-string-regexp@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "stack-utils@2.0.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "escape-string-regexp@4.0.0", "Name": "escape-string-regexp", "Identifier": { "PURL": "pkg:npm/escape-string-regexp@4.0.0", "UID": "c810badcf53f0432", "BOMRef": "pkg:npm/escape-string-regexp@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "eslint@8.57.1", "Name": "eslint", "Identifier": { "PURL": "pkg:npm/eslint@8.57.1", "UID": "efba98d94e57dbf", "BOMRef": "pkg:npm/eslint@8.57.1" }, "Version": "8.57.1", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint-community/eslint-utils@4.7.0", "eslint-config-google@0.14.0", "eslint-config-prettier@8.10.0", "eslint-plugin-react@7.37.5", "qdrant-web-ui@0.2.5", "vite-plugin-eslint@1.8.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "eslint-config-google@0.14.0", "Name": "eslint-config-google", "Identifier": { "PURL": "pkg:npm/eslint-config-google@0.14.0", "UID": "2390f11797399be4", "BOMRef": "pkg:npm/eslint-config-google@0.14.0" }, "Version": "0.14.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "eslint-config-prettier@8.10.0", "Name": "eslint-config-prettier", "Identifier": { "PURL": "pkg:npm/eslint-config-prettier@8.10.0", "UID": "43dc38f4796c1c7a", "BOMRef": "pkg:npm/eslint-config-prettier@8.10.0" }, "Version": "8.10.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "eslint-plugin-react@7.37.5", "Name": "eslint-plugin-react", "Identifier": { "PURL": "pkg:npm/eslint-plugin-react@7.37.5", "UID": "d0d02c74bd09836e", "BOMRef": "pkg:npm/eslint-plugin-react@7.37.5" }, "Version": "7.37.5", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "eslint-scope@7.2.2", "Name": "eslint-scope", "Identifier": { "PURL": "pkg:npm/eslint-scope@7.2.2", "UID": "78b95b30c15bb12b", "BOMRef": "pkg:npm/eslint-scope@7.2.2" }, "Version": "7.2.2", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "eslint-visitor-keys@3.4.3", "Name": "eslint-visitor-keys", "Identifier": { "PURL": "pkg:npm/eslint-visitor-keys@3.4.3", "UID": "287f67d2a2fc2310", "BOMRef": "pkg:npm/eslint-visitor-keys@3.4.3" }, "Version": "3.4.3", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@eslint-community/eslint-utils@4.7.0", "eslint@8.57.1", "espree@9.6.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "espree@9.6.1", "Name": "espree", "Identifier": { "PURL": "pkg:npm/espree@9.6.1", "UID": "8b1d8f818b924d79", "BOMRef": "pkg:npm/espree@9.6.1" }, "Version": "9.6.1", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "esquery@1.6.0", "Name": "esquery", "Identifier": { "PURL": "pkg:npm/esquery@1.6.0", "UID": "22ffe8f7de8e93d1", "BOMRef": "pkg:npm/esquery@1.6.0" }, "Version": "1.6.0", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "esrecurse@4.3.0", "Name": "esrecurse", "Identifier": { "PURL": "pkg:npm/esrecurse@4.3.0", "UID": "8c7405467abcb57c", "BOMRef": "pkg:npm/esrecurse@4.3.0" }, "Version": "4.3.0", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "eslint-scope@7.2.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "estraverse@5.3.0", "Name": "estraverse", "Identifier": { "PURL": "pkg:npm/estraverse@5.3.0", "UID": "ce53f1b51e64e50f", "BOMRef": "pkg:npm/estraverse@5.3.0" }, "Version": "5.3.0", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "eslint-plugin-react@7.37.5", "eslint-scope@7.2.2", "esquery@1.6.0", "esrecurse@4.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "estree-util-attach-comments@2.1.1", "Name": "estree-util-attach-comments", "Identifier": { "PURL": "pkg:npm/estree-util-attach-comments@2.1.1", "UID": "88da00fec158727a", "BOMRef": "pkg:npm/estree-util-attach-comments@2.1.1" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "estree-util-build-jsx@2.2.2", "Name": "estree-util-build-jsx", "Identifier": { "PURL": "pkg:npm/estree-util-build-jsx@2.2.2", "UID": "2d7a52445bb48f24", "BOMRef": "pkg:npm/estree-util-build-jsx@2.2.2" }, "Version": "2.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "estree-util-is-identifier-name@2.1.0", "Name": "estree-util-is-identifier-name", "Identifier": { "PURL": "pkg:npm/estree-util-is-identifier-name@2.1.0", "UID": "e0113f615ca00be3", "BOMRef": "pkg:npm/estree-util-is-identifier-name@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "estree-util-build-jsx@2.2.2", "hast-util-to-estree@2.3.3", "micromark-extension-mdx-jsx@1.0.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "estree-util-to-js@1.2.0", "Name": "estree-util-to-js", "Identifier": { "PURL": "pkg:npm/estree-util-to-js@1.2.0", "UID": "7bf90dcd05b772dd", "BOMRef": "pkg:npm/estree-util-to-js@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "estree-util-visit@1.2.1", "Name": "estree-util-visit", "Identifier": { "PURL": "pkg:npm/estree-util-visit@1.2.1", "UID": "9520b83c25613f30", "BOMRef": "pkg:npm/estree-util-visit@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-util-events-to-acorn@1.2.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "estree-walker@2.0.2", "Name": "estree-walker", "Identifier": { "PURL": "pkg:npm/estree-walker@2.0.2", "UID": "45ea3ded702acece", "BOMRef": "8a6b1790-ae6f-423c-ae12-d63213732044" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "@rollup/pluginutils@4.2.1", "@rollup/pluginutils@5.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "estree-walker@2.0.2", "Name": "estree-walker", "Identifier": { "PURL": "pkg:npm/estree-walker@2.0.2", "UID": "cffdb56699b8ad77", "BOMRef": "3cfe07f9-acf0-4ec8-b0e7-6d53164887aa" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "estree-walker@3.0.3", "Name": "estree-walker", "Identifier": { "PURL": "pkg:npm/estree-walker@3.0.3", "UID": "6914b8bfe608bc93", "BOMRef": "pkg:npm/estree-walker@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "@vitest/mocker@3.2.4", "estree-util-build-jsx@2.2.2", "periscopic@3.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "esutils@2.0.3", "Name": "esutils", "Identifier": { "PURL": "pkg:npm/esutils@2.0.3", "UID": "2d8e4a633e9deb01", "BOMRef": "pkg:npm/esutils@2.0.3" }, "Version": "2.0.3", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "doctrine@2.1.0", "doctrine@3.0.0", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "eventemitter3@5.0.1", "Name": "eventemitter3", "Identifier": { "PURL": "pkg:npm/eventemitter3@5.0.1", "UID": "a171317eb5a2c8cd", "BOMRef": "pkg:npm/eventemitter3@5.0.1" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "p-queue@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "exifr@7.1.3", "Name": "exifr", "Identifier": { "PURL": "pkg:npm/exifr@7.1.3", "UID": "4624032bdccddf2", "BOMRef": "pkg:npm/exifr@7.1.3" }, "Version": "7.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/thumbnail-generator@4.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "expect@30.0.4", "Name": "expect", "Identifier": { "PURL": "pkg:npm/expect@30.0.4", "UID": "c8d549de52741185", "BOMRef": "pkg:npm/expect@30.0.4" }, "Version": "30.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "@types/jest@30.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "expect-type@1.2.1", "Name": "expect-type", "Identifier": { "PURL": "pkg:npm/expect-type@1.2.1", "UID": "2945f3d436414ae", "BOMRef": "pkg:npm/expect-type@1.2.1" }, "Version": "1.2.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "extend@3.0.2", "Name": "extend", "Identifier": { "PURL": "pkg:npm/extend@3.0.2", "UID": "9bef4539382f11fd", "BOMRef": "pkg:npm/extend@3.0.2" }, "Version": "3.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "unified@10.1.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "fast-deep-equal@3.1.3", "Name": "fast-deep-equal", "Identifier": { "PURL": "pkg:npm/fast-deep-equal@3.1.3", "UID": "611d80b0274b8942", "BOMRef": "pkg:npm/fast-deep-equal@3.1.3" }, "Version": "3.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "ajv@6.12.6", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "fast-json-stable-stringify@2.1.0", "Name": "fast-json-stable-stringify", "Identifier": { "PURL": "pkg:npm/fast-json-stable-stringify@2.1.0", "UID": "389320489580f2cc", "BOMRef": "pkg:npm/fast-json-stable-stringify@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "ajv@6.12.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "fast-levenshtein@2.0.6", "Name": "fast-levenshtein", "Identifier": { "PURL": "pkg:npm/fast-levenshtein@2.0.6", "UID": "a5b15dc71f6d5055", "BOMRef": "pkg:npm/fast-levenshtein@2.0.6" }, "Version": "2.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "optionator@0.9.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "fastq@1.19.1", "Name": "fastq", "Identifier": { "PURL": "pkg:npm/fastq@1.19.1", "UID": "df20dd4770cdfdfe", "BOMRef": "pkg:npm/fastq@1.19.1" }, "Version": "1.19.1", "Licenses": [ "ISC" ], "DependsOn": [ "@nodelib/fs.walk@1.2.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "fdir@6.4.6", "Name": "fdir", "Identifier": { "PURL": "pkg:npm/fdir@6.4.6", "UID": "170431194f4803f3", "BOMRef": "pkg:npm/fdir@6.4.6" }, "Version": "6.4.6", "Licenses": [ "MIT" ], "DependsOn": [ "tinyglobby@0.2.14", "vite@6.4.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "file-entry-cache@6.0.1", "Name": "file-entry-cache", "Identifier": { "PURL": "pkg:npm/file-entry-cache@6.0.1", "UID": "6cb487cb6107c6e8", "BOMRef": "pkg:npm/file-entry-cache@6.0.1" }, "Version": "6.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "fill-range@7.1.1", "Name": "fill-range", "Identifier": { "PURL": "pkg:npm/fill-range@7.1.1", "UID": "6908c6e8ff1e8c4e", "BOMRef": "pkg:npm/fill-range@7.1.1" }, "Version": "7.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "braces@3.0.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "find-root@1.1.0", "Name": "find-root", "Identifier": { "PURL": "pkg:npm/find-root@1.1.0", "UID": "5419af5088347182", "BOMRef": "pkg:npm/find-root@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "find-up@5.0.0", "Name": "find-up", "Identifier": { "PURL": "pkg:npm/find-up@5.0.0", "UID": "d9f0a6a8ab02977e", "BOMRef": "pkg:npm/find-up@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "flat-cache@3.2.0", "Name": "flat-cache", "Identifier": { "PURL": "pkg:npm/flat-cache@3.2.0", "UID": "d1167550ee9eb1d7", "BOMRef": "pkg:npm/flat-cache@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "file-entry-cache@6.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "flatted@3.3.3", "Name": "flatted", "Identifier": { "PURL": "pkg:npm/flatted@3.3.3", "UID": "a8fb3869f826f235", "BOMRef": "pkg:npm/flatted@3.3.3" }, "Version": "3.3.3", "Licenses": [ "ISC" ], "DependsOn": [ "flat-cache@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "float-tooltip@1.7.5", "Name": "float-tooltip", "Identifier": { "PURL": "pkg:npm/float-tooltip@1.7.5", "UID": "309ca39d592e68dc", "BOMRef": "pkg:npm/float-tooltip@1.7.5" }, "Version": "1.7.5", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "follow-redirects@1.15.9", "Name": "follow-redirects", "Identifier": { "PURL": "pkg:npm/follow-redirects@1.15.9", "UID": "8d13179697203022", "BOMRef": "pkg:npm/follow-redirects@1.15.9" }, "Version": "1.15.9", "Licenses": [ "MIT" ], "DependsOn": [ "axios@1.12.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "for-each@0.3.5", "Name": "for-each", "Identifier": { "PURL": "pkg:npm/for-each@0.3.5", "UID": "52ee6db5b9070fd8", "BOMRef": "pkg:npm/for-each@0.3.5" }, "Version": "0.3.5", "Licenses": [ "MIT" ], "DependsOn": [ "typed-array-byte-length@1.0.3", "typed-array-byte-offset@1.0.4", "typed-array-length@1.0.7", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "force-graph@1.50.1", "Name": "force-graph", "Identifier": { "PURL": "pkg:npm/force-graph@1.50.1", "UID": "811bff8bc94d299b", "BOMRef": "pkg:npm/force-graph@1.50.1" }, "Version": "1.50.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "form-data@4.0.4", "Name": "form-data", "Identifier": { "PURL": "pkg:npm/form-data@4.0.4", "UID": "17415257646ed42a", "BOMRef": "pkg:npm/form-data@4.0.4" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "axios@1.12.2", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "fs.realpath@1.0.0", "Name": "fs.realpath", "Identifier": { "PURL": "pkg:npm/fs.realpath@1.0.0", "UID": "7a3555982f79774e", "BOMRef": "pkg:npm/fs.realpath@1.0.0" }, "Version": "1.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "glob@7.2.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "function-bind@1.1.2", "Name": "function-bind", "Identifier": { "PURL": "pkg:npm/function-bind@1.1.2", "UID": "694d98276e272958", "BOMRef": "pkg:npm/function-bind@1.1.2" }, "Version": "1.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "call-bind-apply-helpers@1.0.2", "es-iterator-helpers@1.2.1", "get-intrinsic@1.3.0", "hasown@2.0.2", "set-function-length@1.2.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "function.prototype.name@1.1.8", "Name": "function.prototype.name", "Identifier": { "PURL": "pkg:npm/function.prototype.name@1.1.8", "UID": "221d30650aa53ea1", "BOMRef": "pkg:npm/function.prototype.name@1.1.8" }, "Version": "1.1.8", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "functions-have-names@1.2.3", "Name": "functions-have-names", "Identifier": { "PURL": "pkg:npm/functions-have-names@1.2.3", "UID": "38254611691d325b", "BOMRef": "pkg:npm/functions-have-names@1.2.3" }, "Version": "1.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "function.prototype.name@1.1.8", "set-function-name@2.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "gensync@1.0.0-beta.2", "Name": "gensync", "Identifier": { "PURL": "pkg:npm/gensync@1.0.0-beta.2", "UID": "d167101b2d2d89e7", "BOMRef": "pkg:npm/gensync@1.0.0-beta.2" }, "Version": "1.0.0-beta.2", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "get-intrinsic@1.3.0", "Name": "get-intrinsic", "Identifier": { "PURL": "pkg:npm/get-intrinsic@1.3.0", "UID": "d8ab587dbbeb26ee", "BOMRef": "pkg:npm/get-intrinsic@1.3.0" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "arraybuffer.prototype.slice@1.0.4", "call-bind@1.0.8", "call-bound@1.0.4", "deep-equal@2.2.3", "es-abstract@1.24.0", "es-get-iterator@1.1.3", "es-iterator-helpers@1.2.1", "es-set-tostringtag@2.1.0", "get-symbol-description@1.1.0", "is-array-buffer@3.0.5", "is-data-view@1.0.2", "is-weakset@2.0.4", "iterator.prototype@1.1.5", "own-keys@1.0.1", "reflect.getprototypeof@1.0.10", "safe-array-concat@1.1.3", "set-function-length@1.2.2", "side-channel-map@1.0.1", "side-channel-weakmap@1.0.2", "string.prototype.matchall@4.0.12" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "get-proto@1.0.1", "Name": "get-proto", "Identifier": { "PURL": "pkg:npm/get-proto@1.0.1", "UID": "c8156641a5eab110", "BOMRef": "pkg:npm/get-proto@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "get-intrinsic@1.3.0", "is-async-function@2.1.1", "is-generator-function@1.1.0", "iterator.prototype@1.1.5", "reflect.getprototypeof@1.0.10", "regexp.prototype.flags@1.5.4", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "get-symbol-description@1.1.0", "Name": "get-symbol-description", "Identifier": { "PURL": "pkg:npm/get-symbol-description@1.1.0", "UID": "e24d2ff9f5ead306", "BOMRef": "pkg:npm/get-symbol-description@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "glob@7.2.3", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@7.2.3", "UID": "473f6f5737d37d66", "BOMRef": "pkg:npm/glob@7.2.3" }, "Version": "7.2.3", "Licenses": [ "ISC" ], "DependsOn": [ "rimraf@3.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "glob-parent@6.0.2", "Name": "glob-parent", "Identifier": { "PURL": "pkg:npm/glob-parent@6.0.2", "UID": "e54e6b69963edf8e", "BOMRef": "pkg:npm/glob-parent@6.0.2" }, "Version": "6.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "globals@13.24.0", "Name": "globals", "Identifier": { "PURL": "pkg:npm/globals@13.24.0", "UID": "17641f11e6ae05b6", "BOMRef": "pkg:npm/globals@13.24.0" }, "Version": "13.24.0", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "globalthis@1.0.4", "Name": "globalthis", "Identifier": { "PURL": "pkg:npm/globalthis@1.0.4", "UID": "c581649a7b5b6bfe", "BOMRef": "pkg:npm/globalthis@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-iterator-helpers@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "goober@2.1.16", "Name": "goober", "Identifier": { "PURL": "pkg:npm/goober@2.1.16", "UID": "eed932855c243a54", "BOMRef": "pkg:npm/goober@2.1.16" }, "Version": "2.1.16", "Licenses": [ "MIT" ], "DependsOn": [ "notistack@3.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "gopd@1.2.0", "Name": "gopd", "Identifier": { "PURL": "pkg:npm/gopd@1.2.0", "UID": "1dbfa5c376709d4e", "BOMRef": "pkg:npm/gopd@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "define-data-property@1.1.4", "dunder-proto@1.0.1", "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "get-intrinsic@1.3.0", "globalthis@1.0.4", "is-regex@1.2.1", "regexp.prototype.flags@1.5.4", "set-function-length@1.2.2", "string.prototype.matchall@4.0.12", "typed-array-byte-length@1.0.3", "typed-array-byte-offset@1.0.4", "typed-array-length@1.0.7", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "graceful-fs@4.2.11", "Name": "graceful-fs", "Identifier": { "PURL": "pkg:npm/graceful-fs@4.2.11", "UID": "172d2460ccca5b07", "BOMRef": "pkg:npm/graceful-fs@4.2.11" }, "Version": "4.2.11", "Licenses": [ "ISC" ], "DependsOn": [ "enhanced-resolve@5.18.2", "jest-message-util@30.0.2", "jest-util@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "graphemer@1.4.0", "Name": "graphemer", "Identifier": { "PURL": "pkg:npm/graphemer@1.4.0", "UID": "256abb38d6791f33", "BOMRef": "pkg:npm/graphemer@1.4.0" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "has-bigints@1.1.0", "Name": "has-bigints", "Identifier": { "PURL": "pkg:npm/has-bigints@1.1.0", "UID": "5ac74ff7d5e01667", "BOMRef": "pkg:npm/has-bigints@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "is-bigint@1.1.0", "unbox-primitive@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "has-flag@4.0.0", "Name": "has-flag", "Identifier": { "PURL": "pkg:npm/has-flag@4.0.0", "UID": "d7e76da0f19b8642", "BOMRef": "pkg:npm/has-flag@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "supports-color@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "has-property-descriptors@1.0.2", "Name": "has-property-descriptors", "Identifier": { "PURL": "pkg:npm/has-property-descriptors@1.0.2", "UID": "6a6728d1c4adf188", "BOMRef": "pkg:npm/has-property-descriptors@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "define-properties@1.2.1", "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "set-function-length@1.2.2", "set-function-name@2.0.2", "string.prototype.trim@1.2.10" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "has-proto@1.2.0", "Name": "has-proto", "Identifier": { "PURL": "pkg:npm/has-proto@1.2.0", "UID": "d0e95bed9313398c", "BOMRef": "pkg:npm/has-proto@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "typed-array-byte-length@1.0.3", "typed-array-byte-offset@1.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "has-symbols@1.1.0", "Name": "has-symbols", "Identifier": { "PURL": "pkg:npm/has-symbols@1.1.0", "UID": "40ca772d0db101d6", "BOMRef": "pkg:npm/has-symbols@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-get-iterator@1.1.3", "es-iterator-helpers@1.2.1", "get-intrinsic@1.3.0", "has-tostringtag@1.0.2", "is-symbol@1.1.1", "iterator.prototype@1.1.5", "object.assign@4.1.7", "safe-array-concat@1.1.3", "string.prototype.matchall@4.0.12", "unbox-primitive@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "has-tostringtag@1.0.2", "Name": "has-tostringtag", "Identifier": { "PURL": "pkg:npm/has-tostringtag@1.0.2", "UID": "9001675e0f6c6b82", "BOMRef": "pkg:npm/has-tostringtag@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "es-set-tostringtag@2.1.0", "is-arguments@1.2.0", "is-async-function@2.1.1", "is-boolean-object@1.2.2", "is-date-object@1.1.0", "is-generator-function@1.1.0", "is-number-object@1.1.1", "is-regex@1.2.1", "is-string@1.1.1", "which-builtin-type@1.2.1", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "hasown@2.0.2", "Name": "hasown", "Identifier": { "PURL": "pkg:npm/hasown@2.0.2", "UID": "d58e422620d1cc6a", "BOMRef": "pkg:npm/hasown@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-set-tostringtag@2.1.0", "es-shim-unscopables@1.1.0", "eslint-plugin-react@7.37.5", "form-data@4.0.4", "function.prototype.name@1.1.8", "get-intrinsic@1.3.0", "internal-slot@1.1.0", "is-core-module@2.16.1", "is-regex@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "hast-util-to-estree@2.3.3", "Name": "hast-util-to-estree", "Identifier": { "PURL": "pkg:npm/hast-util-to-estree@2.3.3", "UID": "4e43eb2b3c0d7d7d", "BOMRef": "pkg:npm/hast-util-to-estree@2.3.3" }, "Version": "2.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "hast-util-whitespace@2.0.1", "Name": "hast-util-whitespace", "Identifier": { "PURL": "pkg:npm/hast-util-whitespace@2.0.1", "UID": "50ad609d8982b4df", "BOMRef": "pkg:npm/hast-util-whitespace@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "hoist-non-react-statics@3.3.2", "Name": "hoist-non-react-statics", "Identifier": { "PURL": "pkg:npm/hoist-non-react-statics@3.3.2", "UID": "a7c5ab42a2102688", "BOMRef": "pkg:npm/hoist-non-react-statics@3.3.2" }, "Version": "3.3.2", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@emotion/react@11.14.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "html-encoding-sniffer@3.0.0", "Name": "html-encoding-sniffer", "Identifier": { "PURL": "pkg:npm/html-encoding-sniffer@3.0.0", "UID": "d04470f44a144e2a", "BOMRef": "pkg:npm/html-encoding-sniffer@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "http-proxy-agent@5.0.0", "Name": "http-proxy-agent", "Identifier": { "PURL": "pkg:npm/http-proxy-agent@5.0.0", "UID": "54d4c8c095953911", "BOMRef": "pkg:npm/http-proxy-agent@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "https-proxy-agent@5.0.1", "Name": "https-proxy-agent", "Identifier": { "PURL": "pkg:npm/https-proxy-agent@5.0.1", "UID": "6fb413390206bf5", "BOMRef": "pkg:npm/https-proxy-agent@5.0.1" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "iconv-lite@0.6.3", "Name": "iconv-lite", "Identifier": { "PURL": "pkg:npm/iconv-lite@0.6.3", "UID": "63c00f2e4b693b0c", "BOMRef": "pkg:npm/iconv-lite@0.6.3" }, "Version": "0.6.3", "Licenses": [ "MIT" ], "DependsOn": [ "whatwg-encoding@2.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ignore@5.3.2", "Name": "ignore", "Identifier": { "PURL": "pkg:npm/ignore@5.3.2", "UID": "b204bd5bf3a57356", "BOMRef": "pkg:npm/ignore@5.3.2" }, "Version": "5.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "import-fresh@3.3.1", "Name": "import-fresh", "Identifier": { "PURL": "pkg:npm/import-fresh@3.3.1", "UID": "56cffaec99d00e18", "BOMRef": "pkg:npm/import-fresh@3.3.1" }, "Version": "3.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "cosmiconfig@7.1.0", "cosmiconfig@8.3.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "imurmurhash@0.1.4", "Name": "imurmurhash", "Identifier": { "PURL": "pkg:npm/imurmurhash@0.1.4", "UID": "b611f0db7401bfe3", "BOMRef": "pkg:npm/imurmurhash@0.1.4" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "indent-string@4.0.0", "Name": "indent-string", "Identifier": { "PURL": "pkg:npm/indent-string@4.0.0", "UID": "4f91f855134c7d3c", "BOMRef": "pkg:npm/indent-string@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "redent@3.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "index-array-by@1.4.2", "Name": "index-array-by", "Identifier": { "PURL": "pkg:npm/index-array-by@1.4.2", "UID": "3d7ff6be04b7ea10", "BOMRef": "pkg:npm/index-array-by@1.4.2" }, "Version": "1.4.2", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "inflight@1.0.6", "Name": "inflight", "Identifier": { "PURL": "pkg:npm/inflight@1.0.6", "UID": "5836f928ac18e9de", "BOMRef": "pkg:npm/inflight@1.0.6" }, "Version": "1.0.6", "Licenses": [ "ISC" ], "DependsOn": [ "glob@7.2.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "inherits@2.0.4", "Name": "inherits", "Identifier": { "PURL": "pkg:npm/inherits@2.0.4", "UID": "5d11b1984239f83a", "BOMRef": "pkg:npm/inherits@2.0.4" }, "Version": "2.0.4", "Licenses": [ "ISC" ], "DependsOn": [ "glob@7.2.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "inline-style-parser@0.1.1", "Name": "inline-style-parser", "Identifier": { "PURL": "pkg:npm/inline-style-parser@0.1.1", "UID": "9580a100b9e2e564", "BOMRef": "pkg:npm/inline-style-parser@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "style-to-object@0.4.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "internal-slot@1.1.0", "Name": "internal-slot", "Identifier": { "PURL": "pkg:npm/internal-slot@1.1.0", "UID": "61cab8fe330b0dc3", "BOMRef": "pkg:npm/internal-slot@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "stop-iteration-iterator@1.1.0", "string.prototype.matchall@4.0.12" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "internmap@2.0.3", "Name": "internmap", "Identifier": { "PURL": "pkg:npm/internmap@2.0.3", "UID": "4b3e6b441921e1e5", "BOMRef": "pkg:npm/internmap@2.0.3" }, "Version": "2.0.3", "Licenses": [ "ISC" ], "DependsOn": [ "d3-array@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-alphabetical@2.0.1", "Name": "is-alphabetical", "Identifier": { "PURL": "pkg:npm/is-alphabetical@2.0.1", "UID": "f2bb283aeafa0f2b", "BOMRef": "pkg:npm/is-alphabetical@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "is-alphanumerical@2.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-alphanumerical@2.0.1", "Name": "is-alphanumerical", "Identifier": { "PURL": "pkg:npm/is-alphanumerical@2.0.1", "UID": "c7fffe9f50c80bc9", "BOMRef": "pkg:npm/is-alphanumerical@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "parse-entities@4.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-arguments@1.2.0", "Name": "is-arguments", "Identifier": { "PURL": "pkg:npm/is-arguments@1.2.0", "UID": "9bd7b10b9ec3d75a", "BOMRef": "pkg:npm/is-arguments@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-get-iterator@1.1.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-array-buffer@3.0.5", "Name": "is-array-buffer", "Identifier": { "PURL": "pkg:npm/is-array-buffer@3.0.5", "UID": "88334ee5a60dff89", "BOMRef": "pkg:npm/is-array-buffer@3.0.5" }, "Version": "3.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "array-buffer-byte-length@1.0.2", "arraybuffer.prototype.slice@1.0.4", "deep-equal@2.2.3", "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-arrayish@0.2.1", "Name": "is-arrayish", "Identifier": { "PURL": "pkg:npm/is-arrayish@0.2.1", "UID": "f487e842abed9ada", "BOMRef": "pkg:npm/is-arrayish@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "error-ex@1.3.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-async-function@2.1.1", "Name": "is-async-function", "Identifier": { "PURL": "pkg:npm/is-async-function@2.1.1", "UID": "d56b19422a3e4ebe", "BOMRef": "pkg:npm/is-async-function@2.1.1" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-bigint@1.1.0", "Name": "is-bigint", "Identifier": { "PURL": "pkg:npm/is-bigint@1.1.0", "UID": "94fccaaded3647ad", "BOMRef": "pkg:npm/is-bigint@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "which-boxed-primitive@1.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-boolean-object@1.2.2", "Name": "is-boolean-object", "Identifier": { "PURL": "pkg:npm/is-boolean-object@1.2.2", "UID": "816d32d1cfbae65b", "BOMRef": "pkg:npm/is-boolean-object@1.2.2" }, "Version": "1.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "which-boxed-primitive@1.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-buffer@2.0.5", "Name": "is-buffer", "Identifier": { "PURL": "pkg:npm/is-buffer@2.0.5", "UID": "cf75de884a8437ef", "BOMRef": "pkg:npm/is-buffer@2.0.5" }, "Version": "2.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "unified@10.1.2", "vfile@5.3.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-callable@1.2.7", "Name": "is-callable", "Identifier": { "PURL": "pkg:npm/is-callable@1.2.7", "UID": "f2e7fea6ef17b3ef", "BOMRef": "pkg:npm/is-callable@1.2.7" }, "Version": "1.2.7", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-to-primitive@1.3.0", "for-each@0.3.5", "function.prototype.name@1.1.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-core-module@2.16.1", "Name": "is-core-module", "Identifier": { "PURL": "pkg:npm/is-core-module@2.16.1", "UID": "7e9cd84fea8906c", "BOMRef": "pkg:npm/is-core-module@2.16.1" }, "Version": "2.16.1", "Licenses": [ "MIT" ], "DependsOn": [ "resolve@1.22.10", "resolve@2.0.0-next.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-data-view@1.0.2", "Name": "is-data-view", "Identifier": { "PURL": "pkg:npm/is-data-view@1.0.2", "UID": "6a14ffa911de006a", "BOMRef": "pkg:npm/is-data-view@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "data-view-buffer@1.0.2", "data-view-byte-length@1.0.2", "data-view-byte-offset@1.0.1", "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-date-object@1.1.0", "Name": "is-date-object", "Identifier": { "PURL": "pkg:npm/is-date-object@1.1.0", "UID": "7fb8eadb34de20b3", "BOMRef": "pkg:npm/is-date-object@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-to-primitive@1.3.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-decimal@2.0.1", "Name": "is-decimal", "Identifier": { "PURL": "pkg:npm/is-decimal@2.0.1", "UID": "4c074f331ffb890", "BOMRef": "pkg:npm/is-decimal@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "is-alphanumerical@2.0.1", "parse-entities@4.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-extglob@2.1.1", "Name": "is-extglob", "Identifier": { "PURL": "pkg:npm/is-extglob@2.1.1", "UID": "97321390cefff608", "BOMRef": "pkg:npm/is-extglob@2.1.1" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "is-glob@4.0.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-finalizationregistry@1.1.1", "Name": "is-finalizationregistry", "Identifier": { "PURL": "pkg:npm/is-finalizationregistry@1.1.1", "UID": "5b49fc4456efe771", "BOMRef": "pkg:npm/is-finalizationregistry@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-generator-function@1.1.0", "Name": "is-generator-function", "Identifier": { "PURL": "pkg:npm/is-generator-function@1.1.0", "UID": "e75016850748a9e5", "BOMRef": "pkg:npm/is-generator-function@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-glob@4.0.3", "Name": "is-glob", "Identifier": { "PURL": "pkg:npm/is-glob@4.0.3", "UID": "d7767362b3a82776", "BOMRef": "pkg:npm/is-glob@4.0.3" }, "Version": "4.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@parcel/watcher@2.5.1", "eslint@8.57.1", "glob-parent@6.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-hexadecimal@2.0.1", "Name": "is-hexadecimal", "Identifier": { "PURL": "pkg:npm/is-hexadecimal@2.0.1", "UID": "d5e0d54807e87057", "BOMRef": "pkg:npm/is-hexadecimal@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "parse-entities@4.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-map@2.0.3", "Name": "is-map", "Identifier": { "PURL": "pkg:npm/is-map@2.0.3", "UID": "3c1909c752172021", "BOMRef": "pkg:npm/is-map@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-get-iterator@1.1.3", "which-collection@1.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-negative-zero@2.0.3", "Name": "is-negative-zero", "Identifier": { "PURL": "pkg:npm/is-negative-zero@2.0.3", "UID": "ca64e6f3d27a335d", "BOMRef": "pkg:npm/is-negative-zero@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-network-error@1.1.0", "Name": "is-network-error", "Identifier": { "PURL": "pkg:npm/is-network-error@1.1.0", "UID": "88db38cf89053bb", "BOMRef": "pkg:npm/is-network-error@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "p-retry@6.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-number@7.0.0", "Name": "is-number", "Identifier": { "PURL": "pkg:npm/is-number@7.0.0", "UID": "757f4c18b5578b0b", "BOMRef": "pkg:npm/is-number@7.0.0" }, "Version": "7.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "to-regex-range@5.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-number-object@1.1.1", "Name": "is-number-object", "Identifier": { "PURL": "pkg:npm/is-number-object@1.1.1", "UID": "175a351a632ba082", "BOMRef": "pkg:npm/is-number-object@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "which-boxed-primitive@1.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-path-inside@3.0.3", "Name": "is-path-inside", "Identifier": { "PURL": "pkg:npm/is-path-inside@3.0.3", "UID": "5a991b1885be0d32", "BOMRef": "pkg:npm/is-path-inside@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-plain-obj@4.1.0", "Name": "is-plain-obj", "Identifier": { "PURL": "pkg:npm/is-plain-obj@4.1.0", "UID": "f48e59e879f992c", "BOMRef": "pkg:npm/is-plain-obj@4.1.0" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "unified@10.1.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-potential-custom-element-name@1.0.1", "Name": "is-potential-custom-element-name", "Identifier": { "PURL": "pkg:npm/is-potential-custom-element-name@1.0.1", "UID": "783cb24b876ce57b", "BOMRef": "pkg:npm/is-potential-custom-element-name@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-reference@3.0.3", "Name": "is-reference", "Identifier": { "PURL": "pkg:npm/is-reference@3.0.3", "UID": "c3a827e0b5bbf7ea", "BOMRef": "pkg:npm/is-reference@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "periscopic@3.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-regex@1.2.1", "Name": "is-regex", "Identifier": { "PURL": "pkg:npm/is-regex@1.2.1", "UID": "f7bd16352468f08d", "BOMRef": "pkg:npm/is-regex@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-abstract@1.24.0", "safe-regex-test@1.1.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-set@2.0.3", "Name": "is-set", "Identifier": { "PURL": "pkg:npm/is-set@2.0.3", "UID": "9fdd40ff83739e61", "BOMRef": "pkg:npm/is-set@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-get-iterator@1.1.3", "which-collection@1.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-shared-array-buffer@1.0.4", "Name": "is-shared-array-buffer", "Identifier": { "PURL": "pkg:npm/is-shared-array-buffer@1.0.4", "UID": "582dab4f4a9114f6", "BOMRef": "pkg:npm/is-shared-array-buffer@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-string@1.1.1", "Name": "is-string", "Identifier": { "PURL": "pkg:npm/is-string@1.1.1", "UID": "3b4c0f57e2457015", "BOMRef": "pkg:npm/is-string@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "es-abstract@1.24.0", "es-get-iterator@1.1.3", "which-boxed-primitive@1.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-symbol@1.1.1", "Name": "is-symbol", "Identifier": { "PURL": "pkg:npm/is-symbol@1.1.1", "UID": "8e3d3600a508df46", "BOMRef": "pkg:npm/is-symbol@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "es-to-primitive@1.3.0", "which-boxed-primitive@1.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-typed-array@1.1.15", "Name": "is-typed-array", "Identifier": { "PURL": "pkg:npm/is-typed-array@1.1.15", "UID": "deae019e15b76c15", "BOMRef": "pkg:npm/is-typed-array@1.1.15" }, "Version": "1.1.15", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "is-data-view@1.0.2", "typed-array-buffer@1.0.3", "typed-array-byte-length@1.0.3", "typed-array-byte-offset@1.0.4", "typed-array-length@1.0.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-weakmap@2.0.2", "Name": "is-weakmap", "Identifier": { "PURL": "pkg:npm/is-weakmap@2.0.2", "UID": "b3e6edf7348a7e8e", "BOMRef": "pkg:npm/is-weakmap@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "which-collection@1.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-weakref@1.1.1", "Name": "is-weakref", "Identifier": { "PURL": "pkg:npm/is-weakref@1.1.1", "UID": "f6b50a9e95833a67", "BOMRef": "pkg:npm/is-weakref@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "is-weakset@2.0.4", "Name": "is-weakset", "Identifier": { "PURL": "pkg:npm/is-weakset@2.0.4", "UID": "ac136b8ff3c8ed63", "BOMRef": "pkg:npm/is-weakset@2.0.4" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "which-collection@1.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "isarray@2.0.5", "Name": "isarray", "Identifier": { "PURL": "pkg:npm/isarray@2.0.5", "UID": "e3a4889aa45328ae", "BOMRef": "pkg:npm/isarray@2.0.5" }, "Version": "2.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-get-iterator@1.1.3", "safe-array-concat@1.1.3", "safe-push-apply@1.0.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "e159a3d5f4a6059", "BOMRef": "pkg:npm/isexe@2.0.0" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "which@2.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "iterator.prototype@1.1.5", "Name": "iterator.prototype", "Identifier": { "PURL": "pkg:npm/iterator.prototype@1.1.5", "UID": "e8ce98c00b531ad", "BOMRef": "pkg:npm/iterator.prototype@1.1.5" }, "Version": "1.1.5", "Licenses": [ "MIT" ], "DependsOn": [ "es-iterator-helpers@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jest-diff@30.0.4", "Name": "jest-diff", "Identifier": { "PURL": "pkg:npm/jest-diff@30.0.4", "UID": "e89ac27d1cda4253", "BOMRef": "pkg:npm/jest-diff@30.0.4" }, "Version": "30.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "jest-matcher-utils@30.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jest-matcher-utils@30.0.4", "Name": "jest-matcher-utils", "Identifier": { "PURL": "pkg:npm/jest-matcher-utils@30.0.4", "UID": "c6f3463532ab7cc7", "BOMRef": "pkg:npm/jest-matcher-utils@30.0.4" }, "Version": "30.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "expect@30.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jest-message-util@30.0.2", "Name": "jest-message-util", "Identifier": { "PURL": "pkg:npm/jest-message-util@30.0.2", "UID": "2d7837d12a56a66", "BOMRef": "pkg:npm/jest-message-util@30.0.2" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "expect@30.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jest-mock@30.0.2", "Name": "jest-mock", "Identifier": { "PURL": "pkg:npm/jest-mock@30.0.2", "UID": "1e172afe5a42edd3", "BOMRef": "pkg:npm/jest-mock@30.0.2" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "expect@30.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jest-regex-util@30.0.1", "Name": "jest-regex-util", "Identifier": { "PURL": "pkg:npm/jest-regex-util@30.0.1", "UID": "7996a604b6d61dd0", "BOMRef": "pkg:npm/jest-regex-util@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/pattern@30.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jest-util@30.0.2", "Name": "jest-util", "Identifier": { "PURL": "pkg:npm/jest-util@30.0.2", "UID": "15eadddb3dc17947", "BOMRef": "pkg:npm/jest-util@30.0.2" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "expect@30.0.4", "jest-mock@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jiti@2.4.2", "Name": "jiti", "Identifier": { "PURL": "pkg:npm/jiti@2.4.2", "UID": "685297ff9195ecea", "BOMRef": "pkg:npm/jiti@2.4.2" }, "Version": "2.4.2", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/node@4.1.11", "vite@6.4.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jose@5.10.0", "Name": "jose", "Identifier": { "PURL": "pkg:npm/jose@5.10.0", "UID": "8747537895396df", "BOMRef": "pkg:npm/jose@5.10.0" }, "Version": "5.10.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "js-tokens@4.0.0", "Name": "js-tokens", "Identifier": { "PURL": "pkg:npm/js-tokens@4.0.0", "UID": "291a653955e9ef7a", "BOMRef": "pkg:npm/js-tokens@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/code-frame@7.27.1", "loose-envify@1.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "js-tokens@9.0.1", "Name": "js-tokens", "Identifier": { "PURL": "pkg:npm/js-tokens@9.0.1", "UID": "e39887684bb79592", "BOMRef": "pkg:npm/js-tokens@9.0.1" }, "Version": "9.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "strip-literal@3.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "js-yaml@4.1.1", "Name": "js-yaml", "Identifier": { "PURL": "pkg:npm/js-yaml@4.1.1", "UID": "f4aafcf1a9491335", "BOMRef": "pkg:npm/js-yaml@4.1.1" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "cosmiconfig@8.3.6", "eslint@8.57.1", "openapi-client-axios@7.6.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jsdom@22.1.0", "Name": "jsdom", "Identifier": { "PURL": "pkg:npm/jsdom@22.1.0", "UID": "2de083050c6f797b", "BOMRef": "pkg:npm/jsdom@22.1.0" }, "Version": "22.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jsesc@3.1.0", "Name": "jsesc", "Identifier": { "PURL": "pkg:npm/jsesc@3.1.0", "UID": "924c32dd04050f86", "BOMRef": "pkg:npm/jsesc@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/generator@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "json-buffer@3.0.1", "Name": "json-buffer", "Identifier": { "PURL": "pkg:npm/json-buffer@3.0.1", "UID": "6fe44caa38d7fe7c", "BOMRef": "pkg:npm/json-buffer@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "keyv@4.5.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "json-parse-even-better-errors@2.3.1", "Name": "json-parse-even-better-errors", "Identifier": { "PURL": "pkg:npm/json-parse-even-better-errors@2.3.1", "UID": "cc461623ef6ace05", "BOMRef": "pkg:npm/json-parse-even-better-errors@2.3.1" }, "Version": "2.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "parse-json@5.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "json-schema-traverse@0.4.1", "Name": "json-schema-traverse", "Identifier": { "PURL": "pkg:npm/json-schema-traverse@0.4.1", "UID": "50ada42e0cc35823", "BOMRef": "pkg:npm/json-schema-traverse@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "ajv@6.12.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "json-stable-stringify-without-jsonify@1.0.1", "Name": "json-stable-stringify-without-jsonify", "Identifier": { "PURL": "pkg:npm/json-stable-stringify-without-jsonify@1.0.1", "UID": "3729c411a7f7427f", "BOMRef": "pkg:npm/json-stable-stringify-without-jsonify@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "json5@2.2.3", "Name": "json5", "Identifier": { "PURL": "pkg:npm/json5@2.2.3", "UID": "6088a329ec17efe2", "BOMRef": "pkg:npm/json5@2.2.3" }, "Version": "2.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jsonc-parser@3.3.1", "Name": "jsonc-parser", "Identifier": { "PURL": "pkg:npm/jsonc-parser@3.3.1", "UID": "d3806a20821555ef", "BOMRef": "pkg:npm/jsonc-parser@3.3.1" }, "Version": "3.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jsx-ast-utils@3.3.5", "Name": "jsx-ast-utils", "Identifier": { "PURL": "pkg:npm/jsx-ast-utils@3.3.5", "UID": "a68810e5ebf8265f", "BOMRef": "pkg:npm/jsx-ast-utils@3.3.5" }, "Version": "3.3.5", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "jtd@0.1.1", "Name": "jtd", "Identifier": { "PURL": "pkg:npm/jtd@0.1.1", "UID": "7b590adabd58be10", "BOMRef": "pkg:npm/jtd@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "create-collection-form@0.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "kapsule@1.16.3", "Name": "kapsule", "Identifier": { "PURL": "pkg:npm/kapsule@1.16.3", "UID": "e5695617b879518", "BOMRef": "pkg:npm/kapsule@1.16.3" }, "Version": "1.16.3", "Licenses": [ "MIT" ], "DependsOn": [ "float-tooltip@1.7.5", "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "keyv@4.5.4", "Name": "keyv", "Identifier": { "PURL": "pkg:npm/keyv@4.5.4", "UID": "28d3f803ed65343", "BOMRef": "pkg:npm/keyv@4.5.4" }, "Version": "4.5.4", "Licenses": [ "MIT" ], "DependsOn": [ "flat-cache@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "kleur@4.1.5", "Name": "kleur", "Identifier": { "PURL": "pkg:npm/kleur@4.1.5", "UID": "df59bbb6379d0b0a", "BOMRef": "pkg:npm/kleur@4.1.5" }, "Version": "4.1.5", "Licenses": [ "MIT" ], "DependsOn": [ "uvu@0.5.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "levn@0.4.1", "Name": "levn", "Identifier": { "PURL": "pkg:npm/levn@0.4.1", "UID": "b40adedb06f3ab9f", "BOMRef": "pkg:npm/levn@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1", "optionator@0.9.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "lightningcss@1.30.1", "Name": "lightningcss", "Identifier": { "PURL": "pkg:npm/lightningcss@1.30.1", "UID": "b98f7fffaafbc0a3", "BOMRef": "pkg:npm/lightningcss@1.30.1" }, "Version": "1.30.1", "Licenses": [ "MPL-2.0" ], "DependsOn": [ "@tailwindcss/node@4.1.11", "vite@6.4.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "lines-and-columns@1.2.4", "Name": "lines-and-columns", "Identifier": { "PURL": "pkg:npm/lines-and-columns@1.2.4", "UID": "7b856000c308b330", "BOMRef": "pkg:npm/lines-and-columns@1.2.4" }, "Version": "1.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "parse-json@5.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "locate-path@6.0.0", "Name": "locate-path", "Identifier": { "PURL": "pkg:npm/locate-path@6.0.0", "UID": "6a51379e50b687f", "BOMRef": "pkg:npm/locate-path@6.0.0" }, "Version": "6.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "find-up@5.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "lodash@4.17.21", "Name": "lodash", "Identifier": { "PURL": "pkg:npm/lodash@4.17.21", "UID": "bfbc549b496cd9fb", "BOMRef": "pkg:npm/lodash@4.17.21" }, "Version": "4.17.21", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0", "@uppy/core@4.4.7", "@uppy/dashboard@4.3.4", "@uppy/utils@6.1.5", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "lodash-es@4.17.21", "Name": "lodash-es", "Identifier": { "PURL": "pkg:npm/lodash-es@4.17.21", "UID": "e90f44701d8b672b", "BOMRef": "pkg:npm/lodash-es@4.17.21" }, "Version": "4.17.21", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1", "kapsule@1.16.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "lodash.merge@4.6.2", "Name": "lodash.merge", "Identifier": { "PURL": "pkg:npm/lodash.merge@4.6.2", "UID": "f26bcc866bf62bbf", "BOMRef": "pkg:npm/lodash.merge@4.6.2" }, "Version": "4.6.2", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "longest-streak@3.1.0", "Name": "longest-streak", "Identifier": { "PURL": "pkg:npm/longest-streak@3.1.0", "UID": "bd62127475ab5aa4", "BOMRef": "pkg:npm/longest-streak@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-markdown@1.5.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "loose-envify@1.4.0", "Name": "loose-envify", "Identifier": { "PURL": "pkg:npm/loose-envify@1.4.0", "UID": "fae30e575634f9c1", "BOMRef": "pkg:npm/loose-envify@1.4.0" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "prop-types@15.8.1", "react-dom@18.3.1", "react-transition-group@4.4.5", "react@18.3.1", "scheduler@0.23.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "loupe@3.1.4", "Name": "loupe", "Identifier": { "PURL": "pkg:npm/loupe@3.1.4", "UID": "260ea5a3e673220e", "BOMRef": "pkg:npm/loupe@3.1.4" }, "Version": "3.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/utils@3.2.4", "chai@5.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "lower-case@2.0.2", "Name": "lower-case", "Identifier": { "PURL": "pkg:npm/lower-case@2.0.2", "UID": "8d5dc4d7b80f150f", "BOMRef": "pkg:npm/lower-case@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "no-case@3.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "lru-cache@5.1.1", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@5.1.1", "UID": "a91383b54a9d4129", "BOMRef": "pkg:npm/lru-cache@5.1.1" }, "Version": "5.1.1", "Licenses": [ "ISC" ], "DependsOn": [ "@babel/helper-compilation-targets@7.27.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "lucide-react@0.545.0", "Name": "lucide-react", "Identifier": { "PURL": "pkg:npm/lucide-react@0.545.0", "UID": "db21966a7f97a90b", "BOMRef": "pkg:npm/lucide-react@0.545.0" }, "Version": "0.545.0", "Licenses": [ "ISC" ], "DependsOn": [ "create-collection-form@0.0.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "lz-string@1.5.0", "Name": "lz-string", "Identifier": { "PURL": "pkg:npm/lz-string@1.5.0", "UID": "50008e172c7c005b", "BOMRef": "pkg:npm/lz-string@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "magic-string@0.30.17", "Name": "magic-string", "Identifier": { "PURL": "pkg:npm/magic-string@0.30.17", "UID": "643e6eda96c782de", "BOMRef": "pkg:npm/magic-string@0.30.17" }, "Version": "0.30.17", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/node@4.1.11", "@vitest/mocker@3.2.4", "@vitest/snapshot@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "markdown-extensions@1.1.1", "Name": "markdown-extensions", "Identifier": { "PURL": "pkg:npm/markdown-extensions@1.1.1", "UID": "51aa1035210b8666", "BOMRef": "pkg:npm/markdown-extensions@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "math-intrinsics@1.1.0", "Name": "math-intrinsics", "Identifier": { "PURL": "pkg:npm/math-intrinsics@1.1.0", "UID": "245e89d045c4c02b", "BOMRef": "pkg:npm/math-intrinsics@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "es-abstract@1.24.0", "get-intrinsic@1.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mdast-util-definitions@5.1.2", "Name": "mdast-util-definitions", "Identifier": { "PURL": "pkg:npm/mdast-util-definitions@5.1.2", "UID": "79eed14ce0906b90", "BOMRef": "pkg:npm/mdast-util-definitions@5.1.2" }, "Version": "5.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-hast@12.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mdast-util-from-markdown@1.3.1", "Name": "mdast-util-from-markdown", "Identifier": { "PURL": "pkg:npm/mdast-util-from-markdown@1.3.1", "UID": "1e1b15bf8c5b0363", "BOMRef": "pkg:npm/mdast-util-from-markdown@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-expression@1.3.2", "mdast-util-mdx-jsx@2.1.4", "mdast-util-mdx@2.0.1", "mdast-util-mdxjs-esm@1.3.1", "remark-parse@10.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mdast-util-mdx@2.0.1", "Name": "mdast-util-mdx", "Identifier": { "PURL": "pkg:npm/mdast-util-mdx@2.0.1", "UID": "feeb715193e9db04", "BOMRef": "pkg:npm/mdast-util-mdx@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "remark-mdx@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mdast-util-mdx-expression@1.3.2", "Name": "mdast-util-mdx-expression", "Identifier": { "PURL": "pkg:npm/mdast-util-mdx-expression@1.3.2", "UID": "c59e8b84226fcbe7", "BOMRef": "pkg:npm/mdast-util-mdx-expression@1.3.2" }, "Version": "1.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3", "mdast-util-mdx@2.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mdast-util-mdx-jsx@2.1.4", "Name": "mdast-util-mdx-jsx", "Identifier": { "PURL": "pkg:npm/mdast-util-mdx-jsx@2.1.4", "UID": "fa79ea1d3acfd098", "BOMRef": "pkg:npm/mdast-util-mdx-jsx@2.1.4" }, "Version": "2.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx@2.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mdast-util-mdxjs-esm@1.3.1", "Name": "mdast-util-mdxjs-esm", "Identifier": { "PURL": "pkg:npm/mdast-util-mdxjs-esm@1.3.1", "UID": "936e48c556cc9c22", "BOMRef": "pkg:npm/mdast-util-mdxjs-esm@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3", "mdast-util-mdx@2.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mdast-util-phrasing@3.0.1", "Name": "mdast-util-phrasing", "Identifier": { "PURL": "pkg:npm/mdast-util-phrasing@3.0.1", "UID": "d61c0fa5a05b386c", "BOMRef": "pkg:npm/mdast-util-phrasing@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-markdown@1.5.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mdast-util-to-hast@12.3.0", "Name": "mdast-util-to-hast", "Identifier": { "PURL": "pkg:npm/mdast-util-to-hast@12.3.0", "UID": "7989b753a64d73f4", "BOMRef": "pkg:npm/mdast-util-to-hast@12.3.0" }, "Version": "12.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "remark-rehype@10.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mdast-util-to-markdown@1.5.0", "Name": "mdast-util-to-markdown", "Identifier": { "PURL": "pkg:npm/mdast-util-to-markdown@1.5.0", "UID": "1cdf549a88f6b17e", "BOMRef": "pkg:npm/mdast-util-to-markdown@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-expression@1.3.2", "mdast-util-mdx-jsx@2.1.4", "mdast-util-mdx@2.0.1", "mdast-util-mdxjs-esm@1.3.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mdast-util-to-string@3.2.0", "Name": "mdast-util-to-string", "Identifier": { "PURL": "pkg:npm/mdast-util-to-string@3.2.0", "UID": "e22f6637a2538556", "BOMRef": "pkg:npm/mdast-util-to-string@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "mdast-util-to-markdown@1.5.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "memoize-one@6.0.0", "Name": "memoize-one", "Identifier": { "PURL": "pkg:npm/memoize-one@6.0.0", "UID": "a8d6bb5befeb3960", "BOMRef": "pkg:npm/memoize-one@6.0.0" }, "Version": "6.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4", "react-diff-viewer-continued@3.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark@3.2.0", "Name": "micromark", "Identifier": { "PURL": "pkg:npm/micromark@3.2.0", "UID": "5de470f69b3bd668", "BOMRef": "pkg:npm/micromark@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-core-commonmark@1.1.0", "Name": "micromark-core-commonmark", "Identifier": { "PURL": "pkg:npm/micromark-core-commonmark@1.1.0", "UID": "9c166d3653007828", "BOMRef": "pkg:npm/micromark-core-commonmark@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs-esm@1.0.5", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-extension-mdx-expression@1.0.8", "Name": "micromark-extension-mdx-expression", "Identifier": { "PURL": "pkg:npm/micromark-extension-mdx-expression@1.0.8", "UID": "ea809f45f92d7ed7", "BOMRef": "pkg:npm/micromark-extension-mdx-expression@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-extension-mdx-jsx@1.0.5", "Name": "micromark-extension-mdx-jsx", "Identifier": { "PURL": "pkg:npm/micromark-extension-mdx-jsx@1.0.5", "UID": "c9104c3d68b38bfc", "BOMRef": "pkg:npm/micromark-extension-mdx-jsx@1.0.5" }, "Version": "1.