{ "SchemaVersion": 2, "Trivy": { "Version": "0.69.3" }, "ReportID": "019d57b3-547d-7714-aa86-ae99c5e4eb50", "CreatedAt": "2026-04-04T08:54:23.613465662Z", "ArtifactName": "sboms/ai-containers-qdrant-v1.16.3-gpu-nvidia-cyclonedx.json", "ArtifactType": "cyclonedx", "Metadata": { "OS": { "Family": "ubuntu", "Name": "22.04" }, "ImageID": "sha256:b1285ecd51acd1f76914a475a729f4dd263ee66298fabf981f0b11720d87d3eb", "DiffIDs": [ "sha256:18545e66b1375e4039f5870e4553a060c197aaa401688972380c9b088e512e81", "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506", "sha256:3d28c8851730292aadf64b93079038431a6f1bea879a5241cf8e5f7392c240e7", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945", "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d", "sha256:7c7a9688c6e9ee62925c6a409e6aac28b1e925565a0e811c7055037f288876ac", "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76", "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1", "sha256:8fb7835fcac97542a3e0ac7fc6745435bb1cd2389c6a150297541a069678ffa1", "sha256:96c4eea9dcec95cd061631f56cb8e591c6423e4b09b472c2f05fb386ad1964b2", "sha256:9882be05fbb5874816c551c6b08b3fe963b406f1c71c7d57c4560d0ef5c74b43", "sha256:98f85675b8737771ed3578c0d40b4a1f6596976821fb07380f31bca8d676fb99", "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05", "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157", "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" ], "RepoDigests": [ "registry.suse.com/ai/containers/qdrant@sha256:9f9e27c98c892333050a6bc2cc56c82825185a8f264280eecb8ec2e34bfd004e" ], "Reference": "registry.suse.com/ai/containers/qdrant@sha256:9f9e27c98c892333050a6bc2cc56c82825185a8f264280eecb8ec2e34bfd004e" }, "Results": [ { "Target": "sboms/ai-containers-qdrant-v1.16.3-gpu-nvidia-cyclonedx.json (ubuntu 22.04)", "Class": "os-pkgs", "Type": "ubuntu", "Packages": [ { "ID": "adduser@3.118ubuntu5", "Name": "adduser", "Identifier": { "PURL": "pkg:deb/ubuntu/adduser@3.118ubuntu5?arch=all\u0026distro=ubuntu-22.04", "UID": "957ab14c0d3f31cd", "BOMRef": "pkg:deb/ubuntu/adduser@3.118ubuntu5?arch=all\u0026distro=ubuntu-22.04" }, "Version": "3.118ubuntu5", "Arch": "all", "SrcName": "adduser", "SrcVersion": "3.118ubuntu5", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "passwd@1:4.8.1-2ubuntu2.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "apt@2.4.9", "Name": "apt", "Identifier": { "PURL": "pkg:deb/ubuntu/apt@2.4.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "a042184e5bd3d95d", "BOMRef": "pkg:deb/ubuntu/apt@2.4.9?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.4.9", "Arch": "amd64", "SrcName": "apt", "SrcVersion": "2.4.9", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "adduser@3.118ubuntu5", "gpgv@2.2.27-3ubuntu2.1", "libapt-pkg6.0@2.4.9", "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libgnutls30@3.7.3-4ubuntu1.2", "libseccomp2@2.5.3-2ubuntu2", "libstdc++6@12.1.0-2ubuntu1~22.04", "libsystemd0@249.11-0ubuntu3.9", "ubuntu-keyring@2021.03.26" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "base-files@12ubuntu4.3", "Name": "base-files", "Identifier": { "PURL": "pkg:deb/ubuntu/base-files@12ubuntu4.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "58f9d60e43c04c73", "BOMRef": "pkg:deb/ubuntu/base-files@12ubuntu4.3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "12ubuntu4.3", "Arch": "amd64", "SrcName": "base-files", "SrcVersion": "12ubuntu4.3", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libcrypt1@1:4.4.27-1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "base-passwd@3.5.52build1", "Name": "base-passwd", "Identifier": { "PURL": "pkg:deb/ubuntu/base-passwd@3.5.52build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c56d30d5c70d0c23", "BOMRef": "pkg:deb/ubuntu/base-passwd@3.5.52build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.5.52build1", "Arch": "amd64", "SrcName": "base-passwd", "SrcVersion": "3.5.52build1", "Licenses": [ "GPL-2.0-only", "public-domain" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdebconfclient0@0.261ubuntu1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "bash@5.1-6ubuntu1", "Name": "bash", "Identifier": { "PURL": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1738e0c17c879de", "BOMRef": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.1-6ubuntu1", "Arch": "amd64", "SrcName": "bash", "SrcVersion": "5.1", "SrcRelease": "6ubuntu1", "Licenses": [ "GPL-3.0-only" ], "DependsOn": [ "base-files@12ubuntu4.3", "debianutils@5.5-1ubuntu2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "bsdutils@1:2.37.2-4ubuntu3", "Name": "bsdutils", "Identifier": { "PURL": "pkg:deb/ubuntu/bsdutils@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "fdef9652c0b46c7b", "BOMRef": "pkg:deb/ubuntu/bsdutils@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "2.37.2-4ubuntu3", "Epoch": 1, "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "ca-certificates@20240203~22.04.1", "Name": "ca-certificates", "Identifier": { "PURL": "pkg:deb/ubuntu/ca-certificates@20240203~22.04.1?arch=all\u0026distro=ubuntu-22.04", "UID": "e9ffbf74fc2e9ff4", "BOMRef": "pkg:deb/ubuntu/ca-