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-extension-mdx-md@1.0.1", "Name": "micromark-extension-mdx-md", "Identifier": { "PURL": "pkg:npm/micromark-extension-mdx-md@1.0.1", "UID": "6f1a360ac4555c02", "BOMRef": "pkg:npm/micromark-extension-mdx-md@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-extension-mdxjs@1.0.1", "Name": "micromark-extension-mdxjs", "Identifier": { "PURL": "pkg:npm/micromark-extension-mdxjs@1.0.1", "UID": "54166f1f250c68cf", "BOMRef": "pkg:npm/micromark-extension-mdxjs@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "remark-mdx@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-extension-mdxjs-esm@1.0.5", "Name": "micromark-extension-mdxjs-esm", "Identifier": { "PURL": "pkg:npm/micromark-extension-mdxjs-esm@1.0.5", "UID": "bb85cbcb74ecea0e", "BOMRef": "pkg:npm/micromark-extension-mdxjs-esm@1.0.5" }, "Version": "1.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-factory-destination@1.1.0", "Name": "micromark-factory-destination", "Identifier": { "PURL": "pkg:npm/micromark-factory-destination@1.1.0", "UID": "3d2166e79f940f0e", "BOMRef": "pkg:npm/micromark-factory-destination@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-factory-label@1.1.0", "Name": "micromark-factory-label", "Identifier": { "PURL": "pkg:npm/micromark-factory-label@1.1.0", "UID": "c6eb6de6427e6b42", "BOMRef": "pkg:npm/micromark-factory-label@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-factory-mdx-expression@1.0.9", "Name": "micromark-factory-mdx-expression", "Identifier": { "PURL": "pkg:npm/micromark-factory-mdx-expression@1.0.9", "UID": "1e82425a93ff2741", "BOMRef": "pkg:npm/micromark-factory-mdx-expression@1.0.9" }, "Version": "1.0.9", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-factory-space@1.1.0", "Name": "micromark-factory-space", "Identifier": { "PURL": "pkg:npm/micromark-factory-space@1.1.0", "UID": "e42621ac12277649", "BOMRef": "pkg:npm/micromark-factory-space@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-factory-title@1.1.0", "micromark-factory-whitespace@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-factory-title@1.1.0", "Name": "micromark-factory-title", "Identifier": { "PURL": "pkg:npm/micromark-factory-title@1.1.0", "UID": "75530811530d02a3", "BOMRef": "pkg:npm/micromark-factory-title@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-factory-whitespace@1.1.0", "Name": "micromark-factory-whitespace", "Identifier": { "PURL": "pkg:npm/micromark-factory-whitespace@1.1.0", "UID": "9f2b3d942301beb5", "BOMRef": "pkg:npm/micromark-factory-whitespace@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-character@1.2.0", "Name": "micromark-util-character", "Identifier": { "PURL": "pkg:npm/micromark-util-character@1.2.0", "UID": "d9d3b88bb9bfc016", "BOMRef": "pkg:npm/micromark-util-character@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-destination@1.1.0", "micromark-factory-label@1.1.0", "micromark-factory-mdx-expression@1.0.9", "micromark-factory-space@1.1.0", "micromark-factory-title@1.1.0", "micromark-factory-whitespace@1.1.0", "micromark-util-classify-character@1.1.0", "micromark-util-decode-string@1.1.0", "micromark-util-sanitize-uri@1.2.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-chunked@1.1.0", "Name": "micromark-util-chunked", "Identifier": { "PURL": "pkg:npm/micromark-util-chunked@1.1.0", "UID": "8da287c5a7c1c6ce", "BOMRef": "pkg:npm/micromark-util-chunked@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0", "micromark-util-combine-extensions@1.1.0", "micromark-util-subtokenize@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-classify-character@1.1.0", "Name": "micromark-util-classify-character", "Identifier": { "PURL": "pkg:npm/micromark-util-classify-character@1.1.0", "UID": "987d13eb7a87d218", "BOMRef": "pkg:npm/micromark-util-classify-character@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-combine-extensions@1.1.0", "Name": "micromark-util-combine-extensions", "Identifier": { "PURL": "pkg:npm/micromark-util-combine-extensions@1.1.0", "UID": "d0091728c6d0e281", "BOMRef": "pkg:npm/micromark-util-combine-extensions@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs@1.0.1", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-decode-numeric-character-reference@1.1.0", "Name": "micromark-util-decode-numeric-character-reference", "Identifier": { "PURL": "pkg:npm/micromark-util-decode-numeric-character-reference@1.1.0", "UID": "76f7053d8366266f", "BOMRef": "pkg:npm/micromark-util-decode-numeric-character-reference@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-util-decode-string@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-decode-string@1.1.0", "Name": "micromark-util-decode-string", "Identifier": { "PURL": "pkg:npm/micromark-util-decode-string@1.1.0", "UID": "24d93d1c4a97760", "BOMRef": "pkg:npm/micromark-util-decode-string@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "mdast-util-to-markdown@1.5.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-encode@1.1.0", "Name": "micromark-util-encode", "Identifier": { "PURL": "pkg:npm/micromark-util-encode@1.1.0", "UID": "ee09b2bef492237e", "BOMRef": "pkg:npm/micromark-util-encode@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-util-sanitize-uri@1.2.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-events-to-acorn@1.2.3", "Name": "micromark-util-events-to-acorn", "Identifier": { "PURL": "pkg:npm/micromark-util-events-to-acorn@1.2.3", "UID": "c133dde3669eea00", "BOMRef": "pkg:npm/micromark-util-events-to-acorn@1.2.3" }, "Version": "1.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-mdx-expression@1.0.9" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-html-tag-name@1.2.0", "Name": "micromark-util-html-tag-name", "Identifier": { "PURL": "pkg:npm/micromark-util-html-tag-name@1.2.0", "UID": "673860fcdfa79e9d", "BOMRef": "pkg:npm/micromark-util-html-tag-name@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-normalize-identifier@1.1.0", "Name": "micromark-util-normalize-identifier", "Identifier": { "PURL": "pkg:npm/micromark-util-normalize-identifier@1.1.0", "UID": "a7589eab43faf571", "BOMRef": "pkg:npm/micromark-util-normalize-identifier@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-core-commonmark@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-resolve-all@1.1.0", "Name": "micromark-util-resolve-all", "Identifier": { "PURL": "pkg:npm/micromark-util-resolve-all@1.1.0", "UID": "b088fc056387dc27", "BOMRef": "pkg:npm/micromark-util-resolve-all@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-sanitize-uri@1.2.0", "Name": "micromark-util-sanitize-uri", "Identifier": { "PURL": "pkg:npm/micromark-util-sanitize-uri@1.2.0", "UID": "778268adc517efe1", "BOMRef": "pkg:npm/micromark-util-sanitize-uri@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-hast@12.3.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-subtokenize@1.1.0", "Name": "micromark-util-subtokenize", "Identifier": { "PURL": "pkg:npm/micromark-util-subtokenize@1.1.0", "UID": "36bab4a930787de7", "BOMRef": "pkg:npm/micromark-util-subtokenize@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-symbol@1.1.0", "Name": "micromark-util-symbol", "Identifier": { "PURL": "pkg:npm/micromark-util-symbol@1.1.0", "UID": "47c1342ee5eeaa18", "BOMRef": "pkg:npm/micromark-util-symbol@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-core-commonmark@1.1.0", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-destination@1.1.0", "micromark-factory-label@1.1.0", "micromark-factory-mdx-expression@1.0.9", "micromark-factory-title@1.1.0", "micromark-factory-whitespace@1.1.0", "micromark-util-character@1.2.0", "micromark-util-chunked@1.1.0", "micromark-util-classify-character@1.1.0", "micromark-util-decode-numeric-character-reference@1.1.0", "micromark-util-decode-string@1.1.0", "micromark-util-events-to-acorn@1.2.3", "micromark-util-normalize-identifier@1.1.0", "micromark-util-sanitize-uri@1.2.0", "micromark-util-subtokenize@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromark-util-types@1.1.0", "Name": "micromark-util-types", "Identifier": { "PURL": "pkg:npm/micromark-util-types@1.1.0", "UID": "627fa35647c3b21b", "BOMRef": "pkg:npm/micromark-util-types@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-core-commonmark@1.1.0", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdx-md@1.0.1", "micromark-extension-mdxjs-esm@1.0.5", "micromark-extension-mdxjs@1.0.1", "micromark-factory-destination@1.1.0", "micromark-factory-label@1.1.0", "micromark-factory-mdx-expression@1.0.9", "micromark-factory-space@1.1.0", "micromark-factory-title@1.1.0", "micromark-factory-whitespace@1.1.0", "micromark-util-character@1.2.0", "micromark-util-classify-character@1.1.0", "micromark-util-combine-extensions@1.1.0", "micromark-util-events-to-acorn@1.2.3", "micromark-util-resolve-all@1.1.0", "micromark-util-subtokenize@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "micromatch@4.0.8", "Name": "micromatch", "Identifier": { "PURL": "pkg:npm/micromatch@4.0.8", "UID": "4e09dc61e073528e", "BOMRef": "pkg:npm/micromatch@4.0.8" }, "Version": "4.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "@parcel/watcher@2.5.1", "jest-message-util@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mime-db@1.52.0", "Name": "mime-db", "Identifier": { "PURL": "pkg:npm/mime-db@1.52.0", "UID": "dd58c2db92d4f1ca", "BOMRef": "pkg:npm/mime-db@1.52.0" }, "Version": "1.52.0", "Licenses": [ "MIT" ], "DependsOn": [ "mime-types@2.1.35" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mime-match@1.0.2", "Name": "mime-match", "Identifier": { "PURL": "pkg:npm/mime-match@1.0.2", "UID": "b285c366a883147c", "BOMRef": "pkg:npm/mime-match@1.0.2" }, "Version": "1.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "@uppy/core@4.4.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mime-types@2.1.35", "Name": "mime-types", "Identifier": { "PURL": "pkg:npm/mime-types@2.1.35", "UID": "ee5ce05d5d0a036d", "BOMRef": "pkg:npm/mime-types@2.1.35" }, "Version": "2.1.35", "Licenses": [ "MIT" ], "DependsOn": [ "form-data@4.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "min-indent@1.0.1", "Name": "min-indent", "Identifier": { "PURL": "pkg:npm/min-indent@1.0.1", "UID": "a4f040423a2274ae", "BOMRef": "pkg:npm/min-indent@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "strip-indent@3.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "minimatch@3.1.2", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@3.1.2", "UID": "a31e3ac2b10de352", "BOMRef": "pkg:npm/minimatch@3.1.2" }, "Version": "3.1.2", "Licenses": [ "ISC" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "@humanwhocodes/config-array@0.13.0", "eslint-plugin-react@7.37.5", "eslint@8.57.1", "glob@7.2.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "minipass@7.1.2", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.2", "UID": "2c332c1b71facba", "BOMRef": "pkg:npm/minipass@7.1.2" }, "Version": "7.1.2", "Licenses": [ "ISC" ], "DependsOn": [ "@isaacs/fs-minipass@4.0.1", "minizlib@3.0.2", "tar@7.4.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "minizlib@3.0.2", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.0.2", "UID": "380d271775507fe3", "BOMRef": "pkg:npm/minizlib@3.0.2" }, "Version": "3.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "tar@7.4.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mkdirp@3.0.1", "Name": "mkdirp", "Identifier": { "PURL": "pkg:npm/mkdirp@3.0.1", "UID": "56321f49ea7dd97a", "BOMRef": "pkg:npm/mkdirp@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "tar@7.4.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "monaco-editor@0.44.0", "Name": "monaco-editor", "Identifier": { "PURL": "pkg:npm/monaco-editor@0.44.0", "UID": "e7e6a69b2c11eac8", "BOMRef": "pkg:npm/monaco-editor@0.44.0" }, "Version": "0.44.0", "Licenses": [ "MIT" ], "DependsOn": [ "@monaco-editor/react@4.7.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mri@1.2.0", "Name": "mri", "Identifier": { "PURL": "pkg:npm/mri@1.2.0", "UID": "446ffb7e550768e3", "BOMRef": "pkg:npm/mri@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11", "sade@1.8.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ms@2.1.3", "Name": "ms", "Identifier": { "PURL": "pkg:npm/ms@2.1.3", "UID": "e928fc8e27b2d767", "BOMRef": "pkg:npm/ms@2.1.3" }, "Version": "2.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "debug@4.4.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "mui-chips-input@7.0.1", "Name": "mui-chips-input", "Identifier": { "PURL": "pkg:npm/mui-chips-input@7.0.1", "UID": "e457bf9805a9a8a8", "BOMRef": "pkg:npm/mui-chips-input@7.0.1" }, "Version": "7.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "namespace-emitter@2.0.1", "Name": "namespace-emitter", "Identifier": { "PURL": "pkg:npm/namespace-emitter@2.0.1", "UID": "f9a3cb96d6bc6b4f", "BOMRef": "pkg:npm/namespace-emitter@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/companion-client@4.4.2", "@uppy/core@4.4.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "nanoid@3.3.11", "Name": "nanoid", "Identifier": { "PURL": "pkg:npm/nanoid@3.3.11", "UID": "f3a0cd5b9f690eb1", "BOMRef": "pkg:npm/nanoid@3.3.11" }, "Version": "3.3.11", "Licenses": [ "MIT" ], "DependsOn": [ "postcss@8.5.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "nanoid@5.1.5", "Name": "nanoid", "Identifier": { "PURL": "pkg:npm/nanoid@5.1.5", "UID": "891e0ea4e8f69fd4", "BOMRef": "pkg:npm/nanoid@5.1.5" }, "Version": "5.1.5", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/core@4.4.7", "@uppy/dashboard@4.3.4", "@uppy/provider-views@4.4.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "natural-compare@1.4.0", "Name": "natural-compare", "Identifier": { "PURL": "pkg:npm/natural-compare@1.4.0", "UID": "ba752ca75811ddbe", "BOMRef": "pkg:npm/natural-compare@1.4.0" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "no-case@3.0.4", "Name": "no-case", "Identifier": { "PURL": "pkg:npm/no-case@3.0.4", "UID": "c48c68fa30e9f382", "BOMRef": "pkg:npm/no-case@3.0.4" }, "Version": "3.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "dot-case@3.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "node-addon-api@7.1.1", "Name": "node-addon-api", "Identifier": { "PURL": "pkg:npm/node-addon-api@7.1.1", "UID": "9a31ecd39783275a", "BOMRef": "pkg:npm/node-addon-api@7.1.1" }, "Version": "7.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@parcel/watcher@2.5.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "node-releases@2.0.19", "Name": "node-releases", "Identifier": { "PURL": "pkg:npm/node-releases@2.0.19", "UID": "680e68345377f70d", "BOMRef": "pkg:npm/node-releases@2.0.19" }, "Version": "2.0.19", "Licenses": [ "MIT" ], "DependsOn": [ "browserslist@4.25.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "notistack@3.0.2", "Name": "notistack", "Identifier": { "PURL": "pkg:npm/notistack@3.0.2", "UID": "5f5147006d15eb16", "BOMRef": "pkg:npm/notistack@3.0.2" }, "Version": "3.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "nwsapi@2.2.20", "Name": "nwsapi", "Identifier": { "PURL": "pkg:npm/nwsapi@2.2.20", "UID": "f52cfed042e2a08c", "BOMRef": "pkg:npm/nwsapi@2.2.20" }, "Version": "2.2.20", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "object-assign@4.1.1", "Name": "object-assign", "Identifier": { "PURL": "pkg:npm/object-assign@4.1.1", "UID": "65d1e4b8bca5a849", "BOMRef": "pkg:npm/object-assign@4.1.1" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "prop-types@15.8.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "object-inspect@1.13.4", "Name": "object-inspect", "Identifier": { "PURL": "pkg:npm/object-inspect@1.13.4", "UID": "4986d8d50e69b129", "BOMRef": "pkg:npm/object-inspect@1.13.4" }, "Version": "1.13.4", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "side-channel-list@1.0.0", "side-channel-map@1.0.1", "side-channel-weakmap@1.0.2", "side-channel@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "object-is@1.1.6", "Name": "object-is", "Identifier": { "PURL": "pkg:npm/object-is@1.1.6", "UID": "c6247e6a3f3b85f5", "BOMRef": "pkg:npm/object-is@1.1.6" }, "Version": "1.1.6", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "object-keys@1.1.1", "Name": "object-keys", "Identifier": { "PURL": "pkg:npm/object-keys@1.1.1", "UID": "f23ad9b81557f372", "BOMRef": "pkg:npm/object-keys@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "define-properties@1.2.1", "es-abstract@1.24.0", "object.assign@4.1.7", "own-keys@1.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "object.assign@4.1.7", "Name": "object.assign", "Identifier": { "PURL": "pkg:npm/object.assign@4.1.7", "UID": "f416e37f531d136", "BOMRef": "pkg:npm/object.assign@4.1.7" }, "Version": "4.1.7", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-abstract@1.24.0", "jsx-ast-utils@3.3.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "object.entries@1.1.9", "Name": "object.entries", "Identifier": { "PURL": "pkg:npm/object.entries@1.1.9", "UID": "e7f02263fdbaf303", "BOMRef": "pkg:npm/object.entries@1.1.9" }, "Version": "1.1.9", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "object.fromentries@2.0.8", "Name": "object.fromentries", "Identifier": { "PURL": "pkg:npm/object.fromentries@2.0.8", "UID": "e139174f39562aee", "BOMRef": "pkg:npm/object.fromentries@2.0.8" }, "Version": "2.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "object.values@1.2.1", "Name": "object.values", "Identifier": { "PURL": "pkg:npm/object.values@1.2.1", "UID": "90f5b53994760159", "BOMRef": "pkg:npm/object.values@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5", "jsx-ast-utils@3.3.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "once@1.4.0", "Name": "once", "Identifier": { "PURL": "pkg:npm/once@1.4.0", "UID": "f2701b9d8988c2c1", "BOMRef": "pkg:npm/once@1.4.0" }, "Version": "1.4.0", "Licenses": [ "ISC" ], "DependsOn": [ "glob@7.2.3", "inflight@1.0.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "openapi-client-axios@7.6.0", "Name": "openapi-client-axios", "Identifier": { "PURL": "pkg:npm/openapi-client-axios@7.6.0", "UID": "3969a63c6e6fb52", "BOMRef": "pkg:npm/openapi-client-axios@7.6.0" }, "Version": "7.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "openapi-types@12.1.3", "Name": "openapi-types", "Identifier": { "PURL": "pkg:npm/openapi-types@12.1.3", "UID": "43f02baf19ddd556", "BOMRef": "pkg:npm/openapi-types@12.1.3" }, "Version": "12.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "openapi-client-axios@7.6.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "optionator@0.9.4", "Name": "optionator", "Identifier": { "PURL": "pkg:npm/optionator@0.9.4", "UID": "d06b7ca0323b7c28", "BOMRef": "pkg:npm/optionator@0.9.4" }, "Version": "0.9.4", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "own-keys@1.0.1", "Name": "own-keys", "Identifier": { "PURL": "pkg:npm/own-keys@1.0.1", "UID": "2082a5db463bbcaf", "BOMRef": "pkg:npm/own-keys@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "p-limit@3.1.0", "Name": "p-limit", "Identifier": { "PURL": "pkg:npm/p-limit@3.1.0", "UID": "f5a2a6f53a76bfa4", "BOMRef": "pkg:npm/p-limit@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "p-locate@5.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "p-locate@5.0.0", "Name": "p-locate", "Identifier": { "PURL": "pkg:npm/p-locate@5.0.0", "UID": "1c23fa3cb64c828c", "BOMRef": "pkg:npm/p-locate@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "locate-path@6.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "p-queue@8.1.0", "Name": "p-queue", "Identifier": { "PURL": "pkg:npm/p-queue@8.1.0", "UID": "5b6d9553b3a1d7a2", "BOMRef": "pkg:npm/p-queue@8.1.0" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/provider-views@4.4.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "p-retry@6.2.1", "Name": "p-retry", "Identifier": { "PURL": "pkg:npm/p-retry@6.2.1", "UID": "c6a3d6cfce4a57ed", "BOMRef": "pkg:npm/p-retry@6.2.1" }, "Version": "6.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/companion-client@4.4.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "p-timeout@6.1.4", "Name": "p-timeout", "Identifier": { "PURL": "pkg:npm/p-timeout@6.1.4", "UID": "b0a885647028c1df", "BOMRef": "pkg:npm/p-timeout@6.1.4" }, "Version": "6.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "p-queue@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "parent-module@1.0.1", "Name": "parent-module", "Identifier": { "PURL": "pkg:npm/parent-module@1.0.1", "UID": "95687930ce2b2ff0", "BOMRef": "pkg:npm/parent-module@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "import-fresh@3.3.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "parse-entities@4.0.2", "Name": "parse-entities", "Identifier": { "PURL": "pkg:npm/parse-entities@4.0.2", "UID": "757d573ee9cfb836", "BOMRef": "pkg:npm/parse-entities@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-jsx@2.1.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "parse-json@5.2.0", "Name": "parse-json", "Identifier": { "PURL": "pkg:npm/parse-json@5.2.0", "UID": "c22eb3031c8a4bdb", "BOMRef": "pkg:npm/parse-json@5.2.0" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "cosmiconfig@7.1.0", "cosmiconfig@8.3.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "parse5@7.3.0", "Name": "parse5", "Identifier": { "PURL": "pkg:npm/parse5@7.3.0", "UID": "428d444051a526a2", "BOMRef": "pkg:npm/parse5@7.3.0" }, "Version": "7.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "path-exists@4.0.0", "Name": "path-exists", "Identifier": { "PURL": "pkg:npm/path-exists@4.0.0", "UID": "55f6b453c18d0dfc", "BOMRef": "pkg:npm/path-exists@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "find-up@5.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "path-is-absolute@1.0.1", "Name": "path-is-absolute", "Identifier": { "PURL": "pkg:npm/path-is-absolute@1.0.1", "UID": "36832bd829fe5a65", "BOMRef": "pkg:npm/path-is-absolute@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "glob@7.2.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "f01329865426eb7e", "BOMRef": "pkg:npm/path-key@3.1.1" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "cross-spawn@7.0.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "path-parse@1.0.7", "Name": "path-parse", "Identifier": { "PURL": "pkg:npm/path-parse@1.0.7", "UID": "1f6286383d17f11e", "BOMRef": "pkg:npm/path-parse@1.0.7" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "DependsOn": [ "resolve@1.22.10", "resolve@2.0.0-next.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "path-type@4.0.0", "Name": "path-type", "Identifier": { "PURL": "pkg:npm/path-type@4.0.0", "UID": "9feda1ce05e86a11", "BOMRef": "pkg:npm/path-type@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "cosmiconfig@7.1.0", "cosmiconfig@8.3.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "pathe@2.0.3", "Name": "pathe", "Identifier": { "PURL": "pkg:npm/pathe@2.0.3", "UID": "9099e979cdcc95d4", "BOMRef": "pkg:npm/pathe@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/runner@3.2.4", "@vitest/snapshot@3.2.4", "vite-node@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "pathval@2.0.1", "Name": "pathval", "Identifier": { "PURL": "pkg:npm/pathval@2.0.1", "UID": "73a813e623cc5644", "BOMRef": "pkg:npm/pathval@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "chai@5.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "periscopic@3.1.0", "Name": "periscopic", "Identifier": { "PURL": "pkg:npm/periscopic@3.1.0", "UID": "50a7314c27caa2fc", "BOMRef": "pkg:npm/periscopic@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "picocolors@1.1.1", "Name": "picocolors", "Identifier": { "PURL": "pkg:npm/picocolors@1.1.1", "UID": "df4ec4e37e878796", "BOMRef": "pkg:npm/picocolors@1.1.1" }, "Version": "1.1.1", "Licenses": [ "ISC" ], "DependsOn": [ "@babel/code-frame@7.27.1", "@tailwindcss/cli@4.1.11", "postcss@8.5.6", "update-browserslist-db@1.1.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "picomatch@2.3.1", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@2.3.1", "UID": "b69fb5cf0c054fef", "BOMRef": "cb21749e-d289-4752-9b97-218db1302076" }, "Version": "2.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "@rollup/pluginutils@4.2.1", "micromatch@4.0.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "picomatch@2.3.1", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@2.3.1", "UID": "9ccc4f8c50bb281f", "BOMRef": "50f92c6e-b165-467a-8d40-058ddfae03e2" }, "Version": "2.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "picomatch@4.0.2", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@4.0.2", "UID": "4fd754f951b486f3", "BOMRef": "pkg:npm/picomatch@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "@rollup/pluginutils@5.2.0", "fdir@6.4.6", "jest-util@30.0.2", "tinyglobby@0.2.14", "vite@6.4.1", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "possible-typed-array-names@1.1.0", "Name": "possible-typed-array-names", "Identifier": { "PURL": "pkg:npm/possible-typed-array-names@1.1.0", "UID": "9204bd4b28c1513e", "BOMRef": "pkg:npm/possible-typed-array-names@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "available-typed-arrays@1.0.7", "typed-array-length@1.0.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "postcss@8.5.6", "Name": "postcss", "Identifier": { "PURL": "pkg:npm/postcss@8.5.6", "UID": "1acf188fda48f731", "BOMRef": "pkg:npm/postcss@8.5.6" }, "Version": "8.5.6", "Licenses": [ "MIT" ], "DependsOn": [ "vite@6.4.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "preact@10.26.9", "Name": "preact", "Identifier": { "PURL": "pkg:npm/preact@10.26.9", "UID": "9a439bac51d7f0d6", "BOMRef": "pkg:npm/preact@10.26.9" }, "Version": "10.26.9", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/components@0.2.0", "@uppy/core@4.4.7", "@uppy/dashboard@4.3.4", "@uppy/drag-drop@4.1.3", "@uppy/informer@4.2.1", "@uppy/progress-bar@4.2.1", "@uppy/provider-views@4.4.5", "@uppy/react@4.4.0", "@uppy/status-bar@4.1.3", "@uppy/utils@6.1.5", "float-tooltip@1.7.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "prelude-ls@1.2.1", "Name": "prelude-ls", "Identifier": { "PURL": "pkg:npm/prelude-ls@1.2.1", "UID": "dc932051398bd565", "BOMRef": "pkg:npm/prelude-ls@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "levn@0.4.1", "optionator@0.9.4", "type-check@0.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "prettier@2.8.7", "Name": "prettier", "Identifier": { "PURL": "pkg:npm/prettier@2.8.7", "UID": "a782dda5f5cf182f", "BOMRef": "pkg:npm/prettier@2.8.7" }, "Version": "2.8.7", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "pretty-bytes@6.1.1", "Name": "pretty-bytes", "Identifier": { "PURL": "pkg:npm/pretty-bytes@6.1.1", "UID": "3d56aa417412e06d", "BOMRef": "pkg:npm/pretty-bytes@6.1.1" }, "Version": "6.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/components@0.2.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "pretty-format@27.5.1", "Name": "pretty-format", "Identifier": { "PURL": "pkg:npm/pretty-format@27.5.1", "UID": "2b653269215d9216", "BOMRef": "pkg:npm/pretty-format@27.5.1" }, "Version": "27.5.1", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "pretty-format@30.0.2", "Name": "pretty-format", "Identifier": { "PURL": "pkg:npm/pretty-format@30.0.2", "UID": "50d4dea386b2c98b", "BOMRef": "2dee182d-35fe-4ee9-bedf-8cebbf2538e2" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "pretty-format@30.0.2", "Name": "pretty-format", "Identifier": { "PURL": "pkg:npm/pretty-format@30.0.2", "UID": "68cf7ca4f47ccc14", "BOMRef": "b2275ab2-0a16-47ec-9201-23ff45b58795" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "pretty-format@30.0.2", "Name": "pretty-format", "Identifier": { "PURL": "pkg:npm/pretty-format@30.0.2", "UID": "7307dde3196e1d83", "BOMRef": "706090e3-2dbc-4a0c-b5e2-014bfa30ad42" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "@types/jest@30.0.0", "jest-diff@30.0.4", "jest-matcher-utils@30.0.4", "jest-message-util@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "pretty-format@30.0.2", "Name": "pretty-format", "Identifier": { "PURL": "pkg:npm/pretty-format@30.0.2", "UID": "5cc44c6e8be523d1", "BOMRef": "7699d39f-020a-47de-9a83-cb88a00dd625" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "prism-react-renderer@2.4.1", "Name": "prism-react-renderer", "Identifier": { "PURL": "pkg:npm/prism-react-renderer@2.4.1", "UID": "8adb8d161ace6abf", "BOMRef": "pkg:npm/prism-react-renderer@2.4.1" }, "Version": "2.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "prismjs@1.30.0", "Name": "prismjs", "Identifier": { "PURL": "pkg:npm/prismjs@1.30.0", "UID": "effd49caa877b9a6", "BOMRef": "pkg:npm/prismjs@1.30.0" }, "Version": "1.30.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "prop-types@15.8.1", "Name": "prop-types", "Identifier": { "PURL": "pkg:npm/prop-types@15.8.1", "UID": "a0f4361571b348a7", "BOMRef": "pkg:npm/prop-types@15.8.1" }, "Version": "15.8.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/private-theming@5.17.1", "@mui/private-theming@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@mui/x-data-grid@7.29.8", "create-collection-form@0.0.0", "eslint-plugin-react@7.37.5", "qdrant-web-ui@0.2.5", "react-archer@4.4.0", "react-diff-viewer-continued@3.4.0", "react-transition-group@4.4.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "property-information@6.5.0", "Name": "property-information", "Identifier": { "PURL": "pkg:npm/property-information@6.5.0", "UID": "7aa86ae9782381bf", "BOMRef": "pkg:npm/property-information@6.5.0" }, "Version": "6.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "proxy-from-env@1.1.0", "Name": "proxy-from-env", "Identifier": { "PURL": "pkg:npm/proxy-from-env@1.1.0", "UID": "2778d958e18283f0", "BOMRef": "pkg:npm/proxy-from-env@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "axios@1.12.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "psl@1.15.0", "Name": "psl", "Identifier": { "PURL": "pkg:npm/psl@1.15.0", "UID": "5342e7b529ba894f", "BOMRef": "pkg:npm/psl@1.15.0" }, "Version": "1.15.0", "Licenses": [ "MIT" ], "DependsOn": [ "tough-cookie@4.1.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "punycode@2.3.1", "Name": "punycode", "Identifier": { "PURL": "pkg:npm/punycode@2.3.1", "UID": "9370e548e7f4b678", "BOMRef": "pkg:npm/punycode@2.3.1" }, "Version": "2.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "psl@1.15.0", "tough-cookie@4.1.4", "tr46@4.1.1", "uri-js@4.4.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "qdrant-web-ui@0.2.5", "Name": "qdrant-web-ui", "Identifier": { "PURL": "pkg:npm/qdrant-web-ui@0.2.5", "UID": "c759bc9e4ad8b7cc", "BOMRef": "pkg:npm/qdrant-web-ui@0.2.5" }, "Version": "0.2.5", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "querystringify@2.2.0", "Name": "querystringify", "Identifier": { "PURL": "pkg:npm/querystringify@2.2.0", "UID": "5e70a7d96a87364f", "BOMRef": "pkg:npm/querystringify@2.2.0" }, "Version": "2.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "url-parse@1.5.10" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "queue-microtask@1.2.3", "Name": "queue-microtask", "Identifier": { "PURL": "pkg:npm/queue-microtask@1.2.3", "UID": "69e8d762b6b59f8e", "BOMRef": "pkg:npm/queue-microtask@1.2.3" }, "Version": "1.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "run-parallel@1.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react@18.3.1", "Name": "react", "Identifier": { "PURL": "pkg:npm/react@18.3.1", "UID": "be1027954f155350", "BOMRef": "pkg:npm/react@18.3.1" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/react@11.14.0", "@emotion/styled@11.14.1", "@emotion/use-insertion-effect-with-fallbacks@1.2.0", "@mdx-js/react@2.3.0", "@monaco-editor/react@4.7.0", "@mui/icons-material@7.2.0", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/private-theming@5.17.1", "@mui/private-theming@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@mui/x-data-grid@7.29.8", "@mui/x-internals@7.29.0", "@testing-library/react@13.4.0", "@textea/json-viewer@2.17.2", "@uppy/react@4.4.0", "lucide-react@0.545.0", "mui-chips-input@7.0.1", "notistack@3.0.2", "prism-react-renderer@2.4.1", "qdrant-web-ui@0.2.5", "react-archer@4.4.0", "react-diff-viewer-continued@3.4.0", "react-dom@18.3.1", "react-resizable-panels@0.0.51", "react-router-dom@6.30.1", "react-router@6.30.1", "react-simple-code-editor@0.13.1", "react-transition-group@4.4.5", "use-sync-external-store@1.5.0", "zustand@4.5.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-archer@4.4.0", "Name": "react-archer", "Identifier": { "PURL": "pkg:npm/react-archer@4.4.0", "UID": "4f4e3bac2020da58", "BOMRef": "pkg:npm/react-archer@4.4.0" }, "Version": "4.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-diff-viewer-continued@3.4.0", "Name": "react-diff-viewer-continued", "Identifier": { "PURL": "pkg:npm/react-diff-viewer-continued@3.4.0", "UID": "86a9341229bd1a07", "BOMRef": "pkg:npm/react-diff-viewer-continued@3.4.0" }, "Version": "3.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-dom@18.3.1", "Name": "react-dom", "Identifier": { "PURL": "pkg:npm/react-dom@18.3.1", "UID": "bf57ea542577cccd", "BOMRef": "pkg:npm/react-dom@18.3.1" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "@monaco-editor/react@4.7.0", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/x-data-grid@7.29.8", "@testing-library/react@13.4.0", "@textea/json-viewer@2.17.2", "@uppy/react@4.4.0", "mui-chips-input@7.0.1", "notistack@3.0.2", "qdrant-web-ui@0.2.5", "react-diff-viewer-continued@3.4.0", "react-resizable-panels@0.0.51", "react-router-dom@6.30.1", "react-simple-code-editor@0.13.1", "react-transition-group@4.4.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-fast-compare@2.0.4", "Name": "react-fast-compare", "Identifier": { "PURL": "pkg:npm/react-fast-compare@2.0.4", "UID": "6d21122d4ffd0f93", "BOMRef": "pkg:npm/react-fast-compare@2.0.4" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "react-archer@4.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-is@16.13.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@16.13.1", "UID": "c8b49aefc8a5c5a5", "BOMRef": "82ce2c56-a31a-46b0-8433-1aac0210862b" }, "Version": "16.13.1", "Licenses": [ "MIT" ], "DependsOn": [ "hoist-non-react-statics@3.3.2", "prop-types@15.8.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-is@16.13.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@16.13.1", "UID": "19bb3bf52e924535", "BOMRef": "2ae168f8-82c1-4cfd-9d24-2ae292845367" }, "Version": "16.13.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-is@17.0.2", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@17.0.2", "UID": "c16085912b6cb3e8", "BOMRef": "pkg:npm/react-is@17.0.2" }, "Version": "17.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "pretty-format@27.5.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-is@18.3.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@18.3.1", "UID": "74827b0a02afc316", "BOMRef": "36518e47-3d1c-4e64-a720-933a8846a382" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-is@18.3.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@18.3.1", "UID": "c729e424254d67d9", "BOMRef": "749abffe-df26-43d8-beda-ff8e843f738a" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-is@18.3.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@18.3.1", "UID": "5da41842df3026e6", "BOMRef": "9df3e31c-4a28-415a-9080-017f61f0765d" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-is@18.3.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@18.3.1", "UID": "ae76232b05e789", "BOMRef": "eabff4b0-7272-4cb8-a403-01aeb7b2fd83" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-is@19.1.0", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@19.1.0", "UID": "35e211fe9792d9ae", "BOMRef": "pkg:npm/react-is@19.1.0" }, "Version": "19.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/utils@5.17.1", "@mui/utils@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-refresh@0.17.0", "Name": "react-refresh", "Identifier": { "PURL": "pkg:npm/react-refresh@0.17.0", "UID": "96455b703e236463", "BOMRef": "pkg:npm/react-refresh@0.17.0" }, "Version": "0.17.0", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-resizable-panels@0.0.51", "Name": "react-resizable-panels", "Identifier": { "PURL": "pkg:npm/react-resizable-panels@0.0.51", "UID": "ee7b7b07a7f67dc9", "BOMRef": "pkg:npm/react-resizable-panels@0.0.51" }, "Version": "0.0.51", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-router@6.30.1", "Name": "react-router", "Identifier": { "PURL": "pkg:npm/react-router@6.30.1", "UID": "6344a1c06cb6d620", "BOMRef": "pkg:npm/react-router@6.30.1" }, "Version": "6.30.1", "Licenses": [ "MIT" ], "DependsOn": [ "react-router-dom@6.30.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-router-dom@6.30.1", "Name": "react-router-dom", "Identifier": { "PURL": "pkg:npm/react-router-dom@6.30.1", "UID": "aa48919238b8bbff", "BOMRef": "pkg:npm/react-router-dom@6.30.1" }, "Version": "6.30.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-simple-code-editor@0.13.1", "Name": "react-simple-code-editor", "Identifier": { "PURL": "pkg:npm/react-simple-code-editor@0.13.1", "UID": "fa571c881ee844d7", "BOMRef": "pkg:npm/react-simple-code-editor@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "react-transition-group@4.4.5", "Name": "react-transition-group", "Identifier": { "PURL": "pkg:npm/react-transition-group@4.4.5", "UID": "2321d4e564e77a61", "BOMRef": "pkg:npm/react-transition-group@4.4.5" }, "Version": "4.4.5", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "redent@3.0.0", "Name": "redent", "Identifier": { "PURL": "pkg:npm/redent@3.0.0", "UID": "e4741fa3d2639a63", "BOMRef": "pkg:npm/redent@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "reflect.getprototypeof@1.0.10", "Name": "reflect.getprototypeof", "Identifier": { "PURL": "pkg:npm/reflect.getprototypeof@1.0.10", "UID": "1115d87c81f82820", "BOMRef": "pkg:npm/reflect.getprototypeof@1.0.10" }, "Version": "1.0.10", "Licenses": [ "MIT" ], "DependsOn": [ "typed-array-byte-offset@1.0.4", "typed-array-length@1.0.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "regexp.prototype.flags@1.5.4", "Name": "regexp.prototype.flags", "Identifier": { "PURL": "pkg:npm/regexp.prototype.flags@1.5.4", "UID": "b0f3c9105c652cb0", "BOMRef": "pkg:npm/regexp.prototype.flags@1.5.4" }, "Version": "1.5.4", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-abstract@1.24.0", "string.prototype.matchall@4.0.12" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "remark-mdx@2.3.0", "Name": "remark-mdx", "Identifier": { "PURL": "pkg:npm/remark-mdx@2.3.0", "UID": "9926cb0b1b272434", "BOMRef": "pkg:npm/remark-mdx@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "remark-parse@10.0.2", "Name": "remark-parse", "Identifier": { "PURL": "pkg:npm/remark-parse@10.0.2", "UID": "cff0c54c7127306e", "BOMRef": "pkg:npm/remark-parse@10.0.2" }, "Version": "10.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "remark-rehype@10.1.0", "Name": "remark-rehype", "Identifier": { "PURL": "pkg:npm/remark-rehype@10.1.0", "UID": "de8e62f2e971f515", "BOMRef": "pkg:npm/remark-rehype@10.1.0" }, "Version": "10.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "requires-port@1.0.0", "Name": "requires-port", "Identifier": { "PURL": "pkg:npm/requires-port@1.0.0", "UID": "1d31779821203a1d", "BOMRef": "pkg:npm/requires-port@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "url-parse@1.5.10" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "reselect@5.1.1", "Name": "reselect", "Identifier": { "PURL": "pkg:npm/reselect@5.1.1", "UID": "6d526d44ce1c8d26", "BOMRef": "pkg:npm/reselect@5.1.1" }, "Version": "5.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/x-data-grid@7.29.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "resize-observer-polyfill@1.5.0", "Name": "resize-observer-polyfill", "Identifier": { "PURL": "pkg:npm/resize-observer-polyfill@1.5.0", "UID": "58e28b39dd37302a", "BOMRef": "pkg:npm/resize-observer-polyfill@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "react-archer@4.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "resolve@1.22.10", "Name": "resolve", "Identifier": { "PURL": "pkg:npm/resolve@1.22.10", "UID": "aad7accba0f9113e", "BOMRef": "pkg:npm/resolve@1.22.10" }, "Version": "1.22.10", "Licenses": [ "MIT" ], "DependsOn": [ "babel-plugin-macros@3.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "resolve@2.0.0-next.5", "Name": "resolve", "Identifier": { "PURL": "pkg:npm/resolve@2.0.0-next.5", "UID": "7d8045cfcf0f73c7", "BOMRef": "pkg:npm/resolve@2.0.0-next.5" }, "Version": "2.0.0-next.5", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "resolve-from@4.0.0", "Name": "resolve-from", "Identifier": { "PURL": "pkg:npm/resolve-from@4.0.0", "UID": "7ef15229f9817181", "BOMRef": "pkg:npm/resolve-from@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "import-fresh@3.3.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "retry@0.13.1", "Name": "retry", "Identifier": { "PURL": "pkg:npm/retry@0.13.1", "UID": "5677e7bf2d332a20", "BOMRef": "pkg:npm/retry@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT" ], "DependsOn": [ "p-retry@6.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "reusify@1.1.0", "Name": "reusify", "Identifier": { "PURL": "pkg:npm/reusify@1.1.0", "UID": "1c34981387c23193", "BOMRef": "pkg:npm/reusify@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "fastq@1.19.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "rimraf@3.0.2", "Name": "rimraf", "Identifier": { "PURL": "pkg:npm/rimraf@3.0.2", "UID": "99e933c2342dfa4f", "BOMRef": "pkg:npm/rimraf@3.0.2" }, "Version": "3.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "flat-cache@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "rollup@2.79.2", "Name": "rollup", "Identifier": { "PURL": "pkg:npm/rollup@2.79.2", "UID": "f810d5b1f9efb2db", "BOMRef": "pkg:npm/rollup@2.79.2" }, "Version": "2.79.2", "Licenses": [ "MIT" ], "DependsOn": [ "vite-plugin-eslint@1.8.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "rollup@4.44.2", "Name": "rollup", "Identifier": { "PURL": "pkg:npm/rollup@4.44.2", "UID": "42aa002551a6e08c", "BOMRef": "pkg:npm/rollup@4.44.2" }, "Version": "4.44.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/rollup@2.3.0", "@rollup/pluginutils@5.2.0", "vite@6.4.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "rrweb-cssom@0.6.0", "Name": "rrweb-cssom", "Identifier": { "PURL": "pkg:npm/rrweb-cssom@0.6.0", "UID": "56301ab148f84a27", "BOMRef": "pkg:npm/rrweb-cssom@0.6.0" }, "Version": "0.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "cssstyle@3.0.0", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "run-parallel@1.2.0", "Name": "run-parallel", "Identifier": { "PURL": "pkg:npm/run-parallel@1.2.0", "UID": "b2f8ccab90c1fb7b", "BOMRef": "pkg:npm/run-parallel@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@nodelib/fs.scandir@2.1.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "sade@1.8.1", "Name": "sade", "Identifier": { "PURL": "pkg:npm/sade@1.8.1", "UID": "95f53c26466ba9f2", "BOMRef": "pkg:npm/sade@1.8.1" }, "Version": "1.8.1", "Licenses": [ "MIT" ], "DependsOn": [ "uvu@0.5.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "safe-array-concat@1.1.3", "Name": "safe-array-concat", "Identifier": { "PURL": "pkg:npm/safe-array-concat@1.1.3", "UID": "925ddda825f1ee3a", "BOMRef": "pkg:npm/safe-array-concat@1.1.3" }, "Version": "1.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-iterator-helpers@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "safe-push-apply@1.0.0", "Name": "safe-push-apply", "Identifier": { "PURL": "pkg:npm/safe-push-apply@1.0.0", "UID": "f83566485be0acc", "BOMRef": "pkg:npm/safe-push-apply@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "own-keys@1.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "safe-regex-test@1.1.0", "Name": "safe-regex-test", "Identifier": { "PURL": "pkg:npm/safe-regex-test@1.1.0", "UID": "4a8a505fd796c37a", "BOMRef": "pkg:npm/safe-regex-test@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "is-async-function@2.1.1", "is-generator-function@1.1.0", "is-symbol@1.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "safer-buffer@2.1.2", "Name": "safer-buffer", "Identifier": { "PURL": "pkg:npm/safer-buffer@2.1.2", "UID": "34c2e49702d15117", "BOMRef": "pkg:npm/safer-buffer@2.1.2" }, "Version": "2.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "iconv-lite@0.6.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "saxes@6.0.0", "Name": "saxes", "Identifier": { "PURL": "pkg:npm/saxes@6.0.0", "UID": "1f00e53cbc5fb19b", "BOMRef": "pkg:npm/saxes@6.0.0" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "scheduler@0.23.2", "Name": "scheduler", "Identifier": { "PURL": "pkg:npm/scheduler@0.23.2", "UID": "79187c79f153f5b7", "BOMRef": "pkg:npm/scheduler@0.23.2" }, "Version": "0.23.2", "Licenses": [ "MIT" ], "DependsOn": [ "react-dom@18.3.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "semver@6.3.1", "Name": "semver", "Identifier": { "PURL": "pkg:npm/semver@6.3.1", "UID": "768965e607d6f2d0", "BOMRef": "pkg:npm/semver@6.3.1" }, "Version": "6.3.1", "Licenses": [ "ISC" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/helper-compilation-targets@7.27.2", "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "set-function-length@1.2.2", "Name": "set-function-length", "Identifier": { "PURL": "pkg:npm/set-function-length@1.2.2", "UID": "ba6f59bf0be2cc06", "BOMRef": "pkg:npm/set-function-length@1.2.2" }, "Version": "1.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "call-bind@1.0.8" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "set-function-name@2.0.2", "Name": "set-function-name", "Identifier": { "PURL": "pkg:npm/set-function-name@2.0.2", "UID": "572e62ef7a5fb36c", "BOMRef": "pkg:npm/set-function-name@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "iterator.prototype@1.1.5", "regexp.prototype.flags@1.5.4", "string.prototype.matchall@4.0.12" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "set-proto@1.0.0", "Name": "set-proto", "Identifier": { "PURL": "pkg:npm/set-proto@1.0.0", "UID": "b10a037747dc4e64", "BOMRef": "pkg:npm/set-proto@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "shallow-equal@3.1.0", "Name": "shallow-equal", "Identifier": { "PURL": "pkg:npm/shallow-equal@3.1.0", "UID": "433ab04a85bbc985", "BOMRef": "pkg:npm/shallow-equal@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "44ea46d0e9dbe842", "BOMRef": "pkg:npm/shebang-command@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "cross-spawn@7.0.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "13dbf0a6ed8f26a2", "BOMRef": "pkg:npm/shebang-regex@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "shebang-command@2.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "side-channel@1.1.0", "Name": "side-channel", "Identifier": { "PURL": "pkg:npm/side-channel@1.1.0", "UID": "72f1ec068cc0051d", "BOMRef": "pkg:npm/side-channel@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "internal-slot@1.1.0", "string.prototype.matchall@4.0.12" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "side-channel-list@1.0.0", "Name": "side-channel-list", "Identifier": { "PURL": "pkg:npm/side-channel-list@1.0.0", "UID": "d776139bec3f1115", "BOMRef": "pkg:npm/side-channel-list@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "side-channel@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "side-channel-map@1.0.1", "Name": "side-channel-map", "Identifier": { "PURL": "pkg:npm/side-channel-map@1.0.1", "UID": "71380f7b2aebccbb", "BOMRef": "pkg:npm/side-channel-map@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "side-channel-weakmap@1.0.2", "side-channel@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "side-channel-weakmap@1.0.2", "Name": "side-channel-weakmap", "Identifier": { "PURL": "pkg:npm/side-channel-weakmap@1.0.2", "UID": "d92509c9915f18bd", "BOMRef": "pkg:npm/side-channel-weakmap@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "side-channel@1.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "siginfo@2.0.0", "Name": "siginfo", "Identifier": { "PURL": "pkg:npm/siginfo@2.0.0", "UID": "3a8dbe933a7d04c8", "BOMRef": "pkg:npm/siginfo@2.0.0" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "why-is-node-running@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "slash@3.0.0", "Name": "slash", "Identifier": { "PURL": "pkg:npm/slash@3.0.0", "UID": "9d80fc8e6431325b", "BOMRef": "pkg:npm/slash@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jest-message-util@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "snake-case@3.0.4", "Name": "snake-case", "Identifier": { "PURL": "pkg:npm/snake-case@3.0.4", "UID": "4b5ff53b18dee301", "BOMRef": "pkg:npm/snake-case@3.0.4" }, "Version": "3.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/core@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "source-map@0.5.7", "Name": "source-map", "Identifier": { "PURL": "pkg:npm/source-map@0.5.7", "UID": "7b36156e8c765899", "BOMRef": "pkg:npm/source-map@0.5.7" }, "Version": "0.5.7", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "source-map@0.7.4", "Name": "source-map", "Identifier": { "PURL": "pkg:npm/source-map@0.7.4", "UID": "615de1546382bfb1", "BOMRef": "51caad90-9369-4375-9539-1f073d0dc35f" }, "Version": "0.7.4", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "source-map@0.7.4", "Name": "source-map", "Identifier": { "PURL": "pkg:npm/source-map@0.7.4", "UID": "bd8798b092c34c31", "BOMRef": "9f527c6e-aa36-4b86-87ea-040e556662f6" }, "Version": "0.7.4", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@mdx-js/rollup@2.3.0", "estree-util-to-js@1.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "source-map-js@1.2.1", "Name": "source-map-js", "Identifier": { "PURL": "pkg:npm/source-map-js@1.2.1", "UID": "28dbe65507dcfb9d", "BOMRef": "pkg:npm/source-map-js@1.2.1" }, "Version": "1.2.1", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@tailwindcss/node@4.1.11", "postcss@8.5.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "space-separated-tokens@2.0.2", "Name": "space-separated-tokens", "Identifier": { "PURL": "pkg:npm/space-separated-tokens@2.0.2", "UID": "1fe3c345be61db90", "BOMRef": "pkg:npm/space-separated-tokens@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "stack-utils@2.0.6", "Name": "stack-utils", "Identifier": { "PURL": "pkg:npm/stack-utils@2.0.6", "UID": "bd051caa9dfc931", "BOMRef": "pkg:npm/stack-utils@2.0.6" }, "Version": "2.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "jest-message-util@30.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "stackback@0.0.2", "Name": "stackback", "Identifier": { "PURL": "pkg:npm/stackback@0.0.2", "UID": "f6e48700e112d541", "BOMRef": "pkg:npm/stackback@0.0.2" }, "Version": "0.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "why-is-node-running@2.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "state-local@1.0.7", "Name": "state-local", "Identifier": { "PURL": "pkg:npm/state-local@1.0.7", "UID": "76d2056f72bb3f76", "BOMRef": "pkg:npm/state-local@1.0.7" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "DependsOn": [ "@monaco-editor/loader@1.5.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "std-env@3.9.0", "Name": "std-env", "Identifier": { "PURL": "pkg:npm/std-env@3.9.0", "UID": "26e4bf48abb94475", "BOMRef": "pkg:npm/std-env@3.9.0" }, "Version": "3.9.0", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "stop-iteration-iterator@1.1.0", "Name": "stop-iteration-iterator", "Identifier": { "PURL": "pkg:npm/stop-iteration-iterator@1.1.0", "UID": "f663d878e00e94e1", "BOMRef": "pkg:npm/stop-iteration-iterator@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-get-iterator@1.1.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "string.prototype.matchall@4.0.12", "Name": "string.prototype.matchall", "Identifier": { "PURL": "pkg:npm/string.prototype.matchall@4.0.12", "UID": "f379f1cbede823c7", "BOMRef": "pkg:npm/string.prototype.matchall@4.0.12" }, "Version": "4.0.12", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "string.prototype.repeat@1.0.0", "Name": "string.prototype.repeat", "Identifier": { "PURL": "pkg:npm/string.prototype.repeat@1.0.0", "UID": "77e3e16d8a098d35", "BOMRef": "pkg:npm/string.prototype.repeat@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "string.prototype.trim@1.2.10", "Name": "string.prototype.trim", "Identifier": { "PURL": "pkg:npm/string.prototype.trim@1.2.10", "UID": "3dfb44cde6afd204", "BOMRef": "pkg:npm/string.prototype.trim@1.2.10" }, "Version": "1.2.10", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "string.prototype.trimend@1.0.9", "Name": "string.prototype.trimend", "Identifier": { "PURL": "pkg:npm/string.prototype.trimend@1.0.9", "UID": "353b6d51a71506b3", "BOMRef": "pkg:npm/string.prototype.trimend@1.0.9" }, "Version": "1.0.9", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "string.prototype.trimstart@1.0.8", "Name": "string.prototype.trimstart", "Identifier": { "PURL": "pkg:npm/string.prototype.trimstart@1.0.8", "UID": "3f78702bb8695ac6", "BOMRef": "pkg:npm/string.prototype.trimstart@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "stringify-entities@4.0.4", "Name": "stringify-entities", "Identifier": { "PURL": "pkg:npm/stringify-entities@4.0.4", "UID": "4988ade77ff379c2", "BOMRef": "pkg:npm/stringify-entities@4.0.4" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-jsx@2.1.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "strip-ansi@6.0.1", "Name": "strip-ansi", "Identifier": { "PURL": "pkg:npm/strip-ansi@6.0.1", "UID": "5489aea8712597df", "BOMRef": "pkg:npm/strip-ansi@6.0.1" }, "Version": "6.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "strip-indent@3.0.0", "Name": "strip-indent", "Identifier": { "PURL": "pkg:npm/strip-indent@3.0.0", "UID": "9fa3fef37ba7ffb9", "BOMRef": "pkg:npm/strip-indent@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "redent@3.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "strip-json-comments@3.1.1", "Name": "strip-json-comments", "Identifier": { "PURL": "pkg:npm/strip-json-comments@3.1.1", "UID": "d9d16ca2cb60bcbd", "BOMRef": "pkg:npm/strip-json-comments@3.1.1" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "strip-literal@3.0.0", "Name": "strip-literal", "Identifier": { "PURL": "pkg:npm/strip-literal@3.0.0", "UID": "d2fae7d2a2c77d53", "BOMRef": "pkg:npm/strip-literal@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/runner@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "style-to-object@0.4.4", "Name": "style-to-object", "Identifier": { "PURL": "pkg:npm/style-to-object@0.4.4", "UID": "cecbc6fa9e9d537", "BOMRef": "pkg:npm/style-to-object@0.4.4" }, "Version": "0.4.4", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "stylis@4.2.0", "Name": "stylis", "Identifier": { "PURL": "pkg:npm/stylis@4.2.0", "UID": "eff4b2a36cb5e197", "BOMRef": "pkg:npm/stylis@4.2.0" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "@emotion/cache@11.14.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "supports-color@7.2.0", "Name": "supports-color", "Identifier": { "PURL": "pkg:npm/supports-color@7.2.0", "UID": "eb5058c82150734f", "BOMRef": "pkg:npm/supports-color@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "chalk@3.0.0", "chalk@4.1.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "supports-preserve-symlinks-flag@1.0.0", "Name": "supports-preserve-symlinks-flag", "Identifier": { "PURL": "pkg:npm/supports-preserve-symlinks-flag@1.0.0", "UID": "f318dc5f432a1e4", "BOMRef": "pkg:npm/supports-preserve-symlinks-flag@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "resolve@1.22.10", "resolve@2.0.0-next.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "svg-parser@2.0.4", "Name": "svg-parser", "Identifier": { "PURL": "pkg:npm/svg-parser@2.0.4", "UID": "be32eab3dcd1f691", "BOMRef": "pkg:npm/svg-parser@2.0.4" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/plugin-jsx@8.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "symbol-tree@3.2.4", "Name": "symbol-tree", "Identifier": { "PURL": "pkg:npm/symbol-tree@3.2.4", "UID": "d74efbeb29b504c3", "BOMRef": "pkg:npm/symbol-tree@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tailwindcss@4.1.11", "Name": "tailwindcss", "Identifier": { "PURL": "pkg:npm/tailwindcss@4.1.11", "UID": "c90d22cc32fc6b83", "BOMRef": "pkg:npm/tailwindcss@4.1.11" }, "Version": "4.1.11", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11", "@tailwindcss/node@4.1.11", "@uppy/components@0.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tapable@2.2.2", "Name": "tapable", "Identifier": { "PURL": "pkg:npm/tapable@2.2.2", "UID": "a5b9b3769d5ea05", "BOMRef": "pkg:npm/tapable@2.2.2" }, "Version": "2.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "enhanced-resolve@5.18.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tar@7.4.3", "Name": "tar", "Identifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "d64ac15a192e89c5", "BOMRef": "pkg:npm/tar@7.4.3" }, "Version": "7.4.3", "Licenses": [ "ISC" ], "DependsOn": [ "@tailwindcss/oxide@4.1.11" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "text-table@0.2.0", "Name": "text-table", "Identifier": { "PURL": "pkg:npm/text-table@0.2.0", "UID": "63788f2416a56af7", "BOMRef": "pkg:npm/text-table@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tinybench@2.9.0", "Name": "tinybench", "Identifier": { "PURL": "pkg:npm/tinybench@2.9.0", "UID": "9b2fe582d310869a", "BOMRef": "pkg:npm/tinybench@2.9.0" }, "Version": "2.9.0", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tinycolor2@1.6.0", "Name": "tinycolor2", "Identifier": { "PURL": "pkg:npm/tinycolor2@1.6.0", "UID": "954df3eeaaa31072", "BOMRef": "pkg:npm/tinycolor2@1.6.0" }, "Version": "1.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "canvas-color-tracker@1.3.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tinyexec@0.3.2", "Name": "tinyexec", "Identifier": { "PURL": "pkg:npm/tinyexec@0.3.2", "UID": "852d51758bde4279", "BOMRef": "pkg:npm/tinyexec@0.3.2" }, "Version": "0.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tinyglobby@0.2.14", "Name": "tinyglobby", "Identifier": { "PURL": "pkg:npm/tinyglobby@0.2.14", "UID": "ddaad3380d1ebb44", "BOMRef": "pkg:npm/tinyglobby@0.2.14" }, "Version": "0.2.14", "Licenses": [ "MIT" ], "DependsOn": [ "vite@6.4.1", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tinypool@1.1.1", "Name": "tinypool", "Identifier": { "PURL": "pkg:npm/tinypool@1.1.1", "UID": "750275a210c5083b", "BOMRef": "pkg:npm/tinypool@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tinyrainbow@2.0.0", "Name": "tinyrainbow", "Identifier": { "PURL": "pkg:npm/tinyrainbow@2.0.0", "UID": "dd50881841d2ce49", "BOMRef": "pkg:npm/tinyrainbow@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/expect@3.2.4", "@vitest/pretty-format@3.2.4", "@vitest/utils@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tinyspy@4.0.3", "Name": "tinyspy", "Identifier": { "PURL": "pkg:npm/tinyspy@4.0.3", "UID": "3c245ec604f9a9be", "BOMRef": "pkg:npm/tinyspy@4.0.3" }, "Version": "4.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/spy@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "to-regex-range@5.0.1", "Name": "to-regex-range", "Identifier": { "PURL": "pkg:npm/to-regex-range@5.0.1", "UID": "60abc2c3c6981c6d", "BOMRef": "pkg:npm/to-regex-range@5.0.1" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "fill-range@7.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "toggle-selection@1.0.6", "Name": "toggle-selection", "Identifier": { "PURL": "pkg:npm/toggle-selection@1.0.6", "UID": "612be20d9441a413", "BOMRef": "pkg:npm/toggle-selection@1.0.6" }, "Version": "1.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "copy-to-clipboard@3.3.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tough-cookie@4.1.4", "Name": "tough-cookie", "Identifier": { "PURL": "pkg:npm/tough-cookie@4.1.4", "UID": "511171849c8bc025", "BOMRef": "pkg:npm/tough-cookie@4.1.4" }, "Version": "4.1.4", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tr46@4.1.1", "Name": "tr46", "Identifier": { "PURL": "pkg:npm/tr46@4.1.1", "UID": "6fd6981675954be9", "BOMRef": "pkg:npm/tr46@4.1.1" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "whatwg-url@12.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "trim-lines@3.0.1", "Name": "trim-lines", "Identifier": { "PURL": "pkg:npm/trim-lines@3.0.1", "UID": "bb2633fcc6d61800", "BOMRef": "pkg:npm/trim-lines@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-hast@12.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "trough@2.2.0", "Name": "trough", "Identifier": { "PURL": "pkg:npm/trough@2.2.0", "UID": "b4f45b41ba76723c", "BOMRef": "pkg:npm/trough@2.2.0" }, "Version": "2.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "unified@10.1.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "tslib@2.8.1", "Name": "tslib", "Identifier": { "PURL": "pkg:npm/tslib@2.8.1", "UID": "73d5a55bf70b9c20", "BOMRef": "pkg:npm/tslib@2.8.1" }, "Version": "2.8.1", "Licenses": [ "0BSD" ], "DependsOn": [ "dot-case@3.0.4", "lower-case@2.0.2", "no-case@3.0.4", "snake-case@3.0.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "type-check@0.4.0", "Name": "type-check", "Identifier": { "PURL": "pkg:npm/type-check@0.4.0", "UID": "84f925b7d2585744", "BOMRef": "pkg:npm/type-check@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "levn@0.4.1", "optionator@0.9.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "type-fest@0.20.2", "Name": "type-fest", "Identifier": { "PURL": "pkg:npm/type-fest@0.20.2", "UID": "702f4d6da9a513c8", "BOMRef": "pkg:npm/type-fest@0.20.2" }, "Version": "0.20.2", "Licenses": [ "MIT OR CC0-1.0" ], "DependsOn": [ "globals@13.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "typed-array-buffer@1.0.3", "Name": "typed-array-buffer", "Identifier": { "PURL": "pkg:npm/typed-array-buffer@1.0.3", "UID": "90a2fbd4e865aa59", "BOMRef": "pkg:npm/typed-array-buffer@1.0.3" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "typed-array-byte-length@1.0.3", "Name": "typed-array-byte-length", "Identifier": { "PURL": "pkg:npm/typed-array-byte-length@1.0.3", "UID": "806a405c62bde806", "BOMRef": "pkg:npm/typed-array-byte-length@1.0.3" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "typed-array-byte-offset@1.0.4", "Name": "typed-array-byte-offset", "Identifier": { "PURL": "pkg:npm/typed-array-byte-offset@1.0.4", "UID": "5eda27f4e037eb70", "BOMRef": "pkg:npm/typed-array-byte-offset@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "typed-array-length@1.0.7", "Name": "typed-array-length", "Identifier": { "PURL": "pkg:npm/typed-array-length@1.0.7", "UID": "1e0a43b50d6c2426", "BOMRef": "pkg:npm/typed-array-length@1.0.7" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "typescript@5.8.3", "Name": "typescript", "Identifier": { "PURL": "pkg:npm/typescript@5.8.3", "UID": "f4ccfc1b6abcb0b7", "BOMRef": "pkg:npm/typescript@5.8.3" }, "Version": "5.8.3", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@qdrant/js-client-rest@1.15.1", "cosmiconfig@8.3.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unbox-primitive@1.1.0", "Name": "unbox-primitive", "Identifier": { "PURL": "pkg:npm/unbox-primitive@1.1.0", "UID": "a96e048c0dafb817", "BOMRef": "pkg:npm/unbox-primitive@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "undici@6.21.3", "Name": "undici", "Identifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "c15a20516029828d", "BOMRef": "pkg:npm/undici@6.21.3" }, "Version": "6.21.3", "Licenses": [ "MIT" ], "DependsOn": [ "@qdrant/js-client-rest@1.15.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "undici-types@7.8.0", "Name": "undici-types", "Identifier": { "PURL": "pkg:npm/undici-types@7.8.0", "UID": "da7b8ec6f558cf08", "BOMRef": "pkg:npm/undici-types@7.8.0" }, "Version": "7.8.0", "Licenses": [ "MIT" ], "DependsOn": [ "@types/node@24.0.10" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unified@10.1.2", "Name": "unified", "Identifier": { "PURL": "pkg:npm/unified@10.1.2", "UID": "61a378bc5aedd981", "BOMRef": "pkg:npm/unified@10.1.2" }, "Version": "10.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "remark-parse@10.0.2", "remark-rehype@10.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-generated@2.0.1", "Name": "unist-util-generated", "Identifier": { "PURL": "pkg:npm/unist-util-generated@2.0.1", "UID": "783bf4c5a30aee3e", "BOMRef": "pkg:npm/unist-util-generated@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-hast@12.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-is@5.2.1", "Name": "unist-util-is", "Identifier": { "PURL": "pkg:npm/unist-util-is@5.2.1", "UID": "18c8c1e91f54bf8c", "BOMRef": "pkg:npm/unist-util-is@5.2.1" }, "Version": "5.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "mdast-util-phrasing@3.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-is@6.0.0", "Name": "unist-util-is", "Identifier": { "PURL": "pkg:npm/unist-util-is@6.0.0", "UID": "298cbe6c7a244429", "BOMRef": "9aa7b283-546e-4078-930f-7f2ee959bb98" }, "Version": "6.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-is@6.0.0", "Name": "unist-util-is", "Identifier": { "PURL": "pkg:npm/unist-util-is@6.0.0", "UID": "7d265b68efb877fb", "BOMRef": "f5681c94-2c31-47e5-92d0-9e43f0c07485" }, "Version": "6.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-visit-parents@6.0.1", "unist-util-visit@5.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-position@4.0.4", "Name": "unist-util-position", "Identifier": { "PURL": "pkg:npm/unist-util-position@4.0.4", "UID": "fa53fb8820252951", "BOMRef": "pkg:npm/unist-util-position@4.0.4" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3", "mdast-util-to-hast@12.3.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-position-from-estree@1.1.2", "Name": "unist-util-position-from-estree", "Identifier": { "PURL": "pkg:npm/unist-util-position-from-estree@1.1.2", "UID": "3e5c99b87da7e48c", "BOMRef": "pkg:npm/unist-util-position-from-estree@1.1.2" }, "Version": "1.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-mdx-expression@1.0.9" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-remove-position@4.0.2", "Name": "unist-util-remove-position", "Identifier": { "PURL": "pkg:npm/unist-util-remove-position@4.0.2", "UID": "a8b0353a1599c0b8", "BOMRef": "pkg:npm/unist-util-remove-position@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-jsx@2.1.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-stringify-position@3.0.3", "Name": "unist-util-stringify-position", "Identifier": { "PURL": "pkg:npm/unist-util-stringify-position@3.0.3", "UID": "3e753c1e75a90f2e", "BOMRef": "pkg:npm/unist-util-stringify-position@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "mdast-util-from-markdown@1.3.1", "mdast-util-mdx-jsx@2.1.4", "vfile-message@3.1.4", "vfile@5.3.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit@4.1.2", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@4.1.2", "UID": "1707128ea6a1545", "BOMRef": "0f59b88a-040b-4f1f-ac36-2fa043b1c339" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit@4.1.2", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@4.1.2", "UID": "b0c1d760d5963870", "BOMRef": "1a892ae8-39fa-4481-a397-8b082218c821" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "mdast-util-definitions@5.1.2", "mdast-util-to-hast@12.3.0", "mdast-util-to-markdown@1.5.0", "unist-util-remove-position@4.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit@4.1.2", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@4.1.2", "UID": "60f9d0bcffa9807a", "BOMRef": "6aea7b8b-7425-4396-9dbc-000d4216ca3d" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit@4.1.2", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@4.1.2", "UID": "cfcecf0ab1061073", "BOMRef": "f3a79887-5855-40d9-9804-877c761badf0" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit@4.1.2", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@4.1.2", "UID": "48c334c9c38305c2", "BOMRef": "64a1a21a-2c38-4411-9616-8ea99fbb8881" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit@5.0.0", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@5.0.0", "UID": "6fe1d37ced2fff44", "BOMRef": "pkg:npm/unist-util-visit@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit-parents@5.1.3", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@5.1.3", "UID": "bf8b02aa1f7269d7", "BOMRef": "a90d9a55-b81f-4145-a7fc-87003737cac0" }, "Version": "5.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit-parents@5.1.3", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@5.1.3", "UID": "e10bb35e354aacfd", "BOMRef": "bf9f5512-a676-4e9c-b975-15a84779e127" }, "Version": "5.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit-parents@5.1.3", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@5.1.3", "UID": "5b6bbbeb5f13361b", "BOMRef": "f3a37c18-ae57-4b91-a3f6-9f2f1f2c01ae" }, "Version": "5.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit-parents@5.1.3", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@5.1.3", "UID": "1392cf6e65b11160", "BOMRef": "f17fb041-6a12-4983-8153-792cf0e70620" }, "Version": "5.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit-parents@5.1.3", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@5.1.3", "UID": "fe8f3939f55ab36c", "BOMRef": "6264e7f2-f54e-4314-9247-fb600d04bef7" }, "Version": "5.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "unist-util-visit-parents@6.0.1", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@6.0.1", "UID": "7629342dd5fbc22c", "BOMRef": "pkg:npm/unist-util-visit-parents@6.0.1" }, "Version": "6.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-visit@5.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "universalify@0.2.0", "Name": "universalify", "Identifier": { "PURL": "pkg:npm/universalify@0.2.0", "UID": "d5614ef55d3b57d8", "BOMRef": "pkg:npm/universalify@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "tough-cookie@4.1.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "update-browserslist-db@1.1.3", "Name": "update-browserslist-db", "Identifier": { "PURL": "pkg:npm/update-browserslist-db@1.1.3", "UID": "b6afbe163534d815", "BOMRef": "pkg:npm/update-browserslist-db@1.1.3" }, "Version": "1.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "browserslist@4.25.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "uri-js@4.4.1", "Name": "uri-js", "Identifier": { "PURL": "pkg:npm/uri-js@4.4.1", "UID": "2c9eafcc3cf4d9ef", "BOMRef": "pkg:npm/uri-js@4.4.1" }, "Version": "4.4.1", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "ajv@6.12.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "url-parse@1.5.10", "Name": "url-parse", "Identifier": { "PURL": "pkg:npm/url-parse@1.5.10", "UID": "cbd23b2d68661892", "BOMRef": "pkg:npm/url-parse@1.5.10" }, "Version": "1.5.10", "Licenses": [ "MIT" ], "DependsOn": [ "tough-cookie@4.1.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "use-sync-external-store@1.5.0", "Name": "use-sync-external-store", "Identifier": { "PURL": "pkg:npm/use-sync-external-store@1.5.0", "UID": "5bf914a2be6f49bf", "BOMRef": "pkg:npm/use-sync-external-store@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/x-data-grid@7.29.8", "@uppy/react@4.4.0", "zustand@4.5.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "uvu@0.5.6", "Name": "uvu", "Identifier": { "PURL": "pkg:npm/uvu@0.5.6", "UID": "2fbb3fe24d35566a", "BOMRef": "pkg:npm/uvu@0.5.6" }, "Version": "0.5.6", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-core-commonmark@1.1.0", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-label@1.1.0", "micromark-factory-mdx-expression@1.0.9", "micromark-util-events-to-acorn@1.2.3", "micromark-util-subtokenize@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "vfile@5.3.7", "Name": "vfile", "Identifier": { "PURL": "pkg:npm/vfile@5.3.7", "UID": "ff44989ee7f173ac", "BOMRef": "pkg:npm/vfile@5.3.7" }, "Version": "5.3.7", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "@mdx-js/rollup@2.3.0", "unified@10.1.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "vfile-message@3.1.4", "Name": "vfile-message", "Identifier": { "PURL": "pkg:npm/vfile-message@3.1.4", "UID": "94cf76dfbbca0b14", "BOMRef": "pkg:npm/vfile-message@3.1.4" }, "Version": "3.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-jsx@2.1.4", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-mdx-expression@1.0.9", "micromark-util-events-to-acorn@1.2.3", "vfile@5.3.7" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "vite@6.4.1", "Name": "vite", "Identifier": { "PURL": "pkg:npm/vite@6.4.1", "UID": "823306204e156ffd", "BOMRef": "pkg:npm/vite@6.4.1" }, "Version": "6.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0", "@vitest/mocker@3.2.4", "qdrant-web-ui@0.2.5", "vite-node@3.2.4", "vite-plugin-eslint@1.8.1", "vite-plugin-svgr@4.3.0", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "vite-node@3.2.4", "Name": "vite-node", "Identifier": { "PURL": "pkg:npm/vite-node@3.2.4", "UID": "46866c3c22c2a8d6", "BOMRef": "pkg:npm/vite-node@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "vite-plugin-eslint@1.8.1", "Name": "vite-plugin-eslint", "Identifier": { "PURL": "pkg:npm/vite-plugin-eslint@1.8.1", "UID": "b63d90ff0be417dc", "BOMRef": "pkg:npm/vite-plugin-eslint@1.8.1" }, "Version": "1.8.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "vite-plugin-svgr@4.3.0", "Name": "vite-plugin-svgr", "Identifier": { "PURL": "pkg:npm/vite-plugin-svgr@4.3.0", "UID": "b4bbb0fe7641090d", "BOMRef": "pkg:npm/vite-plugin-svgr@4.3.0" }, "Version": "4.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "vitest@3.2.4", "Name": "vitest", "Identifier": { "PURL": "pkg:npm/vitest@3.2.4", "UID": "5efa3a1ba1713131", "BOMRef": "pkg:npm/vitest@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "w3c-xmlserializer@4.0.0", "Name": "w3c-xmlserializer", "Identifier": { "PURL": "pkg:npm/w3c-xmlserializer@4.0.0", "UID": "cbe9da4f7e1f87f4", "BOMRef": "pkg:npm/w3c-xmlserializer@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "web-vitals@2.1.4", "Name": "web-vitals", "Identifier": { "PURL": "pkg:npm/web-vitals@2.1.4", "UID": "43d6ab03266bd9df", "BOMRef": "pkg:npm/web-vitals@2.1.4" }, "Version": "2.1.4", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "webidl-conversions@7.0.0", "Name": "webidl-conversions", "Identifier": { "PURL": "pkg:npm/webidl-conversions@7.0.0", "UID": "bf0dcb22b03e66fd", "BOMRef": "pkg:npm/webidl-conversions@7.0.0" }, "Version": "7.0.0", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "domexception@4.0.0", "jsdom@22.1.0", "whatwg-url@12.0.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "whatwg-encoding@2.0.0", "Name": "whatwg-encoding", "Identifier": { "PURL": "pkg:npm/whatwg-encoding@2.0.0", "UID": "b066de490bff2fba", "BOMRef": "pkg:npm/whatwg-encoding@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "html-encoding-sniffer@3.0.0", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "whatwg-mimetype@3.0.0", "Name": "whatwg-mimetype", "Identifier": { "PURL": "pkg:npm/whatwg-mimetype@3.0.0", "UID": "ea9aa9cbf19617d5", "BOMRef": "pkg:npm/whatwg-mimetype@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "data-urls@4.0.0", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "whatwg-url@12.0.1", "Name": "whatwg-url", "Identifier": { "PURL": "pkg:npm/whatwg-url@12.0.1", "UID": "7680482548eb7174", "BOMRef": "pkg:npm/whatwg-url@12.0.1" }, "Version": "12.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "data-urls@4.0.0", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "ab54e6b3e8036b51", "BOMRef": "pkg:npm/which@2.0.2" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "cross-spawn@7.0.6" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "which-boxed-primitive@1.1.1", "Name": "which-boxed-primitive", "Identifier": { "PURL": "pkg:npm/which-boxed-primitive@1.1.1", "UID": "9ef940d6ddf8e1df", "BOMRef": "pkg:npm/which-boxed-primitive@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "unbox-primitive@1.1.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "which-builtin-type@1.2.1", "Name": "which-builtin-type", "Identifier": { "PURL": "pkg:npm/which-builtin-type@1.2.1", "UID": "f0cbfe5d6ef79f33", "BOMRef": "pkg:npm/which-builtin-type@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "reflect.getprototypeof@1.0.10" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "which-collection@1.0.2", "Name": "which-collection", "Identifier": { "PURL": "pkg:npm/which-collection@1.0.2", "UID": "4bf400c0e6efb2af", "BOMRef": "pkg:npm/which-collection@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "which-typed-array@1.1.19", "Name": "which-typed-array", "Identifier": { "PURL": "pkg:npm/which-typed-array@1.1.19", "UID": "afbe3c9e773248a6", "BOMRef": "pkg:npm/which-typed-array@1.1.19" }, "Version": "1.1.19", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-abstract@1.24.0", "is-typed-array@1.1.15", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "why-is-node-running@2.3.0", "Name": "why-is-node-running", "Identifier": { "PURL": "pkg:npm/why-is-node-running@2.3.0", "UID": "b55303fc866824b4", "BOMRef": "pkg:npm/why-is-node-running@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "wildcard@1.1.2", "Name": "wildcard", "Identifier": { "PURL": "pkg:npm/wildcard@1.1.2", "UID": "54291c00af6197b5", "BOMRef": "pkg:npm/wildcard@1.1.2" }, "Version": "1.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "mime-match@1.0.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "word-wrap@1.2.5", "Name": "word-wrap", "Identifier": { "PURL": "pkg:npm/word-wrap@1.2.5", "UID": "893a8ed2d3463b3", "BOMRef": "pkg:npm/word-wrap@1.2.5" }, "Version": "1.2.5", "Licenses": [ "MIT" ], "DependsOn": [ "optionator@0.9.4" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "wrappy@1.0.2", "Name": "wrappy", "Identifier": { "PURL": "pkg:npm/wrappy@1.0.2", "UID": "24d34c71f561004b", "BOMRef": "pkg:npm/wrappy@1.0.2" }, "Version": "1.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "inflight@1.0.6", "once@1.4.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "ws@8.18.3", "Name": "ws", "Identifier": { "PURL": "pkg:npm/ws@8.18.3", "UID": "f144b2764e4943e4", "BOMRef": "pkg:npm/ws@8.18.3" }, "Version": "8.18.3", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "xml-name-validator@4.0.0", "Name": "xml-name-validator", "Identifier": { "PURL": "pkg:npm/xml-name-validator@4.0.0", "UID": "8d9807d4ac59bc27", "BOMRef": "pkg:npm/xml-name-validator@4.0.0" }, "Version": "4.0.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "jsdom@22.1.0", "w3c-xmlserializer@4.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "xmlchars@2.2.0", "Name": "xmlchars", "Identifier": { "PURL": "pkg:npm/xmlchars@2.2.0", "UID": "2e2d16a524a582f8", "BOMRef": "pkg:npm/xmlchars@2.2.0" }, "Version": "2.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "saxes@6.0.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "yallist@3.1.1", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@3.1.1", "UID": "4e72c654cc4dbc46", "BOMRef": "pkg:npm/yallist@3.1.1" }, "Version": "3.1.1", "Licenses": [ "ISC" ], "DependsOn": [ "lru-cache@5.1.1" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "ffe2d29af2e1a70d", "BOMRef": "pkg:npm/yallist@5.0.0" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "DependsOn": [ "tar@7.4.3" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "yaml@1.10.2", "Name": "yaml", "Identifier": { "PURL": "pkg:npm/yaml@1.10.2", "UID": "67132cf3115a007a", "BOMRef": "pkg:npm/yaml@1.10.2" }, "Version": "1.10.2", "Licenses": [ "ISC" ], "DependsOn": [ "cosmiconfig@7.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "yocto-queue@0.1.0", "Name": "yocto-queue", "Identifier": { "PURL": "pkg:npm/yocto-queue@0.1.0", "UID": "3b59a58cb448298", "BOMRef": "pkg:npm/yocto-queue@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "p-limit@3.1.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "zustand@4.5.7", "Name": "zustand", "Identifier": { "PURL": "pkg:npm/zustand@4.5.7", "UID": "401972f3138cf10", "BOMRef": "pkg:npm/zustand@4.5.7" }, "Version": "4.5.7", "Licenses": [ "MIT" ], "DependsOn": [ "@textea/json-viewer@2.17.2" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } }, { "ID": "zwitch@2.0.4", "Name": "zwitch", "Identifier": { "PURL": "pkg:npm/zwitch@2.0.4", "UID": "bad4744472865694", "BOMRef": "pkg:npm/zwitch@2.0.4" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3", "mdast-util-to-markdown@1.5.0" ], "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" } } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2026-22029", "VendorIDs": [ "GHSA-2w69-qvjg-hvjx" ], "PkgID": "@remix-run/router@1.23.0", "PkgName": "@remix-run/router", "PkgIdentifier": { "PURL": "pkg:npm/%40remix-run/router@1.23.0", "UID": "63f70bfe982681d9", "BOMRef": "pkg:npm/%40remix-run/router@1.23.0" }, "InstalledVersion": "1.23.0", "FixedVersion": "1.23.2", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22029", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:44a050cca15d427abe209d3516a947fd473f2e9fabfc9136b11cff0727cfc1cf", "Title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects", "Description": "React Router is a router for React. In @remix-run/router version prior to 1.23.2. and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (\u003cBrowserRouter\u003e) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0.", "Severity": "HIGH", "CweIDs": [ "CWE-79" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "V3Score": 8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "V3Score": 8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-22029", "https://github.com/remix-run/react-router", "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx", "https://nvd.nist.gov/vuln/detail/CVE-2026-22029", "https://www.cve.org/CVERecord?id=CVE-2026-22029" ], "PublishedDate": "2026-01-10T03:15:48.87Z", "LastModifiedDate": "2026-02-10T19:36:31.503Z" }, { "VulnerabilityID": "CVE-2026-3449", "VendorIDs": [ "GHSA-vpq2-c234-7xj6" ], "PkgID": "@tootallnate/once@2.0.0", "PkgName": "@tootallnate/once", "PkgIdentifier": { "PURL": "pkg:npm/%40tootallnate/once@2.0.0", "UID": "4353fd8b939add18", "BOMRef": "pkg:npm/%40tootallnate/once@2.0.0" }, "InstalledVersion": "2.0.0", "FixedVersion": "3.0.1", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-3449", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:acab8c27ffa57c57a47500de1dd2599d4df4b543f4271f9225e132d6d7366a13", "Title": "@tootallnate/once: @tootallnate/once: Denial of Service due to incorrect control flow scoping with AbortSignal", "Description": "Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then() usage to hang indefinitely. This can cause a control-flow leak that can lead to stalled requests, blocked workers, or degraded application availability.", "Severity": "LOW", "CweIDs": [ "CWE-705" ], "VendorSeverity": { "ghsa": 1, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "V3Score": 3.3, "V40Score": 1.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-3449", "https://github.com/TooTallNate/once", "https://github.com/TooTallNate/once/commit/b9f43cc5259bee2952d91ad3cdbd201a82df448a", "https://github.com/TooTallNate/once/issues/8", "https://nvd.nist.gov/vuln/detail/CVE-2026-3449", "https://security.snyk.io/vuln/SNYK-JS-TOOTALLNATEONCE-15250612", "https://www.cve.org/CVERecord?id=CVE-2026-3449" ], "PublishedDate": "2026-03-03T05:17:25.017Z", "LastModifiedDate": "2026-03-03T21:52:29.877Z" }, { "VulnerabilityID": "CVE-2025-69873", "VendorIDs": [ "GHSA-2g4f-4pwh-qvx6" ], "PkgID": "ajv@6.12.6", "PkgName": "ajv", "PkgIdentifier": { "PURL": "pkg:npm/ajv@6.12.6", "UID": "c9e63e342e120617", "BOMRef": "pkg:npm/ajv@6.12.6" }, "InstalledVersion": "6.12.6", "FixedVersion": "8.18.0, 6.14.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69873", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:e60019248483252c8fa38c4e881c8fef790df69427334906b2a7ffcd67000d8c", "Title": "ajv: ReDoS via $data reference", "Description": "ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., \"^(a|a)*$\") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. This issue is also fixed in version 6.14.0.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1333", "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "V40Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-69873", "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md", "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6", "https://github.com/ajv-validator/ajv", "https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5", "https://github.com/ajv-validator/ajv/pull/2586", "https://github.com/ajv-validator/ajv/pull/2588", "https://github.com/ajv-validator/ajv/pull/2590", "https://github.com/ajv-validator/ajv/releases/tag/v6.14.0", "https://github.com/ajv-validator/ajv/releases/tag/v8.18.0", "https://github.com/github/advisory-database/pull/6991", "https://nvd.nist.gov/vuln/detail/CVE-2025-69873", "https://www.cve.org/CVERecord?id=CVE-2025-69873" ], "PublishedDate": "2026-02-11T19:15:50.467Z", "LastModifiedDate": "2026-03-02T21:16:24.213Z" }, { "VulnerabilityID": "CVE-2026-25639", "VendorIDs": [ "GHSA-43fc-jf86-j433" ], "PkgID": "axios@1.12.2", "PkgName": "axios", "PkgIdentifier": { "PURL": "pkg:npm/axios@1.12.2", "UID": "b4456dd8fd957812", "BOMRef": "pkg:npm/axios@1.12.2" }, "InstalledVersion": "1.12.2", "FixedVersion": "1.13.5, 0.30.3", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25639", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:185e4eadca40af1c96a07633e1714bdfd539d15e22be656cee267d012e0b11e1", "Title": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig", "Description": "Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service. This vulnerability is fixed in versions 0.30.3 and 1.13.5.", "Severity": "HIGH", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-25639", "https://github.com/axios/axios", "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57", "https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e", "https://github.com/axios/axios/pull/7369", "https://github.com/axios/axios/pull/7388", "https://github.com/axios/axios/releases/tag/v0.30.3", "https://github.com/axios/axios/releases/tag/v1.13.5", "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433", "https://nvd.nist.gov/vuln/detail/CVE-2026-25639", "https://www.cve.org/CVERecord?id=CVE-2026-25639" ], "PublishedDate": "2026-02-09T21:15:49.01Z", "LastModifiedDate": "2026-02-18T18:24:34.12Z" }, { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@1.1.12", "PkgName": "brace-expansion", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@1.1.12", "UID": "7aa13ca51d352d3c", "BOMRef": "pkg:npm/brace-expansion@1.1.12" }, "InstalledVersion": "1.1.12", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:394a3896a15db60c16b500cd0496318a9d7e9483acbff1c2c70676117951d5e8", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-24001", "VendorIDs": [ "GHSA-73rr-hh4g-fpgx" ], "PkgID": "diff@5.2.0", "PkgName": "diff", "PkgIdentifier": { "PURL": "pkg:npm/diff@5.2.0", "UID": "f3def297fdc1a9bb", "BOMRef": "pkg:npm/diff@5.2.0" }, "InstalledVersion": "5.2.0", "FixedVersion": "8.0.3, 5.2.2, 4.0.4, 3.5.1", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-24001", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:0577606435d7fe1ef946c676fbe82c462ebb59d485a16daa96f31bb1a3b5f981", "Title": "jsdiff: denial of service vulnerability in parsePatch and applyPatch", "Description": "jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch whose filename headers contain the line break characters `\\r`, `\\u2028`, or `\\u2029` can cause the `parsePatch` method to enter an infinite loop. It then consumes memory without limit until the process crashes due to running out of memory. Applications are therefore likely to be vulnerable to a denial-of-service attack if they call `parsePatch` with a user-provided patch as input. A large payload is not needed to trigger the vulnerability, so size limits on user input do not provide any protection. Furthermore, some applications may be vulnerable even when calling `parsePatch` on a patch generated by the application itself if the user is nonetheless able to control the filename headers (e.g. by directly providing the filenames of the files to be diffed). The `applyPatch` method is similarly affected if (and only if) called with a string representation of a patch as an argument, since under the hood it parses that string using `parsePatch`. Other methods of the library are unaffected. Finally, a second and lesser interdependent bug - a ReDOS - also exhibits when those same line break characters are present in a patch's *patch* header (also known as its \"leading garbage\"). A maliciously-crafted patch header of length *n* can take `parsePatch` O(*n*³) time to parse. Versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1 contain a fix. As a workaround, do not attempt to parse patches that contain any of these characters: `\\r`, `\\u2028`, or `\\u2029`.", "Severity": "LOW", "CweIDs": [ "CWE-400", "CWE-1333" ], "VendorSeverity": { "ghsa": 1, "nvd": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-24001", "https://github.com/kpdecker/jsdiff", "https://github.com/kpdecker/jsdiff/commit/15a1585230748c8ae6f8274c202e0c87309142f5", "https://github.com/kpdecker/jsdiff/issues/653", "https://github.com/kpdecker/jsdiff/pull/649", "https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx", "https://nvd.nist.gov/vuln/detail/CVE-2026-24001", "https://www.cve.org/CVERecord?id=CVE-2026-24001" ], "PublishedDate": "2026-01-22T03:15:47.627Z", "LastModifiedDate": "2026-03-04T15:23:41.347Z" }, { "VulnerabilityID": "CVE-2026-32141", "VendorIDs": [ "GHSA-25h7-pfq9-p65f" ], "PkgID": "flatted@3.3.3", "PkgName": "flatted", "PkgIdentifier": { "PURL": "pkg:npm/flatted@3.3.3", "UID": "a8fb3869f826f235", "BOMRef": "pkg:npm/flatted@3.3.3" }, "InstalledVersion": "3.3.3", "FixedVersion": "3.4.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-32141", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:62c3e12dd8e11bbdbf17ba7b5a7d0ce88525de9dada4c0116ce2c4f8e730299d", "Title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase", "Description": "flatted is a circular JSON parser. Prior to 3.4.0, flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process. This vulnerability is fixed in 3.4.0.", "Severity": "HIGH", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-32141", "https://github.com/WebReflection/flatted", "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606", "https://github.com/WebReflection/flatted/pull/88", "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f", "https://nvd.nist.gov/vuln/detail/CVE-2026-32141", "https://www.cve.org/CVERecord?id=CVE-2026-32141" ], "PublishedDate": "2026-03-12T18:16:25.837Z", "LastModifiedDate": "2026-03-19T21:07:24.717Z" }, { "VulnerabilityID": "CVE-2026-33228", "VendorIDs": [ "GHSA-rf6f-7fwh-wjgh" ], "PkgID": "flatted@3.3.3", "PkgName": "flatted", "PkgIdentifier": { "PURL": "pkg:npm/flatted@3.3.3", "UID": "a8fb3869f826f235", "BOMRef": "pkg:npm/flatted@3.3.3" }, "InstalledVersion": "3.3.3", "FixedVersion": "3.4.2", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33228", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:823d0d140d8b884463cc30117479f55fe870b31b07835a9a91af8262c70816d4", "Title": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON.", "Description": "flatted is a circular JSON parser. Prior to version 3.4.2, the parse() function in flatted can use attacker-controlled string values from the parsed JSON as direct array index keys, without validating that they are numeric. Since the internal input buffer is a JavaScript Array, accessing it with the key \"__proto__\" returns Array.prototype via the inherited getter. This object is then treated as a legitimate parsed value and assigned as a property of the output object, effectively leaking a live reference to Array.prototype to the consumer. Any code that subsequently writes to that property will pollute the global prototype. This issue has been patched in version 3.4.2.", "Severity": "HIGH", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 3, "nvd": 4, "redhat": 4 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "V40Score": 8.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33228", "https://github.com/WebReflection/flatted", "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802", "https://github.com/WebReflection/flatted/releases/tag/v3.4.2", "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh", "https://nvd.nist.gov/vuln/detail/CVE-2026-33228", "https://www.cve.org/CVERecord?id=CVE-2026-33228" ], "PublishedDate": "2026-03-20T23:16:46.51Z", "LastModifiedDate": "2026-03-23T19:14:31.04Z" }, { "VulnerabilityID": "CVE-2026-4800", "VendorIDs": [ "GHSA-r5fr-rjxr-66jc" ], "PkgID": "lodash@4.17.21", "PkgName": "lodash", "PkgIdentifier": { "PURL": "pkg:npm/lodash@4.17.21", "UID": "bfbc549b496cd9fb", "BOMRef": "pkg:npm/lodash@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.18.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4800", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:76703af5c40ea26eb6a807312fa41989bfbf01a94ac661b1d38af00b97203bff", "Title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports", "Description": "Impact:\n\nThe fix for CVE-2021-23337 (https://github.com/advisories/GHSA-35jh-r3h4-6jhm) added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink.\n\nWhen an application passes untrusted input as options.imports key names, an attacker can inject default-parameter expressions that execute arbitrary code at template compilation time.\n\nAdditionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().\n\nPatches:\n\nUsers should upgrade to version 4.18.0.\n\nWorkarounds:\n\nDo not pass untrusted input as key names in options.imports. Only use developer-controlled, static key names.", "Severity": "HIGH", "CweIDs": [ "CWE-94" ], "VendorSeverity": { "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4800", "https://cna.openjsf.org/security-advisories.html", "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c", "https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc", "https://nvd.nist.gov/vuln/detail/CVE-2026-4800", "https://www.cve.org/CVERecord?id=CVE-2026-4800" ], "PublishedDate": "2026-03-31T20:16:29.66Z", "LastModifiedDate": "2026-04-01T14:23:37.727Z" }, { "VulnerabilityID": "CVE-2025-13465", "VendorIDs": [ "GHSA-xxjr-mmjv-4gpg" ], "PkgID": "lodash@4.17.21", "PkgName": "lodash", "PkgIdentifier": { "PURL": "pkg:npm/lodash@4.17.21", "UID": "bfbc549b496cd9fb", "BOMRef": "pkg:npm/lodash@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.17.23", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13465", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ad15e270fc40b402e03c1888c2eb0a67e44dab4d4e014f6718c386cfb98744a8", "Title": "lodash: prototype pollution in _.unset and _.omit functions", "Description": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "alma": 3, "ghsa": 2, "nvd": 2, "oracle-oval": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P", "V3Score": 6.5, "V40Score": 6.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 8.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:2452", "https://access.redhat.com/security/cve/CVE-2025-13465", "https://bugzilla.redhat.com/2431740", "https://errata.almalinux.org/9/ALSA-2026-2452.html", "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81", "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg", "https://linux.oracle.com/cve/CVE-2025-13465.html", "https://linux.oracle.com/errata/ELSA-2026-2452.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-13465", "https://www.cve.org/CVERecord?id=CVE-2025-13465" ], "PublishedDate": "2026-01-21T20:16:05.25Z", "LastModifiedDate": "2026-02-17T17:10:07.52Z" }, { "VulnerabilityID": "CVE-2026-2950", "VendorIDs": [ "GHSA-f23m-r3pf-42rh" ], "PkgID": "lodash@4.17.21", "PkgName": "lodash", "PkgIdentifier": { "PURL": "pkg:npm/lodash@4.17.21", "UID": "bfbc549b496cd9fb", "BOMRef": "pkg:npm/lodash@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.18.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2950", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:a5faf7fc43c1ae4c271c49693e56e6b40902104b09133773535b249fb8e9bad7", "Title": "Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototy ...", "Description": "Impact:\n\nLodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the _.unset and _.omit functions. The fix for (CVE-2025-13465: https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg) only guards against string key members, so an attacker can bypass the check by passing array-wrapped path segments. This allows deletion of properties from built-in prototypes such as Object.prototype, Number.prototype, and String.prototype.\n\nThe issue permits deletion of prototype properties but does not allow overwriting their original behavior.\n\nPatches:\n\nThis issue is patched in 4.18.0.\n\nWorkarounds:\n\nNone. Upgrade to the patched version.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh", "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg", "https://nvd.nist.gov/vuln/detail/CVE-2026-2950" ], "PublishedDate": "2026-03-31T20:16:26.207Z", "LastModifiedDate": "2026-04-01T14:23:37.727Z" }, { "VulnerabilityID": "CVE-2026-4800", "VendorIDs": [ "GHSA-r5fr-rjxr-66jc" ], "PkgID": "lodash-es@4.17.21", "PkgName": "lodash-es", "PkgIdentifier": { "PURL": "pkg:npm/lodash-es@4.17.21", "UID": "e90f44701d8b672b", "BOMRef": "pkg:npm/lodash-es@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.18.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4800", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:623635b41681043e00bcfb4205f2eebc762ee4bdcfd67e9875bea8dd3ae82296", "Title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports", "Description": "Impact:\n\nThe fix for CVE-2021-23337 (https://github.com/advisories/GHSA-35jh-r3h4-6jhm) added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink.\n\nWhen an application passes untrusted input as options.imports key names, an attacker can inject default-parameter expressions that execute arbitrary code at template compilation time.\n\nAdditionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().\n\nPatches:\n\nUsers should upgrade to version 4.18.0.\n\nWorkarounds:\n\nDo not pass untrusted input as key names in options.imports. Only use developer-controlled, static key names.", "Severity": "HIGH", "CweIDs": [ "CWE-94" ], "VendorSeverity": { "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4800", "https://cna.openjsf.org/security-advisories.html", "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c", "https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc", "https://nvd.nist.gov/vuln/detail/CVE-2026-4800", "https://www.cve.org/CVERecord?id=CVE-2026-4800" ], "PublishedDate": "2026-03-31T20:16:29.66Z", "LastModifiedDate": "2026-04-01T14:23:37.727Z" }, { "VulnerabilityID": "CVE-2025-13465", "VendorIDs": [ "GHSA-xxjr-mmjv-4gpg" ], "PkgID": "lodash-es@4.17.21", "PkgName": "lodash-es", "PkgIdentifier": { "PURL": "pkg:npm/lodash-es@4.17.21", "UID": "e90f44701d8b672b", "BOMRef": "pkg:npm/lodash-es@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.17.23", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13465", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:c346f338e703f2e58c3776398600f6fc207276fde19b4303cddd4b6498982a3d", "Title": "lodash: prototype pollution in _.unset and _.omit functions", "Description": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "alma": 3, "ghsa": 2, "nvd": 2, "oracle-oval": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P", "V3Score": 6.5, "V40Score": 6.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 8.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:2452", "https://access.redhat.com/security/cve/CVE-2025-13465", "https://bugzilla.redhat.com/2431740", "https://errata.almalinux.org/9/ALSA-2026-2452.html", "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81", "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg", "https://linux.oracle.com/cve/CVE-2025-13465.html", "https://linux.oracle.com/errata/ELSA-2026-2452.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-13465", "https://www.cve.org/CVERecord?id=CVE-2025-13465" ], "PublishedDate": "2026-01-21T20:16:05.25Z", "LastModifiedDate": "2026-02-17T17:10:07.52Z" }, { "VulnerabilityID": "CVE-2026-2950", "VendorIDs": [ "GHSA-f23m-r3pf-42rh" ], "PkgID": "lodash-es@4.17.21", "PkgName": "lodash-es", "PkgIdentifier": { "PURL": "pkg:npm/lodash-es@4.17.21", "UID": "e90f44701d8b672b", "BOMRef": "pkg:npm/lodash-es@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.18.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2950", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:f4a9ec48ff3220094ce55ab67993f7215e46fde18298567b094eae37dd81b608", "Title": "Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototy ...", "Description": "Impact:\n\nLodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the _.unset and _.omit functions. The fix for (CVE-2025-13465: https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg) only guards against string key members, so an attacker can bypass the check by passing array-wrapped path segments. This allows deletion of properties from built-in prototypes such as Object.prototype, Number.prototype, and String.prototype.\n\nThe issue permits deletion of prototype properties but does not allow overwriting their original behavior.\n\nPatches:\n\nThis issue is patched in 4.18.0.\n\nWorkarounds:\n\nNone. Upgrade to the patched version.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh", "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg", "https://nvd.nist.gov/vuln/detail/CVE-2026-2950" ], "PublishedDate": "2026-03-31T20:16:26.207Z", "LastModifiedDate": "2026-04-01T14:23:37.727Z" }, { "VulnerabilityID": "CVE-2026-26996", "VendorIDs": [ "GHSA-3ppc-4f35-3m26" ], "PkgID": "minimatch@3.1.2", "PkgName": "minimatch", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@3.1.2", "UID": "a31e3ac2b10de352", "BOMRef": "pkg:npm/minimatch@3.1.2" }, "InstalledVersion": "3.1.2", "FixedVersion": "10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-26996", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:f6d0828911f78c6328a53b27b810bcbcbb78dadf0d4842cc827bcf1bdf1202af", "Title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive * wildcards followed by a literal character that doesn't appear in the test string. Each * compiles to a separate [^/]*? regex group, and when the match fails, V8's regex engine backtracks exponentially across all possible splits. The time complexity is O(4^N) where N is the number of * characters. With N=15, a single minimatch() call takes ~2 seconds. With N=34, it hangs effectively forever. Any application that passes user-controlled strings to minimatch() as the pattern argument is vulnerable to DoS. This issue has been fixed in version 10.2.1.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 8.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-26996", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5", "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26", "https://nvd.nist.gov/vuln/detail/CVE-2026-26996", "https://www.cve.org/CVERecord?id=CVE-2026-26996" ], "PublishedDate": "2026-02-20T03:16:01.62Z", "LastModifiedDate": "2026-03-06T21:32:10.65Z" }, { "VulnerabilityID": "CVE-2026-27903", "VendorIDs": [ "GHSA-7r86-cg39-jmmj" ], "PkgID": "minimatch@3.1.2", "PkgName": "minimatch", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@3.1.2", "UID": "a31e3ac2b10de352", "BOMRef": "pkg:npm/minimatch@3.1.2" }, "InstalledVersion": "3.1.2", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:9cb4fe9ed317eb6e07b3184ecbc32e154ebc08a5a24460170fcfdf6627a7d9de", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27904", "VendorIDs": [ "GHSA-23c5-xmqv-rm74" ], "PkgID": "minimatch@3.1.2", "PkgName": "minimatch", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@3.1.2", "UID": "a31e3ac2b10de352", "BOMRef": "pkg:npm/minimatch@3.1.2" }, "InstalledVersion": "3.1.2", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:414cb9f02fe18fb23936419fb2e181eb42da3da0f291f016a97056426d32538d", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-33671", "VendorIDs": [ "GHSA-c2c7-rcm5-vvqj" ], "PkgID": "picomatch@2.3.1", "PkgName": "picomatch", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@2.3.1", "UID": "b69fb5cf0c054fef", "BOMRef": "cb21749e-d289-4752-9b97-218db1302076" }, "InstalledVersion": "2.3.1", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33671", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:5f32ca997dc089571229582624a2b4c035b1e8bfe8267e0ed2e966def3ec67d9", "Title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Applications are impacted when they allow untrusted users to supply glob patterns that are passed to `picomatch` for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Possible mitigations include disabling extglob support for untrusted patterns by using `noextglob: true`, rejecting or sanitizing patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`, enforcing strict allowlists for accepted pattern syntax, running matching in an isolated worker or separate process with time and resource limits, and applying application-level request throttling and input validation for any endpoint that accepts glob patterns.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33671", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d", "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj", "https://nvd.nist.gov/vuln/detail/CVE-2026-33671", "https://www.cve.org/CVERecord?id=CVE-2026-33671" ], "PublishedDate": "2026-03-26T22:16:30.21Z", "LastModifiedDate": "2026-04-01T13:45:11.687Z" }, { "VulnerabilityID": "CVE-2026-33672", "VendorIDs": [ "GHSA-3v7f-55p6-f55p" ], "PkgID": "picomatch@2.3.1", "PkgName": "picomatch", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@2.3.1", "UID": "b69fb5cf0c054fef", "BOMRef": "cb21749e-d289-4752-9b97-218db1302076" }, "InstalledVersion": "2.3.1", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33672", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7de110acdc840aea538fe6155c80f530db0a1c9eb1e178236e2f172606c310b8", "Title": "picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to a method injection vulnerability affecting the `POSIX_REGEX_SOURCE` object. Because the object inherits from `Object.prototype`, specially crafted POSIX bracket expressions (e.g., `[[:constructor:]]`) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression. This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. All users of affected `picomatch` versions that process untrusted or user-controlled glob patterns are potentially impacted. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch. Possible mitigations include sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`; avoiding the use of POSIX bracket expressions if user input is involved; and manually patching the library by modifying `POSIX_REGEX_SOURCE` to use a null prototype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33672", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903", "https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p", "https://nvd.nist.gov/vuln/detail/CVE-2026-33672", "https://www.cve.org/CVERecord?id=CVE-2026-33672" ], "PublishedDate": "2026-03-26T22:16:30.387Z", "LastModifiedDate": "2026-04-01T13:44:53.397Z" }, { "VulnerabilityID": "CVE-2026-33671", "VendorIDs": [ "GHSA-c2c7-rcm5-vvqj" ], "PkgID": "picomatch@4.0.2", "PkgName": "picomatch", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.2", "UID": "4fd754f951b486f3", "BOMRef": "pkg:npm/picomatch@4.0.2" }, "InstalledVersion": "4.0.2", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33671", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:8b083fb1a0c84cf4604a0fd0758a1cd4815e276677288cc520e6ca9a10845fbe", "Title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Applications are impacted when they allow untrusted users to supply glob patterns that are passed to `picomatch` for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Possible mitigations include disabling extglob support for untrusted patterns by using `noextglob: true`, rejecting or sanitizing patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`, enforcing strict allowlists for accepted pattern syntax, running matching in an isolated worker or separate process with time and resource limits, and applying application-level request throttling and input validation for any endpoint that accepts glob patterns.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33671", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d", "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj", "https://nvd.nist.gov/vuln/detail/CVE-2026-33671", "https://www.cve.org/CVERecord?id=CVE-2026-33671" ], "PublishedDate": "2026-03-26T22:16:30.21Z", "LastModifiedDate": "2026-04-01T13:45:11.687Z" }, { "VulnerabilityID": "CVE-2026-33672", "VendorIDs": [ "GHSA-3v7f-55p6-f55p" ], "PkgID": "picomatch@4.0.2", "PkgName": "picomatch", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.2", "UID": "4fd754f951b486f3", "BOMRef": "pkg:npm/picomatch@4.0.2" }, "InstalledVersion": "4.0.2", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33672", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bfc39bce56c7be2c53abfbd483662a91e9f597802bda36194204fe465306a8ea", "Title": "picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to a method injection vulnerability affecting the `POSIX_REGEX_SOURCE` object. Because the object inherits from `Object.prototype`, specially crafted POSIX bracket expressions (e.g., `[[:constructor:]]`) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression. This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. All users of affected `picomatch` versions that process untrusted or user-controlled glob patterns are potentially impacted. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch. Possible mitigations include sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`; avoiding the use of POSIX bracket expressions if user input is involved; and manually patching the library by modifying `POSIX_REGEX_SOURCE` to use a null prototype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33672", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903", "https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p", "https://nvd.nist.gov/vuln/detail/CVE-2026-33672", "https://www.cve.org/CVERecord?id=CVE-2026-33672" ], "PublishedDate": "2026-03-26T22:16:30.387Z", "LastModifiedDate": "2026-04-01T13:44:53.397Z" }, { "VulnerabilityID": "CVE-2026-22028", "VendorIDs": [ "GHSA-36hm-qxxp-pg3m" ], "PkgID": "preact@10.26.9", "PkgName": "preact", "PkgIdentifier": { "PURL": "pkg:npm/preact@10.26.9", "UID": "9a439bac51d7f0d6", "BOMRef": "pkg:npm/preact@10.26.9" }, "InstalledVersion": "10.26.9", "FixedVersion": "10.26.10, 10.27.3, 10.28.2", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22028", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:936e2087d6644b543349047139e5971dba652555b895489031083f255ee7cd44", "Title": "preact: Preact: Arbitrary script execution via JSON serialization protection bypass", "Description": "Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DOM elements from being constructed from arbitrary JSON. A regression introduced in Preact 10.26.5 caused this protection to be softened. In applications where values from JSON payloads are assumed to be strings and passed unmodified to Preact as children, a specially-crafted JSON payload could be constructed that would be incorrectly treated as a valid VNode. When this chain of failures occurs it can result in HTML injection, which can allow arbitrary script execution if not mitigated by CSP or other means. Applications using affected Preact versions are vulnerable if they meet all of the following conditions: first, pass unmodified, unsanitized values from user-modifiable data sources (APIs, databases, local storage, etc.) directly into the render tree; second assume these values are strings but the data source could return actual JavaScript objects instead of JSON strings; and third, the data source either fails to perform type sanitization AND blindly stores/returns raw objects interchangeably with strings, OR is compromised (e.g., poisoned local storage, filesystem, or database). Versions 10.26.10, 10.27.3, and 10.28.2 patch the issue. The patch versions restore the previous strict equality checks that prevent JSON-parsed objects from being treated as valid VNodes. Other mitigations are available for those who cannot immediately upgrade. Validate input types, cast or validate network data, sanitize external data, and use Content Security Policy (CSP).", "Severity": "HIGH", "CweIDs": [ "CWE-843" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U", "V40Score": 7.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-22028", "https://github.com/preactjs/preact", "https://github.com/preactjs/preact/security/advisories/GHSA-36hm-qxxp-pg3m", "https://nvd.nist.gov/vuln/detail/CVE-2026-22028", "https://www.cve.org/CVERecord?id=CVE-2026-22028" ], "PublishedDate": "2026-01-08T15:15:44.853Z", "LastModifiedDate": "2026-01-12T18:58:38.207Z" }, { "VulnerabilityID": "CVE-2025-68470", "VendorIDs": [ "GHSA-9jcx-v3wj-wh4m" ], "PkgID": "react-router@6.30.1", "PkgName": "react-router", "PkgIdentifier": { "PURL": "pkg:npm/react-router@6.30.1", "UID": "6344a1c06cb6d620", "BOMRef": "pkg:npm/react-router@6.30.1" }, "InstalledVersion": "6.30.1", "FixedVersion": "6.30.2, 7.9.6", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-68470", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:1f584cae03602051f743ca5aa1e173f7cc510ce2be3dccb511cf85bbf21bf8cb", "Title": "react-router: React Router unexpected external redirect", "Description": "React Router is a router for React. In versions 6.0.0 through 6.30.1 and 7.0.0 through 7.9.5, an attacker-supplied path can be crafted so that when a React Router application navigates to it via navigate(), \u003cLink\u003e, or redirect(), the app performs a navigation/redirect to an external URL. This is only an issue if you are passing untrusted content into navigation paths in your application code. This issue has been patched in versions 6.30.2 and 7.9.6.", "Severity": "MEDIUM", "CweIDs": [ "CWE-601" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-68470", "https://github.com/remix-run/react-router", "https://github.com/remix-run/react-router/security/advisories/GHSA-9jcx-v3wj-wh4m", "https://nvd.nist.gov/vuln/detail/CVE-2025-68470", "https://www.cve.org/CVERecord?id=CVE-2025-68470" ], "PublishedDate": "2026-01-10T03:15:48.477Z", "LastModifiedDate": "2026-01-30T18:20:54.873Z" }, { "VulnerabilityID": "CVE-2026-27606", "VendorIDs": [ "GHSA-mw96-cpmx-2vgc" ], "PkgID": "rollup@2.79.2", "PkgName": "rollup", "PkgIdentifier": { "PURL": "pkg:npm/rollup@2.79.2", "UID": "f810d5b1f9efb2db", "BOMRef": "pkg:npm/rollup@2.79.2" }, "InstalledVersion": "2.79.2", "FixedVersion": "2.80.0, 3.30.0, 4.59.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27606", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:37679548e4c37b01e70516290b86a15ffd6e14403cfe0bdb7078ca4e40d70556", "Title": "rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability", "Description": "Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 4, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P", "V40Score": 8.8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 9.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27606", "https://github.com/rollup/rollup", "https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2", "https://github.com/rollup/rollup/commit/c8cf1f9c48c516285758c1e11f08a54f304fd44e", "https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3", "https://github.com/rollup/rollup/releases/tag/v2.80.0", "https://github.com/rollup/rollup/releases/tag/v3.30.0", "https://github.com/rollup/rollup/releases/tag/v4.59.0", "https://github.com/rollup/rollup/security/advisories/GHSA-mw96-cpmx-2vgc", "https://nvd.nist.gov/vuln/detail/CVE-2026-27606", "https://www.cve.org/CVERecord?id=CVE-2026-27606" ], "PublishedDate": "2026-02-25T03:16:04.603Z", "LastModifiedDate": "2026-02-25T16:05:11.063Z" }, { "VulnerabilityID": "CVE-2026-27606", "VendorIDs": [ "GHSA-mw96-cpmx-2vgc" ], "PkgID": "rollup@4.44.2", "PkgName": "rollup", "PkgIdentifier": { "PURL": "pkg:npm/rollup@4.44.2", "UID": "42aa002551a6e08c", "BOMRef": "pkg:npm/rollup@4.44.2" }, "InstalledVersion": "4.44.2", "FixedVersion": "2.80.0, 3.30.0, 4.59.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27606", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:1826534c4058c9a037371f846f4d92ebe535a31bc461297a8d96f9142150e823", "Title": "rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability", "Description": "Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 4, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P", "V40Score": 8.8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 9.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27606", "https://github.com/rollup/rollup", "https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2", "https://github.com/rollup/rollup/commit/c8cf1f9c48c516285758c1e11f08a54f304fd44e", "https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3", "https://github.com/rollup/rollup/releases/tag/v2.80.0", "https://github.com/rollup/rollup/releases/tag/v3.30.0", "https://github.com/rollup/rollup/releases/tag/v4.59.0", "https://github.com/rollup/rollup/security/advisories/GHSA-mw96-cpmx-2vgc", "https://nvd.nist.gov/vuln/detail/CVE-2026-27606", "https://www.cve.org/CVERecord?id=CVE-2026-27606" ], "PublishedDate": "2026-02-25T03:16:04.603Z", "LastModifiedDate": "2026-02-25T16:05:11.063Z" }, { "VulnerabilityID": "CVE-2026-23745", "VendorIDs": [ "GHSA-8qq5-rm4j-mr97" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "d64ac15a192e89c5", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.3", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-23745", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:54e246eafd3a19461f8c7bff7d84dd18db3694ccc2b656243163e8a0a26bf55b", "Title": "node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives", "Description": "node-tar is a Tar for Node.js. The node-tar library (\u003c= 7.5.2) fails to sanitize the linkpath of Link (hardlink) and SymbolicLink entries when preservePaths is false (the default secure behavior). This allows malicious archives to bypass the extraction root restriction, leading to Arbitrary File Overwrite via hardlinks and Symlink Poisoning via absolute symlink targets. This vulnerability is fixed in 7.5.3.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", "V3Score": 6.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "V3Score": 8.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-23745", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/340eb285b6d986e91969a1170d7fe9b0face405e", "https://github.com/isaacs/node-tar/security/advisories/GHSA-8qq5-rm4j-mr97", "https://nvd.nist.gov/vuln/detail/CVE-2026-23745", "https://www.cve.org/CVERecord?id=CVE-2026-23745" ], "PublishedDate": "2026-01-16T22:16:26.83Z", "LastModifiedDate": "2026-02-18T16:20:07.823Z" }, { "VulnerabilityID": "CVE-2026-23950", "VendorIDs": [ "GHSA-r6q2-hw4h-h46w" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "d64ac15a192e89c5", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.4", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-23950", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:b4abfc3829172450c256597b8c5ff5b1a420470b772ff307f623f0ebd2d17057", "Title": "node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition", "Description": "node-tar,a Tar for Node.js, has a race condition vulnerability in versions up to and including 7.5.3. This is due to an incomplete handling of Unicode path collisions in the `path-reservations` system. On case-insensitive or normalization-insensitive filesystems (such as macOS APFS, In which it has been tested), the library fails to lock colliding paths (e.g., `ß` and `ss`), allowing them to be processed in parallel. This bypasses the library's internal concurrency safeguards and permits Symlink Poisoning attacks via race conditions. The library uses a `PathReservations` system to ensure that metadata checks and file operations for the same path are serialized. This prevents race conditions where one entry might clobber another concurrently. This is a Race Condition which enables Arbitrary File Overwrite. This vulnerability affects users and systems using node-tar on macOS (APFS/HFS+). Because of using `NFD` Unicode normalization (in which `ß` and `ss` are different), conflicting paths do not have their order properly preserved under filesystems that ignore Unicode normalization (e.g., APFS (in which `ß` causes an inode collision with `ss`)). This enables an attacker to circumvent internal parallelization locks (`PathReservations`) using conflicting filenames within a malicious tar archive. The patch in version 7.5.4 updates `path-reservations.js` to use a normalization form that matches the target filesystem's behavior (e.g., `NFKD`), followed by first `toLocaleLowerCase('en')` and then `toLocaleUpperCase('en')`. As a workaround, users who cannot upgrade promptly, and who are programmatically using `node-tar` to extract arbitrary tarball data should filter out all `SymbolicLink` entries (as npm does) to defend against arbitrary file writes via this file system entry name collision issue.", "Severity": "HIGH", "CweIDs": [ "CWE-176", "CWE-352", "CWE-367" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L", "V3Score": 8.8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L", "V3Score": 8.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-23950", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/3b1abfae650056edfabcbe0a0df5954d390521e6", "https://github.com/isaacs/node-tar/security/advisories/GHSA-r6q2-hw4h-h46w", "https://nvd.nist.gov/vuln/detail/CVE-2026-23950", "https://www.cve.org/CVERecord?id=CVE-2026-23950" ], "PublishedDate": "2026-01-20T01:15:57.87Z", "LastModifiedDate": "2026-02-18T15:50:29.91Z" }, { "VulnerabilityID": "CVE-2026-24842", "VendorIDs": [ "GHSA-34x7-hfp2-rc4v" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "d64ac15a192e89c5", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.7", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-24842", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:25f22c6eb657f3708958a40b6d41993023a9ef6e710b714256e5ca272632fbc7", "Title": "node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check", "Description": "node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path resolution semantics than the actual hardlink creation logic. This mismatch allows an attacker to craft a malicious TAR archive that bypasses path traversal protections and creates hardlinks to arbitrary files outside the extraction directory. Version 7.5.7 contains a fix for the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "V3Score": 8.2 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "V3Score": 8.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-24842", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f4a7aa9bc3d717c987fdf1480ff7a64e87ffdb46", "https://github.com/isaacs/node-tar/security/advisories/GHSA-34x7-hfp2-rc4v", "https://nvd.nist.gov/vuln/detail/CVE-2026-24842", "https://www.cve.org/CVERecord?id=CVE-2026-24842" ], "PublishedDate": "2026-01-28T01:16:14.947Z", "LastModifiedDate": "2026-02-02T14:30:10.89Z" }, { "VulnerabilityID": "CVE-2026-26960", "VendorIDs": [ "GHSA-83g3-92jg-28cx" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "d64ac15a192e89c5", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.8", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-26960", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:c319a059b780724d6f7019dff0df1ba6191903f27fea6a377249166cb813dd7e", "Title": "tar: node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation", "Description": "node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting user. Severity is high because the primitive bypasses path protections and turns archive extraction into a direct filesystem access primitive. This issue has been fixed in version 7.5.8.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "V3Score": 7.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "V3Score": 7.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-26960", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384", "https://github.com/isaacs/node-tar/commit/d18e4e1f846f4ddddc153b0f536a19c050e7499f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-83g3-92jg-28cx", "https://nvd.nist.gov/vuln/detail/CVE-2026-26960", "https://www.cve.org/CVERecord?id=CVE-2026-26960" ], "PublishedDate": "2026-02-20T02:16:53.883Z", "LastModifiedDate": "2026-02-20T19:24:16.537Z" }, { "VulnerabilityID": "CVE-2026-29786", "VendorIDs": [ "GHSA-qffp-2rhf-9h96" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "d64ac15a192e89c5", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.10", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:0b2ce4e5b4b2c8e01e6262392e3c66ed1c149c21556d1d078d420fce857191d7", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-31802", "VendorIDs": [ "GHSA-9ppj-qmqm-q256" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "d64ac15a192e89c5", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.11", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31802", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:6e9eccfea9e7c52691eca667ec3de15ddbe4c5b0d3b34f96f327f9c8420425b9", "Title": "tar: tar: File overwrite via drive-relative symlink traversal", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31802", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad", "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256", "https://nvd.nist.gov/vuln/detail/CVE-2026-31802", "https://www.cve.org/CVERecord?id=CVE-2026-31802" ], "PublishedDate": "2026-03-10T07:44:58.02Z", "LastModifiedDate": "2026-03-18T18:13:34.703Z" }, { "VulnerabilityID": "CVE-2026-1526", "VendorIDs": [ "GHSA-vrm6-8vpv-qv8q" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "c15a20516029828d", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "6.24.0, 7.24.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1526", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:c62df4f6607d812c4af608d5f24b067224530958d5ae904654953b8c02955a3a", "Title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression", "Description": "The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\n\nThe vulnerability exists in the PerMessageDeflate.decompress() method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold.", "Severity": "HIGH", "CweIDs": [ "CWE-409" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1526", "https://cna.openjsf.org/security-advisories.html", "https://datatracker.ietf.org/doc/html/rfc7692", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q", "https://hackerone.com/reports/3481206", "https://nvd.nist.gov/vuln/detail/CVE-2026-1526", "https://owasp.org/www-community/attacks/Denial_of_Service", "https://www.cve.org/CVERecord?id=CVE-2026-1526" ], "PublishedDate": "2026-03-12T21:16:23.933Z", "LastModifiedDate": "2026-03-20T15:56:47.337Z" }, { "VulnerabilityID": "CVE-2026-1528", "VendorIDs": [ "GHSA-f269-vfmq-vjvj" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "c15a20516029828d", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "6.24.0, 7.24.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1528", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:df33ac7fd6c8caf2e8ae94dd5b72206744b0c78e1c3725155cf7bc21405ede2e", "Title": "undici: undici: Denial of Service via crafted WebSocket frame with large length", "Description": "ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.\n\nPatches\n\nPatched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.", "Severity": "HIGH", "CweIDs": [ "CWE-248", "CWE-1284" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1528", "https://cna.openjsf.org/security-advisories.html", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj", "https://hackerone.com/reports/3537648", "https://nvd.nist.gov/vuln/detail/CVE-2026-1528", "https://www.cve.org/CVERecord?id=CVE-2026-1528" ], "PublishedDate": "2026-03-12T21:16:25.33Z", "LastModifiedDate": "2026-03-20T15:41:40.11Z" }, { "VulnerabilityID": "CVE-2026-2229", "VendorIDs": [ "GHSA-v9p9-hfj2-hcw8" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "c15a20516029828d", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "6.24.0, 7.24.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2229", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:640e6f9dd640196c89af0a02ac87ddc0ccdac54d5d5295a62bbaadca9c8e0691", "Title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter", "Description": "ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the server_max_window_bits parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range server_max_window_bits value (outside zlib's valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\n\nThe vulnerability exists because:\n\n * The isValidClientWindowBits() function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\n * The createInflateRaw() call is not wrapped in a try-catch block\n * The resulting exception propagates up through the call stack and crashes the Node.js process", "Severity": "HIGH", "CweIDs": [ "CWE-248", "CWE-1284" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-2229", "https://cna.openjsf.org/security-advisories.html", "https://datatracker.ietf.org/doc/html/rfc7692", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8", "https://hackerone.com/reports/3487486", "https://nodejs.org/api/zlib.html#class-zlibinflateraw", "https://nvd.nist.gov/vuln/detail/CVE-2026-2229", "https://www.cve.org/CVERecord?id=CVE-2026-2229" ], "PublishedDate": "2026-03-12T21:16:25.573Z", "LastModifiedDate": "2026-03-20T15:39:12.24Z" }, { "VulnerabilityID": "CVE-2026-1525", "VendorIDs": [ "GHSA-2mjp-6q6p-2qxm" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "c15a20516029828d", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "6.24.0, 7.24.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1525", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:86af27fe6cf2468a4ae3fe86eac1864fdd0c6546bf6859827e586ca41f3af5b7", "Title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers", "Description": "Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names (e.g., Content-Length and content-length). This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire.\n\nWho is impacted:\n\n * Applications using undici.request(), undici.Client, or similar low-level APIs with headers passed as flat arrays\n * Applications that accept user-controlled header names without case-normalization\n\n\nPotential consequences:\n\n * Denial of Service: Strict HTTP parsers (proxies, servers) will reject requests with duplicate Content-Length headers (400 Bad Request)\n * HTTP Request Smuggling: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking", "Severity": "MEDIUM", "CweIDs": [ "CWE-444" ], "VendorSeverity": { "amazon": 3, "ghsa": 2, "nvd": 4, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 7.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1525", "https://cna.openjsf.org/security-advisories.html", "https://cwe.mitre.org/data/definitions/444.html", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm", "https://hackerone.com/reports/3556037", "https://nvd.nist.gov/vuln/detail/CVE-2026-1525", "https://www.cve.org/CVERecord?id=CVE-2026-1525", "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6" ], "PublishedDate": "2026-03-12T20:16:02.67Z", "LastModifiedDate": "2026-03-19T17:29:34.053Z" }, { "VulnerabilityID": "CVE-2026-1527", "VendorIDs": [ "GHSA-4992-7rv2-5pvq" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "c15a20516029828d", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "6.24.0, 7.24.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1527", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:1419d070c27321c779730c7c3d4b0803e40f859d08764b3ecb5fb39a279ee634", "Title": "undici: Undici: HTTP header injection and request smuggling vulnerability", "Description": "ImpactWhen an application passes user-controlled input to the upgrade option of client.request(), an attacker can inject CRLF sequences (\\r\\n) to:\n\n * Inject arbitrary HTTP headers\n * Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\nThe vulnerability exists because undici writes the upgrade value directly to the socket without validating for invalid header characters:\n\n// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 3, "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "V3Score": 4.6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1527", "https://cna.openjsf.org/security-advisories.html", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq", "https://hackerone.com/reports/3487198", "https://nvd.nist.gov/vuln/detail/CVE-2026-1527", "https://www.cve.org/CVERecord?id=CVE-2026-1527" ], "PublishedDate": "2026-03-12T21:16:25.137Z", "LastModifiedDate": "2026-03-20T15:49:31.37Z" }, { "VulnerabilityID": "CVE-2026-22036", "VendorIDs": [ "GHSA-g9mf-h72j-4rw9" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "c15a20516029828d", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "7.18.2, 6.23.0", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22036", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:f9ba4bac4f1b37b9f6e17094d8da9b6d79677891efa3ee4a16ff73aa713651fa", "Title": "undici: Undici: Denial of Service via excessive decompression steps", "Description": "Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0, the number of links in the decompression chain is unbounded and the default maxHeaderSize allows a malicious server to insert thousands compression steps leading to high CPU usage and excessive memory allocation. This vulnerability is fixed in 7.18.0 and 6.23.0.", "Severity": "MEDIUM", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "amazon": 3, "ghsa": 2, "nvd": 3, "redhat": 1 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-22036", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/commit/b04e3cbb569c1596f86c108e9b52c79d8475dcb3", "https://github.com/nodejs/undici/security/advisories/GHSA-g9mf-h72j-4rw9", "https://nvd.nist.gov/vuln/detail/CVE-2026-22036", "https://www.cve.org/CVERecord?id=CVE-2026-22036" ], "PublishedDate": "2026-01-14T19:16:47.833Z", "LastModifiedDate": "2026-01-22T21:15:50.07Z" }, { "VulnerabilityID": "CVE-2026-33532", "VendorIDs": [ "GHSA-48c2-rrv3-qjmp" ], "PkgID": "yaml@1.10.2", "PkgName": "yaml", "PkgIdentifier": { "PURL": "pkg:npm/yaml@1.10.2", "UID": "67132cf3115a007a", "BOMRef": "pkg:npm/yaml@1.10.2" }, "InstalledVersion": "1.10.2", "FixedVersion": "2.8.3, 1.10.3", "Status": "fixed", "Layer": { "Digest": "sha256:35a8a3a610d0ba26c3f61634658a42c0256fbe460b43f26e6e7adc899f5b3ef4", "DiffID": "sha256:2875ebcc48e665270d57b8e32a0b252fd58ef592077e0721be36b87b2b5bd13b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33532", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ea5ff7f0bd377620ee8af63b26165c9bbcf783f2de087e53ee89a6ad56d3fcbd", "Title": "yaml: yaml: Denial of Service via deeply nested YAML document parsing", "Description": "`yaml` is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of `yaml` on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a depth bound. An attacker who can supply YAML for parsing can trigger a `RangeError: Maximum call stack size exceeded` with a small payload (~2–10 KB). The `RangeError` is not a `YAMLParseError`, so applications that only catch YAML-specific errors will encounter an unexpected exception type. Depending on the host application's exception handling, this can fail requests or terminate the Node.js process. Flow sequences allow deep nesting with minimal bytes (2 bytes per level: one `[` and one `]`). On the default Node.js stack, approximately 1,000–5,000 levels of nesting (2–10 KB input) exhaust the call stack. The exact threshold is environment-dependent (Node.js version, stack size, call stack depth at invocation). Note: the library's `Parser` (CST phase) uses a stack-based iterative approach and is not affected. Only the compose/resolve phase uses actual call-stack recursion. All three public parsing APIs are affected: `YAML.parse()`, `YAML.parseDocument()`, and `YAML.parseAllDocuments()`. Versions 1.10.3 and 2.8.3 contain a patch.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33532", "https://github.com/eemeli/yaml", "https://github.com/eemeli/yaml/commit/1e84ebbea7ec35011a4c61bbb820a529ee4f359b", "https://github.com/eemeli/yaml/releases/tag/v1.10.3", "https://github.com/eemeli/yaml/releases/tag/v2.8.3", "https://github.com/eemeli/yaml/security/advisories/GHSA-48c2-rrv3-qjmp", "https://nvd.nist.gov/vuln/detail/CVE-2026-33532", "https://www.cve.org/CVERecord?id=CVE-2026-33532" ], "PublishedDate": "2026-03-26T20:16:15.543Z", "LastModifiedDate": "2026-04-02T18:11:37.49Z" } ] }, { "Target": "qdrant/qdrant.spdx.json", "Class": "lang-pkgs", "Type": "cargo", "Packages": [ { "ID": "actix-codec@0.5.0", "Name": "actix-codec", "Identifier": { "PURL": "pkg:cargo/actix-codec@0.5.0", "UID": "accd854496a4dce0", "BOMRef": "pkg:cargo/actix-codec@0.5.0" }, "Version": "0.5.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bitflags@1.3.2", "bytes@1.10.1", "futures-core@0.3.31", "futures-sink@0.3.31", "log@0.4.28", "memchr@2.7.4", "pin-project-lite@0.2.12", "tokio-util@0.7.16", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-cors@0.7.1", "Name": "actix-cors", "Identifier": { "PURL": "pkg:cargo/actix-cors@0.7.1", "UID": "de5ec7a491ccf09f", "BOMRef": "pkg:cargo/actix-cors@0.7.1" }, "Version": "0.7.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-utils@3.0.1", "actix-web@4.11.0", "derive_more@2.0.1", "futures-util@0.3.31", "log@0.4.28", "once_cell@1.21.3", "smallvec@1.15.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-files@0.6.8", "Name": "actix-files", "Identifier": { "PURL": "pkg:cargo/actix-files@0.6.8", "UID": "a4b9b599832731d5", "BOMRef": "pkg:cargo/actix-files@0.6.8" }, "Version": "0.6.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-http@3.11.0", "actix-service@2.0.2", "actix-utils@3.0.1", "actix-web@4.11.0", "bitflags@2.9.1", "bytes@1.10.1", "derive_more@2.0.1", "futures-core@0.3.31", "http-range@0.1.5", "log@0.4.28", "mime@0.3.16", "mime_guess@2.0.4", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "v_htmlescape@0.15.8" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-http@3.11.0", "Name": "actix-http", "Identifier": { "PURL": "pkg:cargo/actix-http@3.11.0", "UID": "6eb7fdddb97e48df", "BOMRef": "pkg:cargo/actix-http@3.11.0" }, "Version": "3.11.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-codec@0.5.0", "actix-rt@2.10.0", "actix-service@2.0.2", "actix-tls@3.4.0", "actix-utils@3.0.1", "base64@0.22.0", "bitflags@2.9.1", "brotli@8.0.1", "bytes@1.10.1", "bytestring@1.2.0", "derive_more@2.0.1", "encoding_rs@0.8.33", "flate2@1.1.4", "foldhash@0.1.4", "futures-core@0.3.31", "h2@0.3.26", "http@0.2.12", "httparse@1.10.1", "httpdate@1.0.2", "itoa@1.0.5", "language-tags@0.3.2", "local-channel@0.1.3", "mime@0.3.16", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "rand@0.9.2", "sha1@0.10.5", "smallvec@1.15.1", "tokio-util@0.7.16", "tokio@1.48.0", "tracing@0.1.43", "zstd@0.13.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-macros@0.2.3", "Name": "actix-macros", "Identifier": { "PURL": "pkg:cargo/actix-macros@0.2.3", "UID": "af2c28302520917e", "BOMRef": "pkg:cargo/actix-macros@0.2.3" }, "Version": "0.2.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-multipart@0.7.2", "Name": "actix-multipart", "Identifier": { "PURL": "pkg:cargo/actix-multipart@0.7.2", "UID": "a90e71b6208bab7c", "BOMRef": "pkg:cargo/actix-multipart@0.7.2" }, "Version": "0.7.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-multipart-derive@0.7.0", "actix-utils@3.0.1", "actix-web@4.11.0", "derive_more@0.99.17", "futures-core@0.3.31", "futures-util@0.3.31", "httparse@1.10.1", "local-waker@0.1.3", "log@0.4.28", "memchr@2.7.4", "mime@0.3.16", "rand@0.8.5", "serde@1.0.226", "serde_json@1.0.145", "serde_plain@1.0.1", "tempfile@3.23.0", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-multipart-derive@0.7.0", "Name": "actix-multipart-derive", "Identifier": { "PURL": "pkg:cargo/actix-multipart-derive@0.7.0", "UID": "52cc81ff40a9bd30", "BOMRef": "pkg:cargo/actix-multipart-derive@0.7.0" }, "Version": "0.7.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "darling@0.20.8", "parse-size@1.0.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-router@0.5.3", "Name": "actix-router", "Identifier": { "PURL": "pkg:cargo/actix-router@0.5.3", "UID": "95bd0802d507d6af", "BOMRef": "pkg:cargo/actix-router@0.5.3" }, "Version": "0.5.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytestring@1.2.0", "cfg-if@1.0.0", "http@0.2.12", "regex-lite@0.1.5", "regex@1.11.0", "serde@1.0.226", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-rt@2.10.0", "Name": "actix-rt", "Identifier": { "PURL": "pkg:cargo/actix-rt@2.10.0", "UID": "410d3bd0334c96e0", "BOMRef": "pkg:cargo/actix-rt@2.10.0" }, "Version": "2.10.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-server@2.6.0", "Name": "actix-server", "Identifier": { "PURL": "pkg:cargo/actix-server@2.6.0", "UID": "1a385c49851e5554", "BOMRef": "pkg:cargo/actix-server@2.6.0" }, "Version": "2.6.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-rt@2.10.0", "actix-service@2.0.2", "actix-utils@3.0.1", "futures-core@0.3.31", "futures-util@0.3.31", "mio@1.0.1", "socket2@0.5.10", "tokio@1.48.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-service@2.0.2", "Name": "actix-service", "Identifier": { "PURL": "pkg:cargo/actix-service@2.0.2", "UID": "d510221a0c9229d", "BOMRef": "pkg:cargo/actix-service@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31", "paste@1.0.11", "pin-project-lite@0.2.12" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-tls@3.4.0", "Name": "actix-tls", "Identifier": { "PURL": "pkg:cargo/actix-tls@3.4.0", "UID": "7ab6397097971896", "BOMRef": "pkg:cargo/actix-tls@3.4.0" }, "Version": "3.4.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-rt@2.10.0", "actix-service@2.0.2", "actix-utils@3.0.1", "futures-core@0.3.31", "impl-more@0.1.6", "pin-project-lite@0.2.12", "rustls-pki-types@1.12.0", "tokio-rustls@0.26.0", "tokio-util@0.7.16", "tokio@1.48.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-utils@3.0.1", "Name": "actix-utils", "Identifier": { "PURL": "pkg:cargo/actix-utils@3.0.1", "UID": "41d1bc81163afcea", "BOMRef": "pkg:cargo/actix-utils@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "local-waker@0.1.3", "pin-project-lite@0.2.12" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-web@4.11.0", "Name": "actix-web", "Identifier": { "PURL": "pkg:cargo/actix-web@4.11.0", "UID": "619a49465351c17a", "BOMRef": "pkg:cargo/actix-web@4.11.0" }, "Version": "4.11.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-codec@0.5.0", "actix-http@3.11.0", "actix-macros@0.2.3", "actix-router@0.5.3", "actix-rt@2.10.0", "actix-server@2.6.0", "actix-service@2.0.2", "actix-tls@3.4.0", "actix-utils@3.0.1", "actix-web-codegen@4.3.0", "bytes@1.10.1", "bytestring@1.2.0", "cfg-if@1.0.0", "cookie@0.16.2", "derive_more@2.0.1", "encoding_rs@0.8.33", "foldhash@0.1.4", "futures-core@0.3.31", "futures-util@0.3.31", "impl-more@0.1.6", "itoa@1.0.5", "language-tags@0.3.2", "log@0.4.28", "mime@0.3.16", "once_cell@1.21.3", "pin-project-lite@0.2.12", "regex-lite@0.1.5", "regex@1.11.0", "serde@1.0.226", "serde_json@1.0.145", "serde_urlencoded@0.7.1", "smallvec@1.15.1", "socket2@0.5.10", "time@0.3.17", "tracing@0.1.43", "url@2.5.7" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-web-codegen@4.3.0", "Name": "actix-web-codegen", "Identifier": { "PURL": "pkg:cargo/actix-web-codegen@4.3.0", "UID": "a497bb4b84b3fbb3", "BOMRef": "pkg:cargo/actix-web-codegen@4.3.0" }, "Version": "4.3.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-router@0.5.3", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-web-extras@0.1.0", "Name": "actix-web-extras", "Identifier": { "PURL": "pkg:cargo/actix-web-extras@0.1.0", "UID": "ae159f0161a807a1", "BOMRef": "pkg:cargo/actix-web-extras@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-web@4.11.0", "futures-core@0.3.31", "futures-util@0.3.31", "pin-project-lite@0.2.12" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "actix-web-validator@7.0.0", "Name": "actix-web-validator", "Identifier": { "PURL": "pkg:cargo/actix-web-validator@7.0.0", "UID": "87100b92525c310e", "BOMRef": "pkg:cargo/actix-web-validator@7.0.0" }, "Version": "7.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "actix-http@3.11.0", "actix-router@0.5.3", "actix-web@4.11.0", "bytes@1.10.1", "futures-util@0.3.31", "futures@0.3.31", "log@0.4.28", "mime@0.3.16", "serde@1.0.226", "serde_json@1.0.145", "serde_qs@0.13.0", "serde_urlencoded@0.7.1", "thiserror@2.0.17", "validator@0.20.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "addr2line@0.19.0", "Name": "addr2line", "Identifier": { "PURL": "pkg:cargo/addr2line@0.19.0", "UID": "4521eed35493ef77", "BOMRef": "pkg:cargo/addr2line@0.19.0" }, "Version": "0.19.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "gimli@0.27.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "adler@1.0.2", "Name": "adler", "Identifier": { "PURL": "pkg:cargo/adler@1.0.2", "UID": "228e3b019ebbc355", "BOMRef": "pkg:cargo/adler@1.0.2" }, "Version": "1.0.2", "Licenses": [ "0BSD OR MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "adler2@2.0.0", "Name": "adler2", "Identifier": { "PURL": "pkg:cargo/adler2@2.0.0", "UID": "b2656d33ffc5913b", "BOMRef": "pkg:cargo/adler2@2.0.0" }, "Version": "2.0.0", "Licenses": [ "0BSD OR MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "adler32@1.2.0", "Name": "adler32", "Identifier": { "PURL": "pkg:cargo/adler32@1.2.0", "UID": "433e5e2756cd5f08", "BOMRef": "pkg:cargo/adler32@1.2.0" }, "Version": "1.2.0", "Licenses": [ "Zlib" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ahash@0.8.11", "Name": "ahash", "Identifier": { "PURL": "pkg:cargo/ahash@0.8.11", "UID": "a6f391de599df633", "BOMRef": "pkg:cargo/ahash@0.8.11" }, "Version": "0.8.11", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "getrandom@0.2.11", "once_cell@1.21.3", "serde@1.0.226", "zerocopy@0.7.35" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "aho-corasick@1.1.3", "Name": "aho-corasick", "Identifier": { "PURL": "pkg:cargo/aho-corasick@1.1.3", "UID": "7cff8b1fef23f37c", "BOMRef": "pkg:cargo/aho-corasick@1.1.3" }, "Version": "1.1.3", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "aligned-vec@0.6.1", "Name": "aligned-vec", "Identifier": { "PURL": "pkg:cargo/aligned-vec@0.6.1", "UID": "74512bdaac1149b0", "BOMRef": "pkg:cargo/aligned-vec@0.6.1" }, "Version": "0.6.1", "Licenses": [ "MIT" ], "DependsOn": [ "equator@0.2.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "alloc-no-stdlib@2.0.4", "Name": "alloc-no-stdlib", "Identifier": { "PURL": "pkg:cargo/alloc-no-stdlib@2.0.4", "UID": "1fdf99ccfb0d9b84", "BOMRef": "pkg:cargo/alloc-no-stdlib@2.0.4" }, "Version": "2.0.4", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "alloc-stdlib@0.2.2", "Name": "alloc-stdlib", "Identifier": { "PURL": "pkg:cargo/alloc-stdlib@0.2.2", "UID": "b54f1410ce071b74", "BOMRef": "pkg:cargo/alloc-stdlib@0.2.2" }, "Version": "0.2.2", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "alloc-no-stdlib@2.0.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "allocator-api2@0.2.16", "Name": "allocator-api2", "Identifier": { "PURL": "pkg:cargo/allocator-api2@0.2.16", "UID": "3612cfb54d3a29a6", "BOMRef": "pkg:cargo/allocator-api2@0.2.16" }, "Version": "0.2.16", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "android_system_properties@0.1.5", "Name": "android_system_properties", "Identifier": { "PURL": "pkg:cargo/android_system_properties@0.1.5", "UID": "b04b569a388150c0", "BOMRef": "pkg:cargo/android_system_properties@0.1.5" }, "Version": "0.1.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "anstream@0.6.11", "Name": "anstream", "Identifier": { "PURL": "pkg:cargo/anstream@0.6.11", "UID": "eee2c3d25b2bcb8d", "BOMRef": "pkg:cargo/anstream@0.6.11" }, "Version": "0.6.11", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "anstyle-parse@0.2.0", "anstyle-query@1.0.0", "anstyle-wincon@3.0.1", "anstyle@1.0.8", "colorchoice@1.0.0", "utf8parse@0.2.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "anstyle@1.0.8", "Name": "anstyle", "Identifier": { "PURL": "pkg:cargo/anstyle@1.0.8", "UID": "681d9745f7aed2fe", "BOMRef": "pkg:cargo/anstyle@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "anstyle-parse@0.2.0", "Name": "anstyle-parse", "Identifier": { "PURL": "pkg:cargo/anstyle-parse@0.2.0", "UID": "c4edd03a00c32c9d", "BOMRef": "pkg:cargo/anstyle-parse@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "utf8parse@0.2.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "anstyle-query@1.0.0", "Name": "anstyle-query", "Identifier": { "PURL": "pkg:cargo/anstyle-query@1.0.0", "UID": "9dc5c2f696cceec2", "BOMRef": "pkg:cargo/anstyle-query@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-sys@0.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "anstyle-wincon@3.0.1", "Name": "anstyle-wincon", "Identifier": { "PURL": "pkg:cargo/anstyle-wincon@3.0.1", "UID": "afdcff1deb4b4033", "BOMRef": "pkg:cargo/anstyle-wincon@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "anstyle@1.0.8", "windows-sys@0.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "antidote@1.0.0", "Name": "antidote", "Identifier": { "PURL": "pkg:cargo/antidote@1.0.0", "UID": "c5703886c86e2b16", "BOMRef": "pkg:cargo/antidote@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "anyhow@1.0.100", "Name": "anyhow", "Identifier": { "PURL": "pkg:cargo/anyhow@1.0.100", "UID": "3050a9e31f5a9985", "BOMRef": "pkg:cargo/anyhow@1.0.100" }, "Version": "1.0.100", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "approx@0.5.1", "Name": "approx", "Identifier": { "PURL": "pkg:cargo/approx@0.5.1", "UID": "f81c65d917115ce2", "BOMRef": "pkg:cargo/approx@0.5.1" }, "Version": "0.5.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "arc-swap@1.7.1", "Name": "arc-swap", "Identifier": { "PURL": "pkg:cargo/arc-swap@1.7.1", "UID": "3d1907072d9325de", "BOMRef": "pkg:cargo/arc-swap@1.7.1" }, "Version": "1.7.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "arraydeque@0.5.1", "Name": "arraydeque", "Identifier": { "PURL": "pkg:cargo/arraydeque@0.5.1", "UID": "1e20f78ee561d3b7", "BOMRef": "pkg:cargo/arraydeque@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "arrayvec@0.4.12", "Name": "arrayvec", "Identifier": { "PURL": "pkg:cargo/arrayvec@0.4.12", "UID": "f2d97e4e3704c4e2", "BOMRef": "pkg:cargo/arrayvec@0.4.12" }, "Version": "0.4.12", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "nodrop@0.1.14" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "arrayvec@0.7.6", "Name": "arrayvec", "Identifier": { "PURL": "pkg:cargo/arrayvec@0.7.6", "UID": "3afd788e156b6788", "BOMRef": "pkg:cargo/arrayvec@0.7.6" }, "Version": "0.7.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ash@0.38.0+1.3.281", "Name": "ash", "Identifier": { "PURL": "pkg:cargo/ash@0.38.0%2B1.3.281", "UID": "e78122dbdbe75f16", "BOMRef": "pkg:cargo/ash@0.38.0%2B1.3.281" }, "Version": "0.38.0+1.3.281", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libloading@0.8.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "async-stream@0.3.3", "Name": "async-stream", "Identifier": { "PURL": "pkg:cargo/async-stream@0.3.3", "UID": "c45feec9e45e71a0", "BOMRef": "pkg:cargo/async-stream@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "async-stream-impl@0.3.3", "futures-core@0.3.31" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "async-stream-impl@0.3.3", "Name": "async-stream-impl", "Identifier": { "PURL": "pkg:cargo/async-stream-impl@0.3.3", "UID": "810769467ef73666", "BOMRef": "pkg:cargo/async-stream-impl@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "async-trait@0.1.89", "Name": "async-trait", "Identifier": { "PURL": "pkg:cargo/async-trait@0.1.89", "UID": "f1af8fee48e2c550", "BOMRef": "pkg:cargo/async-trait@0.1.89" }, "Version": "0.1.89", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "atomic_refcell@0.1.13", "Name": "atomic_refcell", "Identifier": { "PURL": "pkg:cargo/atomic_refcell@0.1.13", "UID": "da274a527aca5f72", "BOMRef": "pkg:cargo/atomic_refcell@0.1.13" }, "Version": "0.1.13", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "atomicwrites@0.4.4", "Name": "atomicwrites", "Identifier": { "PURL": "pkg:cargo/atomicwrites@0.4.4", "UID": "303e73633a84e2ab", "BOMRef": "pkg:cargo/atomicwrites@0.4.4" }, "Version": "0.4.4", "Licenses": [ "MIT" ], "DependsOn": [ "rustix@0.38.40", "tempfile@3.23.0", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "axum@0.6.12", "Name": "axum", "Identifier": { "PURL": "pkg:cargo/axum@0.6.12", "UID": "8553b4fd53b87f43", "BOMRef": "pkg:cargo/axum@0.6.12" }, "Version": "0.6.12", "Licenses": [ "MIT" ], "DependsOn": [ "async-trait@0.1.89", "axum-core@0.3.3", "bitflags@1.3.2", "bytes@1.10.1", "futures-util@0.3.31", "http-body@0.4.5", "http@0.2.12", "hyper@0.14.26", "itoa@1.0.5", "matchit@0.7.0", "memchr@2.7.4", "mime@0.3.16", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "serde@1.0.226", "sync_wrapper@0.1.2", "tower-layer@0.3.3", "tower-service@0.3.3", "tower@0.4.13" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "axum@0.7.5", "Name": "axum", "Identifier": { "PURL": "pkg:cargo/axum@0.7.5", "UID": "698cfd5d92f0cde3", "BOMRef": "pkg:cargo/axum@0.7.5" }, "Version": "0.7.5", "Licenses": [ "MIT" ], "DependsOn": [ "async-trait@0.1.89", "axum-core@0.4.3", "bytes@1.10.1", "futures-util@0.3.31", "http-body-util@0.1.2", "http-body@1.0.0", "http@1.3.1", "itoa@1.0.5", "matchit@0.7.0", "memchr@2.7.4", "mime@0.3.16", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "serde@1.0.226", "sync_wrapper@1.0.1", "tower-layer@0.3.3", "tower-service@0.3.3", "tower@0.4.13" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "axum-core@0.3.3", "Name": "axum-core", "Identifier": { "PURL": "pkg:cargo/axum-core@0.3.3", "UID": "41367650277a935a", "BOMRef": "pkg:cargo/axum-core@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "async-trait@0.1.89", "bytes@1.10.1", "futures-util@0.3.31", "http-body@0.4.5", "http@0.2.12", "mime@0.3.16", "tower-layer@0.3.3", "tower-service@0.3.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "axum-core@0.4.3", "Name": "axum-core", "Identifier": { "PURL": "pkg:cargo/axum-core@0.4.3", "UID": "7791130bc7661ed9", "BOMRef": "pkg:cargo/axum-core@0.4.3" }, "Version": "0.4.3", "Licenses": [ "MIT" ], "DependsOn": [ "async-trait@0.1.89", "bytes@1.10.1", "futures-util@0.3.31", "http-body-util@0.1.2", "http-body@1.0.0", "http@1.3.1", "mime@0.3.16", "pin-project-lite@0.2.12", "sync_wrapper@0.1.2", "tower-layer@0.3.3", "tower-service@0.3.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "backtrace@0.3.67", "Name": "backtrace", "Identifier": { "PURL": "pkg:cargo/backtrace@0.3.67", "UID": "d8f611fd697102d8", "BOMRef": "pkg:cargo/backtrace@0.3.67" }, "Version": "0.3.67", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "addr2line@0.19.0", "cfg-if@1.0.0", "libc@0.2.174", "miniz_oxide@0.6.2", "object@0.30.0", "rustc-demangle@0.1.21" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "base16ct@0.2.0", "Name": "base16ct", "Identifier": { "PURL": "pkg:cargo/base16ct@0.2.0", "UID": "8003076ce6f26386", "BOMRef": "pkg:cargo/base16ct@0.2.0" }, "Version": "0.2.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "base64@0.13.1", "Name": "base64", "Identifier": { "PURL": "pkg:cargo/base64@0.13.1", "UID": "267d674bb283832a", "BOMRef": "pkg:cargo/base64@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "base64@0.21.0", "Name": "base64", "Identifier": { "PURL": "pkg:cargo/base64@0.21.0", "UID": "e94891940eaf239b", "BOMRef": "pkg:cargo/base64@0.21.0" }, "Version": "0.21.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "base64@0.22.0", "Name": "base64", "Identifier": { "PURL": "pkg:cargo/base64@0.22.0", "UID": "e7485d0cf105c4af", "BOMRef": "pkg:cargo/base64@0.22.0" }, "Version": "0.22.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "base64ct@1.8.0", "Name": "base64ct", "Identifier": { "PURL": "pkg:cargo/base64ct@1.8.0", "UID": "83eee3a01103aea", "BOMRef": "pkg:cargo/base64ct@1.8.0" }, "Version": "1.8.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bincode@1.3.3", "Name": "bincode", "Identifier": { "PURL": "pkg:cargo/bincode@1.3.3", "UID": "a0f2e5410b735c72", "BOMRef": "pkg:cargo/bincode@1.3.3" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bincode@2.0.1", "Name": "bincode", "Identifier": { "PURL": "pkg:cargo/bincode@2.0.1", "UID": "b456475071309658", "BOMRef": "pkg:cargo/bincode@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "bincode_derive@2.0.1", "serde@1.0.226", "unty@0.0.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bincode_derive@2.0.1", "Name": "bincode_derive", "Identifier": { "PURL": "pkg:cargo/bincode_derive@2.0.1", "UID": "57562f96caed84fd", "BOMRef": "pkg:cargo/bincode_derive@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "virtue@0.0.18" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "binout@0.2.1", "Name": "binout", "Identifier": { "PURL": "pkg:cargo/binout@0.2.1", "UID": "2d385a37285ce941", "BOMRef": "pkg:cargo/binout@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bitflags@1.3.2", "Name": "bitflags", "Identifier": { "PURL": "pkg:cargo/bitflags@1.3.2", "UID": "b5af3ca02f55ee63", "BOMRef": "pkg:cargo/bitflags@1.3.2" }, "Version": "1.3.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bitflags@2.9.1", "Name": "bitflags", "Identifier": { "PURL": "pkg:cargo/bitflags@2.9.1", "UID": "804f56a0713c4ae9", "BOMRef": "pkg:cargo/bitflags@2.9.1" }, "Version": "2.9.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bitm@0.4.2", "Name": "bitm", "Identifier": { "PURL": "pkg:cargo/bitm@0.4.2", "UID": "d9f55e7cef08fb28", "BOMRef": "pkg:cargo/bitm@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "dyn_size_of@0.4.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bitpacking@0.9.2", "Name": "bitpacking", "Identifier": { "PURL": "pkg:cargo/bitpacking@0.9.2", "UID": "d174ab69496e3673", "BOMRef": "pkg:cargo/bitpacking@0.9.2" }, "Version": "0.9.2", "Licenses": [ "MIT" ], "DependsOn": [ "crunchy@0.2.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bitvec@1.0.1", "Name": "bitvec", "Identifier": { "PURL": "pkg:cargo/bitvec@1.0.1", "UID": "d37e3521c6e8b89f", "BOMRef": "pkg:cargo/bitvec@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "funty@2.0.0", "radium@0.7.0", "tap@1.0.1", "wyz@0.5.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "blake2-rfc@0.2.18", "Name": "blake2-rfc", "Identifier": { "PURL": "pkg:cargo/blake2-rfc@0.2.18", "UID": "63f9e13d972c4f5c", "BOMRef": "pkg:cargo/blake2-rfc@0.2.18" }, "Version": "0.2.18", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "arrayvec@0.4.12", "constant_time_eq@0.1.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "block-buffer@0.10.3", "Name": "block-buffer", "Identifier": { "PURL": "pkg:cargo/block-buffer@0.10.3", "UID": "7aec3f93115c5b75", "BOMRef": "pkg:cargo/block-buffer@0.10.3" }, "Version": "0.10.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "generic-array@0.14.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "brotli@8.0.1", "Name": "brotli", "Identifier": { "PURL": "pkg:cargo/brotli@8.0.1", "UID": "a8ac4faa2960565c", "BOMRef": "pkg:cargo/brotli@8.0.1" }, "Version": "8.0.1", "Licenses": [ "BSD-3-Clause AND MIT" ], "DependsOn": [ "alloc-no-stdlib@2.0.4", "alloc-stdlib@0.2.2", "brotli-decompressor@5.0.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "brotli-decompressor@5.0.0", "Name": "brotli-decompressor", "Identifier": { "PURL": "pkg:cargo/brotli-decompressor@5.0.0", "UID": "20c179e990d508ac", "BOMRef": "pkg:cargo/brotli-decompressor@5.0.0" }, "Version": "5.0.0", "Licenses": [ "BSD-3-Clause OR MIT" ], "DependsOn": [ "alloc-no-stdlib@2.0.4", "alloc-stdlib@0.2.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bumpalo@3.11.1", "Name": "bumpalo", "Identifier": { "PURL": "pkg:cargo/bumpalo@3.11.1", "UID": "2d5aad8826c7617f", "BOMRef": "pkg:cargo/bumpalo@3.11.1" }, "Version": "3.11.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bytemuck@1.24.0", "Name": "bytemuck", "Identifier": { "PURL": "pkg:cargo/bytemuck@1.24.0", "UID": "ecdc126d6770ea74", "BOMRef": "pkg:cargo/bytemuck@1.24.0" }, "Version": "1.24.0", "Licenses": [ "Zlib OR Apache-2.0 OR MIT" ], "DependsOn": [ "bytemuck_derive@1.10.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bytemuck_derive@1.10.2", "Name": "bytemuck_derive", "Identifier": { "PURL": "pkg:cargo/bytemuck_derive@1.10.2", "UID": "a5474a8395938e20", "BOMRef": "pkg:cargo/bytemuck_derive@1.10.2" }, "Version": "1.10.2", "Licenses": [ "Zlib OR Apache-2.0 OR MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "byteorder@1.5.0", "Name": "byteorder", "Identifier": { "PURL": "pkg:cargo/byteorder@1.5.0", "UID": "39f2eae5e25f05aa", "BOMRef": "pkg:cargo/byteorder@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unlicense OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bytes@1.10.1", "Name": "bytes", "Identifier": { "PURL": "pkg:cargo/bytes@1.10.1", "UID": "1adf6932336c8bf9", "BOMRef": "pkg:cargo/bytes@1.10.1" }, "Version": "1.10.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bytestring@1.2.0", "Name": "bytestring", "Identifier": { "PURL": "pkg:cargo/bytestring@1.2.0", "UID": "3b632c46ecbb7c58", "BOMRef": "pkg:cargo/bytestring@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytes@1.10.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "bzip2-sys@0.1.11+1.0.8", "Name": "bzip2-sys", "Identifier": { "PURL": "pkg:cargo/bzip2-sys@0.1.11%2B1.0.8", "UID": "b1a190f8a4a34740", "BOMRef": "pkg:cargo/bzip2-sys@0.1.11%2B1.0.8" }, "Version": "0.1.11+1.0.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "cedarwood@0.4.6", "Name": "cedarwood", "Identifier": { "PURL": "pkg:cargo/cedarwood@0.4.6", "UID": "960a0c566bf8ca14", "BOMRef": "pkg:cargo/cedarwood@0.4.6" }, "Version": "0.4.6", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "smallvec@1.15.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "cfg-if@1.0.0", "Name": "cfg-if", "Identifier": { "PURL": "pkg:cargo/cfg-if@1.0.0", "UID": "978b8c0abf1bb4d9", "BOMRef": "pkg:cargo/cfg-if@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "cgroups-rs@0.3.4", "Name": "cgroups-rs", "Identifier": { "PURL": "pkg:cargo/cgroups-rs@0.3.4", "UID": "4d7c6d4bfa62b223", "BOMRef": "pkg:cargo/cgroups-rs@0.3.4" }, "Version": "0.3.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "log@0.4.28", "nix@0.25.1", "regex@1.11.0", "thiserror@1.0.69" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "charabia@0.9.7", "Name": "charabia", "Identifier": { "PURL": "pkg:cargo/charabia@0.9.7", "UID": "4b2c6febc27d40c2", "BOMRef": "pkg:cargo/charabia@0.9.7" }, "Version": "0.9.7", "Licenses": [ "MIT" ], "DependsOn": [ "aho-corasick@1.1.3", "csv@1.4.0", "either@1.13.0", "fst@0.4.7", "irg-kvariants@0.1.1", "jieba-rs@0.7.3", "once_cell@1.21.3", "serde@1.0.226", "slice-group-by@0.3.1", "unicode-normalization@0.1.24", "whatlang@0.16.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "chrono@0.4.42", "Name": "chrono", "Identifier": { "PURL": "pkg:cargo/chrono@0.4.42", "UID": "78e48fa7547c0302", "BOMRef": "pkg:cargo/chrono@0.4.42" }, "Version": "0.4.42", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "iana-time-zone@0.1.53", "js-sys@0.3.77", "num-traits@0.2.19", "serde@1.0.226", "wasm-bindgen@0.2.100", "windows-link@0.2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "clap@4.5.53", "Name": "clap", "Identifier": { "PURL": "pkg:cargo/clap@4.5.53", "UID": "768339ebfbb5fad5", "BOMRef": "pkg:cargo/clap@4.5.53" }, "Version": "4.5.53", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "clap_builder@4.5.53", "clap_derive@4.5.49" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "clap_builder@4.5.53", "Name": "clap_builder", "Identifier": { "PURL": "pkg:cargo/clap_builder@4.5.53", "UID": "58579f99b98058c", "BOMRef": "pkg:cargo/clap_builder@4.5.53" }, "Version": "4.5.53", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "anstream@0.6.11", "anstyle@1.0.8", "clap_lex@0.7.4", "strsim@0.11.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "clap_derive@4.5.49", "Name": "clap_derive", "Identifier": { "PURL": "pkg:cargo/clap_derive@4.5.49", "UID": "4affb4ab3b8131b7", "BOMRef": "pkg:cargo/clap_derive@4.5.49" }, "Version": "4.5.49", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "heck@0.5.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "clap_lex@0.7.4", "Name": "clap_lex", "Identifier": { "PURL": "pkg:cargo/clap_lex@0.7.4", "UID": "7d53c49bfd3acb0d", "BOMRef": "pkg:cargo/clap_lex@0.7.4" }, "Version": "0.7.4", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "colorchoice@1.0.0", "Name": "colorchoice", "Identifier": { "PURL": "pkg:cargo/colorchoice@1.0.0", "UID": "3e02df3f022f1ed0", "BOMRef": "pkg:cargo/colorchoice@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "colored@3.0.0", "Name": "colored", "Identifier": { "PURL": "pkg:cargo/colored@3.0.0", "UID": "12266cb179a5ad59", "BOMRef": "pkg:cargo/colored@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MPL-2.0" ], "DependsOn": [ "windows-sys@0.59.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "config@0.15.18", "Name": "config", "Identifier": { "PURL": "pkg:cargo/config@0.15.18", "UID": "a52e9da77dec5187", "BOMRef": "pkg:cargo/config@0.15.18" }, "Version": "0.15.18", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "pathdiff@0.2.3", "serde_core@1.0.226", "winnow@0.7.13", "yaml-rust2@0.10.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "console@0.16.0", "Name": "console", "Identifier": { "PURL": "pkg:cargo/console@0.16.0", "UID": "ec71bc109ddc269c", "BOMRef": "pkg:cargo/console@0.16.0" }, "Version": "0.16.0", "Licenses": [ "MIT" ], "DependsOn": [ "encode_unicode@1.0.0", "libc@0.2.174", "once_cell@1.21.3", "unicode-width@0.2.0", "windows-sys@0.60.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "console-api@0.8.1", "Name": "console-api", "Identifier": { "PURL": "pkg:cargo/console-api@0.8.1", "UID": "7c7a315507e7b476", "BOMRef": "pkg:cargo/console-api@0.8.1" }, "Version": "0.8.1", "Licenses": [ "MIT" ], "DependsOn": [ "futures-core@0.3.31", "prost-types@0.13.1", "prost@0.13.1", "tonic@0.12.3", "tracing-core@0.1.35" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "console-subscriber@0.4.1", "Name": "console-subscriber", "Identifier": { "PURL": "pkg:cargo/console-subscriber@0.4.1", "UID": "f825c6ab85d7479f", "BOMRef": "pkg:cargo/console-subscriber@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "console-api@0.8.1", "crossbeam-channel@0.5.15", "crossbeam-utils@0.8.20", "futures-task@0.3.31", "hdrhistogram@7.5.2", "humantime@2.3.0", "hyper-util@0.1.13", "parking_lot@0.12.5", "prost-types@0.13.1", "prost@0.13.1", "serde@1.0.226", "serde_json@1.0.145", "thread_local@1.1.7", "tokio-stream@0.1.17", "tokio@1.48.0", "tonic@0.12.3", "tracing-core@0.1.35", "tracing-subscriber@0.3.22", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "const-oid@0.9.6", "Name": "const-oid", "Identifier": { "PURL": "pkg:cargo/const-oid@0.9.6", "UID": "10f2783dbeec4617", "BOMRef": "pkg:cargo/const-oid@0.9.6" }, "Version": "0.9.6", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "constant_time_eq@0.1.5", "Name": "constant_time_eq", "Identifier": { "PURL": "pkg:cargo/constant_time_eq@0.1.5", "UID": "ef3ed844d61fcb60", "BOMRef": "pkg:cargo/constant_time_eq@0.1.5" }, "Version": "0.1.5", "Licenses": [ "CC0-1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "constant_time_eq@0.4.2", "Name": "constant_time_eq", "Identifier": { "PURL": "pkg:cargo/constant_time_eq@0.4.2", "UID": "644b44e37fd395ca", "BOMRef": "pkg:cargo/constant_time_eq@0.4.2" }, "Version": "0.4.2", "Licenses": [ "CC0-1.0 OR MIT-0 OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "convert_case@0.4.0", "Name": "convert_case", "Identifier": { "PURL": "pkg:cargo/convert_case@0.4.0", "UID": "49d70cc6b423ba5c", "BOMRef": "pkg:cargo/convert_case@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "cookie@0.16.2", "Name": "cookie", "Identifier": { "PURL": "pkg:cargo/cookie@0.16.2", "UID": "f90495139b425b79", "BOMRef": "pkg:cargo/cookie@0.16.2" }, "Version": "0.16.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "percent-encoding@2.3.2", "time@0.3.17" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "core-foundation@0.9.4", "Name": "core-foundation", "Identifier": { "PURL": "pkg:cargo/core-foundation@0.9.4", "UID": "d47be80ff3055b7", "BOMRef": "pkg:cargo/core-foundation@0.9.4" }, "Version": "0.9.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "core-foundation-sys@0.8.7", "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "core-foundation-sys@0.8.7", "Name": "core-foundation-sys", "Identifier": { "PURL": "pkg:cargo/core-foundation-sys@0.8.7", "UID": "64dd7a322f4fec1e", "BOMRef": "pkg:cargo/core-foundation-sys@0.8.7" }, "Version": "0.8.7", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "core2@0.4.0", "Name": "core2", "Identifier": { "PURL": "pkg:cargo/core2@0.4.0", "UID": "80f703f559b08b91", "BOMRef": "pkg:cargo/core2@0.4.0" }, "Version": "0.4.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "count-min-sketch@0.1.8", "Name": "count-min-sketch", "Identifier": { "PURL": "pkg:cargo/count-min-sketch@0.1.8", "UID": "3c012a64b5d3719f", "BOMRef": "pkg:cargo/count-min-sketch@0.1.8" }, "Version": "0.1.8", "Licenses": [ "MIT" ], "DependsOn": [ "rand@0.8.5", "siphasher@1.0.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "cpp_demangle@0.4.2", "Name": "cpp_demangle", "Identifier": { "PURL": "pkg:cargo/cpp_demangle@0.4.2", "UID": "3dc82cc024ffd782", "BOMRef": "pkg:cargo/cpp_demangle@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "cpufeatures@0.2.17", "Name": "cpufeatures", "Identifier": { "PURL": "pkg:cargo/cpufeatures@0.2.17", "UID": "db97e0848fdba6ae", "BOMRef": "pkg:cargo/cpufeatures@0.2.17" }, "Version": "0.2.17", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "crc32c@0.6.8", "Name": "crc32c", "Identifier": { "PURL": "pkg:cargo/crc32c@0.6.8", "UID": "b13e240beeac4c90", "BOMRef": "pkg:cargo/crc32c@0.6.8" }, "Version": "0.6.8", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "crc32fast@1.3.2", "Name": "crc32fast", "Identifier": { "PURL": "pkg:cargo/crc32fast@1.3.2", "UID": "b872b99d45c38fce", "BOMRef": "pkg:cargo/crc32fast@1.3.2" }, "Version": "1.3.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "crossbeam-channel@0.5.15", "Name": "crossbeam-channel", "Identifier": { "PURL": "pkg:cargo/crossbeam-channel@0.5.15", "UID": "3436ff39c9b2eb11", "BOMRef": "pkg:cargo/crossbeam-channel@0.5.15" }, "Version": "0.5.15", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "crossbeam-utils@0.8.20" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "crossbeam-deque@0.8.2", "Name": "crossbeam-deque", "Identifier": { "PURL": "pkg:cargo/crossbeam-deque@0.8.2", "UID": "dad97785424f2609", "BOMRef": "pkg:cargo/crossbeam-deque@0.8.2" }, "Version": "0.8.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "crossbeam-epoch@0.9.13", "crossbeam-utils@0.8.20" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "crossbeam-epoch@0.9.13", "Name": "crossbeam-epoch", "Identifier": { "PURL": "pkg:cargo/crossbeam-epoch@0.9.13", "UID": "b9ae928c60be1dd8", "BOMRef": "pkg:cargo/crossbeam-epoch@0.9.13" }, "Version": "0.9.13", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "crossbeam-utils@0.8.20", "memoffset@0.7.1", "scopeguard@1.1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "crossbeam-utils@0.8.20", "Name": "crossbeam-utils", "Identifier": { "PURL": "pkg:cargo/crossbeam-utils@0.8.20", "UID": "bbfbcd4e3f0ec968", "BOMRef": "pkg:cargo/crossbeam-utils@0.8.20" }, "Version": "0.8.20", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "crunchy@0.2.2", "Name": "crunchy", "Identifier": { "PURL": "pkg:cargo/crunchy@0.2.2", "UID": "3bb34b7e1004547e", "BOMRef": "pkg:cargo/crunchy@0.2.2" }, "Version": "0.2.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "crypto-bigint@0.5.5", "Name": "crypto-bigint", "Identifier": { "PURL": "pkg:cargo/crypto-bigint@0.5.5", "UID": "777d40de9b20345f", "BOMRef": "pkg:cargo/crypto-bigint@0.5.5" }, "Version": "0.5.5", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "generic-array@0.14.9", "rand_core@0.6.4", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "crypto-common@0.1.6", "Name": "crypto-common", "Identifier": { "PURL": "pkg:cargo/crypto-common@0.1.6", "UID": "906a1d657d5f974c", "BOMRef": "pkg:cargo/crypto-common@0.1.6" }, "Version": "0.1.6", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "generic-array@0.14.9", "typenum@1.16.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "csv@1.4.0", "Name": "csv", "Identifier": { "PURL": "pkg:cargo/csv@1.4.0", "UID": "eb24dc2bd69c62de", "BOMRef": "pkg:cargo/csv@1.4.0" }, "Version": "1.4.0", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "csv-core@0.1.11", "itoa@1.0.5", "ryu@1.0.12", "serde_core@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "csv-core@0.1.11", "Name": "csv-core", "Identifier": { "PURL": "pkg:cargo/csv-core@0.1.11", "UID": "8ada3bfb691f7625", "BOMRef": "pkg:cargo/csv-core@0.1.11" }, "Version": "0.1.11", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "curve25519-dalek@4.1.3", "Name": "curve25519-dalek", "Identifier": { "PURL": "pkg:cargo/curve25519-dalek@4.1.3", "UID": "9585df365ede2313", "BOMRef": "pkg:cargo/curve25519-dalek@4.1.3" }, "Version": "4.1.3", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "cfg-if@1.0.0", "cpufeatures@0.2.17", "curve25519-dalek-derive@0.1.1", "digest@0.10.7", "fiat-crypto@0.2.9", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "curve25519-dalek-derive@0.1.1", "Name": "curve25519-dalek-derive", "Identifier": { "PURL": "pkg:cargo/curve25519-dalek-derive@0.1.1", "UID": "1755151cebbb7c7", "BOMRef": "pkg:cargo/curve25519-dalek-derive@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "cxx@1.0.85", "Name": "cxx", "Identifier": { "PURL": "pkg:cargo/cxx@1.0.85", "UID": "e01ec9ca54d88ca5", "BOMRef": "pkg:cargo/cxx@1.0.85" }, "Version": "1.0.85", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cxxbridge-macro@1.0.85", "link-cplusplus@1.0.8" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "cxxbridge-macro@1.0.85", "Name": "cxxbridge-macro", "Identifier": { "PURL": "pkg:cargo/cxxbridge-macro@1.0.85", "UID": "6262c53f6ada0c78", "BOMRef": "pkg:cargo/cxxbridge-macro@1.0.85" }, "Version": "1.0.85", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "daachorse@1.0.0", "Name": "daachorse", "Identifier": { "PURL": "pkg:cargo/daachorse@1.0.0", "UID": "9857634f28af1268", "BOMRef": "pkg:cargo/daachorse@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "darling@0.20.8", "Name": "darling", "Identifier": { "PURL": "pkg:cargo/darling@0.20.8", "UID": "2f865f690f001e75", "BOMRef": "pkg:cargo/darling@0.20.8" }, "Version": "0.20.8", "Licenses": [ "MIT" ], "DependsOn": [ "darling_core@0.20.8", "darling_macro@0.20.8" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "darling_core@0.20.8", "Name": "darling_core", "Identifier": { "PURL": "pkg:cargo/darling_core@0.20.8", "UID": "552e1dccc60c0a51", "BOMRef": "pkg:cargo/darling_core@0.20.8" }, "Version": "0.20.8", "Licenses": [ "MIT" ], "DependsOn": [ "fnv@1.0.7", "ident_case@1.0.1", "proc-macro2@1.0.101", "quote@1.0.42", "strsim@0.10.0", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "darling_macro@0.20.8", "Name": "darling_macro", "Identifier": { "PURL": "pkg:cargo/darling_macro@0.20.8", "UID": "30a89f0433e51fb1", "BOMRef": "pkg:cargo/darling_macro@0.20.8" }, "Version": "0.20.8", "Licenses": [ "MIT" ], "DependsOn": [ "darling_core@0.20.8", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "dary_heap@0.3.7", "Name": "dary_heap", "Identifier": { "PURL": "pkg:cargo/dary_heap@0.3.7", "UID": "ebbe0c8224e0735b", "BOMRef": "pkg:cargo/dary_heap@0.3.7" }, "Version": "0.3.7", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "dashmap@6.1.0", "Name": "dashmap", "Identifier": { "PURL": "pkg:cargo/dashmap@6.1.0", "UID": "34de340ab70691ac", "BOMRef": "pkg:cargo/dashmap@6.1.0" }, "Version": "6.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "cfg-if@1.0.0", "crossbeam-utils@0.8.20", "hashbrown@0.14.2", "lock_api@0.4.14", "once_cell@1.21.3", "parking_lot_core@0.9.12" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "data-encoding@2.9.0", "Name": "data-encoding", "Identifier": { "PURL": "pkg:cargo/data-encoding@2.9.0", "UID": "d810844f7fabeae9", "BOMRef": "pkg:cargo/data-encoding@2.9.0" }, "Version": "2.9.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "debugid@0.8.0", "Name": "debugid", "Identifier": { "PURL": "pkg:cargo/debugid@0.8.0", "UID": "74cc14e4709acdff", "BOMRef": "pkg:cargo/debugid@0.8.0" }, "Version": "0.8.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "uuid@1.18.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "delegate@0.13.4", "Name": "delegate", "Identifier": { "PURL": "pkg:cargo/delegate@0.13.4", "UID": "e4049e23a2d1dbfa", "BOMRef": "pkg:cargo/delegate@0.13.4" }, "Version": "0.13.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "der@0.7.10", "Name": "der", "Identifier": { "PURL": "pkg:cargo/der@0.7.10", "UID": "c079ad0929eee035", "BOMRef": "pkg:cargo/der@0.7.10" }, "Version": "0.7.10", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "const-oid@0.9.6", "pem-rfc7468@0.7.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "derive_more@0.99.17", "Name": "derive_more", "Identifier": { "PURL": "pkg:cargo/derive_more@0.99.17", "UID": "309b458f41c00e2f", "BOMRef": "pkg:cargo/derive_more@0.99.17" }, "Version": "0.99.17", "Licenses": [ "MIT" ], "DependsOn": [ "convert_case@0.4.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "derive_more@2.0.1", "Name": "derive_more", "Identifier": { "PURL": "pkg:cargo/derive_more@2.0.1", "UID": "1b1818ac4f1cf724", "BOMRef": "pkg:cargo/derive_more@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "derive_more-impl@2.0.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "derive_more-impl@2.0.1", "Name": "derive_more-impl", "Identifier": { "PURL": "pkg:cargo/derive_more-impl@2.0.1", "UID": "2a370c3fbb209d40", "BOMRef": "pkg:cargo/derive_more-impl@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111", "unicode-xid@0.2.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "digest@0.10.7", "Name": "digest", "Identifier": { "PURL": "pkg:cargo/digest@0.10.7", "UID": "580375cef0d9fac7", "BOMRef": "pkg:cargo/digest@0.10.7" }, "Version": "0.10.7", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "block-buffer@0.10.3", "const-oid@0.9.6", "crypto-common@0.1.6", "subtle@2.5.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "displaydoc@0.2.5", "Name": "displaydoc", "Identifier": { "PURL": "pkg:cargo/displaydoc@0.2.5", "UID": "26f980f7a01cedba", "BOMRef": "pkg:cargo/displaydoc@0.2.5" }, "Version": "0.2.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "docopt@1.1.1", "Name": "docopt", "Identifier": { "PURL": "pkg:cargo/docopt@1.1.1", "UID": "73d5182de630a6ac", "BOMRef": "pkg:cargo/docopt@1.1.1" }, "Version": "1.1.1", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "lazy_static@1.5.0", "regex@1.11.0", "serde@1.0.226", "strsim@0.10.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "dyn-clone@1.0.10", "Name": "dyn-clone", "Identifier": { "PURL": "pkg:cargo/dyn-clone@1.0.10", "UID": "e3d0f6fd1b1c6f60", "BOMRef": "pkg:cargo/dyn-clone@1.0.10" }, "Version": "1.0.10", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "dyn_size_of@0.4.2", "Name": "dyn_size_of", "Identifier": { "PURL": "pkg:cargo/dyn_size_of@0.4.2", "UID": "9fcc4de55c023521", "BOMRef": "pkg:cargo/dyn_size_of@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "earcutr@0.4.2", "Name": "earcutr", "Identifier": { "PURL": "pkg:cargo/earcutr@0.4.2", "UID": "393d0c8ad5b9312d", "BOMRef": "pkg:cargo/earcutr@0.4.2" }, "Version": "0.4.2", "Licenses": [ "ISC" ], "DependsOn": [ "itertools@0.10.5", "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ecdsa@0.16.9", "Name": "ecdsa", "Identifier": { "PURL": "pkg:cargo/ecdsa@0.16.9", "UID": "64326901afa68b96", "BOMRef": "pkg:cargo/ecdsa@0.16.9" }, "Version": "0.16.9", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "der@0.7.10", "digest@0.10.7", "elliptic-curve@0.13.8", "rfc6979@0.4.0", "signature@2.2.0", "spki@0.7.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ecow@0.2.6", "Name": "ecow", "Identifier": { "PURL": "pkg:cargo/ecow@0.2.6", "UID": "5b089de80ee1d903", "BOMRef": "pkg:cargo/ecow@0.2.6" }, "Version": "0.2.6", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ed25519@2.2.3", "Name": "ed25519", "Identifier": { "PURL": "pkg:cargo/ed25519@2.2.3", "UID": "3932d109f40a20c7", "BOMRef": "pkg:cargo/ed25519@2.2.3" }, "Version": "2.2.3", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "pkcs8@0.10.2", "signature@2.2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ed25519-dalek@2.2.0", "Name": "ed25519-dalek", "Identifier": { "PURL": "pkg:cargo/ed25519-dalek@2.2.0", "UID": "bc6db59b38130cf1", "BOMRef": "pkg:cargo/ed25519-dalek@2.2.0" }, "Version": "2.2.0", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "curve25519-dalek@4.1.3", "ed25519@2.2.3", "serde@1.0.226", "sha2@0.10.9", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "either@1.13.0", "Name": "either", "Identifier": { "PURL": "pkg:cargo/either@1.13.0", "UID": "28e3c1a458c5e22", "BOMRef": "pkg:cargo/either@1.13.0" }, "Version": "1.13.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "elliptic-curve@0.13.8", "Name": "elliptic-curve", "Identifier": { "PURL": "pkg:cargo/elliptic-curve@0.13.8", "UID": "b747a41b7a77e7cb", "BOMRef": "pkg:cargo/elliptic-curve@0.13.8" }, "Version": "0.13.8", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "base16ct@0.2.0", "crypto-bigint@0.5.5", "digest@0.10.7", "ff@0.13.1", "generic-array@0.14.9", "group@0.13.0", "hkdf@0.12.4", "pem-rfc7468@0.7.0", "pkcs8@0.10.2", "rand_core@0.6.4", "sec1@0.7.3", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "encode_unicode@1.0.0", "Name": "encode_unicode", "Identifier": { "PURL": "pkg:cargo/encode_unicode@1.0.0", "UID": "9c88e100e5a21293", "BOMRef": "pkg:cargo/encode_unicode@1.0.0" }, "Version": "1.0.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "encoding_rs@0.8.33", "Name": "encoding_rs", "Identifier": { "PURL": "pkg:cargo/encoding_rs@0.8.33", "UID": "ac84c0f1b1de2257", "BOMRef": "pkg:cargo/encoding_rs@0.8.33" }, "Version": "0.8.33", "Licenses": [ "(Apache-2.0 OR MIT) AND BSD-3-Clause" ], "DependsOn": [ "cfg-if@1.0.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "env_filter@0.1.0", "Name": "env_filter", "Identifier": { "PURL": "pkg:cargo/env_filter@0.1.0", "UID": "90b73abdf270ee1c", "BOMRef": "pkg:cargo/env_filter@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "log@0.4.28", "regex@1.11.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "env_logger@0.11.8", "Name": "env_logger", "Identifier": { "PURL": "pkg:cargo/env_logger@0.11.8", "UID": "48fa8cf2cae83a1b", "BOMRef": "pkg:cargo/env_logger@0.11.8" }, "Version": "0.11.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "anstream@0.6.11", "anstyle@1.0.8", "env_filter@0.1.0", "jiff@0.2.15", "log@0.4.28" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "equator@0.2.2", "Name": "equator", "Identifier": { "PURL": "pkg:cargo/equator@0.2.2", "UID": "d14cdd7b66a35161", "BOMRef": "pkg:cargo/equator@0.2.2" }, "Version": "0.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "equator-macro@0.2.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "equator-macro@0.2.1", "Name": "equator-macro", "Identifier": { "PURL": "pkg:cargo/equator-macro@0.2.1", "UID": "4fb2ecc3724e52c5", "BOMRef": "pkg:cargo/equator-macro@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "equivalent@1.0.1", "Name": "equivalent", "Identifier": { "PURL": "pkg:cargo/equivalent@1.0.1", "UID": "49e62d7e27ce8714", "BOMRef": "pkg:cargo/equivalent@1.0.1" }, "Version": "1.0.1", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "erased-serde@0.3.31", "Name": "erased-serde", "Identifier": { "PURL": "pkg:cargo/erased-serde@0.3.31", "UID": "cc33d0e342155f58", "BOMRef": "pkg:cargo/erased-serde@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "erased-serde@0.4.2", "Name": "erased-serde", "Identifier": { "PURL": "pkg:cargo/erased-serde@0.4.2", "UID": "b371f04608d6c915", "BOMRef": "pkg:cargo/erased-serde@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "errno@0.3.10", "Name": "errno", "Identifier": { "PURL": "pkg:cargo/errno@0.3.10", "UID": "a41f0f097e78bb0d", "BOMRef": "pkg:cargo/errno@0.3.10" }, "Version": "0.3.10", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "windows-sys@0.59.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "faccess@0.2.4", "Name": "faccess", "Identifier": { "PURL": "pkg:cargo/faccess@0.2.4", "UID": "199b8f56a1f2f707", "BOMRef": "pkg:cargo/faccess@0.2.4" }, "Version": "0.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@1.3.2", "libc@0.2.174", "winapi@0.3.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "fastrand@2.2.0", "Name": "fastrand", "Identifier": { "PURL": "pkg:cargo/fastrand@2.2.0", "UID": "c7ba11e3b904ad89", "BOMRef": "pkg:cargo/fastrand@2.2.0" }, "Version": "2.2.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ff@0.13.1", "Name": "ff", "Identifier": { "PURL": "pkg:cargo/ff@0.13.1", "UID": "937fdb69aceb665a", "BOMRef": "pkg:cargo/ff@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rand_core@0.6.4", "subtle@2.5.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "fiat-crypto@0.2.9", "Name": "fiat-crypto", "Identifier": { "PURL": "pkg:cargo/fiat-crypto@0.2.9", "UID": "2d30cccc6bd2525c", "BOMRef": "pkg:cargo/fiat-crypto@0.2.9" }, "Version": "0.2.9", "Licenses": [ "MIT OR Apache-2.0 OR BSD-1-Clause" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "filetime@0.2.19", "Name": "filetime", "Identifier": { "PURL": "pkg:cargo/filetime@0.2.19", "UID": "35f850f851f11c29", "BOMRef": "pkg:cargo/filetime@0.2.19" }, "Version": "0.2.19", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "libc@0.2.174", "redox_syscall@0.2.16", "windows-sys@0.42.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "findshlibs@0.10.2", "Name": "findshlibs", "Identifier": { "PURL": "pkg:cargo/findshlibs@0.10.2", "UID": "b2b6e6bd7b7bb5aa", "BOMRef": "pkg:cargo/findshlibs@0.10.2" }, "Version": "0.10.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "lazy_static@1.5.0", "libc@0.2.174", "winapi@0.3.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "fixedbitset@0.4.2", "Name": "fixedbitset", "Identifier": { "PURL": "pkg:cargo/fixedbitset@0.4.2", "UID": "aa56a46c291276c", "BOMRef": "pkg:cargo/fixedbitset@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "flate2@1.1.4", "Name": "flate2", "Identifier": { "PURL": "pkg:cargo/flate2@1.1.4", "UID": "6b22ba5a1507cc23", "BOMRef": "pkg:cargo/flate2@1.1.4" }, "Version": "1.1.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "crc32fast@1.3.2", "miniz_oxide@0.8.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "float_next_after@1.0.0", "Name": "float_next_after", "Identifier": { "PURL": "pkg:cargo/float_next_after@1.0.0", "UID": "2d663eb3fdbdfee5", "BOMRef": "pkg:cargo/float_next_after@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "fnv@1.0.7", "Name": "fnv", "Identifier": { "PURL": "pkg:cargo/fnv@1.0.7", "UID": "8d5922bf31009cbb", "BOMRef": "pkg:cargo/fnv@1.0.7" }, "Version": "1.0.7", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "foldhash@0.1.4", "Name": "foldhash", "Identifier": { "PURL": "pkg:cargo/foldhash@0.1.4", "UID": "b3424ddf3698c471", "BOMRef": "pkg:cargo/foldhash@0.1.4" }, "Version": "0.1.4", "Licenses": [ "Zlib" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "foreign-types@0.5.0", "Name": "foreign-types", "Identifier": { "PURL": "pkg:cargo/foreign-types@0.5.0", "UID": "30ac7bcc0ada84cd", "BOMRef": "pkg:cargo/foreign-types@0.5.0" }, "Version": "0.5.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "foreign-types-macros@0.2.3", "foreign-types-shared@0.3.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "foreign-types-macros@0.2.3", "Name": "foreign-types-macros", "Identifier": { "PURL": "pkg:cargo/foreign-types-macros@0.2.3", "UID": "155695f6c6269a47", "BOMRef": "pkg:cargo/foreign-types-macros@0.2.3" }, "Version": "0.2.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "foreign-types-shared@0.3.1", "Name": "foreign-types-shared", "Identifier": { "PURL": "pkg:cargo/foreign-types-shared@0.3.1", "UID": "27429e1b6a480e06", "BOMRef": "pkg:cargo/foreign-types-shared@0.3.1" }, "Version": "0.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "form_urlencoded@1.2.2", "Name": "form_urlencoded", "Identifier": { "PURL": "pkg:cargo/form_urlencoded@1.2.2", "UID": "8202e669629c1293", "BOMRef": "pkg:cargo/form_urlencoded@1.2.2" }, "Version": "1.2.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "percent-encoding@2.3.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "fs-err@3.2.0", "Name": "fs-err", "Identifier": { "PURL": "pkg:cargo/fs-err@3.2.0", "UID": "d41cd5542faf9bce", "BOMRef": "pkg:cargo/fs-err@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "path_facts@0.2.1", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "fs4@0.13.1", "Name": "fs4", "Identifier": { "PURL": "pkg:cargo/fs4@0.13.1", "UID": "c77b17337dfc49cc", "BOMRef": "pkg:cargo/fs4@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rustix@1.0.2", "windows-sys@0.59.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "fs_extra@1.3.0", "Name": "fs_extra", "Identifier": { "PURL": "pkg:cargo/fs_extra@1.3.0", "UID": "b81a77ffe56c153f", "BOMRef": "pkg:cargo/fs_extra@1.3.0" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "fst@0.4.7", "Name": "fst", "Identifier": { "PURL": "pkg:cargo/fst@0.4.7", "UID": "72ea48211132138c", "BOMRef": "pkg:cargo/fst@0.4.7" }, "Version": "0.4.7", "Licenses": [ "Unlicense OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "funty@2.0.0", "Name": "funty", "Identifier": { "PURL": "pkg:cargo/funty@2.0.0", "UID": "5f7ea2b395b6ad01", "BOMRef": "pkg:cargo/funty@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "futures@0.3.31", "Name": "futures", "Identifier": { "PURL": "pkg:cargo/futures@0.3.31", "UID": "819a714c6d8f5eca", "BOMRef": "pkg:cargo/futures@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-channel@0.3.31", "futures-core@0.3.31", "futures-executor@0.3.31", "futures-io@0.3.31", "futures-sink@0.3.31", "futures-task@0.3.31", "futures-util@0.3.31" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "futures-channel@0.3.31", "Name": "futures-channel", "Identifier": { "PURL": "pkg:cargo/futures-channel@0.3.31", "UID": "a4efebf6d60f580b", "BOMRef": "pkg:cargo/futures-channel@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31", "futures-sink@0.3.31" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "futures-core@0.3.31", "Name": "futures-core", "Identifier": { "PURL": "pkg:cargo/futures-core@0.3.31", "UID": "cf282585b407689e", "BOMRef": "pkg:cargo/futures-core@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "futures-executor@0.3.31", "Name": "futures-executor", "Identifier": { "PURL": "pkg:cargo/futures-executor@0.3.31", "UID": "3eb6fc17dfe9c4d6", "BOMRef": "pkg:cargo/futures-executor@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31", "futures-task@0.3.31", "futures-util@0.3.31" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "futures-io@0.3.31", "Name": "futures-io", "Identifier": { "PURL": "pkg:cargo/futures-io@0.3.31", "UID": "76012ead6d90db1c", "BOMRef": "pkg:cargo/futures-io@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "futures-macro@0.3.31", "Name": "futures-macro", "Identifier": { "PURL": "pkg:cargo/futures-macro@0.3.31", "UID": "61aee573c2a2aee5", "BOMRef": "pkg:cargo/futures-macro@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "futures-sink@0.3.31", "Name": "futures-sink", "Identifier": { "PURL": "pkg:cargo/futures-sink@0.3.31", "UID": "4da32c3c77b5f8a7", "BOMRef": "pkg:cargo/futures-sink@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "futures-task@0.3.31", "Name": "futures-task", "Identifier": { "PURL": "pkg:cargo/futures-task@0.3.31", "UID": "315f06d55d0ebcf", "BOMRef": "pkg:cargo/futures-task@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "futures-util@0.3.31", "Name": "futures-util", "Identifier": { "PURL": "pkg:cargo/futures-util@0.3.31", "UID": "6ad75b90ee6972ef", "BOMRef": "pkg:cargo/futures-util@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-channel@0.3.31", "futures-core@0.3.31", "futures-io@0.3.31", "futures-macro@0.3.31", "futures-sink@0.3.31", "futures-task@0.3.31", "memchr@2.7.4", "pin-project-lite@0.2.12", "pin-utils@0.1.0", "slab@0.4.11" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "fxhash@0.2.1", "Name": "fxhash", "Identifier": { "PURL": "pkg:cargo/fxhash@0.2.1", "UID": "a5a200aa28d18ad9", "BOMRef": "pkg:cargo/fxhash@0.2.1" }, "Version": "0.2.1", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "byteorder@1.5.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "generator@0.7.4", "Name": "generator", "Identifier": { "PURL": "pkg:cargo/generator@0.7.4", "UID": "1f8ba6d60c0e4338", "BOMRef": "pkg:cargo/generator@0.7.4" }, "Version": "0.7.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "log@0.4.28", "windows@0.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "generic-array@0.14.9", "Name": "generic-array", "Identifier": { "PURL": "pkg:cargo/generic-array@0.14.9", "UID": "300a7da725d85fb1", "BOMRef": "pkg:cargo/generic-array@0.14.9" }, "Version": "0.14.9", "Licenses": [ "MIT" ], "DependsOn": [ "typenum@1.16.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "geo@0.31.0", "Name": "geo", "Identifier": { "PURL": "pkg:cargo/geo@0.31.0", "UID": "6710121d2096a79c", "BOMRef": "pkg:cargo/geo@0.31.0" }, "Version": "0.31.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "earcutr@0.4.2", "float_next_after@1.0.0", "geo-types@0.7.17", "geographiclib-rs@0.2.3", "i_overlay@4.0.2", "log@0.4.28", "num-traits@0.2.19", "robust@1.1.0", "rstar@0.12.0", "spade@2.12.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "geo-types@0.7.17", "Name": "geo-types", "Identifier": { "PURL": "pkg:cargo/geo-types@0.7.17", "UID": "1ec294cc43848d83", "BOMRef": "pkg:cargo/geo-types@0.7.17" }, "Version": "0.7.17", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "approx@0.5.1", "num-traits@0.2.19", "rayon@1.11.0", "rstar@0.12.0", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "geographiclib-rs@0.2.3", "Name": "geographiclib-rs", "Identifier": { "PURL": "pkg:cargo/geographiclib-rs@0.2.3", "UID": "c2f4d340b872d2a", "BOMRef": "pkg:cargo/geographiclib-rs@0.2.3" }, "Version": "0.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "lazy_static@1.5.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "geohash@0.13.1", "Name": "geohash", "Identifier": { "PURL": "pkg:cargo/geohash@0.13.1", "UID": "af208afd66774a9", "BOMRef": "pkg:cargo/geohash@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "geo-types@0.7.17", "libm@0.2.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "getrandom@0.1.16", "Name": "getrandom", "Identifier": { "PURL": "pkg:cargo/getrandom@0.1.16", "UID": "50e4c9bd228e6159", "BOMRef": "pkg:cargo/getrandom@0.1.16" }, "Version": "0.1.16", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "libc@0.2.174", "wasi@0.9.0+wasi-snapshot-preview1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "getrandom@0.2.11", "Name": "getrandom", "Identifier": { "PURL": "pkg:cargo/getrandom@0.2.11", "UID": "7ac738a53b52d92a", "BOMRef": "pkg:cargo/getrandom@0.2.11" }, "Version": "0.2.11", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "libc@0.2.174", "wasi@0.11.0+wasi-snapshot-preview1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "getrandom@0.3.0", "Name": "getrandom", "Identifier": { "PURL": "pkg:cargo/getrandom@0.3.0", "UID": "8b8318727ba50ce8", "BOMRef": "pkg:cargo/getrandom@0.3.0" }, "Version": "0.3.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "libc@0.2.174", "wasi@0.13.3+wasi-0.2.2", "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "getset@0.1.2", "Name": "getset", "Identifier": { "PURL": "pkg:cargo/getset@0.1.2", "UID": "326fede62c3a0aa1", "BOMRef": "pkg:cargo/getset@0.1.2" }, "Version": "0.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro-error@1.0.4", "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "gimli@0.27.0", "Name": "gimli", "Identifier": { "PURL": "pkg:cargo/gimli@0.27.0", "UID": "7868b7036a871b64", "BOMRef": "pkg:cargo/gimli@0.27.0" }, "Version": "0.27.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "gpu-allocator@0.27.0", "Name": "gpu-allocator", "Identifier": { "PURL": "pkg:cargo/gpu-allocator@0.27.0", "UID": "8ede5061a974137f", "BOMRef": "pkg:cargo/gpu-allocator@0.27.0" }, "Version": "0.27.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ash@0.38.0+1.3.281", "log@0.4.28", "presser@0.3.1", "thiserror@1.0.69", "windows@0.57.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "group@0.13.0", "Name": "group", "Identifier": { "PURL": "pkg:cargo/group@0.13.0", "UID": "db7bd4af92c44c67", "BOMRef": "pkg:cargo/group@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ff@0.13.1", "rand_core@0.6.4", "subtle@2.5.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "h2@0.3.26", "Name": "h2", "Identifier": { "PURL": "pkg:cargo/h2@0.3.26", "UID": "d71403e0000ab252", "BOMRef": "pkg:cargo/h2@0.3.26" }, "Version": "0.3.26", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "fnv@1.0.7", "futures-core@0.3.31", "futures-sink@0.3.31", "futures-util@0.3.31", "http@0.2.12", "indexmap@2.11.4", "slab@0.4.11", "tokio-util@0.7.16", "tokio@1.48.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "h2@0.4.4", "Name": "h2", "Identifier": { "PURL": "pkg:cargo/h2@0.4.4", "UID": "abc219cc871a3fb5", "BOMRef": "pkg:cargo/h2@0.4.4" }, "Version": "0.4.4", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "fnv@1.0.7", "futures-core@0.3.31", "futures-sink@0.3.31", "futures-util@0.3.31", "http@1.3.1", "indexmap@2.11.4", "slab@0.4.11", "tokio-util@0.7.16", "tokio@1.48.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "half@1.8.2", "Name": "half", "Identifier": { "PURL": "pkg:cargo/half@1.8.2", "UID": "52b7b069d0db6b28", "BOMRef": "pkg:cargo/half@1.8.2" }, "Version": "1.8.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "half@2.7.0", "Name": "half", "Identifier": { "PURL": "pkg:cargo/half@2.7.0", "UID": "e5db18890342e159", "BOMRef": "pkg:cargo/half@2.7.0" }, "Version": "2.7.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "crunchy@0.2.2", "num-traits@0.2.19", "serde@1.0.226", "zerocopy@0.8.31" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hash32@0.3.1", "Name": "hash32", "Identifier": { "PURL": "pkg:cargo/hash32@0.3.1", "UID": "933e02149a4e30fb", "BOMRef": "pkg:cargo/hash32@0.3.1" }, "Version": "0.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "byteorder@1.5.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hashbrown@0.12.3", "Name": "hashbrown", "Identifier": { "PURL": "pkg:cargo/hashbrown@0.12.3", "UID": "a30a37a1dbfb75d9", "BOMRef": "pkg:cargo/hashbrown@0.12.3" }, "Version": "0.12.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hashbrown@0.14.2", "Name": "hashbrown", "Identifier": { "PURL": "pkg:cargo/hashbrown@0.14.2", "UID": "262ee593222aed28", "BOMRef": "pkg:cargo/hashbrown@0.14.2" }, "Version": "0.14.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ahash@0.8.11", "allocator-api2@0.2.16" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hashbrown@0.15.2", "Name": "hashbrown", "Identifier": { "PURL": "pkg:cargo/hashbrown@0.15.2", "UID": "e626469ce7fd0b0f", "BOMRef": "pkg:cargo/hashbrown@0.15.2" }, "Version": "0.15.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "allocator-api2@0.2.16", "equivalent@1.0.1", "foldhash@0.1.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hashlink@0.10.0", "Name": "hashlink", "Identifier": { "PURL": "pkg:cargo/hashlink@0.10.0", "UID": "10e3a2096afbd39a", "BOMRef": "pkg:cargo/hashlink@0.10.0" }, "Version": "0.10.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hashbrown@0.15.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hashring@0.3.6", "Name": "hashring", "Identifier": { "PURL": "pkg:cargo/hashring@0.3.6", "UID": "d88191aee451535c", "BOMRef": "pkg:cargo/hashring@0.3.6" }, "Version": "0.3.6", "Licenses": [ "MIT" ], "DependsOn": [ "siphasher@0.3.10" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hdrhistogram@7.5.2", "Name": "hdrhistogram", "Identifier": { "PURL": "pkg:cargo/hdrhistogram@7.5.2", "UID": "7fecd6815c4efafc", "BOMRef": "pkg:cargo/hdrhistogram@7.5.2" }, "Version": "7.5.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "base64@0.13.1", "byteorder@1.5.0", "flate2@1.1.4", "nom@7.1.3", "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "heapless@0.8.0", "Name": "heapless", "Identifier": { "PURL": "pkg:cargo/heapless@0.8.0", "UID": "f3c2d0d1f7a56d9", "BOMRef": "pkg:cargo/heapless@0.8.0" }, "Version": "0.8.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hash32@0.3.1", "stable_deref_trait@1.2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "heck@0.5.0", "Name": "heck", "Identifier": { "PURL": "pkg:cargo/heck@0.5.0", "UID": "48c9f8a456312dc0", "BOMRef": "pkg:cargo/heck@0.5.0" }, "Version": "0.5.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hermit-abi@0.3.9", "Name": "hermit-abi", "Identifier": { "PURL": "pkg:cargo/hermit-abi@0.3.9", "UID": "27a782066c02ad4e", "BOMRef": "pkg:cargo/hermit-abi@0.3.9" }, "Version": "0.3.9", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hermit-abi@0.5.1", "Name": "hermit-abi", "Identifier": { "PURL": "pkg:cargo/hermit-abi@0.5.1", "UID": "15e3e41e192c95b", "BOMRef": "pkg:cargo/hermit-abi@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hex@0.4.3", "Name": "hex", "Identifier": { "PURL": "pkg:cargo/hex@0.4.3", "UID": "a3612c99b8489b7", "BOMRef": "pkg:cargo/hex@0.4.3" }, "Version": "0.4.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hkdf@0.12.4", "Name": "hkdf", "Identifier": { "PURL": "pkg:cargo/hkdf@0.12.4", "UID": "53fd9cd4a1644954", "BOMRef": "pkg:cargo/hkdf@0.12.4" }, "Version": "0.12.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hmac@0.12.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hmac@0.12.1", "Name": "hmac", "Identifier": { "PURL": "pkg:cargo/hmac@0.12.1", "UID": "2923ae320921a876", "BOMRef": "pkg:cargo/hmac@0.12.1" }, "Version": "0.12.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "digest@0.10.7" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "http@0.2.12", "Name": "http", "Identifier": { "PURL": "pkg:cargo/http@0.2.12", "UID": "16fc74d6ab1e7b00", "BOMRef": "pkg:cargo/http@0.2.12" }, "Version": "0.2.12", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "fnv@1.0.7", "itoa@1.0.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "http@1.3.1", "Name": "http", "Identifier": { "PURL": "pkg:cargo/http@1.3.1", "UID": "cfa6f6021c2203db", "BOMRef": "pkg:cargo/http@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "fnv@1.0.7", "itoa@1.0.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "http-body@0.4.5", "Name": "http-body", "Identifier": { "PURL": "pkg:cargo/http-body@0.4.5", "UID": "5035b9eced712b8b", "BOMRef": "pkg:cargo/http-body@0.4.5" }, "Version": "0.4.5", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "http@0.2.12", "pin-project-lite@0.2.12" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "http-body@1.0.0", "Name": "http-body", "Identifier": { "PURL": "pkg:cargo/http-body@1.0.0", "UID": "e8b849d0114fa505", "BOMRef": "pkg:cargo/http-body@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "http@1.3.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "http-body-util@0.1.2", "Name": "http-body-util", "Identifier": { "PURL": "pkg:cargo/http-body-util@0.1.2", "UID": "2cad40cf6ae6c6d6", "BOMRef": "pkg:cargo/http-body-util@0.1.2" }, "Version": "0.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "futures-util@0.3.31", "http-body@1.0.0", "http@1.3.1", "pin-project-lite@0.2.12" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "http-range@0.1.5", "Name": "http-range", "Identifier": { "PURL": "pkg:cargo/http-range@0.1.5", "UID": "944603c96e1e05dd", "BOMRef": "pkg:cargo/http-range@0.1.5" }, "Version": "0.1.5", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "http-serde@2.1.1", "Name": "http-serde", "Identifier": { "PURL": "pkg:cargo/http-serde@2.1.1", "UID": "1cf4bf330490ccf8", "BOMRef": "pkg:cargo/http-serde@2.1.1" }, "Version": "2.1.1", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "http@1.3.1", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "httparse@1.10.1", "Name": "httparse", "Identifier": { "PURL": "pkg:cargo/httparse@1.10.1", "UID": "cdf2de25e14297ab", "BOMRef": "pkg:cargo/httparse@1.10.1" }, "Version": "1.10.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "httpdate@1.0.2", "Name": "httpdate", "Identifier": { "PURL": "pkg:cargo/httpdate@1.0.2", "UID": "62915955e96eca6e", "BOMRef": "pkg:cargo/httpdate@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "humantime@2.3.0", "Name": "humantime", "Identifier": { "PURL": "pkg:cargo/humantime@2.3.0", "UID": "d6d774c1ea2f2501", "BOMRef": "pkg:cargo/humantime@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hyper@0.14.26", "Name": "hyper", "Identifier": { "PURL": "pkg:cargo/hyper@0.14.26", "UID": "7ed50ca05163eda", "BOMRef": "pkg:cargo/hyper@0.14.26" }, "Version": "0.14.26", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "futures-channel@0.3.31", "futures-core@0.3.31", "futures-util@0.3.31", "h2@0.3.26", "http-body@0.4.5", "http@0.2.12", "httparse@1.10.1", "httpdate@1.0.2", "itoa@1.0.5", "pin-project-lite@0.2.12", "socket2@0.4.9", "tokio@1.48.0", "tower-service@0.3.3", "tracing@0.1.43", "want@0.3.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hyper@1.6.0", "Name": "hyper", "Identifier": { "PURL": "pkg:cargo/hyper@1.6.0", "UID": "e6aee34a93cba5fe", "BOMRef": "pkg:cargo/hyper@1.6.0" }, "Version": "1.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "futures-channel@0.3.31", "futures-util@0.3.31", "h2@0.4.4", "http-body@1.0.0", "http@1.3.1", "httparse@1.10.1", "httpdate@1.0.2", "itoa@1.0.5", "pin-project-lite@0.2.12", "smallvec@1.15.1", "tokio@1.48.0", "want@0.3.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hyper-rustls@0.27.2", "Name": "hyper-rustls", "Identifier": { "PURL": "pkg:cargo/hyper-rustls@0.27.2", "UID": "1e529fd616cf90d9", "BOMRef": "pkg:cargo/hyper-rustls@0.27.2" }, "Version": "0.27.2", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "futures-util@0.3.31", "http@1.3.1", "hyper-util@0.1.13", "hyper@1.6.0", "rustls-native-certs@0.7.0", "rustls-pki-types@1.12.0", "rustls@0.23.35", "tokio-rustls@0.26.0", "tokio@1.48.0", "tower-service@0.3.3", "webpki-roots@0.26.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hyper-timeout@0.4.1", "Name": "hyper-timeout", "Identifier": { "PURL": "pkg:cargo/hyper-timeout@0.4.1", "UID": "1e50356324436872", "BOMRef": "pkg:cargo/hyper-timeout@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hyper@0.14.26", "pin-project-lite@0.2.12", "tokio-io-timeout@1.2.0", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hyper-timeout@0.5.1", "Name": "hyper-timeout", "Identifier": { "PURL": "pkg:cargo/hyper-timeout@0.5.1", "UID": "2539b8d44a637b52", "BOMRef": "pkg:cargo/hyper-timeout@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hyper-util@0.1.13", "hyper@1.6.0", "pin-project-lite@0.2.12", "tokio@1.48.0", "tower-service@0.3.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "hyper-util@0.1.13", "Name": "hyper-util", "Identifier": { "PURL": "pkg:cargo/hyper-util@0.1.13", "UID": "278075ea5d0a6477", "BOMRef": "pkg:cargo/hyper-util@0.1.13" }, "Version": "0.1.13", "Licenses": [ "MIT" ], "DependsOn": [ "base64@0.22.0", "bytes@1.10.1", "futures-channel@0.3.31", "futures-core@0.3.31", "futures-util@0.3.31", "http-body@1.0.0", "http@1.3.1", "hyper@1.6.0", "ipnet@2.11.0", "libc@0.2.174", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "socket2@0.5.10", "tokio@1.48.0", "tower-service@0.3.3", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "i_float@1.15.0", "Name": "i_float", "Identifier": { "PURL": "pkg:cargo/i_float@1.15.0", "UID": "8155b23b61c50924", "BOMRef": "pkg:cargo/i_float@1.15.0" }, "Version": "1.15.0", "Licenses": [ "MIT" ], "DependsOn": [ "libm@0.2.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "i_key_sort@0.6.0", "Name": "i_key_sort", "Identifier": { "PURL": "pkg:cargo/i_key_sort@0.6.0", "UID": "9c7641cadf904e4e", "BOMRef": "pkg:cargo/i_key_sort@0.6.0" }, "Version": "0.6.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "i_overlay@4.0.2", "Name": "i_overlay", "Identifier": { "PURL": "pkg:cargo/i_overlay@4.0.2", "UID": "12d2ffa418ec0cd1", "BOMRef": "pkg:cargo/i_overlay@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "i_float@1.15.0", "i_key_sort@0.6.0", "i_shape@1.14.0", "i_tree@0.16.0", "rayon@1.11.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "i_shape@1.14.0", "Name": "i_shape", "Identifier": { "PURL": "pkg:cargo/i_shape@1.14.0", "UID": "57ee43e92a0c3d68", "BOMRef": "pkg:cargo/i_shape@1.14.0" }, "Version": "1.14.0", "Licenses": [ "MIT" ], "DependsOn": [ "i_float@1.15.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "i_tree@0.16.0", "Name": "i_tree", "Identifier": { "PURL": "pkg:cargo/i_tree@0.16.0", "UID": "14d4811dce6d1c9c", "BOMRef": "pkg:cargo/i_tree@0.16.0" }, "Version": "0.16.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "iana-time-zone@0.1.53", "Name": "iana-time-zone", "Identifier": { "PURL": "pkg:cargo/iana-time-zone@0.1.53", "UID": "546c200c73869304", "BOMRef": "pkg:cargo/iana-time-zone@0.1.53" }, "Version": "0.1.53", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "android_system_properties@0.1.5", "core-foundation-sys@0.8.7", "iana-time-zone-haiku@0.1.1", "js-sys@0.3.77", "wasm-bindgen@0.2.100", "winapi@0.3.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "iana-time-zone-haiku@0.1.1", "Name": "iana-time-zone-haiku", "Identifier": { "PURL": "pkg:cargo/iana-time-zone-haiku@0.1.1", "UID": "7dbb328bd38518e8", "BOMRef": "pkg:cargo/iana-time-zone-haiku@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cxx@1.0.85" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "icu_collections@1.5.0", "Name": "icu_collections", "Identifier": { "PURL": "pkg:cargo/icu_collections@1.5.0", "UID": "2ec744c6858e3ab", "BOMRef": "pkg:cargo/icu_collections@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "yoke@0.7.4", "zerofrom@0.1.4", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "icu_locid@1.5.0", "Name": "icu_locid", "Identifier": { "PURL": "pkg:cargo/icu_locid@1.5.0", "UID": "d89ebc2c528f6cbb", "BOMRef": "pkg:cargo/icu_locid@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "litemap@0.7.3", "tinystr@0.7.6", "writeable@0.5.5", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "icu_locid_transform@1.5.0", "Name": "icu_locid_transform", "Identifier": { "PURL": "pkg:cargo/icu_locid_transform@1.5.0", "UID": "9250faf1282a2681", "BOMRef": "pkg:cargo/icu_locid_transform@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "icu_locid@1.5.0", "icu_locid_transform_data@1.5.0", "icu_provider@1.5.0", "tinystr@0.7.6", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "icu_locid_transform_data@1.5.0", "Name": "icu_locid_transform_data", "Identifier": { "PURL": "pkg:cargo/icu_locid_transform_data@1.5.0", "UID": "1b20992ea6dc08da", "BOMRef": "pkg:cargo/icu_locid_transform_data@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "icu_normalizer@1.5.0", "Name": "icu_normalizer", "Identifier": { "PURL": "pkg:cargo/icu_normalizer@1.5.0", "UID": "35bd75cf92b1ec0d", "BOMRef": "pkg:cargo/icu_normalizer@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "icu_collections@1.5.0", "icu_normalizer_data@1.5.0", "icu_properties@1.5.1", "icu_provider@1.5.0", "smallvec@1.15.1", "utf16_iter@1.0.5", "utf8_iter@1.0.4", "write16@1.0.0", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "icu_normalizer_data@1.5.0", "Name": "icu_normalizer_data", "Identifier": { "PURL": "pkg:cargo/icu_normalizer_data@1.5.0", "UID": "b9858a8cf5705eed", "BOMRef": "pkg:cargo/icu_normalizer_data@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "icu_properties@1.5.1", "Name": "icu_properties", "Identifier": { "PURL": "pkg:cargo/icu_properties@1.5.1", "UID": "df540ac952b4b5a8", "BOMRef": "pkg:cargo/icu_properties@1.5.1" }, "Version": "1.5.1", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "icu_collections@1.5.0", "icu_locid_transform@1.5.0", "icu_properties_data@1.5.0", "icu_provider@1.5.0", "tinystr@0.7.6", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "icu_properties_data@1.5.0", "Name": "icu_properties_data", "Identifier": { "PURL": "pkg:cargo/icu_properties_data@1.5.0", "UID": "29efe7ba8acc8be1", "BOMRef": "pkg:cargo/icu_properties_data@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "icu_provider@1.5.0", "Name": "icu_provider", "Identifier": { "PURL": "pkg:cargo/icu_provider@1.5.0", "UID": "b98707df53374a4e", "BOMRef": "pkg:cargo/icu_provider@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "icu_locid@1.5.0", "icu_provider_macros@1.5.0", "stable_deref_trait@1.2.0", "tinystr@0.7.6", "writeable@0.5.5", "yoke@0.7.4", "zerofrom@0.1.4", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "icu_provider_macros@1.5.0", "Name": "icu_provider_macros", "Identifier": { "PURL": "pkg:cargo/icu_provider_macros@1.5.0", "UID": "507ec5d006cc9cc1", "BOMRef": "pkg:cargo/icu_provider_macros@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ident_case@1.0.1", "Name": "ident_case", "Identifier": { "PURL": "pkg:cargo/ident_case@1.0.1", "UID": "244c5e779474279", "BOMRef": "pkg:cargo/ident_case@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "idna@1.1.0", "Name": "idna", "Identifier": { "PURL": "pkg:cargo/idna@1.1.0", "UID": "29f08838a2540a26", "BOMRef": "pkg:cargo/idna@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "idna_adapter@1.2.0", "smallvec@1.15.1", "utf8_iter@1.0.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "idna_adapter@1.2.0", "Name": "idna_adapter", "Identifier": { "PURL": "pkg:cargo/idna_adapter@1.2.0", "UID": "f0b07660d2b475bd", "BOMRef": "pkg:cargo/idna_adapter@1.2.0" }, "Version": "1.2.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "icu_normalizer@1.5.0", "icu_properties@1.5.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "impl-more@0.1.6", "Name": "impl-more", "Identifier": { "PURL": "pkg:cargo/impl-more@0.1.6", "UID": "262c651e43e51e67", "BOMRef": "pkg:cargo/impl-more@0.1.6" }, "Version": "0.1.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "include-flate@0.3.0", "Name": "include-flate", "Identifier": { "PURL": "pkg:cargo/include-flate@0.3.0", "UID": "1daa873d9198708e", "BOMRef": "pkg:cargo/include-flate@0.3.0" }, "Version": "0.3.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "include-flate-codegen@0.2.0", "lazy_static@1.5.0", "libflate@2.1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "include-flate-codegen@0.2.0", "Name": "include-flate-codegen", "Identifier": { "PURL": "pkg:cargo/include-flate-codegen@0.2.0", "UID": "4a11e80d65582280", "BOMRef": "pkg:cargo/include-flate-codegen@0.2.0" }, "Version": "0.2.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "libflate@2.1.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "indexmap@1.9.2", "Name": "indexmap", "Identifier": { "PURL": "pkg:cargo/indexmap@1.9.2", "UID": "f61b85df8603a29c", "BOMRef": "pkg:cargo/indexmap@1.9.2" }, "Version": "1.9.2", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "hashbrown@0.12.3", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "indexmap@2.11.4", "Name": "indexmap", "Identifier": { "PURL": "pkg:cargo/indexmap@2.11.4", "UID": "3dd5637e04e3c307", "BOMRef": "pkg:cargo/indexmap@2.11.4" }, "Version": "2.11.4", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "equivalent@1.0.1", "hashbrown@0.15.2", "serde@1.0.226", "serde_core@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "indicatif@0.18.3", "Name": "indicatif", "Identifier": { "PURL": "pkg:cargo/indicatif@0.18.3", "UID": "1869c670404524c", "BOMRef": "pkg:cargo/indicatif@0.18.3" }, "Version": "0.18.3", "Licenses": [ "MIT" ], "DependsOn": [ "console@0.16.0", "portable-atomic@1.11.1", "rayon@1.11.0", "unicode-width@0.2.0", "unit-prefix@0.5.1", "web-time@1.1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "indoc@2.0.6", "Name": "indoc", "Identifier": { "PURL": "pkg:cargo/indoc@2.0.6", "UID": "80fd61eb2c95d37", "BOMRef": "pkg:cargo/indoc@2.0.6" }, "Version": "2.0.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "integer-encoding@4.1.0", "Name": "integer-encoding", "Identifier": { "PURL": "pkg:cargo/integer-encoding@4.1.0", "UID": "3fb5187b4de8e38a", "BOMRef": "pkg:cargo/integer-encoding@4.1.0" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "inventory@0.3.14", "Name": "inventory", "Identifier": { "PURL": "pkg:cargo/inventory@0.3.14", "UID": "f19b52659fab2a1f", "BOMRef": "pkg:cargo/inventory@0.3.14" }, "Version": "0.3.14", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "io-uring@0.7.11", "Name": "io-uring", "Identifier": { "PURL": "pkg:cargo/io-uring@0.7.11", "UID": "29733d63965d7fb7", "BOMRef": "pkg:cargo/io-uring@0.7.11" }, "Version": "0.7.11", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bitflags@2.9.1", "cfg-if@1.0.0", "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ipnet@2.11.0", "Name": "ipnet", "Identifier": { "PURL": "pkg:cargo/ipnet@2.11.0", "UID": "dcd666901e67ad12", "BOMRef": "pkg:cargo/ipnet@2.11.0" }, "Version": "2.11.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "irg-kvariants@0.1.1", "Name": "irg-kvariants", "Identifier": { "PURL": "pkg:cargo/irg-kvariants@0.1.1", "UID": "c0cf03c2ea5a2759", "BOMRef": "pkg:cargo/irg-kvariants@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "csv@1.4.0", "once_cell@1.21.3", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "iri-string@0.7.8", "Name": "iri-string", "Identifier": { "PURL": "pkg:cargo/iri-string@0.7.8", "UID": "5adf83f6d6a960b1", "BOMRef": "pkg:cargo/iri-string@0.7.8" }, "Version": "0.7.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "memchr@2.7.4", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "is_sorted@0.1.1", "Name": "is_sorted", "Identifier": { "PURL": "pkg:cargo/is_sorted@0.1.1", "UID": "7c1a6615ee0065e9", "BOMRef": "pkg:cargo/is_sorted@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "itertools@0.10.5", "Name": "itertools", "Identifier": { "PURL": "pkg:cargo/itertools@0.10.5", "UID": "d8d1703fcafff638", "BOMRef": "pkg:cargo/itertools@0.10.5" }, "Version": "0.10.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "either@1.13.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "itertools@0.12.1", "Name": "itertools", "Identifier": { "PURL": "pkg:cargo/itertools@0.12.1", "UID": "788f67498b7752b5", "BOMRef": "pkg:cargo/itertools@0.12.1" }, "Version": "0.12.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "either@1.13.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "itertools@0.13.0", "Name": "itertools", "Identifier": { "PURL": "pkg:cargo/itertools@0.13.0", "UID": "bca91c9f0ea33cf3", "BOMRef": "pkg:cargo/itertools@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "either@1.13.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "itertools@0.14.0", "Name": "itertools", "Identifier": { "PURL": "pkg:cargo/itertools@0.14.0", "UID": "5b703886519e1e9b", "BOMRef": "pkg:cargo/itertools@0.14.0" }, "Version": "0.14.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "either@1.13.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "itoa@1.0.5", "Name": "itoa", "Identifier": { "PURL": "pkg:cargo/itoa@1.0.5", "UID": "3a55251a5d877fe", "BOMRef": "pkg:cargo/itoa@1.0.5" }, "Version": "1.0.5", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "jieba-macros@0.7.1", "Name": "jieba-macros", "Identifier": { "PURL": "pkg:cargo/jieba-macros@0.7.1", "UID": "1c937f47a203431c", "BOMRef": "pkg:cargo/jieba-macros@0.7.1" }, "Version": "0.7.1", "Licenses": [ "MIT" ], "DependsOn": [ "phf_codegen@0.11.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "jieba-rs@0.7.3", "Name": "jieba-rs", "Identifier": { "PURL": "pkg:cargo/jieba-rs@0.7.3", "UID": "78c74cae2dad09bd", "BOMRef": "pkg:cargo/jieba-rs@0.7.3" }, "Version": "0.7.3", "Licenses": [ "MIT" ], "DependsOn": [ "cedarwood@0.4.6", "fxhash@0.2.1", "include-flate@0.3.0", "jieba-macros@0.7.1", "lazy_static@1.5.0", "phf@0.11.2", "regex@1.11.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "jiff@0.2.15", "Name": "jiff", "Identifier": { "PURL": "pkg:cargo/jiff@0.2.15", "UID": "d6b7eaef54b378fc", "BOMRef": "pkg:cargo/jiff@0.2.15" }, "Version": "0.2.15", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "jiff-static@0.2.15", "log@0.4.28", "portable-atomic-util@0.2.4", "portable-atomic@1.11.1", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "jiff-static@0.2.15", "Name": "jiff-static", "Identifier": { "PURL": "pkg:cargo/jiff-static@0.2.15", "UID": "51bd51f8741eee60", "BOMRef": "pkg:cargo/jiff-static@0.2.15" }, "Version": "0.2.15", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "js-sys@0.3.77", "Name": "js-sys", "Identifier": { "PURL": "pkg:cargo/js-sys@0.3.77", "UID": "b90ffdad00f42c07", "BOMRef": "pkg:cargo/js-sys@0.3.77" }, "Version": "0.3.77", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "once_cell@1.21.3", "wasm-bindgen@0.2.100" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "jsonwebtoken@10.0.0", "Name": "jsonwebtoken", "Identifier": { "PURL": "pkg:cargo/jsonwebtoken@10.0.0", "UID": "a9eb4247f41b4cc9", "BOMRef": "pkg:cargo/jsonwebtoken@10.0.0" }, "Version": "10.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "base64@0.22.0", "ed25519-dalek@2.2.0", "getrandom@0.2.11", "hmac@0.12.1", "js-sys@0.3.77", "p256@0.13.2", "p384@0.13.1", "pem@3.0.3", "rand@0.8.5", "rsa@0.9.8", "serde@1.0.226", "serde_json@1.0.145", "sha2@0.10.9", "signature@2.2.0", "simple_asn1@0.6.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "language-tags@0.3.2", "Name": "language-tags", "Identifier": { "PURL": "pkg:cargo/language-tags@0.3.2", "UID": "621c61143d8bcbe0", "BOMRef": "pkg:cargo/language-tags@0.3.2" }, "Version": "0.3.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "lazy_static@1.5.0", "Name": "lazy_static", "Identifier": { "PURL": "pkg:cargo/lazy_static@1.5.0", "UID": "f2a1b310e9095753", "BOMRef": "pkg:cargo/lazy_static@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "spin@0.9.8" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "libc@0.2.174", "Name": "libc", "Identifier": { "PURL": "pkg:cargo/libc@0.2.174", "UID": "aff87a7d8520a6f3", "BOMRef": "pkg:cargo/libc@0.2.174" }, "Version": "0.2.174", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "libflate@1.4.0", "Name": "libflate", "Identifier": { "PURL": "pkg:cargo/libflate@1.4.0", "UID": "cc86499b75476017", "BOMRef": "pkg:cargo/libflate@1.4.0" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "adler32@1.2.0", "crc32fast@1.3.2", "libflate_lz77@1.2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "libflate@2.1.0", "Name": "libflate", "Identifier": { "PURL": "pkg:cargo/libflate@2.1.0", "UID": "9ebbd915a0ca1c4b", "BOMRef": "pkg:cargo/libflate@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "adler32@1.2.0", "core2@0.4.0", "crc32fast@1.3.2", "dary_heap@0.3.7", "libflate_lz77@2.1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "libflate_lz77@1.2.0", "Name": "libflate_lz77", "Identifier": { "PURL": "pkg:cargo/libflate_lz77@1.2.0", "UID": "3bfe9595e8eb9e15", "BOMRef": "pkg:cargo/libflate_lz77@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "rle-decode-fast@1.0.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "libflate_lz77@2.1.0", "Name": "libflate_lz77", "Identifier": { "PURL": "pkg:cargo/libflate_lz77@2.1.0", "UID": "7a29c72f639c4c9f", "BOMRef": "pkg:cargo/libflate_lz77@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "core2@0.4.0", "hashbrown@0.14.2", "rle-decode-fast@1.0.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "libloading@0.8.5", "Name": "libloading", "Identifier": { "PURL": "pkg:cargo/libloading@0.8.5", "UID": "af2987bda705b4a2", "BOMRef": "pkg:cargo/libloading@0.8.5" }, "Version": "0.8.5", "Licenses": [ "ISC" ], "DependsOn": [ "cfg-if@1.0.0", "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "libm@0.2.6", "Name": "libm", "Identifier": { "PURL": "pkg:cargo/libm@0.2.6", "UID": "b6b1109807610a43", "BOMRef": "pkg:cargo/libm@0.2.6" }, "Version": "0.2.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "librocksdb-sys@0.17.3+10.4.2", "Name": "librocksdb-sys", "Identifier": { "PURL": "pkg:cargo/librocksdb-sys@0.17.3%2B10.4.2", "UID": "feec146bcba58774", "BOMRef": "pkg:cargo/librocksdb-sys@0.17.3%2B10.4.2" }, "Version": "0.17.3+10.4.2", "Licenses": [ "MIT OR Apache-2.0 OR BSD-3-Clause" ], "DependsOn": [ "bzip2-sys@0.1.11+1.0.8", "libc@0.2.174", "libz-sys@1.1.8", "lz4-sys@1.11.1+lz4-1.10.0", "zstd-sys@2.0.9+zstd.1.5.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "libz-sys@1.1.8", "Name": "libz-sys", "Identifier": { "PURL": "pkg:cargo/libz-sys@1.1.8", "UID": "ae167933420e463e", "BOMRef": "pkg:cargo/libz-sys@1.1.8" }, "Version": "1.1.8", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "link-cplusplus@1.0.8", "Name": "link-cplusplus", "Identifier": { "PURL": "pkg:cargo/link-cplusplus@1.0.8", "UID": "5ac6e543a50fac03", "BOMRef": "pkg:cargo/link-cplusplus@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "linux-raw-sys@0.4.14", "Name": "linux-raw-sys", "Identifier": { "PURL": "pkg:cargo/linux-raw-sys@0.4.14", "UID": "18e5320e535162f1", "BOMRef": "pkg:cargo/linux-raw-sys@0.4.14" }, "Version": "0.4.14", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "linux-raw-sys@0.9.2", "Name": "linux-raw-sys", "Identifier": { "PURL": "pkg:cargo/linux-raw-sys@0.9.2", "UID": "54b983097e60b21d", "BOMRef": "pkg:cargo/linux-raw-sys@0.9.2" }, "Version": "0.9.2", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "litemap@0.7.3", "Name": "litemap", "Identifier": { "PURL": "pkg:cargo/litemap@0.7.3", "UID": "b65e113b6158cddb", "BOMRef": "pkg:cargo/litemap@0.7.3" }, "Version": "0.7.3", "Licenses": [ "Unicode-3.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "local-channel@0.1.3", "Name": "local-channel", "Identifier": { "PURL": "pkg:cargo/local-channel@0.1.3", "UID": "bba8037620e4ce49", "BOMRef": "pkg:cargo/local-channel@0.1.3" }, "Version": "0.1.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31", "futures-sink@0.3.31", "futures-util@0.3.31", "local-waker@0.1.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "local-waker@0.1.3", "Name": "local-waker", "Identifier": { "PURL": "pkg:cargo/local-waker@0.1.3", "UID": "c6200134ee59cebc", "BOMRef": "pkg:cargo/local-waker@0.1.3" }, "Version": "0.1.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "lock_api@0.4.14", "Name": "lock_api", "Identifier": { "PURL": "pkg:cargo/lock_api@0.4.14", "UID": "27326422566da7f3", "BOMRef": "pkg:cargo/lock_api@0.4.14" }, "Version": "0.4.14", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "scopeguard@1.1.0", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "log@0.4.28", "Name": "log", "Identifier": { "PURL": "pkg:cargo/log@0.4.28", "UID": "a615b7c6d8263cc5", "BOMRef": "pkg:cargo/log@0.4.28" }, "Version": "0.4.28", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "loom@0.7.1", "Name": "loom", "Identifier": { "PURL": "pkg:cargo/loom@0.7.1", "UID": "6cdddc0556bc3f0d", "BOMRef": "pkg:cargo/loom@0.7.1" }, "Version": "0.7.1", "Licenses": [ "MIT" ], "DependsOn": [ "cfg-if@1.0.0", "generator@0.7.4", "scoped-tls@1.0.1", "tracing-subscriber@0.3.22", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "lz4-sys@1.11.1+lz4-1.10.0", "Name": "lz4-sys", "Identifier": { "PURL": "pkg:cargo/lz4-sys@1.11.1%2Blz4-1.10.0", "UID": "39060b859d0490cc", "BOMRef": "pkg:cargo/lz4-sys@1.11.1%2Blz4-1.10.0" }, "Version": "1.11.1+lz4-1.10.0", "Licenses": [ "MIT" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "lz4_flex@0.12.0", "Name": "lz4_flex", "Identifier": { "PURL": "pkg:cargo/lz4_flex@0.12.0", "UID": "bfdb5642d2dcb174", "BOMRef": "pkg:cargo/lz4_flex@0.12.0" }, "Version": "0.12.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "macro_rules_attribute@0.2.2", "Name": "macro_rules_attribute", "Identifier": { "PURL": "pkg:cargo/macro_rules_attribute@0.2.2", "UID": "f48640760a2f57f6", "BOMRef": "pkg:cargo/macro_rules_attribute@0.2.2" }, "Version": "0.2.2", "Licenses": [ "Apache-2.0 OR MIT OR Zlib" ], "DependsOn": [ "macro_rules_attribute-proc_macro@0.2.2", "paste@1.0.11" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "macro_rules_attribute-proc_macro@0.2.2", "Name": "macro_rules_attribute-proc_macro", "Identifier": { "PURL": "pkg:cargo/macro_rules_attribute-proc_macro@0.2.2", "UID": "d580d3942c6b53fd", "BOMRef": "pkg:cargo/macro_rules_attribute-proc_macro@0.2.2" }, "Version": "0.2.2", "Licenses": [ "Apache-2.0 OR MIT OR Zlib" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "matchers@0.2.0", "Name": "matchers", "Identifier": { "PURL": "pkg:cargo/matchers@0.2.0", "UID": "7bb34e126bba04ac", "BOMRef": "pkg:cargo/matchers@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "regex-automata@0.4.8" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "matchit@0.7.0", "Name": "matchit", "Identifier": { "PURL": "pkg:cargo/matchit@0.7.0", "UID": "695a99811f9fe14a", "BOMRef": "pkg:cargo/matchit@0.7.0" }, "Version": "0.7.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "md-5@0.10.6", "Name": "md-5", "Identifier": { "PURL": "pkg:cargo/md-5@0.10.6", "UID": "9711e696d9ca20a2", "BOMRef": "pkg:cargo/md-5@0.10.6" }, "Version": "0.10.6", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "digest@0.10.7" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "memchr@2.7.4", "Name": "memchr", "Identifier": { "PURL": "pkg:cargo/memchr@2.7.4", "UID": "50515ab6801ca63b", "BOMRef": "pkg:cargo/memchr@2.7.4" }, "Version": "2.7.4", "Licenses": [ "Unlicense OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "memmap2@0.9.8", "Name": "memmap2", "Identifier": { "PURL": "pkg:cargo/memmap2@0.9.8", "UID": "ad7a2d276d7cbfa", "BOMRef": "pkg:cargo/memmap2@0.9.8" }, "Version": "0.9.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "memoffset@0.7.1", "Name": "memoffset", "Identifier": { "PURL": "pkg:cargo/memoffset@0.7.1", "UID": "deaedd18ddaaaf7", "BOMRef": "pkg:cargo/memoffset@0.7.1" }, "Version": "0.7.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "memoffset@0.9.1", "Name": "memoffset", "Identifier": { "PURL": "pkg:cargo/memoffset@0.9.1", "UID": "1652429313e7d37f", "BOMRef": "pkg:cargo/memoffset@0.9.1" }, "Version": "0.9.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "mime@0.3.16", "Name": "mime", "Identifier": { "PURL": "pkg:cargo/mime@0.3.16", "UID": "75cffd24dc90f6a", "BOMRef": "pkg:cargo/mime@0.3.16" }, "Version": "0.3.16", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "mime_guess@2.0.4", "Name": "mime_guess", "Identifier": { "PURL": "pkg:cargo/mime_guess@2.0.4", "UID": "c336362909397265", "BOMRef": "pkg:cargo/mime_guess@2.0.4" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "mime@0.3.16", "unicase@2.6.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "minimal-lexical@0.2.1", "Name": "minimal-lexical", "Identifier": { "PURL": "pkg:cargo/minimal-lexical@0.2.1", "UID": "dddc07a1ee358d82", "BOMRef": "pkg:cargo/minimal-lexical@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "miniz_oxide@0.6.2", "Name": "miniz_oxide", "Identifier": { "PURL": "pkg:cargo/miniz_oxide@0.6.2", "UID": "6e5486f6a651657c", "BOMRef": "pkg:cargo/miniz_oxide@0.6.2" }, "Version": "0.6.2", "Licenses": [ "MIT OR Zlib OR Apache-2.0" ], "DependsOn": [ "adler@1.0.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "miniz_oxide@0.8.5", "Name": "miniz_oxide", "Identifier": { "PURL": "pkg:cargo/miniz_oxide@0.8.5", "UID": "de656698a0f1b878", "BOMRef": "pkg:cargo/miniz_oxide@0.8.5" }, "Version": "0.8.5", "Licenses": [ "MIT OR Zlib OR Apache-2.0" ], "DependsOn": [ "adler2@2.0.0", "simd-adler32@0.3.7" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "mio@1.0.1", "Name": "mio", "Identifier": { "PURL": "pkg:cargo/mio@1.0.1", "UID": "b1b2745c0cc32a29", "BOMRef": "pkg:cargo/mio@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "hermit-abi@0.3.9", "libc@0.2.174", "log@0.4.28", "wasi@0.11.0+wasi-snapshot-preview1", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "names@0.14.0", "Name": "names", "Identifier": { "PURL": "pkg:cargo/names@0.14.0", "UID": "d34a45e35648d16d", "BOMRef": "pkg:cargo/names@0.14.0" }, "Version": "0.14.0", "Licenses": [ "MIT" ], "DependsOn": [ "rand@0.8.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "nix@0.25.1", "Name": "nix", "Identifier": { "PURL": "pkg:cargo/nix@0.25.1", "UID": "5dbf0a071857a60f", "BOMRef": "pkg:cargo/nix@0.25.1" }, "Version": "0.25.1", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@1.3.2", "cfg-if@1.0.0", "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "nix@0.27.1", "Name": "nix", "Identifier": { "PURL": "pkg:cargo/nix@0.27.1", "UID": "aa073a67c086dfe9", "BOMRef": "pkg:cargo/nix@0.27.1" }, "Version": "0.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@2.9.1", "cfg-if@1.0.0", "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "nix@0.29.0", "Name": "nix", "Identifier": { "PURL": "pkg:cargo/nix@0.29.0", "UID": "9c6e5934f0418b1d", "BOMRef": "pkg:cargo/nix@0.29.0" }, "Version": "0.29.0", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@2.9.1", "cfg-if@1.0.0", "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "nodrop@0.1.14", "Name": "nodrop", "Identifier": { "PURL": "pkg:cargo/nodrop@0.1.14", "UID": "1951f4141dfe98be", "BOMRef": "pkg:cargo/nodrop@0.1.14" }, "Version": "0.1.14", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "nom@7.1.3", "Name": "nom", "Identifier": { "PURL": "pkg:cargo/nom@7.1.3", "UID": "a1091cf8fb117652", "BOMRef": "pkg:cargo/nom@7.1.3" }, "Version": "7.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "memchr@2.7.4", "minimal-lexical@0.2.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "nom@8.0.0", "Name": "nom", "Identifier": { "PURL": "pkg:cargo/nom@8.0.0", "UID": "d327c1adb341c5f1", "BOMRef": "pkg:cargo/nom@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ntapi@0.4.1", "Name": "ntapi", "Identifier": { "PURL": "pkg:cargo/ntapi@0.4.1", "UID": "10da810c405264f7", "BOMRef": "pkg:cargo/ntapi@0.4.1" }, "Version": "0.4.1", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "winapi@0.3.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "nu-ansi-term@0.50.1", "Name": "nu-ansi-term", "Identifier": { "PURL": "pkg:cargo/nu-ansi-term@0.50.1", "UID": "513491de7fb888e8", "BOMRef": "pkg:cargo/nu-ansi-term@0.50.1" }, "Version": "0.50.1", "Licenses": [ "MIT" ], "DependsOn": [ "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "num-bigint@0.4.4", "Name": "num-bigint", "Identifier": { "PURL": "pkg:cargo/num-bigint@0.4.4", "UID": "4623b5f5cc6f8bfd", "BOMRef": "pkg:cargo/num-bigint@0.4.4" }, "Version": "0.4.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "num-integer@0.1.46", "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "num-bigint-dig@0.8.4", "Name": "num-bigint-dig", "Identifier": { "PURL": "pkg:cargo/num-bigint-dig@0.8.4", "UID": "7d3ea62ae186e444", "BOMRef": "pkg:cargo/num-bigint-dig@0.8.4" }, "Version": "0.8.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "byteorder@1.5.0", "lazy_static@1.5.0", "libm@0.2.6", "num-integer@0.1.46", "num-iter@0.1.45", "num-traits@0.2.19", "rand@0.8.5", "smallvec@1.15.1", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "num-cmp@0.1.0", "Name": "num-cmp", "Identifier": { "PURL": "pkg:cargo/num-cmp@0.1.0", "UID": "e0f5cdeaf5639e00", "BOMRef": "pkg:cargo/num-cmp@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "num-derive@0.4.2", "Name": "num-derive", "Identifier": { "PURL": "pkg:cargo/num-derive@0.4.2", "UID": "c152fd171e981559", "BOMRef": "pkg:cargo/num-derive@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "num-integer@0.1.46", "Name": "num-integer", "Identifier": { "PURL": "pkg:cargo/num-integer@0.1.46", "UID": "814eca6d4b81e220", "BOMRef": "pkg:cargo/num-integer@0.1.46" }, "Version": "0.1.46", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "num-iter@0.1.45", "Name": "num-iter", "Identifier": { "PURL": "pkg:cargo/num-iter@0.1.45", "UID": "aa6aefd2526d9949", "BOMRef": "pkg:cargo/num-iter@0.1.45" }, "Version": "0.1.45", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "num-integer@0.1.46", "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "num-traits@0.2.19", "Name": "num-traits", "Identifier": { "PURL": "pkg:cargo/num-traits@0.2.19", "UID": "ae1611f2e9fbf02f", "BOMRef": "pkg:cargo/num-traits@0.2.19" }, "Version": "0.2.19", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libm@0.2.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "num_cpus@1.17.0", "Name": "num_cpus", "Identifier": { "PURL": "pkg:cargo/num_cpus@1.17.0", "UID": "dbbf998b9be69b2b", "BOMRef": "pkg:cargo/num_cpus@1.17.0" }, "Version": "1.17.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hermit-abi@0.5.1", "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "objc2-core-foundation@0.3.1", "Name": "objc2-core-foundation", "Identifier": { "PURL": "pkg:cargo/objc2-core-foundation@0.3.1", "UID": "a88c487b345b0209", "BOMRef": "pkg:cargo/objc2-core-foundation@0.3.1" }, "Version": "0.3.1", "Licenses": [ "Zlib OR Apache-2.0 OR MIT" ], "DependsOn": [ "bitflags@2.9.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "objc2-io-kit@0.3.1", "Name": "objc2-io-kit", "Identifier": { "PURL": "pkg:cargo/objc2-io-kit@0.3.1", "UID": "34ad18e856391b48", "BOMRef": "pkg:cargo/objc2-io-kit@0.3.1" }, "Version": "0.3.1", "Licenses": [ "Zlib OR Apache-2.0 OR MIT" ], "DependsOn": [ "libc@0.2.174", "objc2-core-foundation@0.3.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "object@0.30.0", "Name": "object", "Identifier": { "PURL": "pkg:cargo/object@0.30.0", "UID": "2553e51331b19fa0", "BOMRef": "pkg:cargo/object@0.30.0" }, "Version": "0.30.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "object_store@0.12.4", "Name": "object_store", "Identifier": { "PURL": "pkg:cargo/object_store@0.12.4", "UID": "d00ebe8122427d0a", "BOMRef": "pkg:cargo/object_store@0.12.4" }, "Version": "0.12.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "async-trait@0.1.89", "base64@0.22.0", "bytes@1.10.1", "chrono@0.4.42", "form_urlencoded@1.2.2", "futures@0.3.31", "http-body-util@0.1.2", "http@1.3.1", "humantime@2.3.0", "hyper@1.6.0", "itertools@0.14.0", "md-5@0.10.6", "parking_lot@0.12.5", "percent-encoding@2.3.2", "quick-xml@0.38.0", "rand@0.9.2", "reqwest@0.12.24", "ring@0.17.13", "serde@1.0.226", "serde_json@1.0.145", "serde_urlencoded@0.7.1", "thiserror@2.0.17", "tokio@1.48.0", "tracing@0.1.43", "url@2.5.7", "walkdir@2.5.0", "wasm-bindgen-futures@0.4.42", "web-time@1.1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "once_cell@1.21.3", "Name": "once_cell", "Identifier": { "PURL": "pkg:cargo/once_cell@1.21.3", "UID": "3b1b478bbea4758d", "BOMRef": "pkg:cargo/once_cell@1.21.3" }, "Version": "1.21.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "openssl-probe@0.1.5", "Name": "openssl-probe", "Identifier": { "PURL": "pkg:cargo/openssl-probe@0.1.5", "UID": "3c38b728b7742a2a", "BOMRef": "pkg:cargo/openssl-probe@0.1.5" }, "Version": "0.1.5", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ordered-float@2.10.1", "Name": "ordered-float", "Identifier": { "PURL": "pkg:cargo/ordered-float@2.10.1", "UID": "e95a5b6048734e7f", "BOMRef": "pkg:cargo/ordered-float@2.10.1" }, "Version": "2.10.1", "Licenses": [ "MIT" ], "DependsOn": [ "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ordered-float@5.1.0", "Name": "ordered-float", "Identifier": { "PURL": "pkg:cargo/ordered-float@5.1.0", "UID": "ec5b87dc5934b4e4", "BOMRef": "pkg:cargo/ordered-float@5.1.0" }, "Version": "5.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "num-traits@0.2.19", "rand@0.8.5", "schemars@0.8.22", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "p256@0.13.2", "Name": "p256", "Identifier": { "PURL": "pkg:cargo/p256@0.13.2", "UID": "ecc51aa036bc52d0", "BOMRef": "pkg:cargo/p256@0.13.2" }, "Version": "0.13.2", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "ecdsa@0.16.9", "elliptic-curve@0.13.8", "primeorder@0.13.6", "sha2@0.10.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "p384@0.13.1", "Name": "p384", "Identifier": { "PURL": "pkg:cargo/p384@0.13.1", "UID": "5ace817026f3b5bb", "BOMRef": "pkg:cargo/p384@0.13.1" }, "Version": "0.13.1", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "ecdsa@0.16.9", "elliptic-curve@0.13.8", "primeorder@0.13.6", "sha2@0.10.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "parking_lot@0.12.5", "Name": "parking_lot", "Identifier": { "PURL": "pkg:cargo/parking_lot@0.12.5", "UID": "7e20b47d5c3c526a", "BOMRef": "pkg:cargo/parking_lot@0.12.5" }, "Version": "0.12.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "lock_api@0.4.14", "parking_lot_core@0.9.12" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "parking_lot_core@0.9.12", "Name": "parking_lot_core", "Identifier": { "PURL": "pkg:cargo/parking_lot_core@0.9.12", "UID": "c914c5089ff4d4b5", "BOMRef": "pkg:cargo/parking_lot_core@0.9.12" }, "Version": "0.9.12", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "backtrace@0.3.67", "cfg-if@1.0.0", "libc@0.2.174", "petgraph@0.6.2", "redox_syscall@0.5.12", "smallvec@1.15.1", "windows-link@0.2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "parse-size@1.0.0", "Name": "parse-size", "Identifier": { "PURL": "pkg:cargo/parse-size@1.0.0", "UID": "8d49026e3e6f9a41", "BOMRef": "pkg:cargo/parse-size@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "paste@1.0.11", "Name": "paste", "Identifier": { "PURL": "pkg:cargo/paste@1.0.11", "UID": "8f247121ae70772f", "BOMRef": "pkg:cargo/paste@1.0.11" }, "Version": "1.0.11", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "path_facts@0.2.1", "Name": "path_facts", "Identifier": { "PURL": "pkg:cargo/path_facts@0.2.1", "UID": "3f6bf311791c96f1", "BOMRef": "pkg:cargo/path_facts@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "faccess@0.2.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pathdiff@0.2.3", "Name": "pathdiff", "Identifier": { "PURL": "pkg:cargo/pathdiff@0.2.3", "UID": "b8b8720effdb8ce9", "BOMRef": "pkg:cargo/pathdiff@0.2.3" }, "Version": "0.2.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pem@3.0.3", "Name": "pem", "Identifier": { "PURL": "pkg:cargo/pem@3.0.3", "UID": "93c5aea9a3818ef2", "BOMRef": "pkg:cargo/pem@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "base64@0.21.0", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pem-rfc7468@0.7.0", "Name": "pem-rfc7468", "Identifier": { "PURL": "pkg:cargo/pem-rfc7468@0.7.0", "UID": "fa437b783e2a8792", "BOMRef": "pkg:cargo/pem-rfc7468@0.7.0" }, "Version": "0.7.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "base64ct@1.8.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "percent-encoding@2.3.2", "Name": "percent-encoding", "Identifier": { "PURL": "pkg:cargo/percent-encoding@2.3.2", "UID": "ac162f3698d17ee8", "BOMRef": "pkg:cargo/percent-encoding@2.3.2" }, "Version": "2.3.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "permutation_iterator@0.1.2", "Name": "permutation_iterator", "Identifier": { "PURL": "pkg:cargo/permutation_iterator@0.1.2", "UID": "ab72dc98b7e90f8", "BOMRef": "pkg:cargo/permutation_iterator@0.1.2" }, "Version": "0.1.2", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "blake2-rfc@0.2.18", "rand@0.7.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "petgraph@0.6.2", "Name": "petgraph", "Identifier": { "PURL": "pkg:cargo/petgraph@0.6.2", "UID": "81903a21bd698838", "BOMRef": "pkg:cargo/petgraph@0.6.2" }, "Version": "0.6.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "fixedbitset@0.4.2", "indexmap@1.9.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ph@0.8.5", "Name": "ph", "Identifier": { "PURL": "pkg:cargo/ph@0.8.5", "UID": "20feaf3d505884ea", "BOMRef": "pkg:cargo/ph@0.8.5" }, "Version": "0.8.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "aligned-vec@0.6.1", "binout@0.2.1", "bitm@0.4.2", "dyn_size_of@0.4.2", "rayon@1.11.0", "seedable_hash@0.1.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "phf@0.11.2", "Name": "phf", "Identifier": { "PURL": "pkg:cargo/phf@0.11.2", "UID": "65b603a45bd8a6f7", "BOMRef": "pkg:cargo/phf@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT" ], "DependsOn": [ "phf_shared@0.11.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "phf_codegen@0.11.2", "Name": "phf_codegen", "Identifier": { "PURL": "pkg:cargo/phf_codegen@0.11.2", "UID": "5b57d507a0fcc757", "BOMRef": "pkg:cargo/phf_codegen@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT" ], "DependsOn": [ "phf_generator@0.11.2", "phf_shared@0.11.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "phf_generator@0.11.2", "Name": "phf_generator", "Identifier": { "PURL": "pkg:cargo/phf_generator@0.11.2", "UID": "947b3219b019ef37", "BOMRef": "pkg:cargo/phf_generator@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT" ], "DependsOn": [ "phf_shared@0.11.2", "rand@0.8.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "phf_shared@0.11.2", "Name": "phf_shared", "Identifier": { "PURL": "pkg:cargo/phf_shared@0.11.2", "UID": "e89a07a957a4904", "BOMRef": "pkg:cargo/phf_shared@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT" ], "DependsOn": [ "siphasher@0.3.10" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pin-project@1.0.12", "Name": "pin-project", "Identifier": { "PURL": "pkg:cargo/pin-project@1.0.12", "UID": "a3e254f62a39fb4", "BOMRef": "pkg:cargo/pin-project@1.0.12" }, "Version": "1.0.12", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "pin-project-internal@1.0.12" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pin-project-internal@1.0.12", "Name": "pin-project-internal", "Identifier": { "PURL": "pkg:cargo/pin-project-internal@1.0.12", "UID": "349ef6a3f03568b4", "BOMRef": "pkg:cargo/pin-project-internal@1.0.12" }, "Version": "1.0.12", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pin-project-lite@0.2.12", "Name": "pin-project-lite", "Identifier": { "PURL": "pkg:cargo/pin-project-lite@0.2.12", "UID": "8d570da0d7ca3b14", "BOMRef": "pkg:cargo/pin-project-lite@0.2.12" }, "Version": "0.2.12", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pin-utils@0.1.0", "Name": "pin-utils", "Identifier": { "PURL": "pkg:cargo/pin-utils@0.1.0", "UID": "dec9eecf49f3b75b", "BOMRef": "pkg:cargo/pin-utils@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pkcs1@0.7.5", "Name": "pkcs1", "Identifier": { "PURL": "pkg:cargo/pkcs1@0.7.5", "UID": "d6efe48abb2fb595", "BOMRef": "pkg:cargo/pkcs1@0.7.5" }, "Version": "0.7.5", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "der@0.7.10", "pkcs8@0.10.2", "spki@0.7.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pkcs8@0.10.2", "Name": "pkcs8", "Identifier": { "PURL": "pkg:cargo/pkcs8@0.10.2", "UID": "693707556406d452", "BOMRef": "pkg:cargo/pkcs8@0.10.2" }, "Version": "0.10.2", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "der@0.7.10", "spki@0.7.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "portable-atomic@1.11.1", "Name": "portable-atomic", "Identifier": { "PURL": "pkg:cargo/portable-atomic@1.11.1", "UID": "5a7fc09fc7e05c1", "BOMRef": "pkg:cargo/portable-atomic@1.11.1" }, "Version": "1.11.1", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "portable-atomic-util@0.2.4", "Name": "portable-atomic-util", "Identifier": { "PURL": "pkg:cargo/portable-atomic-util@0.2.4", "UID": "cba95dd5b6470bd1", "BOMRef": "pkg:cargo/portable-atomic-util@0.2.4" }, "Version": "0.2.4", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "portable-atomic@1.11.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pprof2@0.13.1", "Name": "pprof2", "Identifier": { "PURL": "pkg:cargo/pprof2@0.13.1", "UID": "cb41965fece2abe8", "BOMRef": "pkg:cargo/pprof2@0.13.1" }, "Version": "0.13.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "backtrace@0.3.67", "cfg-if@1.0.0", "findshlibs@0.10.2", "libc@0.2.174", "log@0.4.28", "nix@0.27.1", "once_cell@1.21.3", "parking_lot@0.12.5", "smallvec@1.15.1", "symbolic-demangle@12.12.3", "tempfile@3.23.0", "thiserror@2.0.17" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ppv-lite86@0.2.17", "Name": "ppv-lite86", "Identifier": { "PURL": "pkg:cargo/ppv-lite86@0.2.17", "UID": "4dfad598dee82549", "BOMRef": "pkg:cargo/ppv-lite86@0.2.17" }, "Version": "0.2.17", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "presser@0.3.1", "Name": "presser", "Identifier": { "PURL": "pkg:cargo/presser@0.3.1", "UID": "73112b9c2ee08582", "BOMRef": "pkg:cargo/presser@0.3.1" }, "Version": "0.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "primeorder@0.13.6", "Name": "primeorder", "Identifier": { "PURL": "pkg:cargo/primeorder@0.13.6", "UID": "2c758ccf9fe0511b", "BOMRef": "pkg:cargo/primeorder@0.13.6" }, "Version": "0.13.6", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "elliptic-curve@0.13.8" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "proc-macro-error@1.0.4", "Name": "proc-macro-error", "Identifier": { "PURL": "pkg:cargo/proc-macro-error@1.0.4", "UID": "ecfb0fa470b7dae1", "BOMRef": "pkg:cargo/proc-macro-error@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro-error-attr@1.0.4", "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "proc-macro-error-attr@1.0.4", "Name": "proc-macro-error-attr", "Identifier": { "PURL": "pkg:cargo/proc-macro-error-attr@1.0.4", "UID": "c82bced428d86dc2", "BOMRef": "pkg:cargo/proc-macro-error-attr@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "proc-macro-error-attr2@2.0.0", "Name": "proc-macro-error-attr2", "Identifier": { "PURL": "pkg:cargo/proc-macro-error-attr2@2.0.0", "UID": "9c48724a6a3ffb63", "BOMRef": "pkg:cargo/proc-macro-error-attr2@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "proc-macro-error2@2.0.1", "Name": "proc-macro-error2", "Identifier": { "PURL": "pkg:cargo/proc-macro-error2@2.0.1", "UID": "deea4a1c9acc8862", "BOMRef": "pkg:cargo/proc-macro-error2@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro-error-attr2@2.0.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "proc-macro2@1.0.101", "Name": "proc-macro2", "Identifier": { "PURL": "pkg:cargo/proc-macro2@1.0.101", "UID": "3d7c6c3e7e657913", "BOMRef": "pkg:cargo/proc-macro2@1.0.101" }, "Version": "1.0.101", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "unicode-ident@1.0.13" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "procfs@0.18.0", "Name": "procfs", "Identifier": { "PURL": "pkg:cargo/procfs@0.18.0", "UID": "9e11eb7645e9a52e", "BOMRef": "pkg:cargo/procfs@0.18.0" }, "Version": "0.18.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bitflags@2.9.1", "procfs-core@0.18.0", "rustix@1.0.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "procfs-core@0.18.0", "Name": "procfs-core", "Identifier": { "PURL": "pkg:cargo/procfs-core@0.18.0", "UID": "f73fc04f0a94e30c", "BOMRef": "pkg:cargo/procfs-core@0.18.0" }, "Version": "0.18.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bitflags@2.9.1", "hex@0.4.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prometheus@0.14.0", "Name": "prometheus", "Identifier": { "PURL": "pkg:cargo/prometheus@0.14.0", "UID": "1b2199b3644954d9", "BOMRef": "pkg:cargo/prometheus@0.14.0" }, "Version": "0.14.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "fnv@1.0.7", "lazy_static@1.5.0", "memchr@2.7.4", "parking_lot@0.12.5", "thiserror@2.0.17" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prost@0.11.9", "Name": "prost", "Identifier": { "PURL": "pkg:cargo/prost@0.11.9", "UID": "a4c08cc04b4abe47", "BOMRef": "pkg:cargo/prost@0.11.9" }, "Version": "0.11.9", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "prost-derive@0.11.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prost@0.12.6", "Name": "prost", "Identifier": { "PURL": "pkg:cargo/prost@0.12.6", "UID": "c13d7dbf867e1336", "BOMRef": "pkg:cargo/prost@0.12.6" }, "Version": "0.12.6", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "prost-derive@0.12.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prost@0.13.1", "Name": "prost", "Identifier": { "PURL": "pkg:cargo/prost@0.13.1", "UID": "70e48cc12c2d6058", "BOMRef": "pkg:cargo/prost@0.13.1" }, "Version": "0.13.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "prost-derive@0.13.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prost-derive@0.11.9", "Name": "prost-derive", "Identifier": { "PURL": "pkg:cargo/prost-derive@0.11.9", "UID": "27b875cc912cd571", "BOMRef": "pkg:cargo/prost-derive@0.11.9" }, "Version": "0.11.9", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "anyhow@1.0.100", "itertools@0.10.5", "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prost-derive@0.12.6", "Name": "prost-derive", "Identifier": { "PURL": "pkg:cargo/prost-derive@0.12.6", "UID": "e99b1a45cc442e75", "BOMRef": "pkg:cargo/prost-derive@0.12.6" }, "Version": "0.12.6", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "anyhow@1.0.100", "itertools@0.12.1", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prost-derive@0.13.1", "Name": "prost-derive", "Identifier": { "PURL": "pkg:cargo/prost-derive@0.13.1", "UID": "24d58a6e6907788", "BOMRef": "pkg:cargo/prost-derive@0.13.1" }, "Version": "0.13.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "anyhow@1.0.100", "itertools@0.13.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prost-types@0.12.6", "Name": "prost-types", "Identifier": { "PURL": "pkg:cargo/prost-types@0.12.6", "UID": "50faaabf0003c433", "BOMRef": "pkg:cargo/prost-types@0.12.6" }, "Version": "0.12.6", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "prost@0.12.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prost-types@0.13.1", "Name": "prost-types", "Identifier": { "PURL": "pkg:cargo/prost-types@0.13.1", "UID": "e5c0994b43c14622", "BOMRef": "pkg:cargo/prost-types@0.13.1" }, "Version": "0.13.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "prost@0.13.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prost-wkt@0.5.1", "Name": "prost-wkt", "Identifier": { "PURL": "pkg:cargo/prost-wkt@0.5.1", "UID": "b30cefdfa85b7501", "BOMRef": "pkg:cargo/prost-wkt@0.5.1" }, "Version": "0.5.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "chrono@0.4.42", "inventory@0.3.14", "prost@0.12.6", "serde@1.0.226", "serde_derive@1.0.226", "serde_json@1.0.145", "typetag@0.2.15" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "prost-wkt-types@0.5.1", "Name": "prost-wkt-types", "Identifier": { "PURL": "pkg:cargo/prost-wkt-types@0.5.1", "UID": "b4e24b1ffe2da839", "BOMRef": "pkg:cargo/prost-wkt-types@0.5.1" }, "Version": "0.5.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "chrono@0.4.42", "prost-wkt@0.5.1", "prost@0.12.6", "serde@1.0.226", "serde_derive@1.0.226", "serde_json@1.0.145" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "protobuf@2.28.0", "Name": "protobuf", "Identifier": { "PURL": "pkg:cargo/protobuf@2.28.0", "UID": "17b34d7d9bb1965a", "BOMRef": "pkg:cargo/protobuf@2.28.0" }, "Version": "2.28.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pyo3@0.27.1", "Name": "pyo3", "Identifier": { "PURL": "pkg:cargo/pyo3@0.27.1", "UID": "7d0df6dbe5e1905b", "BOMRef": "pkg:cargo/pyo3@0.27.1" }, "Version": "0.27.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "indoc@2.0.6", "libc@0.2.174", "memoffset@0.9.1", "once_cell@1.21.3", "portable-atomic@1.11.1", "pyo3-ffi@0.27.1", "pyo3-macros@0.27.1", "unindent@0.2.4", "uuid@1.18.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pyo3-build-config@0.27.1", "Name": "pyo3-build-config", "Identifier": { "PURL": "pkg:cargo/pyo3-build-config@0.27.1", "UID": "8dafb222402f1487", "BOMRef": "pkg:cargo/pyo3-build-config@0.27.1" }, "Version": "0.27.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "target-lexicon@0.13.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pyo3-ffi@0.27.1", "Name": "pyo3-ffi", "Identifier": { "PURL": "pkg:cargo/pyo3-ffi@0.27.1", "UID": "4c1178c54cad4de1", "BOMRef": "pkg:cargo/pyo3-ffi@0.27.1" }, "Version": "0.27.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pyo3-macros@0.27.1", "Name": "pyo3-macros", "Identifier": { "PURL": "pkg:cargo/pyo3-macros@0.27.1", "UID": "c3c10ecf5be78ea1", "BOMRef": "pkg:cargo/pyo3-macros@0.27.1" }, "Version": "0.27.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "pyo3-macros-backend@0.27.1", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pyo3-macros-backend@0.27.1", "Name": "pyo3-macros-backend", "Identifier": { "PURL": "pkg:cargo/pyo3-macros-backend@0.27.1", "UID": "bce1bbfe75d488d7", "BOMRef": "pkg:cargo/pyo3-macros-backend@0.27.1" }, "Version": "0.27.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "heck@0.5.0", "proc-macro2@1.0.101", "pyo3-build-config@0.27.1", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pyroscope@0.5.8", "Name": "pyroscope", "Identifier": { "PURL": "pkg:cargo/pyroscope@0.5.8", "UID": "b842ece76d327d58", "BOMRef": "pkg:cargo/pyroscope@0.5.8" }, "Version": "0.5.8", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "libflate@1.4.0", "log@0.4.28", "names@0.14.0", "prost@0.11.9", "reqwest@0.12.24", "serde_json@1.0.145", "thiserror@1.0.69", "url@2.5.7", "winapi@0.3.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "pyroscope_pprofrs@0.2.10", "Name": "pyroscope_pprofrs", "Identifier": { "PURL": "pkg:cargo/pyroscope_pprofrs@0.2.10", "UID": "d710222943c106b2", "BOMRef": "pkg:cargo/pyroscope_pprofrs@0.2.10" }, "Version": "0.2.10", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "log@0.4.28", "pprof2@0.13.1", "pyroscope@0.5.8" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "quick-xml@0.38.0", "Name": "quick-xml", "Identifier": { "PURL": "pkg:cargo/quick-xml@0.38.0", "UID": "ba2b5d34d9ac487d", "BOMRef": "pkg:cargo/quick-xml@0.38.0" }, "Version": "0.38.0", "Licenses": [ "MIT" ], "DependsOn": [ "memchr@2.7.4", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "quinn@0.11.2", "Name": "quinn", "Identifier": { "PURL": "pkg:cargo/quinn@0.11.2", "UID": "a82312e61a4a55bb", "BOMRef": "pkg:cargo/quinn@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "pin-project-lite@0.2.12", "quinn-proto@0.11.8", "quinn-udp@0.5.2", "rustc-hash@1.1.0", "rustls@0.23.35", "thiserror@1.0.69", "tokio@1.48.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "quinn-proto@0.11.8", "Name": "quinn-proto", "Identifier": { "PURL": "pkg:cargo/quinn-proto@0.11.8", "UID": "b725c0d3d46332c5", "BOMRef": "pkg:cargo/quinn-proto@0.11.8" }, "Version": "0.11.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "rand@0.8.5", "ring@0.17.13", "rustc-hash@2.1.1", "rustls@0.23.35", "slab@0.4.11", "thiserror@1.0.69", "tinyvec@1.10.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "quinn-udp@0.5.2", "Name": "quinn-udp", "Identifier": { "PURL": "pkg:cargo/quinn-udp@0.5.2", "UID": "ccdc5806fd49bfc", "BOMRef": "pkg:cargo/quinn-udp@0.5.2" }, "Version": "0.5.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "once_cell@1.21.3", "socket2@0.5.10", "tracing@0.1.43", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "quote@1.0.42", "Name": "quote", "Identifier": { "PURL": "pkg:cargo/quote@1.0.42", "UID": "eaa2735822290724", "BOMRef": "pkg:cargo/quote@1.0.42" }, "Version": "1.0.42", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "radium@0.7.0", "Name": "radium", "Identifier": { "PURL": "pkg:cargo/radium@0.7.0", "UID": "563d44d523a7c79f", "BOMRef": "pkg:cargo/radium@0.7.0" }, "Version": "0.7.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "raft@0.7.0", "Name": "raft", "Identifier": { "PURL": "pkg:cargo/raft@0.7.0", "UID": "90cdf32fb61b10cf", "BOMRef": "pkg:cargo/raft@0.7.0" }, "Version": "0.7.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "fxhash@0.2.1", "getset@0.1.2", "protobuf@2.28.0", "raft-proto@0.7.0", "rand@0.8.5", "slog@2.8.2", "thiserror@1.0.69" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "raft-proto@0.7.0", "Name": "raft-proto", "Identifier": { "PURL": "pkg:cargo/raft-proto@0.7.0", "UID": "15a304d5ab341905", "BOMRef": "pkg:cargo/raft-proto@0.7.0" }, "Version": "0.7.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "lazy_static@1.5.0", "prost@0.11.9", "protobuf@2.28.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand@0.7.3", "Name": "rand", "Identifier": { "PURL": "pkg:cargo/rand@0.7.3", "UID": "252b322b06e5c27a", "BOMRef": "pkg:cargo/rand@0.7.3" }, "Version": "0.7.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "getrandom@0.1.16", "libc@0.2.174", "rand_chacha@0.2.2", "rand_core@0.5.1", "rand_hc@0.2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand@0.8.5", "Name": "rand", "Identifier": { "PURL": "pkg:cargo/rand@0.8.5", "UID": "2e8d64ee2aa4fc2a", "BOMRef": "pkg:cargo/rand@0.8.5" }, "Version": "0.8.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "rand_chacha@0.3.1", "rand_core@0.6.4", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand@0.9.2", "Name": "rand", "Identifier": { "PURL": "pkg:cargo/rand@0.9.2", "UID": "bab64316d43c595f", "BOMRef": "pkg:cargo/rand@0.9.2" }, "Version": "0.9.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rand_chacha@0.9.0", "rand_core@0.9.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand_chacha@0.2.2", "Name": "rand_chacha", "Identifier": { "PURL": "pkg:cargo/rand_chacha@0.2.2", "UID": "e3c3c44fcb368834", "BOMRef": "pkg:cargo/rand_chacha@0.2.2" }, "Version": "0.2.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ppv-lite86@0.2.17", "rand_core@0.5.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand_chacha@0.3.1", "Name": "rand_chacha", "Identifier": { "PURL": "pkg:cargo/rand_chacha@0.3.1", "UID": "dc8e3173443d9293", "BOMRef": "pkg:cargo/rand_chacha@0.3.1" }, "Version": "0.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ppv-lite86@0.2.17", "rand_core@0.6.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand_chacha@0.9.0", "Name": "rand_chacha", "Identifier": { "PURL": "pkg:cargo/rand_chacha@0.9.0", "UID": "245ec5c4727e563f", "BOMRef": "pkg:cargo/rand_chacha@0.9.0" }, "Version": "0.9.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ppv-lite86@0.2.17", "rand_core@0.9.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand_core@0.5.1", "Name": "rand_core", "Identifier": { "PURL": "pkg:cargo/rand_core@0.5.1", "UID": "c81e2614bfae4f77", "BOMRef": "pkg:cargo/rand_core@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "getrandom@0.1.16" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand_core@0.6.4", "Name": "rand_core", "Identifier": { "PURL": "pkg:cargo/rand_core@0.6.4", "UID": "7a5843202fb42daa", "BOMRef": "pkg:cargo/rand_core@0.6.4" }, "Version": "0.6.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "getrandom@0.2.11", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand_core@0.9.0", "Name": "rand_core", "Identifier": { "PURL": "pkg:cargo/rand_core@0.9.0", "UID": "29d09b98e9b2eba", "BOMRef": "pkg:cargo/rand_core@0.9.0" }, "Version": "0.9.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "getrandom@0.3.0", "zerocopy@0.8.31" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand_distr@0.5.1", "Name": "rand_distr", "Identifier": { "PURL": "pkg:cargo/rand_distr@0.5.1", "UID": "526cfae939fc9c9e", "BOMRef": "pkg:cargo/rand_distr@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "num-traits@0.2.19", "rand@0.9.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rand_hc@0.2.0", "Name": "rand_hc", "Identifier": { "PURL": "pkg:cargo/rand_hc@0.2.0", "UID": "a68bbcd8da1d25b8", "BOMRef": "pkg:cargo/rand_hc@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rand_core@0.5.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rayon@1.11.0", "Name": "rayon", "Identifier": { "PURL": "pkg:cargo/rayon@1.11.0", "UID": "9ebe2090c9325203", "BOMRef": "pkg:cargo/rayon@1.11.0" }, "Version": "1.11.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "either@1.13.0", "rayon-core@1.13.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rayon-core@1.13.0", "Name": "rayon-core", "Identifier": { "PURL": "pkg:cargo/rayon-core@1.13.0", "UID": "f61f3e995c91028", "BOMRef": "pkg:cargo/rayon-core@1.13.0" }, "Version": "1.13.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "crossbeam-deque@0.8.2", "crossbeam-utils@0.8.20" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "redox_syscall@0.2.16", "Name": "redox_syscall", "Identifier": { "PURL": "pkg:cargo/redox_syscall@0.2.16", "UID": "b5289ea609f4a112", "BOMRef": "pkg:cargo/redox_syscall@0.2.16" }, "Version": "0.2.16", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@1.3.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "redox_syscall@0.5.12", "Name": "redox_syscall", "Identifier": { "PURL": "pkg:cargo/redox_syscall@0.5.12", "UID": "bf88be6f2db23691", "BOMRef": "pkg:cargo/redox_syscall@0.5.12" }, "Version": "0.5.12", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@2.9.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "regex@1.11.0", "Name": "regex", "Identifier": { "PURL": "pkg:cargo/regex@1.11.0", "UID": "c9783b435176573a", "BOMRef": "pkg:cargo/regex@1.11.0" }, "Version": "1.11.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "aho-corasick@1.1.3", "memchr@2.7.4", "regex-automata@0.4.8", "regex-syntax@0.8.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "regex-automata@0.4.8", "Name": "regex-automata", "Identifier": { "PURL": "pkg:cargo/regex-automata@0.4.8", "UID": "8cd9ae22f0173831", "BOMRef": "pkg:cargo/regex-automata@0.4.8" }, "Version": "0.4.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "aho-corasick@1.1.3", "memchr@2.7.4", "regex-syntax@0.8.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "regex-lite@0.1.5", "Name": "regex-lite", "Identifier": { "PURL": "pkg:cargo/regex-lite@0.1.5", "UID": "481059c684c48ddf", "BOMRef": "pkg:cargo/regex-lite@0.1.5" }, "Version": "0.1.5", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "regex-syntax@0.8.5", "Name": "regex-syntax", "Identifier": { "PURL": "pkg:cargo/regex-syntax@0.8.5", "UID": "294cff1fe8f4d84e", "BOMRef": "pkg:cargo/regex-syntax@0.8.5" }, "Version": "0.8.5", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "reqwest@0.12.24", "Name": "reqwest", "Identifier": { "PURL": "pkg:cargo/reqwest@0.12.24", "UID": "c016990501f47f6e", "BOMRef": "pkg:cargo/reqwest@0.12.24" }, "Version": "0.12.24", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "base64@0.22.0", "bytes@1.10.1", "futures-channel@0.3.31", "futures-core@0.3.31", "futures-util@0.3.31", "h2@0.4.4", "http-body-util@0.1.2", "http-body@1.0.0", "http@1.3.1", "hyper-rustls@0.27.2", "hyper-util@0.1.13", "hyper@1.6.0", "js-sys@0.3.77", "log@0.4.28", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "quinn@0.11.2", "rustls-native-certs@0.8.0", "rustls-pki-types@1.12.0", "rustls@0.23.35", "serde@1.0.226", "serde_json@1.0.145", "serde_urlencoded@0.7.1", "sync_wrapper@1.0.1", "tokio-rustls@0.26.0", "tokio-util@0.7.16", "tokio@1.48.0", "tower-http@0.6.6", "tower-service@0.3.3", "tower@0.5.2", "url@2.5.7", "wasm-bindgen-futures@0.4.42", "wasm-bindgen@0.2.100", "wasm-streams@0.4.0", "web-sys@0.3.69", "webpki-roots@1.0.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rfc6979@0.4.0", "Name": "rfc6979", "Identifier": { "PURL": "pkg:cargo/rfc6979@0.4.0", "UID": "210285b138011b57", "BOMRef": "pkg:cargo/rfc6979@0.4.0" }, "Version": "0.4.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "hmac@0.12.1", "subtle@2.5.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ring@0.17.13", "Name": "ring", "Identifier": { "PURL": "pkg:cargo/ring@0.17.13", "UID": "4d57550257f9441", "BOMRef": "pkg:cargo/ring@0.17.13" }, "Version": "0.17.13", "Licenses": [ "Apache-2.0 AND ISC" ], "DependsOn": [ "cfg-if@1.0.0", "getrandom@0.2.11", "libc@0.2.174", "untrusted@0.9.0", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ringbuffer@0.16.0", "Name": "ringbuffer", "Identifier": { "PURL": "pkg:cargo/ringbuffer@0.16.0", "UID": "357cc426ef1de1de", "BOMRef": "pkg:cargo/ringbuffer@0.16.0" }, "Version": "0.16.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rle-decode-fast@1.0.3", "Name": "rle-decode-fast", "Identifier": { "PURL": "pkg:cargo/rle-decode-fast@1.0.3", "UID": "fc3f1814954c4a93", "BOMRef": "pkg:cargo/rle-decode-fast@1.0.3" }, "Version": "1.0.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rmp@0.8.14", "Name": "rmp", "Identifier": { "PURL": "pkg:cargo/rmp@0.8.14", "UID": "7189d1662a591b74", "BOMRef": "pkg:cargo/rmp@0.8.14" }, "Version": "0.8.14", "Licenses": [ "MIT" ], "DependsOn": [ "byteorder@1.5.0", "num-traits@0.2.19", "paste@1.0.11" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rmp-serde@1.3.0", "Name": "rmp-serde", "Identifier": { "PURL": "pkg:cargo/rmp-serde@1.3.0", "UID": "137088be4cd57782", "BOMRef": "pkg:cargo/rmp-serde@1.3.0" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "byteorder@1.5.0", "rmp@0.8.14", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "roaring@0.11.2", "Name": "roaring", "Identifier": { "PURL": "pkg:cargo/roaring@0.11.2", "UID": "18177895ba8ded18", "BOMRef": "pkg:cargo/roaring@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytemuck@1.24.0", "byteorder@1.5.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "robust@1.1.0", "Name": "robust", "Identifier": { "PURL": "pkg:cargo/robust@1.1.0", "UID": "c000271d90fc4a49", "BOMRef": "pkg:cargo/robust@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rocksdb@0.24.0", "Name": "rocksdb", "Identifier": { "PURL": "pkg:cargo/rocksdb@0.24.0", "UID": "e85d10d50340cac6", "BOMRef": "pkg:cargo/rocksdb@0.24.0" }, "Version": "0.24.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "librocksdb-sys@0.17.3+10.4.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rsa@0.9.8", "Name": "rsa", "Identifier": { "PURL": "pkg:cargo/rsa@0.9.8", "UID": "c91588852fc574fc", "BOMRef": "pkg:cargo/rsa@0.9.8" }, "Version": "0.9.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "const-oid@0.9.6", "digest@0.10.7", "num-bigint-dig@0.8.4", "num-integer@0.1.46", "num-traits@0.2.19", "pkcs1@0.7.5", "pkcs8@0.10.2", "rand_core@0.6.4", "signature@2.2.0", "spki@0.7.3", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rstack@0.3.3", "Name": "rstack", "Identifier": { "PURL": "pkg:cargo/rstack@0.3.3", "UID": "4455d817eb883f25", "BOMRef": "pkg:cargo/rstack@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "libc@0.2.174", "log@0.4.28", "unwind@0.4.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rstack-self@0.3.0", "Name": "rstack-self", "Identifier": { "PURL": "pkg:cargo/rstack-self@0.3.0", "UID": "a0377bfda6e5d4a9", "BOMRef": "pkg:cargo/rstack-self@0.3.0" }, "Version": "0.3.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "antidote@1.0.0", "backtrace@0.3.67", "bincode@1.3.3", "lazy_static@1.5.0", "libc@0.2.174", "rstack@0.3.3", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rstar@0.12.0", "Name": "rstar", "Identifier": { "PURL": "pkg:cargo/rstar@0.12.0", "UID": "be56c23f418191a0", "BOMRef": "pkg:cargo/rstar@0.12.0" }, "Version": "0.12.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "heapless@0.8.0", "num-traits@0.2.19", "smallvec@1.15.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustc-demangle@0.1.21", "Name": "rustc-demangle", "Identifier": { "PURL": "pkg:cargo/rustc-demangle@0.1.21", "UID": "e40bcb417d3a38f3", "BOMRef": "pkg:cargo/rustc-demangle@0.1.21" }, "Version": "0.1.21", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustc-hash@1.1.0", "Name": "rustc-hash", "Identifier": { "PURL": "pkg:cargo/rustc-hash@1.1.0", "UID": "93321e85bb8b2309", "BOMRef": "pkg:cargo/rustc-hash@1.1.0" }, "Version": "1.1.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustc-hash@2.1.1", "Name": "rustc-hash", "Identifier": { "PURL": "pkg:cargo/rustc-hash@2.1.1", "UID": "7bb93c1a79b12ebe", "BOMRef": "pkg:cargo/rustc-hash@2.1.1" }, "Version": "2.1.1", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustix@0.38.40", "Name": "rustix", "Identifier": { "PURL": "pkg:cargo/rustix@0.38.40", "UID": "1945a9d021f8d3ae", "BOMRef": "pkg:cargo/rustix@0.38.40" }, "Version": "0.38.40", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "DependsOn": [ "bitflags@2.9.1", "errno@0.3.10", "libc@0.2.174", "linux-raw-sys@0.4.14", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustix@1.0.2", "Name": "rustix", "Identifier": { "PURL": "pkg:cargo/rustix@1.0.2", "UID": "429c875e84831be7", "BOMRef": "pkg:cargo/rustix@1.0.2" }, "Version": "1.0.2", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "DependsOn": [ "bitflags@2.9.1", "errno@0.3.10", "libc@0.2.174", "linux-raw-sys@0.9.2", "windows-sys@0.59.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustls@0.22.4", "Name": "rustls", "Identifier": { "PURL": "pkg:cargo/rustls@0.22.4", "UID": "f94d59b8ee876202", "BOMRef": "pkg:cargo/rustls@0.22.4" }, "Version": "0.22.4", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "log@0.4.28", "ring@0.17.13", "rustls-pki-types@1.12.0", "rustls-webpki@0.102.8", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustls@0.23.35", "Name": "rustls", "Identifier": { "PURL": "pkg:cargo/rustls@0.23.35", "UID": "b53d9eced948ad94", "BOMRef": "pkg:cargo/rustls@0.23.35" }, "Version": "0.23.35", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "log@0.4.28", "once_cell@1.21.3", "ring@0.17.13", "rustls-pki-types@1.12.0", "rustls-webpki@0.103.6", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustls-native-certs@0.7.0", "Name": "rustls-native-certs", "Identifier": { "PURL": "pkg:cargo/rustls-native-certs@0.7.0", "UID": "3ea9fc8e1a827d2c", "BOMRef": "pkg:cargo/rustls-native-certs@0.7.0" }, "Version": "0.7.0", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "openssl-probe@0.1.5", "rustls-pemfile@2.2.0", "rustls-pki-types@1.12.0", "schannel@0.1.23", "security-framework@2.10.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustls-native-certs@0.8.0", "Name": "rustls-native-certs", "Identifier": { "PURL": "pkg:cargo/rustls-native-certs@0.8.0", "UID": "a9bf4bc755200556", "BOMRef": "pkg:cargo/rustls-native-certs@0.8.0" }, "Version": "0.8.0", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "openssl-probe@0.1.5", "rustls-pemfile@2.2.0", "rustls-pki-types@1.12.0", "schannel@0.1.23", "security-framework@2.10.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustls-pemfile@2.2.0", "Name": "rustls-pemfile", "Identifier": { "PURL": "pkg:cargo/rustls-pemfile@2.2.0", "UID": "6349f11a7ce2d4fe", "BOMRef": "pkg:cargo/rustls-pemfile@2.2.0" }, "Version": "2.2.0", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "rustls-pki-types@1.12.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustls-pki-types@1.12.0", "Name": "rustls-pki-types", "Identifier": { "PURL": "pkg:cargo/rustls-pki-types@1.12.0", "UID": "9e1f0b3f42a870a6", "BOMRef": "pkg:cargo/rustls-pki-types@1.12.0" }, "Version": "1.12.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustls-webpki@0.102.8", "Name": "rustls-webpki", "Identifier": { "PURL": "pkg:cargo/rustls-webpki@0.102.8", "UID": "24c33cb303bb0514", "BOMRef": "pkg:cargo/rustls-webpki@0.102.8" }, "Version": "0.102.8", "Licenses": [ "ISC" ], "DependsOn": [ "ring@0.17.13", "rustls-pki-types@1.12.0", "untrusted@0.9.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustls-webpki@0.103.6", "Name": "rustls-webpki", "Identifier": { "PURL": "pkg:cargo/rustls-webpki@0.103.6", "UID": "23a0693de6fc1658", "BOMRef": "pkg:cargo/rustls-webpki@0.103.6" }, "Version": "0.103.6", "Licenses": [ "ISC" ], "DependsOn": [ "ring@0.17.13", "rustls-pki-types@1.12.0", "untrusted@0.9.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "rustversion@1.0.11", "Name": "rustversion", "Identifier": { "PURL": "pkg:cargo/rustversion@1.0.11", "UID": "cfbdd1189d456265", "BOMRef": "pkg:cargo/rustversion@1.0.11" }, "Version": "1.0.11", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "ryu@1.0.12", "Name": "ryu", "Identifier": { "PURL": "pkg:cargo/ryu@1.0.12", "UID": "6d89387c4238d6fe", "BOMRef": "pkg:cargo/ryu@1.0.12" }, "Version": "1.0.12", "Licenses": [ "Apache-2.0 OR BSL-1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "same-file@1.0.6", "Name": "same-file", "Identifier": { "PURL": "pkg:cargo/same-file@1.0.6", "UID": "97015023eeef683", "BOMRef": "pkg:cargo/same-file@1.0.6" }, "Version": "1.0.6", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "winapi-util@0.1.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "scc@2.4.0", "Name": "scc", "Identifier": { "PURL": "pkg:cargo/scc@2.4.0", "UID": "92a58f7c21583005", "BOMRef": "pkg:cargo/scc@2.4.0" }, "Version": "2.4.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "sdd@3.0.10" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "schannel@0.1.23", "Name": "schannel", "Identifier": { "PURL": "pkg:cargo/schannel@0.1.23", "UID": "aafc58da2cc5ef60", "BOMRef": "pkg:cargo/schannel@0.1.23" }, "Version": "0.1.23", "Licenses": [ "MIT" ], "DependsOn": [ "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "schemars@0.8.22", "Name": "schemars", "Identifier": { "PURL": "pkg:cargo/schemars@0.8.22", "UID": "21453a47b75a8ec2", "BOMRef": "pkg:cargo/schemars@0.8.22" }, "Version": "0.8.22", "Licenses": [ "MIT" ], "DependsOn": [ "chrono@0.4.42", "dyn-clone@1.0.10", "indexmap@1.9.2", "indexmap@2.11.4", "schemars_derive@0.8.22", "serde@1.0.226", "serde_json@1.0.145", "url@2.5.7", "uuid@1.18.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "schemars_derive@0.8.22", "Name": "schemars_derive", "Identifier": { "PURL": "pkg:cargo/schemars_derive@0.8.22", "UID": "b7809f6cc0915505", "BOMRef": "pkg:cargo/schemars_derive@0.8.22" }, "Version": "0.8.22", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "serde_derive_internals@0.29.0", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "scoped-tls@1.0.1", "Name": "scoped-tls", "Identifier": { "PURL": "pkg:cargo/scoped-tls@1.0.1", "UID": "ed62573e17a90fe7", "BOMRef": "pkg:cargo/scoped-tls@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "scopeguard@1.1.0", "Name": "scopeguard", "Identifier": { "PURL": "pkg:cargo/scopeguard@1.1.0", "UID": "ba97dffd2556ad11", "BOMRef": "pkg:cargo/scopeguard@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "sdd@3.0.10", "Name": "sdd", "Identifier": { "PURL": "pkg:cargo/sdd@3.0.10", "UID": "56966e3889564a0d", "BOMRef": "pkg:cargo/sdd@3.0.10" }, "Version": "3.0.10", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "seahash@4.1.0", "Name": "seahash", "Identifier": { "PURL": "pkg:cargo/seahash@4.1.0", "UID": "75959667100041d2", "BOMRef": "pkg:cargo/seahash@4.1.0" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "sec1@0.7.3", "Name": "sec1", "Identifier": { "PURL": "pkg:cargo/sec1@0.7.3", "UID": "2f904d197a1be241", "BOMRef": "pkg:cargo/sec1@0.7.3" }, "Version": "0.7.3", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "base16ct@0.2.0", "der@0.7.10", "generic-array@0.14.9", "pkcs8@0.10.2", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "security-framework@2.10.0", "Name": "security-framework", "Identifier": { "PURL": "pkg:cargo/security-framework@2.10.0", "UID": "f753edfbf9b20f3", "BOMRef": "pkg:cargo/security-framework@2.10.0" }, "Version": "2.10.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bitflags@1.3.2", "core-foundation-sys@0.8.7", "core-foundation@0.9.4", "libc@0.2.174", "security-framework-sys@2.11.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "security-framework-sys@2.11.0", "Name": "security-framework-sys", "Identifier": { "PURL": "pkg:cargo/security-framework-sys@2.11.0", "UID": "1e3390c7d856bfeb", "BOMRef": "pkg:cargo/security-framework-sys@2.11.0" }, "Version": "2.11.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "core-foundation-sys@0.8.7", "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "seedable_hash@0.1.1", "Name": "seedable_hash", "Identifier": { "PURL": "pkg:cargo/seedable_hash@0.1.1", "UID": "ae8835b09a5807f8", "BOMRef": "pkg:cargo/seedable_hash@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "wyhash@0.5.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "self_cell@1.2.0", "Name": "self_cell", "Identifier": { "PURL": "pkg:cargo/self_cell@1.2.0", "UID": "45b5869331f906c4", "BOMRef": "pkg:cargo/self_cell@1.2.0" }, "Version": "1.2.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "semver@1.0.27", "Name": "semver", "Identifier": { "PURL": "pkg:cargo/semver@1.0.27", "UID": "23aea6340dfb5c14", "BOMRef": "pkg:cargo/semver@1.0.27" }, "Version": "1.0.27", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde@1.0.226", "serde_core@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde@1.0.226", "Name": "serde", "Identifier": { "PURL": "pkg:cargo/serde@1.0.226", "UID": "acbc618aa04ee6de", "BOMRef": "pkg:cargo/serde@1.0.226" }, "Version": "1.0.226", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde_core@1.0.226", "serde_derive@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde-untagged@0.1.9", "Name": "serde-untagged", "Identifier": { "PURL": "pkg:cargo/serde-untagged@0.1.9", "UID": "622b9bbad529c4f8", "BOMRef": "pkg:cargo/serde-untagged@0.1.9" }, "Version": "0.1.9", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "erased-serde@0.4.2", "serde@1.0.226", "serde_core@1.0.226", "typeid@1.0.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde-value@0.7.0", "Name": "serde-value", "Identifier": { "PURL": "pkg:cargo/serde-value@0.7.0", "UID": "5387e6fc7daa30cc", "BOMRef": "pkg:cargo/serde-value@0.7.0" }, "Version": "0.7.0", "Licenses": [ "MIT" ], "DependsOn": [ "ordered-float@2.10.1", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde_cbor@0.11.2", "Name": "serde_cbor", "Identifier": { "PURL": "pkg:cargo/serde_cbor@0.11.2", "UID": "10b19708db2ad335", "BOMRef": "pkg:cargo/serde_cbor@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "half@1.8.2", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde_core@1.0.226", "Name": "serde_core", "Identifier": { "PURL": "pkg:cargo/serde_core@1.0.226", "UID": "dde4f38e6409d5c", "BOMRef": "pkg:cargo/serde_core@1.0.226" }, "Version": "1.0.226", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde_derive@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde_derive@1.0.226", "Name": "serde_derive", "Identifier": { "PURL": "pkg:cargo/serde_derive@1.0.226", "UID": "18007e4f2849a80a", "BOMRef": "pkg:cargo/serde_derive@1.0.226" }, "Version": "1.0.226", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde_derive_internals@0.29.0", "Name": "serde_derive_internals", "Identifier": { "PURL": "pkg:cargo/serde_derive_internals@0.29.0", "UID": "5eeeba30e69c2b44", "BOMRef": "pkg:cargo/serde_derive_internals@0.29.0" }, "Version": "0.29.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde_json@1.0.145", "Name": "serde_json", "Identifier": { "PURL": "pkg:cargo/serde_json@1.0.145", "UID": "9f5ce4eb141f5dfb", "BOMRef": "pkg:cargo/serde_json@1.0.145" }, "Version": "1.0.145", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "indexmap@2.11.4", "itoa@1.0.5", "memchr@2.7.4", "ryu@1.0.12", "serde@1.0.226", "serde_core@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde_plain@1.0.1", "Name": "serde_plain", "Identifier": { "PURL": "pkg:cargo/serde_plain@1.0.1", "UID": "76ac9efef7aa6d67", "BOMRef": "pkg:cargo/serde_plain@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde_qs@0.13.0", "Name": "serde_qs", "Identifier": { "PURL": "pkg:cargo/serde_qs@0.13.0", "UID": "f528020fbc8d1ec4", "BOMRef": "pkg:cargo/serde_qs@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-web@4.11.0", "futures@0.3.31", "percent-encoding@2.3.2", "serde@1.0.226", "thiserror@1.0.69" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde_urlencoded@0.7.1", "Name": "serde_urlencoded", "Identifier": { "PURL": "pkg:cargo/serde_urlencoded@0.7.1", "UID": "bf8949671c552753", "BOMRef": "pkg:cargo/serde_urlencoded@0.7.1" }, "Version": "0.7.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "form_urlencoded@1.2.2", "itoa@1.0.5", "ryu@1.0.12", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serde_variant@0.1.3", "Name": "serde_variant", "Identifier": { "PURL": "pkg:cargo/serde_variant@0.1.3", "UID": "e60df58c57b161ad", "BOMRef": "pkg:cargo/serde_variant@0.1.3" }, "Version": "0.1.3", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serial_test@3.2.0", "Name": "serial_test", "Identifier": { "PURL": "pkg:cargo/serial_test@3.2.0", "UID": "81e932323db8e1fe", "BOMRef": "pkg:cargo/serial_test@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "once_cell@1.21.3", "parking_lot@0.12.5", "scc@2.4.0", "serial_test_derive@3.2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "serial_test_derive@3.2.0", "Name": "serial_test_derive", "Identifier": { "PURL": "pkg:cargo/serial_test_derive@3.2.0", "UID": "b10e696fc14dbad3", "BOMRef": "pkg:cargo/serial_test_derive@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "sha1@0.10.5", "Name": "sha1", "Identifier": { "PURL": "pkg:cargo/sha1@0.10.5", "UID": "3fec6e1e1151656b", "BOMRef": "pkg:cargo/sha1@0.10.5" }, "Version": "0.10.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "cpufeatures@0.2.17", "digest@0.10.7" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "sha2@0.10.9", "Name": "sha2", "Identifier": { "PURL": "pkg:cargo/sha2@0.10.9", "UID": "9834d199cdb49c08", "BOMRef": "pkg:cargo/sha2@0.10.9" }, "Version": "0.10.9", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "cpufeatures@0.2.17", "digest@0.10.7" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "shaderc@0.10.1", "Name": "shaderc", "Identifier": { "PURL": "pkg:cargo/shaderc@0.10.1", "UID": "5e9c2a9853ad1c63", "BOMRef": "pkg:cargo/shaderc@0.10.1" }, "Version": "0.10.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "shaderc-sys@0.10.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "shaderc-sys@0.10.1", "Name": "shaderc-sys", "Identifier": { "PURL": "pkg:cargo/shaderc-sys@0.10.1", "UID": "838a61d25038696a", "BOMRef": "pkg:cargo/shaderc-sys@0.10.1" }, "Version": "0.10.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "link-cplusplus@1.0.8" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "sharded-slab@0.1.4", "Name": "sharded-slab", "Identifier": { "PURL": "pkg:cargo/sharded-slab@0.1.4", "UID": "ef5ad20de78b5061", "BOMRef": "pkg:cargo/sharded-slab@0.1.4" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "lazy_static@1.5.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "signal-hook-registry@1.4.0", "Name": "signal-hook-registry", "Identifier": { "PURL": "pkg:cargo/signal-hook-registry@1.4.0", "UID": "f74491c35c991e5a", "BOMRef": "pkg:cargo/signal-hook-registry@1.4.0" }, "Version": "1.4.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "signature@2.2.0", "Name": "signature", "Identifier": { "PURL": "pkg:cargo/signature@2.2.0", "UID": "8fca718dcc1bd6eb", "BOMRef": "pkg:cargo/signature@2.2.0" }, "Version": "2.2.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "digest@0.10.7", "rand_core@0.6.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "simd-adler32@0.3.7", "Name": "simd-adler32", "Identifier": { "PURL": "pkg:cargo/simd-adler32@0.3.7", "UID": "922484ebb75f1119", "BOMRef": "pkg:cargo/simd-adler32@0.3.7" }, "Version": "0.3.7", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "simple_asn1@0.6.2", "Name": "simple_asn1", "Identifier": { "PURL": "pkg:cargo/simple_asn1@0.6.2", "UID": "c772b28bec6a71bf", "BOMRef": "pkg:cargo/simple_asn1@0.6.2" }, "Version": "0.6.2", "Licenses": [ "ISC" ], "DependsOn": [ "num-bigint@0.4.4", "num-traits@0.2.19", "thiserror@1.0.69", "time@0.3.17" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "siphasher@0.3.10", "Name": "siphasher", "Identifier": { "PURL": "pkg:cargo/siphasher@0.3.10", "UID": "4cc30db8f3521428", "BOMRef": "pkg:cargo/siphasher@0.3.10" }, "Version": "0.3.10", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "siphasher@1.0.1", "Name": "siphasher", "Identifier": { "PURL": "pkg:cargo/siphasher@1.0.1", "UID": "51909d4f78862680", "BOMRef": "pkg:cargo/siphasher@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "slab@0.4.11", "Name": "slab", "Identifier": { "PURL": "pkg:cargo/slab@0.4.11", "UID": "dd75be12cf983fd", "BOMRef": "pkg:cargo/slab@0.4.11" }, "Version": "0.4.11", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "slice-group-by@0.3.1", "Name": "slice-group-by", "Identifier": { "PURL": "pkg:cargo/slice-group-by@0.3.1", "UID": "86843142cdab53d2", "BOMRef": "pkg:cargo/slice-group-by@0.3.1" }, "Version": "0.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "slog@2.8.2", "Name": "slog", "Identifier": { "PURL": "pkg:cargo/slog@2.8.2", "UID": "e046eb6baeb3f8b2", "BOMRef": "pkg:cargo/slog@2.8.2" }, "Version": "2.8.2", "Licenses": [ "MPL-2.0 OR MIT OR Apache-2.0" ], "DependsOn": [ "anyhow@1.0.100", "erased-serde@0.3.31", "serde_core@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "slog-scope@4.4.0", "Name": "slog-scope", "Identifier": { "PURL": "pkg:cargo/slog-scope@4.4.0", "UID": "f1645eb27c174d5e", "BOMRef": "pkg:cargo/slog-scope@4.4.0" }, "Version": "4.4.0", "Licenses": [ "MPL-2.0 OR MIT OR Apache-2.0" ], "DependsOn": [ "arc-swap@1.7.1", "lazy_static@1.5.0", "slog@2.8.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "slog-stdlog@4.1.1", "Name": "slog-stdlog", "Identifier": { "PURL": "pkg:cargo/slog-stdlog@4.1.1", "UID": "95e7b9d4ae6997d3", "BOMRef": "pkg:cargo/slog-stdlog@4.1.1" }, "Version": "4.1.1", "Licenses": [ "MPL-2.0 OR MIT OR Apache-2.0" ], "DependsOn": [ "log@0.4.28", "slog-scope@4.4.0", "slog@2.8.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "smallvec@1.15.1", "Name": "smallvec", "Identifier": { "PURL": "pkg:cargo/smallvec@1.15.1", "UID": "f14b6fd85c658f34", "BOMRef": "pkg:cargo/smallvec@1.15.1" }, "Version": "1.15.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "socket2@0.4.9", "Name": "socket2", "Identifier": { "PURL": "pkg:cargo/socket2@0.4.9", "UID": "abc8d63d591038e7", "BOMRef": "pkg:cargo/socket2@0.4.9" }, "Version": "0.4.9", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "winapi@0.3.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "socket2@0.5.10", "Name": "socket2", "Identifier": { "PURL": "pkg:cargo/socket2@0.5.10", "UID": "b25e41552d4e2342", "BOMRef": "pkg:cargo/socket2@0.5.10" }, "Version": "0.5.10", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "socket2@0.6.0", "Name": "socket2", "Identifier": { "PURL": "pkg:cargo/socket2@0.6.0", "UID": "ef564fd10a303c5", "BOMRef": "pkg:cargo/socket2@0.6.0" }, "Version": "0.6.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "windows-sys@0.59.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "spade@2.12.1", "Name": "spade", "Identifier": { "PURL": "pkg:cargo/spade@2.12.1", "UID": "8b2e70dd42302622", "BOMRef": "pkg:cargo/spade@2.12.1" }, "Version": "2.12.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hashbrown@0.14.2", "num-traits@0.2.19", "robust@1.1.0", "smallvec@1.15.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "spin@0.9.8", "Name": "spin", "Identifier": { "PURL": "pkg:cargo/spin@0.9.8", "UID": "ca20f70115ee8c64", "BOMRef": "pkg:cargo/spin@0.9.8" }, "Version": "0.9.8", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "spki@0.7.3", "Name": "spki", "Identifier": { "PURL": "pkg:cargo/spki@0.7.3", "UID": "6c3be427fe96add7", "BOMRef": "pkg:cargo/spki@0.7.3" }, "Version": "0.7.3", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "base64ct@1.8.0", "der@0.7.10" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "stable_deref_trait@1.2.0", "Name": "stable_deref_trait", "Identifier": { "PURL": "pkg:cargo/stable_deref_trait@1.2.0", "UID": "2cfc6049cc3797cd", "BOMRef": "pkg:cargo/stable_deref_trait@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "strsim@0.10.0", "Name": "strsim", "Identifier": { "PURL": "pkg:cargo/strsim@0.10.0", "UID": "e96c64622bc74db6", "BOMRef": "pkg:cargo/strsim@0.10.0" }, "Version": "0.10.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "strsim@0.11.0", "Name": "strsim", "Identifier": { "PURL": "pkg:cargo/strsim@0.11.0", "UID": "56933ad2e1eb843b", "BOMRef": "pkg:cargo/strsim@0.11.0" }, "Version": "0.11.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "strum@0.27.2", "Name": "strum", "Identifier": { "PURL": "pkg:cargo/strum@0.27.2", "UID": "1b2029ac6b57d126", "BOMRef": "pkg:cargo/strum@0.27.2" }, "Version": "0.27.2", "Licenses": [ "MIT" ], "DependsOn": [ "strum_macros@0.27.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "strum_macros@0.27.1", "Name": "strum_macros", "Identifier": { "PURL": "pkg:cargo/strum_macros@0.27.1", "UID": "470bc5cf1e24e6ce", "BOMRef": "pkg:cargo/strum_macros@0.27.1" }, "Version": "0.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "heck@0.5.0", "proc-macro2@1.0.101", "quote@1.0.42", "rustversion@1.0.11", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "subtle@2.5.0", "Name": "subtle", "Identifier": { "PURL": "pkg:cargo/subtle@2.5.0", "UID": "59c0306ca222198d", "BOMRef": "pkg:cargo/subtle@2.5.0" }, "Version": "2.5.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "symbolic-common@12.12.3", "Name": "symbolic-common", "Identifier": { "PURL": "pkg:cargo/symbolic-common@12.12.3", "UID": "5765b0bf74e61b20", "BOMRef": "pkg:cargo/symbolic-common@12.12.3" }, "Version": "12.12.3", "Licenses": [ "MIT" ], "DependsOn": [ "debugid@0.8.0", "memmap2@0.9.8", "stable_deref_trait@1.2.0", "uuid@1.18.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "symbolic-demangle@12.12.3", "Name": "symbolic-demangle", "Identifier": { "PURL": "pkg:cargo/symbolic-demangle@12.12.3", "UID": "7086ad6153cc0218", "BOMRef": "pkg:cargo/symbolic-demangle@12.12.3" }, "Version": "12.12.3", "Licenses": [ "MIT" ], "DependsOn": [ "cpp_demangle@0.4.2", "rustc-demangle@0.1.21", "symbolic-common@12.12.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "syn@1.0.107", "Name": "syn", "Identifier": { "PURL": "pkg:cargo/syn@1.0.107", "UID": "37e8f624569d7f26", "BOMRef": "pkg:cargo/syn@1.0.107" }, "Version": "1.0.107", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "unicode-ident@1.0.13" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "syn@2.0.111", "Name": "syn", "Identifier": { "PURL": "pkg:cargo/syn@2.0.111", "UID": "4f1881215a1493b4", "BOMRef": "pkg:cargo/syn@2.0.111" }, "Version": "2.0.111", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "unicode-ident@1.0.13" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "sync_wrapper@0.1.2", "Name": "sync_wrapper", "Identifier": { "PURL": "pkg:cargo/sync_wrapper@0.1.2", "UID": "f9148adb33fa0860", "BOMRef": "pkg:cargo/sync_wrapper@0.1.2" }, "Version": "0.1.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "sync_wrapper@1.0.1", "Name": "sync_wrapper", "Identifier": { "PURL": "pkg:cargo/sync_wrapper@1.0.1", "UID": "190b13c0e4219d87", "BOMRef": "pkg:cargo/sync_wrapper@1.0.1" }, "Version": "1.0.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "synstructure@0.13.1", "Name": "synstructure", "Identifier": { "PURL": "pkg:cargo/synstructure@0.13.1", "UID": "494df26ed2799d00", "BOMRef": "pkg:cargo/synstructure@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "sys-info@0.9.1", "Name": "sys-info", "Identifier": { "PURL": "pkg:cargo/sys-info@0.9.1", "UID": "78f018e3e81ffea4", "BOMRef": "pkg:cargo/sys-info@0.9.1" }, "Version": "0.9.1", "Licenses": [ "MIT" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "sysinfo@0.37.2", "Name": "sysinfo", "Identifier": { "PURL": "pkg:cargo/sysinfo@0.37.2", "UID": "85863043470ec34c", "BOMRef": "pkg:cargo/sysinfo@0.37.2" }, "Version": "0.37.2", "Licenses": [ "MIT" ], "DependsOn": [ "libc@0.2.174", "memchr@2.7.4", "ntapi@0.4.1", "objc2-core-foundation@0.3.1", "objc2-io-kit@0.3.1", "windows@0.61.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tap@1.0.1", "Name": "tap", "Identifier": { "PURL": "pkg:cargo/tap@1.0.1", "UID": "57c2ee40edd3c5b3", "BOMRef": "pkg:cargo/tap@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "target-lexicon@0.13.3", "Name": "target-lexicon", "Identifier": { "PURL": "pkg:cargo/target-lexicon@0.13.3", "UID": "c1fb1fe1656ac5d0", "BOMRef": "pkg:cargo/target-lexicon@0.13.3" }, "Version": "0.13.3", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tempfile@3.23.0", "Name": "tempfile", "Identifier": { "PURL": "pkg:cargo/tempfile@3.23.0", "UID": "449fa666632f5bf7", "BOMRef": "pkg:cargo/tempfile@3.23.0" }, "Version": "3.23.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "fastrand@2.2.0", "getrandom@0.3.0", "once_cell@1.21.3", "rustix@1.0.2", "windows-sys@0.60.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "thiserror@1.0.69", "Name": "thiserror", "Identifier": { "PURL": "pkg:cargo/thiserror@1.0.69", "UID": "8b1e88e67423328", "BOMRef": "pkg:cargo/thiserror@1.0.69" }, "Version": "1.0.69", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "thiserror-impl@1.0.69" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "thiserror@2.0.17", "Name": "thiserror", "Identifier": { "PURL": "pkg:cargo/thiserror@2.0.17", "UID": "29a7c087c7a9c08c", "BOMRef": "pkg:cargo/thiserror@2.0.17" }, "Version": "2.0.17", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "thiserror-impl@2.0.17" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "thiserror-impl@1.0.69", "Name": "thiserror-impl", "Identifier": { "PURL": "pkg:cargo/thiserror-impl@1.0.69", "UID": "903cd12b4c9d3141", "BOMRef": "pkg:cargo/thiserror-impl@1.0.69" }, "Version": "1.0.69", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "thiserror-impl@2.0.17", "Name": "thiserror-impl", "Identifier": { "PURL": "pkg:cargo/thiserror-impl@2.0.17", "UID": "25023a3026f3f38d", "BOMRef": "pkg:cargo/thiserror-impl@2.0.17" }, "Version": "2.0.17", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "thread-priority@3.0.0", "Name": "thread-priority", "Identifier": { "PURL": "pkg:cargo/thread-priority@3.0.0", "UID": "87c56d7e740939a0", "BOMRef": "pkg:cargo/thread-priority@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@2.9.1", "cfg-if@1.0.0", "libc@0.2.174", "log@0.4.28", "rustversion@1.0.11", "windows@0.61.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "thread_local@1.1.7", "Name": "thread_local", "Identifier": { "PURL": "pkg:cargo/thread_local@1.1.7", "UID": "63d534388ed79113", "BOMRef": "pkg:cargo/thread_local@1.1.7" }, "Version": "1.1.7", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "once_cell@1.21.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tikv-jemalloc-ctl@0.6.0", "Name": "tikv-jemalloc-ctl", "Identifier": { "PURL": "pkg:cargo/tikv-jemalloc-ctl@0.6.0", "UID": "d9a6490c3bbbd49b", "BOMRef": "pkg:cargo/tikv-jemalloc-ctl@0.6.0" }, "Version": "0.6.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "paste@1.0.11", "tikv-jemalloc-sys@0.6.1+5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tikv-jemalloc-sys@0.6.1+5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7", "Name": "tikv-jemalloc-sys", "Identifier": { "PURL": "pkg:cargo/tikv-jemalloc-sys@0.6.1%2B5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7", "UID": "4651de92b0dcff13", "BOMRef": "pkg:cargo/tikv-jemalloc-sys@0.6.1%2B5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7" }, "Version": "0.6.1+5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tikv-jemallocator@0.6.1", "Name": "tikv-jemallocator", "Identifier": { "PURL": "pkg:cargo/tikv-jemallocator@0.6.1", "UID": "2c427409e125911a", "BOMRef": "pkg:cargo/tikv-jemallocator@0.6.1" }, "Version": "0.6.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "tikv-jemalloc-sys@0.6.1+5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "time@0.3.17", "Name": "time", "Identifier": { "PURL": "pkg:cargo/time@0.3.17", "UID": "63b08a9837dffdca", "BOMRef": "pkg:cargo/time@0.3.17" }, "Version": "0.3.17", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "itoa@1.0.5", "serde@1.0.226", "time-core@0.1.0", "time-macros@0.2.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "time-core@0.1.0", "Name": "time-core", "Identifier": { "PURL": "pkg:cargo/time-core@0.1.0", "UID": "cdb3359e7fe0e264", "BOMRef": "pkg:cargo/time-core@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "time-macros@0.2.6", "Name": "time-macros", "Identifier": { "PURL": "pkg:cargo/time-macros@0.2.6", "UID": "43086843b0d42042", "BOMRef": "pkg:cargo/time-macros@0.2.6" }, "Version": "0.2.6", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "time-core@0.1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tinystr@0.7.6", "Name": "tinystr", "Identifier": { "PURL": "pkg:cargo/tinystr@0.7.6", "UID": "6cfeb81686a13f71", "BOMRef": "pkg:cargo/tinystr@0.7.6" }, "Version": "0.7.6", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tinyvec@1.10.0", "Name": "tinyvec", "Identifier": { "PURL": "pkg:cargo/tinyvec@1.10.0", "UID": "e4c76aea2e6e5e8b", "BOMRef": "pkg:cargo/tinyvec@1.10.0" }, "Version": "1.10.0", "Licenses": [ "Zlib OR Apache-2.0 OR MIT" ], "DependsOn": [ "tinyvec_macros@0.1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tinyvec_macros@0.1.0", "Name": "tinyvec_macros", "Identifier": { "PURL": "pkg:cargo/tinyvec_macros@0.1.0", "UID": "599092916cfa067b", "BOMRef": "pkg:cargo/tinyvec_macros@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0 OR Zlib" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tokio@1.48.0", "Name": "tokio", "Identifier": { "PURL": "pkg:cargo/tokio@1.48.0", "UID": "34b964072dbabd72", "BOMRef": "pkg:cargo/tokio@1.48.0" }, "Version": "1.48.0", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "libc@0.2.174", "mio@1.0.1", "parking_lot@0.12.5", "pin-project-lite@0.2.12", "signal-hook-registry@1.4.0", "socket2@0.6.0", "tokio-macros@2.6.0", "tracing@0.1.43", "windows-sys@0.61.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tokio-io-timeout@1.2.0", "Name": "tokio-io-timeout", "Identifier": { "PURL": "pkg:cargo/tokio-io-timeout@1.2.0", "UID": "1da1e4df388e7437", "BOMRef": "pkg:cargo/tokio-io-timeout@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "pin-project-lite@0.2.12", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tokio-macros@2.6.0", "Name": "tokio-macros", "Identifier": { "PURL": "pkg:cargo/tokio-macros@2.6.0", "UID": "ad6ba5c1bd2da76e", "BOMRef": "pkg:cargo/tokio-macros@2.6.0" }, "Version": "2.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tokio-rustls@0.25.0", "Name": "tokio-rustls", "Identifier": { "PURL": "pkg:cargo/tokio-rustls@0.25.0", "UID": "aa5ebb8509567464", "BOMRef": "pkg:cargo/tokio-rustls@0.25.0" }, "Version": "0.25.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rustls-pki-types@1.12.0", "rustls@0.22.4", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tokio-rustls@0.26.0", "Name": "tokio-rustls", "Identifier": { "PURL": "pkg:cargo/tokio-rustls@0.26.0", "UID": "fd5065eb93bb7fe5", "BOMRef": "pkg:cargo/tokio-rustls@0.26.0" }, "Version": "0.26.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rustls-pki-types@1.12.0", "rustls@0.23.35", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tokio-stream@0.1.17", "Name": "tokio-stream", "Identifier": { "PURL": "pkg:cargo/tokio-stream@0.1.17", "UID": "eebf5d4f6de1d5ac", "BOMRef": "pkg:cargo/tokio-stream@0.1.17" }, "Version": "0.1.17", "Licenses": [ "MIT" ], "DependsOn": [ "futures-core@0.3.31", "pin-project-lite@0.2.12", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tokio-util@0.7.16", "Name": "tokio-util", "Identifier": { "PURL": "pkg:cargo/tokio-util@0.7.16", "UID": "5d83439d28bb6549", "BOMRef": "pkg:cargo/tokio-util@0.7.16" }, "Version": "0.7.16", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "futures-core@0.3.31", "futures-sink@0.3.31", "futures-util@0.3.31", "pin-project-lite@0.2.12", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tonic@0.11.0", "Name": "tonic", "Identifier": { "PURL": "pkg:cargo/tonic@0.11.0", "UID": "6f22deda4f92ce77", "BOMRef": "pkg:cargo/tonic@0.11.0" }, "Version": "0.11.0", "Licenses": [ "MIT" ], "DependsOn": [ "async-stream@0.3.3", "async-trait@0.1.89", "axum@0.6.12", "base64@0.21.0", "bytes@1.10.1", "flate2@1.1.4", "h2@0.3.26", "http-body@0.4.5", "http@0.2.12", "hyper-timeout@0.4.1", "hyper@0.14.26", "percent-encoding@2.3.2", "pin-project@1.0.12", "prost@0.12.6", "rustls-pemfile@2.2.0", "rustls-pki-types@1.12.0", "tokio-rustls@0.25.0", "tokio-stream@0.1.17", "tokio@1.48.0", "tower-layer@0.3.3", "tower-service@0.3.3", "tower@0.4.13", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tonic@0.12.3", "Name": "tonic", "Identifier": { "PURL": "pkg:cargo/tonic@0.12.3", "UID": "2965f5e45ff69da8", "BOMRef": "pkg:cargo/tonic@0.12.3" }, "Version": "0.12.3", "Licenses": [ "MIT" ], "DependsOn": [ "async-stream@0.3.3", "async-trait@0.1.89", "axum@0.7.5", "base64@0.22.0", "bytes@1.10.1", "h2@0.4.4", "http-body-util@0.1.2", "http-body@1.0.0", "http@1.3.1", "hyper-timeout@0.5.1", "hyper-util@0.1.13", "hyper@1.6.0", "percent-encoding@2.3.2", "pin-project@1.0.12", "prost@0.13.1", "socket2@0.5.10", "tokio-stream@0.1.17", "tokio@1.48.0", "tower-layer@0.3.3", "tower-service@0.3.3", "tower@0.4.13", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tonic-reflection@0.11.0", "Name": "tonic-reflection", "Identifier": { "PURL": "pkg:cargo/tonic-reflection@0.11.0", "UID": "ba4f9a7dfb03a6ac", "BOMRef": "pkg:cargo/tonic-reflection@0.11.0" }, "Version": "0.11.0", "Licenses": [ "MIT" ], "DependsOn": [ "prost-types@0.12.6", "prost@0.12.6", "tokio-stream@0.1.17", "tokio@1.48.0", "tonic@0.11.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tower@0.4.13", "Name": "tower", "Identifier": { "PURL": "pkg:cargo/tower@0.4.13", "UID": "b38a6744c4562cb2", "BOMRef": "pkg:cargo/tower@0.4.13" }, "Version": "0.4.13", "Licenses": [ "MIT" ], "DependsOn": [ "futures-core@0.3.31", "futures-util@0.3.31", "indexmap@1.9.2", "pin-project-lite@0.2.12", "pin-project@1.0.12", "rand@0.8.5", "slab@0.4.11", "tokio-util@0.7.16", "tokio@1.48.0", "tower-layer@0.3.3", "tower-service@0.3.3", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tower@0.5.2", "Name": "tower", "Identifier": { "PURL": "pkg:cargo/tower@0.5.2", "UID": "892cbcd315027d1", "BOMRef": "pkg:cargo/tower@0.5.2" }, "Version": "0.5.2", "Licenses": [ "MIT" ], "DependsOn": [ "futures-core@0.3.31", "futures-util@0.3.31", "pin-project-lite@0.2.12", "sync_wrapper@1.0.1", "tokio@1.48.0", "tower-layer@0.3.3", "tower-service@0.3.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tower-http@0.6.6", "Name": "tower-http", "Identifier": { "PURL": "pkg:cargo/tower-http@0.6.6", "UID": "1b10a52e063460b", "BOMRef": "pkg:cargo/tower-http@0.6.6" }, "Version": "0.6.6", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@2.9.1", "bytes@1.10.1", "futures-util@0.3.31", "http-body@1.0.0", "http@1.3.1", "iri-string@0.7.8", "pin-project-lite@0.2.12", "tower-layer@0.3.3", "tower-service@0.3.3", "tower@0.5.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tower-layer@0.3.3", "Name": "tower-layer", "Identifier": { "PURL": "pkg:cargo/tower-layer@0.3.3", "UID": "9904e2c58eae8abb", "BOMRef": "pkg:cargo/tower-layer@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tower-service@0.3.3", "Name": "tower-service", "Identifier": { "PURL": "pkg:cargo/tower-service@0.3.3", "UID": "22586623aafac73e", "BOMRef": "pkg:cargo/tower-service@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tracing@0.1.43", "Name": "tracing", "Identifier": { "PURL": "pkg:cargo/tracing@0.1.43", "UID": "f20e5ea9d32cd600", "BOMRef": "pkg:cargo/tracing@0.1.43" }, "Version": "0.1.43", "Licenses": [ "MIT" ], "DependsOn": [ "log@0.4.28", "pin-project-lite@0.2.12", "tracing-attributes@0.1.31", "tracing-core@0.1.35" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tracing-attributes@0.1.31", "Name": "tracing-attributes", "Identifier": { "PURL": "pkg:cargo/tracing-attributes@0.1.31", "UID": "c49c98926f220324", "BOMRef": "pkg:cargo/tracing-attributes@0.1.31" }, "Version": "0.1.31", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tracing-core@0.1.35", "Name": "tracing-core", "Identifier": { "PURL": "pkg:cargo/tracing-core@0.1.35", "UID": "6ddfa5d0229ce288", "BOMRef": "pkg:cargo/tracing-core@0.1.35" }, "Version": "0.1.35", "Licenses": [ "MIT" ], "DependsOn": [ "once_cell@1.21.3", "valuable@0.1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tracing-log@0.2.0", "Name": "tracing-log", "Identifier": { "PURL": "pkg:cargo/tracing-log@0.2.0", "UID": "5ba4606e2db103db", "BOMRef": "pkg:cargo/tracing-log@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "log@0.4.28", "once_cell@1.21.3", "tracing-core@0.1.35" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tracing-serde@0.2.0", "Name": "tracing-serde", "Identifier": { "PURL": "pkg:cargo/tracing-serde@0.2.0", "UID": "395dfdbf8c128542", "BOMRef": "pkg:cargo/tracing-serde@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "serde@1.0.226", "tracing-core@0.1.35" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tracing-subscriber@0.3.22", "Name": "tracing-subscriber", "Identifier": { "PURL": "pkg:cargo/tracing-subscriber@0.3.22", "UID": "5a57d0c2a9ace489", "BOMRef": "pkg:cargo/tracing-subscriber@0.3.22" }, "Version": "0.3.22", "Licenses": [ "MIT" ], "DependsOn": [ "matchers@0.2.0", "nu-ansi-term@0.50.1", "once_cell@1.21.3", "parking_lot@0.12.5", "regex-automata@0.4.8", "serde@1.0.226", "serde_json@1.0.145", "sharded-slab@0.1.4", "smallvec@1.15.1", "thread_local@1.1.7", "tracing-core@0.1.35", "tracing-log@0.2.0", "tracing-serde@0.2.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tracing-tracy@0.11.4", "Name": "tracing-tracy", "Identifier": { "PURL": "pkg:cargo/tracing-tracy@0.11.4", "UID": "7b425628c956a081", "BOMRef": "pkg:cargo/tracing-tracy@0.11.4" }, "Version": "0.11.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "tracing-core@0.1.35", "tracing-subscriber@0.3.22", "tracy-client@0.17.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tracy-client@0.17.0", "Name": "tracy-client", "Identifier": { "PURL": "pkg:cargo/tracy-client@0.17.0", "UID": "46f48437f41069d4", "BOMRef": "pkg:cargo/tracy-client@0.17.0" }, "Version": "0.17.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "loom@0.7.1", "once_cell@1.21.3", "tracy-client-sys@0.21.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "tracy-client-sys@0.21.2", "Name": "tracy-client-sys", "Identifier": { "PURL": "pkg:cargo/tracy-client-sys@0.21.2", "UID": "ce7bd7f9418a8c4d", "BOMRef": "pkg:cargo/tracy-client-sys@0.21.2" }, "Version": "0.21.2", "Licenses": [ "(MIT OR Apache-2.0) AND BSD-3-Clause" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "try-lock@0.2.3", "Name": "try-lock", "Identifier": { "PURL": "pkg:cargo/try-lock@0.2.3", "UID": "b9a3740a7068151e", "BOMRef": "pkg:cargo/try-lock@0.2.3" }, "Version": "0.2.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "typeid@1.0.0", "Name": "typeid", "Identifier": { "PURL": "pkg:cargo/typeid@1.0.0", "UID": "c49fb2debbf93bf8", "BOMRef": "pkg:cargo/typeid@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "typenum@1.16.0", "Name": "typenum", "Identifier": { "PURL": "pkg:cargo/typenum@1.16.0", "UID": "54575dc8fdecb316", "BOMRef": "pkg:cargo/typenum@1.16.0" }, "Version": "1.16.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "typetag@0.2.15", "Name": "typetag", "Identifier": { "PURL": "pkg:cargo/typetag@0.2.15", "UID": "7c8ed4ee3a9d1b0a", "BOMRef": "pkg:cargo/typetag@0.2.15" }, "Version": "0.2.15", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "erased-serde@0.4.2", "inventory@0.3.14", "once_cell@1.21.3", "serde@1.0.226", "typetag-impl@0.2.15" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "typetag-impl@0.2.15", "Name": "typetag-impl", "Identifier": { "PURL": "pkg:cargo/typetag-impl@0.2.15", "UID": "b43e42d55db10292", "BOMRef": "pkg:cargo/typetag-impl@0.2.15" }, "Version": "0.2.15", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "unicase@2.6.0", "Name": "unicase", "Identifier": { "PURL": "pkg:cargo/unicase@2.6.0", "UID": "36737fbc4b7afaee", "BOMRef": "pkg:cargo/unicase@2.6.0" }, "Version": "2.6.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "unicode-ident@1.0.13", "Name": "unicode-ident", "Identifier": { "PURL": "pkg:cargo/unicode-ident@1.0.13", "UID": "de6b37be210f1914", "BOMRef": "pkg:cargo/unicode-ident@1.0.13" }, "Version": "1.0.13", "Licenses": [ "(MIT OR Apache-2.0) AND Unicode-DFS-2016" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "unicode-normalization@0.1.24", "Name": "unicode-normalization", "Identifier": { "PURL": "pkg:cargo/unicode-normalization@0.1.24", "UID": "afa67f18868e7577", "BOMRef": "pkg:cargo/unicode-normalization@0.1.24" }, "Version": "0.1.24", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "tinyvec@1.10.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "unicode-width@0.2.0", "Name": "unicode-width", "Identifier": { "PURL": "pkg:cargo/unicode-width@0.2.0", "UID": "bc80faaefab672a8", "BOMRef": "pkg:cargo/unicode-width@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "unicode-xid@0.2.6", "Name": "unicode-xid", "Identifier": { "PURL": "pkg:cargo/unicode-xid@0.2.6", "UID": "898895485b504f46", "BOMRef": "pkg:cargo/unicode-xid@0.2.6" }, "Version": "0.2.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "unindent@0.2.4", "Name": "unindent", "Identifier": { "PURL": "pkg:cargo/unindent@0.2.4", "UID": "c40cb9d31e0cdaee", "BOMRef": "pkg:cargo/unindent@0.2.4" }, "Version": "0.2.4", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "unit-prefix@0.5.1", "Name": "unit-prefix", "Identifier": { "PURL": "pkg:cargo/unit-prefix@0.5.1", "UID": "85f37f1704013eee", "BOMRef": "pkg:cargo/unit-prefix@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "untrusted@0.9.0", "Name": "untrusted", "Identifier": { "PURL": "pkg:cargo/untrusted@0.9.0", "UID": "cf45d814b218c944", "BOMRef": "pkg:cargo/untrusted@0.9.0" }, "Version": "0.9.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "unty@0.0.4", "Name": "unty", "Identifier": { "PURL": "pkg:cargo/unty@0.0.4", "UID": "be59a607e90d5f11", "BOMRef": "pkg:cargo/unty@0.0.4" }, "Version": "0.0.4", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "unwind@0.4.1", "Name": "unwind", "Identifier": { "PURL": "pkg:cargo/unwind@0.4.1", "UID": "bdcb2b848211aa9a", "BOMRef": "pkg:cargo/unwind@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "foreign-types@0.5.0", "libc@0.2.174", "unwind-sys@0.1.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "unwind-sys@0.1.3", "Name": "unwind-sys", "Identifier": { "PURL": "pkg:cargo/unwind-sys@0.1.3", "UID": "b705abd593663ad4", "BOMRef": "pkg:cargo/unwind-sys@0.1.3" }, "Version": "0.1.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "url@2.5.7", "Name": "url", "Identifier": { "PURL": "pkg:cargo/url@2.5.7", "UID": "83a6cdf4471bff2f", "BOMRef": "pkg:cargo/url@2.5.7" }, "Version": "2.5.7", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "form_urlencoded@1.2.2", "idna@1.1.0", "percent-encoding@2.3.2", "serde@1.0.226" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "utf16_iter@1.0.5", "Name": "utf16_iter", "Identifier": { "PURL": "pkg:cargo/utf16_iter@1.0.5", "UID": "25d603c96b8bd53e", "BOMRef": "pkg:cargo/utf16_iter@1.0.5" }, "Version": "1.0.5", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "utf8_iter@1.0.4", "Name": "utf8_iter", "Identifier": { "PURL": "pkg:cargo/utf8_iter@1.0.4", "UID": "70a0f5705662dc9a", "BOMRef": "pkg:cargo/utf8_iter@1.0.4" }, "Version": "1.0.4", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "utf8parse@0.2.1", "Name": "utf8parse", "Identifier": { "PURL": "pkg:cargo/utf8parse@0.2.1", "UID": "7fd0fe706561a7db", "BOMRef": "pkg:cargo/utf8parse@0.2.1" }, "Version": "0.2.1", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "uuid@1.18.1", "Name": "uuid", "Identifier": { "PURL": "pkg:cargo/uuid@1.18.1", "UID": "2bef221f9182432e", "BOMRef": "pkg:cargo/uuid@1.18.1" }, "Version": "1.18.1", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "getrandom@0.3.0", "js-sys@0.3.77", "serde@1.0.226", "wasm-bindgen@0.2.100" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "v_htmlescape@0.15.8", "Name": "v_htmlescape", "Identifier": { "PURL": "pkg:cargo/v_htmlescape@0.15.8", "UID": "e82fae1c4a6e9cb4", "BOMRef": "pkg:cargo/v_htmlescape@0.15.8" }, "Version": "0.15.8", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "validator@0.20.0", "Name": "validator", "Identifier": { "PURL": "pkg:cargo/validator@0.20.0", "UID": "762d1f60ed5b8ce3", "BOMRef": "pkg:cargo/validator@0.20.0" }, "Version": "0.20.0", "Licenses": [ "MIT" ], "DependsOn": [ "idna@1.1.0", "once_cell@1.21.3", "regex@1.11.0", "serde@1.0.226", "serde_derive@1.0.226", "serde_json@1.0.145", "url@2.5.7", "validator_derive@0.20.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "validator_derive@0.20.0", "Name": "validator_derive", "Identifier": { "PURL": "pkg:cargo/validator_derive@0.20.0", "UID": "bfe67b5eb2beb950", "BOMRef": "pkg:cargo/validator_derive@0.20.0" }, "Version": "0.20.0", "Licenses": [ "MIT" ], "DependsOn": [ "darling@0.20.8", "once_cell@1.21.3", "proc-macro-error2@2.0.1", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "valuable@0.1.0", "Name": "valuable", "Identifier": { "PURL": "pkg:cargo/valuable@0.1.0", "UID": "5d9d9d0ac1f39ea7", "BOMRef": "pkg:cargo/valuable@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "vaporetto@0.6.5", "Name": "vaporetto", "Identifier": { "PURL": "pkg:cargo/vaporetto@0.6.5", "UID": "ed2144e249aad237", "BOMRef": "pkg:cargo/vaporetto@0.6.5" }, "Version": "0.6.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bincode@2.0.1", "daachorse@1.0.0", "hashbrown@0.15.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "virtue@0.0.18", "Name": "virtue", "Identifier": { "PURL": "pkg:cargo/virtue@0.0.18", "UID": "cc581fbfcc99e72", "BOMRef": "pkg:cargo/virtue@0.0.18" }, "Version": "0.0.18", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "walkdir@2.5.0", "Name": "walkdir", "Identifier": { "PURL": "pkg:cargo/walkdir@2.5.0", "UID": "c7e58b69ccb72de3", "BOMRef": "pkg:cargo/walkdir@2.5.0" }, "Version": "2.5.0", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "same-file@1.0.6", "winapi-util@0.1.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "want@0.3.0", "Name": "want", "Identifier": { "PURL": "pkg:cargo/want@0.3.0", "UID": "8f181282c46a3896", "BOMRef": "pkg:cargo/want@0.3.0" }, "Version": "0.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "log@0.4.28", "try-lock@0.2.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wasi@0.11.0+wasi-snapshot-preview1", "Name": "wasi", "Identifier": { "PURL": "pkg:cargo/wasi@0.11.0%2Bwasi-snapshot-preview1", "UID": "54a25b6916818ffb", "BOMRef": "pkg:cargo/wasi@0.11.0%2Bwasi-snapshot-preview1" }, "Version": "0.11.0+wasi-snapshot-preview1", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wasi@0.13.3+wasi-0.2.2", "Name": "wasi", "Identifier": { "PURL": "pkg:cargo/wasi@0.13.3%2Bwasi-0.2.2", "UID": "e55e91151f12f623", "BOMRef": "pkg:cargo/wasi@0.13.3%2Bwasi-0.2.2" }, "Version": "0.13.3+wasi-0.2.2", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "DependsOn": [ "wit-bindgen-rt@0.33.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wasi@0.9.0+wasi-snapshot-preview1", "Name": "wasi", "Identifier": { "PURL": "pkg:cargo/wasi@0.9.0%2Bwasi-snapshot-preview1", "UID": "39be4eb774c10372", "BOMRef": "pkg:cargo/wasi@0.9.0%2Bwasi-snapshot-preview1" }, "Version": "0.9.0+wasi-snapshot-preview1", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wasm-bindgen@0.2.100", "Name": "wasm-bindgen", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen@0.2.100", "UID": "d63b67bb5f55eb97", "BOMRef": "pkg:cargo/wasm-bindgen@0.2.100" }, "Version": "0.2.100", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "once_cell@1.21.3", "rustversion@1.0.11", "wasm-bindgen-macro@0.2.100" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wasm-bindgen-backend@0.2.100", "Name": "wasm-bindgen-backend", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen-backend@0.2.100", "UID": "be67573b261f9b42", "BOMRef": "pkg:cargo/wasm-bindgen-backend@0.2.100" }, "Version": "0.2.100", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bumpalo@3.11.1", "log@0.4.28", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111", "wasm-bindgen-shared@0.2.100" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wasm-bindgen-futures@0.4.42", "Name": "wasm-bindgen-futures", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen-futures@0.4.42", "UID": "286ccb3d786442ae", "BOMRef": "pkg:cargo/wasm-bindgen-futures@0.4.42" }, "Version": "0.4.42", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "js-sys@0.3.77", "wasm-bindgen@0.2.100", "web-sys@0.3.69" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wasm-bindgen-macro@0.2.100", "Name": "wasm-bindgen-macro", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen-macro@0.2.100", "UID": "4083805badc42cff", "BOMRef": "pkg:cargo/wasm-bindgen-macro@0.2.100" }, "Version": "0.2.100", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "quote@1.0.42", "wasm-bindgen-macro-support@0.2.100" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wasm-bindgen-macro-support@0.2.100", "Name": "wasm-bindgen-macro-support", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen-macro-support@0.2.100", "UID": "2a43f4947402762a", "BOMRef": "pkg:cargo/wasm-bindgen-macro-support@0.2.100" }, "Version": "0.2.100", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111", "wasm-bindgen-backend@0.2.100", "wasm-bindgen-shared@0.2.100" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wasm-bindgen-shared@0.2.100", "Name": "wasm-bindgen-shared", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen-shared@0.2.100", "UID": "1f11b96a445bb38a", "BOMRef": "pkg:cargo/wasm-bindgen-shared@0.2.100" }, "Version": "0.2.100", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "unicode-ident@1.0.13" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wasm-streams@0.4.0", "Name": "wasm-streams", "Identifier": { "PURL": "pkg:cargo/wasm-streams@0.4.0", "UID": "8be58c827d0b5886", "BOMRef": "pkg:cargo/wasm-streams@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-util@0.3.31", "js-sys@0.3.77", "wasm-bindgen-futures@0.4.42", "wasm-bindgen@0.2.100", "web-sys@0.3.69" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "web-sys@0.3.69", "Name": "web-sys", "Identifier": { "PURL": "pkg:cargo/web-sys@0.3.69", "UID": "3d0c1dfe5a378b96", "BOMRef": "pkg:cargo/web-sys@0.3.69" }, "Version": "0.3.69", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "js-sys@0.3.77", "wasm-bindgen@0.2.100" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "web-time@1.1.0", "Name": "web-time", "Identifier": { "PURL": "pkg:cargo/web-time@1.1.0", "UID": "ec48d3cecebd2ad9", "BOMRef": "pkg:cargo/web-time@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "js-sys@0.3.77", "wasm-bindgen@0.2.100" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "webpki-roots@0.26.1", "Name": "webpki-roots", "Identifier": { "PURL": "pkg:cargo/webpki-roots@0.26.1", "UID": "6b508499b3fd2d5f", "BOMRef": "pkg:cargo/webpki-roots@0.26.1" }, "Version": "0.26.1", "Licenses": [ "MPL-2.0" ], "DependsOn": [ "rustls-pki-types@1.12.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "webpki-roots@1.0.0", "Name": "webpki-roots", "Identifier": { "PURL": "pkg:cargo/webpki-roots@1.0.0", "UID": "879132dc55c82933", "BOMRef": "pkg:cargo/webpki-roots@1.0.0" }, "Version": "1.0.0", "Licenses": [ "CDLA-Permissive-2.0" ], "DependsOn": [ "rustls-pki-types@1.12.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "whatlang@0.16.4", "Name": "whatlang", "Identifier": { "PURL": "pkg:cargo/whatlang@0.16.4", "UID": "7c72639590c1370d", "BOMRef": "pkg:cargo/whatlang@0.16.4" }, "Version": "0.16.4", "Licenses": [ "MIT" ], "DependsOn": [ "hashbrown@0.14.2", "once_cell@1.21.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "winapi@0.3.9", "Name": "winapi", "Identifier": { "PURL": "pkg:cargo/winapi@0.3.9", "UID": "11d43474456d68e9", "BOMRef": "pkg:cargo/winapi@0.3.9" }, "Version": "0.3.9", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "winapi-i686-pc-windows-gnu@0.4.0", "winapi-x86_64-pc-windows-gnu@0.4.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "winapi-i686-pc-windows-gnu@0.4.0", "Name": "winapi-i686-pc-windows-gnu", "Identifier": { "PURL": "pkg:cargo/winapi-i686-pc-windows-gnu@0.4.0", "UID": "29b7fc03fde55aad", "BOMRef": "pkg:cargo/winapi-i686-pc-windows-gnu@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "winapi-util@0.1.5", "Name": "winapi-util", "Identifier": { "PURL": "pkg:cargo/winapi-util@0.1.5", "UID": "b8c9a7cbb2733d35", "BOMRef": "pkg:cargo/winapi-util@0.1.5" }, "Version": "0.1.5", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "winapi@0.3.9" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "winapi-x86_64-pc-windows-gnu@0.4.0", "Name": "winapi-x86_64-pc-windows-gnu", "Identifier": { "PURL": "pkg:cargo/winapi-x86_64-pc-windows-gnu@0.4.0", "UID": "fa5d6432a05c24c", "BOMRef": "pkg:cargo/winapi-x86_64-pc-windows-gnu@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows@0.48.0", "Name": "windows", "Identifier": { "PURL": "pkg:cargo/windows@0.48.0", "UID": "a9b9a407a99f2599", "BOMRef": "pkg:cargo/windows@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows@0.57.0", "Name": "windows", "Identifier": { "PURL": "pkg:cargo/windows@0.57.0", "UID": "61ab07563d11139c", "BOMRef": "pkg:cargo/windows@0.57.0" }, "Version": "0.57.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-core@0.57.0", "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows@0.61.3", "Name": "windows", "Identifier": { "PURL": "pkg:cargo/windows@0.61.3", "UID": "9f709219df6e982f", "BOMRef": "pkg:cargo/windows@0.61.3" }, "Version": "0.61.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-collections@0.2.0", "windows-core@0.61.2", "windows-future@0.2.1", "windows-link@0.1.3", "windows-numerics@0.2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-collections@0.2.0", "Name": "windows-collections", "Identifier": { "PURL": "pkg:cargo/windows-collections@0.2.0", "UID": "7028b358f27f2d3c", "BOMRef": "pkg:cargo/windows-collections@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-core@0.61.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-core@0.57.0", "Name": "windows-core", "Identifier": { "PURL": "pkg:cargo/windows-core@0.57.0", "UID": "6c411a656939bdc9", "BOMRef": "pkg:cargo/windows-core@0.57.0" }, "Version": "0.57.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-implement@0.57.0", "windows-interface@0.57.0", "windows-result@0.1.2", "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-core@0.61.2", "Name": "windows-core", "Identifier": { "PURL": "pkg:cargo/windows-core@0.61.2", "UID": "c6887ae1f34175e0", "BOMRef": "pkg:cargo/windows-core@0.61.2" }, "Version": "0.61.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-implement@0.60.0", "windows-interface@0.59.1", "windows-link@0.1.3", "windows-result@0.3.4", "windows-strings@0.4.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-future@0.2.1", "Name": "windows-future", "Identifier": { "PURL": "pkg:cargo/windows-future@0.2.1", "UID": "a9d7b08c204d92db", "BOMRef": "pkg:cargo/windows-future@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-core@0.61.2", "windows-link@0.1.3", "windows-threading@0.1.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-implement@0.57.0", "Name": "windows-implement", "Identifier": { "PURL": "pkg:cargo/windows-implement@0.57.0", "UID": "a1826713cccfb423", "BOMRef": "pkg:cargo/windows-implement@0.57.0" }, "Version": "0.57.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-implement@0.60.0", "Name": "windows-implement", "Identifier": { "PURL": "pkg:cargo/windows-implement@0.60.0", "UID": "ac61a524d2e55a7b", "BOMRef": "pkg:cargo/windows-implement@0.60.0" }, "Version": "0.60.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-interface@0.57.0", "Name": "windows-interface", "Identifier": { "PURL": "pkg:cargo/windows-interface@0.57.0", "UID": "479ddded581f76ed", "BOMRef": "pkg:cargo/windows-interface@0.57.0" }, "Version": "0.57.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-interface@0.59.1", "Name": "windows-interface", "Identifier": { "PURL": "pkg:cargo/windows-interface@0.59.1", "UID": "e499c7fbbc2a77e9", "BOMRef": "pkg:cargo/windows-interface@0.59.1" }, "Version": "0.59.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-link@0.1.3", "Name": "windows-link", "Identifier": { "PURL": "pkg:cargo/windows-link@0.1.3", "UID": "55080734a4c18be5", "BOMRef": "pkg:cargo/windows-link@0.1.3" }, "Version": "0.1.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-link@0.2.0", "Name": "windows-link", "Identifier": { "PURL": "pkg:cargo/windows-link@0.2.0", "UID": "c8389934d6e26810", "BOMRef": "pkg:cargo/windows-link@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-numerics@0.2.0", "Name": "windows-numerics", "Identifier": { "PURL": "pkg:cargo/windows-numerics@0.2.0", "UID": "2823e5b43ca8640f", "BOMRef": "pkg:cargo/windows-numerics@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-core@0.61.2", "windows-link@0.1.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-result@0.1.2", "Name": "windows-result", "Identifier": { "PURL": "pkg:cargo/windows-result@0.1.2", "UID": "940f014f916be602", "BOMRef": "pkg:cargo/windows-result@0.1.2" }, "Version": "0.1.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-result@0.3.4", "Name": "windows-result", "Identifier": { "PURL": "pkg:cargo/windows-result@0.3.4", "UID": "3c3e8bdbf1cd9cbd", "BOMRef": "pkg:cargo/windows-result@0.3.4" }, "Version": "0.3.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-link@0.1.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-strings@0.4.2", "Name": "windows-strings", "Identifier": { "PURL": "pkg:cargo/windows-strings@0.4.2", "UID": "9c6c6a4b41346739", "BOMRef": "pkg:cargo/windows-strings@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-link@0.1.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-sys@0.42.0", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.42.0", "UID": "e0d836da1051371c", "BOMRef": "pkg:cargo/windows-sys@0.42.0" }, "Version": "0.42.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows_aarch64_gnullvm@0.42.2", "windows_aarch64_msvc@0.42.2", "windows_i686_gnu@0.42.2", "windows_i686_msvc@0.42.2", "windows_x86_64_gnu@0.42.2", "windows_x86_64_gnullvm@0.42.2", "windows_x86_64_msvc@0.42.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-sys@0.48.0", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.48.0", "UID": "800c5e95ede56275", "BOMRef": "pkg:cargo/windows-sys@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-sys@0.52.0", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.52.0", "UID": "4067efb945f6bbaa", "BOMRef": "pkg:cargo/windows-sys@0.52.0" }, "Version": "0.52.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-sys@0.59.0", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.59.0", "UID": "2268f54a6a758d6f", "BOMRef": "pkg:cargo/windows-sys@0.59.0" }, "Version": "0.59.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-sys@0.60.2", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.60.2", "UID": "7e36ba07ce37d06a", "BOMRef": "pkg:cargo/windows-sys@0.60.2" }, "Version": "0.60.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.53.2" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-sys@0.61.1", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.61.1", "UID": "24560f25b9ef33b9", "BOMRef": "pkg:cargo/windows-sys@0.61.1" }, "Version": "0.61.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-link@0.2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-targets@0.48.0", "Name": "windows-targets", "Identifier": { "PURL": "pkg:cargo/windows-targets@0.48.0", "UID": "42a380425b6e1674", "BOMRef": "pkg:cargo/windows-targets@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows_aarch64_gnullvm@0.48.0", "windows_aarch64_msvc@0.48.0", "windows_i686_gnu@0.48.0", "windows_i686_msvc@0.48.0", "windows_x86_64_gnu@0.48.0", "windows_x86_64_gnullvm@0.48.0", "windows_x86_64_msvc@0.48.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-targets@0.52.6", "Name": "windows-targets", "Identifier": { "PURL": "pkg:cargo/windows-targets@0.52.6", "UID": "76e8e7ec0962e39", "BOMRef": "pkg:cargo/windows-targets@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows_aarch64_gnullvm@0.52.6", "windows_aarch64_msvc@0.52.6", "windows_i686_gnu@0.52.6", "windows_i686_gnullvm@0.52.6", "windows_i686_msvc@0.52.6", "windows_x86_64_gnu@0.52.6", "windows_x86_64_gnullvm@0.52.6", "windows_x86_64_msvc@0.52.6" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-targets@0.53.2", "Name": "windows-targets", "Identifier": { "PURL": "pkg:cargo/windows-targets@0.53.2", "UID": "8c9159c2eb8200ba", "BOMRef": "pkg:cargo/windows-targets@0.53.2" }, "Version": "0.53.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows_aarch64_gnullvm@0.53.0", "windows_aarch64_msvc@0.53.0", "windows_i686_gnu@0.53.0", "windows_i686_gnullvm@0.53.0", "windows_i686_msvc@0.53.0", "windows_x86_64_gnu@0.53.0", "windows_x86_64_gnullvm@0.53.0", "windows_x86_64_msvc@0.53.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows-threading@0.1.0", "Name": "windows-threading", "Identifier": { "PURL": "pkg:cargo/windows-threading@0.1.0", "UID": "c30019723f3cbe0", "BOMRef": "pkg:cargo/windows-threading@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-link@0.1.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_aarch64_gnullvm@0.42.2", "Name": "windows_aarch64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_gnullvm@0.42.2", "UID": "575c95cd1a8546a", "BOMRef": "pkg:cargo/windows_aarch64_gnullvm@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_aarch64_gnullvm@0.48.0", "Name": "windows_aarch64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_gnullvm@0.48.0", "UID": "cf72cae2f85f7afb", "BOMRef": "pkg:cargo/windows_aarch64_gnullvm@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_aarch64_gnullvm@0.52.6", "Name": "windows_aarch64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_gnullvm@0.52.6", "UID": "65393a8fb4d5ba68", "BOMRef": "pkg:cargo/windows_aarch64_gnullvm@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_aarch64_gnullvm@0.53.0", "Name": "windows_aarch64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_gnullvm@0.53.0", "UID": "7c63ca0ed399695b", "BOMRef": "pkg:cargo/windows_aarch64_gnullvm@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_aarch64_msvc@0.42.2", "Name": "windows_aarch64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_msvc@0.42.2", "UID": "977d35587f306b23", "BOMRef": "pkg:cargo/windows_aarch64_msvc@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_aarch64_msvc@0.48.0", "Name": "windows_aarch64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_msvc@0.48.0", "UID": "2f88d5c15b4342c8", "BOMRef": "pkg:cargo/windows_aarch64_msvc@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_aarch64_msvc@0.52.6", "Name": "windows_aarch64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_msvc@0.52.6", "UID": "45fb0eddc3bb40ba", "BOMRef": "pkg:cargo/windows_aarch64_msvc@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_aarch64_msvc@0.53.0", "Name": "windows_aarch64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_msvc@0.53.0", "UID": "4d1c999439c370ad", "BOMRef": "pkg:cargo/windows_aarch64_msvc@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_i686_gnu@0.42.2", "Name": "windows_i686_gnu", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnu@0.42.2", "UID": "baec51913ccbeedd", "BOMRef": "pkg:cargo/windows_i686_gnu@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_i686_gnu@0.48.0", "Name": "windows_i686_gnu", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnu@0.48.0", "UID": "fc5eaea778207604", "BOMRef": "pkg:cargo/windows_i686_gnu@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_i686_gnu@0.52.6", "Name": "windows_i686_gnu", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnu@0.52.6", "UID": "1f006c99ce47ac03", "BOMRef": "pkg:cargo/windows_i686_gnu@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_i686_gnu@0.53.0", "Name": "windows_i686_gnu", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnu@0.53.0", "UID": "bc6d5ba1a7d9df16", "BOMRef": "pkg:cargo/windows_i686_gnu@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_i686_gnullvm@0.52.6", "Name": "windows_i686_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnullvm@0.52.6", "UID": "62ea17c3464cac37", "BOMRef": "pkg:cargo/windows_i686_gnullvm@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_i686_gnullvm@0.53.0", "Name": "windows_i686_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnullvm@0.53.0", "UID": "c6981ceb33b4c82a", "BOMRef": "pkg:cargo/windows_i686_gnullvm@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_i686_msvc@0.42.2", "Name": "windows_i686_msvc", "Identifier": { "PURL": "pkg:cargo/windows_i686_msvc@0.42.2", "UID": "a52ca220e4993518", "BOMRef": "pkg:cargo/windows_i686_msvc@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_i686_msvc@0.48.0", "Name": "windows_i686_msvc", "Identifier": { "PURL": "pkg:cargo/windows_i686_msvc@0.48.0", "UID": "1c89401b09c1e069", "BOMRef": "pkg:cargo/windows_i686_msvc@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_i686_msvc@0.52.6", "Name": "windows_i686_msvc", "Identifier": { "PURL": "pkg:cargo/windows_i686_msvc@0.52.6", "UID": "6b102afe311cea0f", "BOMRef": "pkg:cargo/windows_i686_msvc@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_i686_msvc@0.53.0", "Name": "windows_i686_msvc", "Identifier": { "PURL": "pkg:cargo/windows_i686_msvc@0.53.0", "UID": "3dfb8dd81e335eb2", "BOMRef": "pkg:cargo/windows_i686_msvc@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_gnu@0.42.2", "Name": "windows_x86_64_gnu", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnu@0.42.2", "UID": "b3bedf3d1dea7134", "BOMRef": "pkg:cargo/windows_x86_64_gnu@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_gnu@0.48.0", "Name": "windows_x86_64_gnu", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnu@0.48.0", "UID": "f85added6b452199", "BOMRef": "pkg:cargo/windows_x86_64_gnu@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_gnu@0.52.6", "Name": "windows_x86_64_gnu", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnu@0.52.6", "UID": "71f0b1bcaf87204f", "BOMRef": "pkg:cargo/windows_x86_64_gnu@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_gnu@0.53.0", "Name": "windows_x86_64_gnu", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnu@0.53.0", "UID": "d46b06453cf1f0cb", "BOMRef": "pkg:cargo/windows_x86_64_gnu@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_gnullvm@0.42.2", "Name": "windows_x86_64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnullvm@0.42.2", "UID": "80f748ee20ff5f2a", "BOMRef": "pkg:cargo/windows_x86_64_gnullvm@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_gnullvm@0.48.0", "Name": "windows_x86_64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnullvm@0.48.0", "UID": "2a37b2887963c7f9", "BOMRef": "pkg:cargo/windows_x86_64_gnullvm@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_gnullvm@0.52.6", "Name": "windows_x86_64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnullvm@0.52.6", "UID": "ef18bfd75cb385a0", "BOMRef": "pkg:cargo/windows_x86_64_gnullvm@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_gnullvm@0.53.0", "Name": "windows_x86_64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnullvm@0.53.0", "UID": "61acab9277450834", "BOMRef": "pkg:cargo/windows_x86_64_gnullvm@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_msvc@0.42.2", "Name": "windows_x86_64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_msvc@0.42.2", "UID": "3d2b3d8a2891e11", "BOMRef": "pkg:cargo/windows_x86_64_msvc@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_msvc@0.48.0", "Name": "windows_x86_64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_msvc@0.48.0", "UID": "230377b1fb8eb4d7", "BOMRef": "pkg:cargo/windows_x86_64_msvc@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_msvc@0.52.6", "Name": "windows_x86_64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_msvc@0.52.6", "UID": "8c20d10e3cdb20c7", "BOMRef": "pkg:cargo/windows_x86_64_msvc@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "windows_x86_64_msvc@0.53.0", "Name": "windows_x86_64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_msvc@0.53.0", "UID": "fcc799559648b716", "BOMRef": "pkg:cargo/windows_x86_64_msvc@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "winnow@0.7.13", "Name": "winnow", "Identifier": { "PURL": "pkg:cargo/winnow@0.7.13", "UID": "5af4ae18fa9be730", "BOMRef": "pkg:cargo/winnow@0.7.13" }, "Version": "0.7.13", "Licenses": [ "MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wit-bindgen-rt@0.33.0", "Name": "wit-bindgen-rt", "Identifier": { "PURL": "pkg:cargo/wit-bindgen-rt@0.33.0", "UID": "8a9057c4ce57628d", "BOMRef": "pkg:cargo/wit-bindgen-rt@0.33.0" }, "Version": "0.33.0", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "DependsOn": [ "bitflags@2.9.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "write16@1.0.0", "Name": "write16", "Identifier": { "PURL": "pkg:cargo/write16@1.0.0", "UID": "63e372e95d4bd7aa", "BOMRef": "pkg:cargo/write16@1.0.0" }, "Version": "1.0.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "writeable@0.5.5", "Name": "writeable", "Identifier": { "PURL": "pkg:cargo/writeable@0.5.5", "UID": "701ad1c170b55670", "BOMRef": "pkg:cargo/writeable@0.5.5" }, "Version": "0.5.5", "Licenses": [ "Unicode-3.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wyhash@0.5.0", "Name": "wyhash", "Identifier": { "PURL": "pkg:cargo/wyhash@0.5.0", "UID": "37c9a6f166b784e4", "BOMRef": "pkg:cargo/wyhash@0.5.0" }, "Version": "0.5.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rand_core@0.6.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "wyz@0.5.1", "Name": "wyz", "Identifier": { "PURL": "pkg:cargo/wyz@0.5.1", "UID": "863e84614ff162fe", "BOMRef": "pkg:cargo/wyz@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT" ], "DependsOn": [ "tap@1.0.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "xattr@1.3.1", "Name": "xattr", "Identifier": { "PURL": "pkg:cargo/xattr@1.3.1", "UID": "1028ec8173e84c8e", "BOMRef": "pkg:cargo/xattr@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "linux-raw-sys@0.4.14", "rustix@0.38.40" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "yaml-rust2@0.10.4", "Name": "yaml-rust2", "Identifier": { "PURL": "pkg:cargo/yaml-rust2@0.10.4", "UID": "381fe124549c574e", "BOMRef": "pkg:cargo/yaml-rust2@0.10.4" }, "Version": "0.10.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "arraydeque@0.5.1", "encoding_rs@0.8.33", "hashlink@0.10.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "yoke@0.7.4", "Name": "yoke", "Identifier": { "PURL": "pkg:cargo/yoke@0.7.4", "UID": "621da122bc1be568", "BOMRef": "pkg:cargo/yoke@0.7.4" }, "Version": "0.7.4", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "serde@1.0.226", "stable_deref_trait@1.2.0", "yoke-derive@0.7.4", "zerofrom@0.1.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "yoke-derive@0.7.4", "Name": "yoke-derive", "Identifier": { "PURL": "pkg:cargo/yoke-derive@0.7.4", "UID": "9eeb60a6749e1d79", "BOMRef": "pkg:cargo/yoke-derive@0.7.4" }, "Version": "0.7.4", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111", "synstructure@0.13.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zerocopy@0.7.35", "Name": "zerocopy", "Identifier": { "PURL": "pkg:cargo/zerocopy@0.7.35", "UID": "c4bc5050f5e0520f", "BOMRef": "pkg:cargo/zerocopy@0.7.35" }, "Version": "0.7.35", "Licenses": [ "BSD-2-Clause OR Apache-2.0 OR MIT" ], "DependsOn": [ "zerocopy-derive@0.7.35" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zerocopy@0.8.31", "Name": "zerocopy", "Identifier": { "PURL": "pkg:cargo/zerocopy@0.8.31", "UID": "5587ff7390da791b", "BOMRef": "pkg:cargo/zerocopy@0.8.31" }, "Version": "0.8.31", "Licenses": [ "BSD-2-Clause OR Apache-2.0 OR MIT" ], "DependsOn": [ "zerocopy-derive@0.8.31" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zerocopy-derive@0.7.35", "Name": "zerocopy-derive", "Identifier": { "PURL": "pkg:cargo/zerocopy-derive@0.7.35", "UID": "90268f19ac064b3e", "BOMRef": "pkg:cargo/zerocopy-derive@0.7.35" }, "Version": "0.7.35", "Licenses": [ "BSD-2-Clause OR Apache-2.0 OR MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zerocopy-derive@0.8.31", "Name": "zerocopy-derive", "Identifier": { "PURL": "pkg:cargo/zerocopy-derive@0.8.31", "UID": "8173dfc7f233101f", "BOMRef": "pkg:cargo/zerocopy-derive@0.8.31" }, "Version": "0.8.31", "Licenses": [ "BSD-2-Clause OR Apache-2.0 OR MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zerofrom@0.1.4", "Name": "zerofrom", "Identifier": { "PURL": "pkg:cargo/zerofrom@0.1.4", "UID": "2b3dd1e1309729b3", "BOMRef": "pkg:cargo/zerofrom@0.1.4" }, "Version": "0.1.4", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "zerofrom-derive@0.1.4" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zerofrom-derive@0.1.4", "Name": "zerofrom-derive", "Identifier": { "PURL": "pkg:cargo/zerofrom-derive@0.1.4", "UID": "faf0597dcfdf7296", "BOMRef": "pkg:cargo/zerofrom-derive@0.1.4" }, "Version": "0.1.4", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111", "synstructure@0.13.1" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zeroize@1.8.1", "Name": "zeroize", "Identifier": { "PURL": "pkg:cargo/zeroize@1.8.1", "UID": "dd26d8b5509c4d1c", "BOMRef": "pkg:cargo/zeroize@1.8.1" }, "Version": "1.8.1", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zerovec@0.10.4", "Name": "zerovec", "Identifier": { "PURL": "pkg:cargo/zerovec@0.10.4", "UID": "c6ef2d0f5ab45dc7", "BOMRef": "pkg:cargo/zerovec@0.10.4" }, "Version": "0.10.4", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "yoke@0.7.4", "zerofrom@0.1.4", "zerovec-derive@0.10.3" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zerovec-derive@0.10.3", "Name": "zerovec-derive", "Identifier": { "PURL": "pkg:cargo/zerovec-derive@0.10.3", "UID": "10375fb73ea80cb1", "BOMRef": "pkg:cargo/zerovec-derive@0.10.3" }, "Version": "0.10.3", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zstd@0.13.0", "Name": "zstd", "Identifier": { "PURL": "pkg:cargo/zstd@0.13.0", "UID": "146431733d90ba82", "BOMRef": "pkg:cargo/zstd@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT" ], "DependsOn": [ "zstd-safe@7.0.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zstd-safe@7.0.0", "Name": "zstd-safe", "Identifier": { "PURL": "pkg:cargo/zstd-safe@7.0.0", "UID": "74ba4b560fd05df5", "BOMRef": "pkg:cargo/zstd-safe@7.0.0" }, "Version": "7.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "zstd-sys@2.0.9+zstd.1.5.5" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } }, { "ID": "zstd-sys@2.0.9+zstd.1.5.5", "Name": "zstd-sys", "Identifier": { "PURL": "pkg:cargo/zstd-sys@2.0.9%2Bzstd.1.5.5", "UID": "9d81a9bf7ef9fac0", "BOMRef": "pkg:cargo/zstd-sys@2.0.9%2Bzstd.1.5.5" }, "Version": "2.0.9+zstd.1.5.5", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" } } ], "Vulnerabilities": [ { "VulnerabilityID": "GHSA-8v2v-wjwg-vx6r", "PkgID": "actix-files@0.6.8", "PkgName": "actix-files", "PkgIdentifier": { "PURL": "pkg:cargo/actix-files@0.6.8", "UID": "a4b9b599832731d5", "BOMRef": "pkg:cargo/actix-files@0.6.8" }, "InstalledVersion": "0.6.8", "FixedVersion": "0.6.10", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-8v2v-wjwg-vx6r", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:2e4cae43379c0a0c500f5be52152a2d14f5f13740ae2f4420fbc501e129fd40e", "Title": "actix-files has a possible exposure of information vulnerability", "Description": "### Summary\n\nWhen passing a non-existing folder to the `actix_files::Files::new()` method causes the actix server to expose unexpected files.\n\n### Details\n\nThe `actix-files` library exposes a [`Files` struct](https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L38) that configures an actix `service` to serve the files in a folder as static assets. Below you can find the [signature of the `Files::new` method](https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L98):\n\n```rust\npub fn new\u003cT: Into\u003cPathBuf\u003e\u003e(mount_path: \u0026str, serve_from: T) -\u003e Files\n```\n\nWhen the `mount_path` you pass to `Files` doesn't exist, [it defaults to an empty path](https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L104) (`Path::new()`). When the service receives a HTTP request, it [joins the request information with the empty path](https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/service.rs#L136) and calls `canonicalize`. Rust resolves this path as relative and returns any file that matches it.\n\nThis behavior causes the library to expose unexpected files when the folder is not present.\n\n### PoC\n\n_There is a working PoC on https://github.com/Angelmmiguel/actix-files-vuln, although the next steps can be followed to reproduce the issue_\n\n1. Clone the https://github.com/actix/examples repository.\n2. Change your directory to the `basics/static-files` folder.\n3. Edit the `src/main.rs` file and change the line 13 to mount a non-existing folder:\n\n ```diff\n - .service(Files::new(\"/images\", \"static/images/\").show_files_listing())\n + .service(Files::new(\"/images\", \"static/missing/\").show_files_listing())\n ```\n \n4. Run the project with `cargo run`.\n5. Access the \u003chttp://localhost:8080/images/Cargo.toml\u003e URL.\n\n### Impact\n\nThis is an exposure of information vulnerability. It affects anyone using the `actix-files::Files` library that mounts a non-existing folder for any reason.", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "V40Score": 6.3 } }, "References": [ "https://github.com/actix/actix-web", "https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L104", "https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L38", "https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L98", "https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/service.rs#L136", "https://github.com/actix/actix-web/security/advisories/GHSA-8v2v-wjwg-vx6r" ], "PublishedDate": "2026-02-06T18:56:20Z", "LastModifiedDate": "2026-02-06T18:56:20Z" }, { "VulnerabilityID": "GHSA-gcqf-3g44-vc9p", "PkgID": "actix-files@0.6.8", "PkgName": "actix-files", "PkgIdentifier": { "PURL": "pkg:cargo/actix-files@0.6.8", "UID": "a4b9b599832731d5", "BOMRef": "pkg:cargo/actix-files@0.6.8" }, "InstalledVersion": "0.6.8", "FixedVersion": "0.6.10", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-gcqf-3g44-vc9p", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:14a4949902f24653b044bda71a9a0906f0dc920ead90276d8ddc94721cb7003b", "Title": "[actix-files] Panic triggered by empty Range header in GET request for static file", "Description": "### Summary\nA GET request for a static file served by `actix-files` with an empty `Range` header triggers a panic. With `panic = \"abort\"`, a remote user may crash the process on-demand.\n\n### Details\n`actix-files` assumes that `HttpRange::parse()`, when `Ok`, always returns a vector with at least one element. When `parse()` is called on an empty string, it returns `Ok(vec![])`. This can cause a panic at named.rs:534 when handling an HTTP request with an empty `Range:` header. This shouldn't significantly impact programs built with the default `panic = \"unwind\"`, as the only effect is that the connection is closed when the worker thread panics and new threads are spooled up on demand. Programs built with `panic = \"abort\"` are vulnerable to being crashed on-demand by any user with permissions to perform a `GET` request for a static file served by `actix-files`.\nhttps://github.com/actix/actix-web/blob/0383f4bdd1210e726143ca1ebcf01169b67a4b6c/actix-files/src/named.rs#L530-L535\n\n### PoC\n\u003cdetails\u003e\n\u003csummary\u003eMinimal reproduction\u003c/summary\u003e\n\n`Cargo.toml`:\n```toml\n[package]\nname = \"example\"\nversion = \"0.1.0\"\nedition = \"2021\"\n\n[dependencies]\nactix-web = \"=4.5.1\"\nactix-files = \"=0.6.5\"\n\n[profile.dev]\npanic = \"abort\"\n```\n`src/main.rs`:\n```rust\nuse actix_files::NamedFile;\nuse actix_web::{get, Responder};\n\n#[get(\"/\")]\nasync fn index() -\u003e impl Responder {\n NamedFile::open(\"test_file\")\n}\n\n#[actix_web::main]\nasync fn main() -\u003e std::io::Result\u003c()\u003e {\n use actix_web::{App, HttpServer};\n\n HttpServer::new(|| App::new().service(index))\n .bind((\"127.0.0.1\", 8080))?\n .run()\n .await\n}\n```\n`test.sh`:\n```sh\n#!/bin/bash\n\necho foo \u003e test_file\ncargo b\ncargo r\u0026\nsleep 1\nnc 127.0.0.1 8080 \u003c\u003c EOF\nGET / HTTP/1.1\nRange:\n\nEOF\nkill %1\n```\n\nCreate these files, then run `chmod +x test.sh \u0026\u0026 ./test.sh`. The server should start, then crash upon receiving the `GET` request from `netcat`.\n\nThis assumes a reasonably UNIX-like system with Rust, `bash` and `netcat` installed.\n\u003c/details\u003e\n\n### Impact\nIt is believed that only programs compiled with panic = \"abort\" are affected significantly. The only potential impact that can be seen is Denial of Service, though an attacker able to repeatedly send GET requests without those requests getting blocked by rate limiting, DDoS protection, etc. would be able to keep a server down indefinitely. As only a single unblocked request is needed to trigger the panic, merely having a rate limiter may not be enough to prevent this.\n\nThough the impact in the worst case is significant, the real-world risk of this vulnerability appears to be limited, as it would be expected that anyone for whom uptime is a significant concern would not compile their program with panic = \"abort\".", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.9 } }, "References": [ "https://github.com/actix/actix-web", "https://github.com/actix/actix-web/blob/0383f4bdd1210e726143ca1ebcf01169b67a4b6c/actix-files/src/named.rs#L530-L535", "https://github.com/actix/actix-web/security/advisories/GHSA-gcqf-3g44-vc9p" ], "PublishedDate": "2026-02-06T19:00:12Z", "LastModifiedDate": "2026-02-06T19:00:13Z" }, { "VulnerabilityID": "CVE-2026-25541", "VendorIDs": [ "GHSA-434x-w66g-qw3r" ], "PkgID": "bytes@1.10.1", "PkgName": "bytes", "PkgIdentifier": { "PURL": "pkg:cargo/bytes@1.10.1", "UID": "1adf6932336c8bf9", "BOMRef": "pkg:cargo/bytes@1.10.1" }, "InstalledVersion": "1.10.1", "FixedVersion": "1.11.1", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25541", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:581822a40bffb16ff638fe13466c6fb04f63eec0f62b7e9ed1947a02ab4a2802", "Title": "Bytes is a utility library for working with bytes. From version 1.2.1 ...", "Description": "Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition \"v_capacity \u003e= new_cap + offset\" uses an unchecked addition. When new_cap + offset overflows usize in release builds, this condition may incorrectly pass, causing self.cap to be set to a value that exceeds the actual allocated capacity. Subsequent APIs such as spare_capacity_mut() then trust this corrupted cap value and may create out-of-bounds slices, leading to UB. This behavior is observable in release builds (integer overflow wraps), whereas debug builds panic due to overflow checks. This issue has been patched in version 1.11.1.", "Severity": "MEDIUM", "CweIDs": [ "CWE-680" ], "VendorSeverity": { "azure": 2, "cbl-mariner": 2, "ghsa": 2, "nvd": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P", "V40Score": 5.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://github.com/tokio-rs/bytes", "https://github.com/tokio-rs/bytes/commit/d0293b0e35838123c51ca5dfdf468ecafee4398f", "https://github.com/tokio-rs/bytes/releases/tag/v1.11.1", "https://github.com/tokio-rs/bytes/security/advisories/GHSA-434x-w66g-qw3r", "https://nvd.nist.gov/vuln/detail/CVE-2026-25541", "https://rustsec.org/advisories/RUSTSEC-2026-0007.html" ], "PublishedDate": "2026-02-04T22:16:00.383Z", "LastModifiedDate": "2026-02-27T20:13:28.537Z" }, { "VulnerabilityID": "CVE-2026-25537", "VendorIDs": [ "GHSA-h395-gr6q-cpjc" ], "PkgID": "jsonwebtoken@10.0.0", "PkgName": "jsonwebtoken", "PkgIdentifier": { "PURL": "pkg:cargo/jsonwebtoken@10.0.0", "UID": "a9eb4247f41b4cc9", "BOMRef": "pkg:cargo/jsonwebtoken@10.0.0" }, "InstalledVersion": "10.0.0", "FixedVersion": "10.3.0", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25537", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:8847295f41cbb82146b440f12ab512ed5262c6d396a2bc6df04b24908abef73b", "Title": "jsonwebtoken: jsonwebtoken has Type Confusion that leads to potential authorization bypass", "Description": "jsonwebtoken is a JWT lib in rust. Prior to version 10.3.0, there is a Type Confusion vulnerability in jsonwebtoken, specifically, in its claim validation logic. When a standard claim (such as nbf or exp) is provided with an incorrect JSON type (Like a String instead of a Number), the library’s internal parsing mechanism marks the claim as “FailedToParse”. Crucially, the validation logic treats this “FailedToParse” state identically to “NotPresent”. This means that if a check is enabled (like: validate_nbf = true), but the claim is not explicitly marked as required in required_spec_claims, the library will skip the validation check entirely for the malformed claim, treating it as if it were not there. This allows attackers to bypass critical time-based security restrictions (like “Not Before” checks) and commit potential authentication and authorization bypasses. This issue has been patched in version 10.3.0.", "Severity": "MEDIUM", "CweIDs": [ "CWE-843" ], "VendorSeverity": { "ghsa": 2, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P", "V40Score": 5.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-25537", "https://github.com/Keats/jsonwebtoken", "https://github.com/Keats/jsonwebtoken/commit/abbc3076742c4161347bc6b8bf4aa5eb86e1dc01", "https://github.com/Keats/jsonwebtoken/security/advisories/GHSA-h395-gr6q-cpjc", "https://nvd.nist.gov/vuln/detail/CVE-2026-25537", "https://www.cve.org/CVERecord?id=CVE-2026-25537" ], "PublishedDate": "2026-02-04T22:15:59.807Z", "LastModifiedDate": "2026-02-11T19:13:47.607Z" }, { "VulnerabilityID": "CVE-2026-32829", "VendorIDs": [ "GHSA-vvp9-7p8x-rfvv" ], "PkgID": "lz4_flex@0.12.0", "PkgName": "lz4_flex", "PkgIdentifier": { "PURL": "pkg:cargo/lz4_flex@0.12.0", "UID": "bfdb5642d2dcb174", "BOMRef": "pkg:cargo/lz4_flex@0.12.0" }, "InstalledVersion": "0.12.0", "FixedVersion": "0.11.6, 0.12.1", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-32829", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:b5509bb457423a5bd9e5b0e8a92d1d8d577660d7d72fb4a6d3d8fc72854801c9", "Title": "lz4_flex: lz4_flex's decompression can leak information from uninitialized memory or reused output buffer", "Description": "lz4_flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values during LZ4 \"match copy operations,\" allowing out-of-bounds reads from the output buffer. The block-based API functions (`decompress_into`, `decompress_into_with_dict`, and others when `safe-decode` is disabled) are affected, while all frame APIs are unaffected. The impact is potential exposure of sensitive data and secrets through crafted or malformed LZ4 input. This issue has been fixed in versions 0.11.6 and 0.12.1.", "Severity": "HIGH", "CweIDs": [ "CWE-201", "CWE-823" ], "VendorSeverity": { "amazon": 2, "ghsa": 3, "nvd": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-32829", "https://github.com/PSeitz/lz4_flex", "https://github.com/PSeitz/lz4_flex/commit/055502ee5d297ecd6bf448ac91c055c7f6df9b6d", "https://github.com/PSeitz/lz4_flex/security/advisories/GHSA-vvp9-7p8x-rfvv", "https://nvd.nist.gov/vuln/detail/CVE-2026-32829", "https://rustsec.org/advisories/RUSTSEC-2026-0041.html", "https://www.cve.org/CVERecord?id=CVE-2026-32829" ], "PublishedDate": "2026-03-20T01:15:56.277Z", "LastModifiedDate": "2026-03-30T15:05:23.41Z" }, { "VulnerabilityID": "CVE-2025-53605", "VendorIDs": [ "GHSA-2gh3-rmm4-6rq5" ], "PkgID": "protobuf@2.28.0", "PkgName": "protobuf", "PkgIdentifier": { "PURL": "pkg:cargo/protobuf@2.28.0", "UID": "17b34d7d9bb1965a", "BOMRef": "pkg:cargo/protobuf@2.28.0" }, "InstalledVersion": "2.28.0", "FixedVersion": "3.7.2", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-53605", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:ae182f1145da1bd8287ea39ac3595421359c1be6a82c768630bfa2e84ef0b3ac", "Title": "protobuf: Protobuf: Uncontrolled Recursion Vulnerability", "Description": "The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U", "V40Score": 6.6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-53605", "https://crates.io/crates/protobuf", "https://github.com/stepancheg/rust-protobuf", "https://github.com/stepancheg/rust-protobuf/commit/f06992f46771c0a092593b9ebf7afd48740b3ed6", "https://github.com/stepancheg/rust-protobuf/issues/749", "https://nvd.nist.gov/vuln/detail/CVE-2025-53605", "https://rustsec.org/advisories/RUSTSEC-2024-0437", "https://rustsec.org/advisories/RUSTSEC-2024-0437.html", "https://www.cve.org/CVERecord?id=CVE-2025-53605" ], "PublishedDate": "2025-07-05T01:15:28.523Z", "LastModifiedDate": "2025-07-08T16:18:53.607Z" }, { "VulnerabilityID": "CVE-2026-31812", "VendorIDs": [ "GHSA-6xvm-j4wr-6v98" ], "PkgID": "quinn-proto@0.11.8", "PkgName": "quinn-proto", "PkgIdentifier": { "PURL": "pkg:cargo/quinn-proto@0.11.8", "UID": "b725c0d3d46332c5", "BOMRef": "pkg:cargo/quinn-proto@0.11.8" }, "InstalledVersion": "0.11.8", "FixedVersion": "0.11.14", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31812", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:e8785f33dd33c76160bfe2b8fa551a93fc44575215040a613b5aaddb939c886c", "Title": "quinn-proto: quinn-proto: Denial of Service via crafted QUIC Initial packet", "Description": "Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quic_transport_parameters. In quinn-proto parsing logic, attacker-controlled varints are decoded with unwrap(), so truncated encodings cause Err(UnexpectedEnd) and panic. This is reachable over the network with a single packet and no prior trust or authentication. This vulnerability is fixed in 0.11.14.", "Severity": "HIGH", "CweIDs": [ "CWE-248" ], "VendorSeverity": { "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 8.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31812", "https://github.com/quinn-rs/quinn", "https://github.com/quinn-rs/quinn/pull/2559", "https://github.com/quinn-rs/quinn/security/advisories/GHSA-6xvm-j4wr-6v98", "https://nvd.nist.gov/vuln/detail/CVE-2026-31812", "https://rustsec.org/advisories/RUSTSEC-2026-0037.html", "https://www.cve.org/CVERecord?id=CVE-2026-31812" ], "PublishedDate": "2026-03-10T22:16:18.84Z", "LastModifiedDate": "2026-03-11T13:52:47.683Z" }, { "VulnerabilityID": "CVE-2026-21895", "VendorIDs": [ "GHSA-9c48-w39g-hm26" ], "PkgID": "rsa@0.9.8", "PkgName": "rsa", "PkgIdentifier": { "PURL": "pkg:cargo/rsa@0.9.8", "UID": "c91588852fc574fc", "BOMRef": "pkg:cargo/rsa@0.9.8" }, "InstalledVersion": "0.9.8", "FixedVersion": "0.9.10", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-21895", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:ed579d81013200818fdd5307a15573a31da19e46bf60ddc511ea686c48d85d28", "Title": "RSA: RSA crate: Denial of Service due to malformed prime in private key generation", "Description": "The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue.", "Severity": "LOW", "CweIDs": [ "CWE-703" ], "VendorSeverity": { "ghsa": 1, "nvd": 2, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-21895", "https://github.com/RustCrypto/RSA", "https://github.com/RustCrypto/RSA/commit/2926c91bef7cb14a7ccd42220a698cf4b1b692f7", "https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26", "https://nvd.nist.gov/vuln/detail/CVE-2026-21895", "https://www.cve.org/CVERecord?id=CVE-2026-21895" ], "PublishedDate": "2026-01-08T14:15:57.72Z", "LastModifiedDate": "2026-03-12T19:27:31.327Z" }, { "VulnerabilityID": "GHSA-pwjx-qhcg-rvj4", "PkgID": "rustls-webpki@0.102.8", "PkgName": "rustls-webpki", "PkgIdentifier": { "PURL": "pkg:cargo/rustls-webpki@0.102.8", "UID": "24c33cb303bb0514", "BOMRef": "pkg:cargo/rustls-webpki@0.102.8" }, "InstalledVersion": "0.102.8", "FixedVersion": "0.103.10, 0.104.0-alpha.5", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-pwjx-qhcg-rvj4", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:06fd67f61f08b6f2230c517054a0bd28df1dc90adbddf30a08f369d33a353a23", "Title": "webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic", "Description": "If a certificate had more than one `distributionPoint`, then only the first `distributionPoint` would be considered against each CRL's `IssuingDistributionPoint` `distributionPoint`, and then the certificate's subsequent `distributionPoint`s would be ignored.\n\nThe impact was that correct provided CRLs would not be consulted to check revocation. With `UnknownStatusPolicy::Deny` (the default) this would lead to incorrect but safe `Error::UnknownRevocationStatus`. With `UnknownStatusPolicy::Allow` this would lead to inappropriate acceptance of revoked certificates.\n\nThis vulnerability is thought to be of limited impact. This is because both the certificate and CRL are signed -- an attacker would need to compromise a trusted issuing authority to trigger this bug. An attacker with such capabilities could likely bypass revocation checking through other more impactful means (such as publishing a valid, empty CRL.)\n\nMore likely, this bug would be latent in normal use, and an attacker could leverage faulty revocation checking to continue using a revoked credential.", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", "V3Score": 4.4 } }, "References": [ "https://github.com/rustls/webpki", "https://github.com/rustls/webpki/security/advisories/GHSA-pwjx-qhcg-rvj4", "https://rustsec.org/advisories/RUSTSEC-2026-0049.html" ], "PublishedDate": "2026-03-20T21:51:17Z", "LastModifiedDate": "2026-03-25T19:56:38Z" }, { "VulnerabilityID": "GHSA-pwjx-qhcg-rvj4", "PkgID": "rustls-webpki@0.103.6", "PkgName": "rustls-webpki", "PkgIdentifier": { "PURL": "pkg:cargo/rustls-webpki@0.103.6", "UID": "23a0693de6fc1658", "BOMRef": "pkg:cargo/rustls-webpki@0.103.6" }, "InstalledVersion": "0.103.6", "FixedVersion": "0.103.10, 0.104.0-alpha.5", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-pwjx-qhcg-rvj4", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:078af7bd94abeb1c92dcdf858fcfba7f732935c410febe6b51951650c9f2ae64", "Title": "webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic", "Description": "If a certificate had more than one `distributionPoint`, then only the first `distributionPoint` would be considered against each CRL's `IssuingDistributionPoint` `distributionPoint`, and then the certificate's subsequent `distributionPoint`s would be ignored.\n\nThe impact was that correct provided CRLs would not be consulted to check revocation. With `UnknownStatusPolicy::Deny` (the default) this would lead to incorrect but safe `Error::UnknownRevocationStatus`. With `UnknownStatusPolicy::Allow` this would lead to inappropriate acceptance of revoked certificates.\n\nThis vulnerability is thought to be of limited impact. This is because both the certificate and CRL are signed -- an attacker would need to compromise a trusted issuing authority to trigger this bug. An attacker with such capabilities could likely bypass revocation checking through other more impactful means (such as publishing a valid, empty CRL.)\n\nMore likely, this bug would be latent in normal use, and an attacker could leverage faulty revocation checking to continue using a revoked credential.", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", "V3Score": 4.4 } }, "References": [ "https://github.com/rustls/webpki", "https://github.com/rustls/webpki/security/advisories/GHSA-pwjx-qhcg-rvj4", "https://rustsec.org/advisories/RUSTSEC-2026-0049.html" ], "PublishedDate": "2026-03-20T21:51:17Z", "LastModifiedDate": "2026-03-25T19:56:38Z" }, { "VulnerabilityID": "CVE-2026-25727", "VendorIDs": [ "GHSA-r6v5-fh4h-64xc" ], "PkgID": "time@0.3.17", "PkgName": "time", "PkgIdentifier": { "PURL": "pkg:cargo/time@0.3.17", "UID": "63b08a9837dffdca", "BOMRef": "pkg:cargo/time@0.3.17" }, "InstalledVersion": "0.3.17", "FixedVersion": "0.3.47", "Status": "fixed", "Layer": { "Digest": "sha256:53e904f37065c2662761fa556edcc04130e65065b5739c91506db5243d1da6fd", "DiffID": "sha256:f24034543efd33070eeac872968bd3e0b936eb9ad1b0405db23b33447f8a5a1e" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25727", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:6dd1ba774744967c470eec79e6164b39e15a10825e3b4025108075030b25029d", "Title": "time: time affected by a stack exhaustion denial of service attack", "Description": "time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary, non-malicious input will never encounter this scenario. A limit to the depth of recursion was added in v0.3.47. From this version, an error will be returned rather than exhausting the stack.", "Severity": "MEDIUM", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", "V40Score": 6.8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-25727", "https://github.com/time-rs/time", "https://github.com/time-rs/time/blob/main/CHANGELOG.md#0347-2026-02-05", "https://github.com/time-rs/time/commit/1c63dc7985b8fa26bd8c689423cc56b7a03841ee", "https://github.com/time-rs/time/releases/tag/v0.3.47", "https://github.com/time-rs/time/security/advisories/GHSA-r6v5-fh4h-64xc", "https://nvd.nist.gov/vuln/detail/CVE-2026-25727", "https://rustsec.org/advisories/RUSTSEC-2026-0009.html", "https://www.cve.org/CVERecord?id=CVE-2026-25727" ], "PublishedDate": "2026-02-06T20:16:11.86Z", "LastModifiedDate": "2026-02-24T15:23:35.563Z" } ] } ] }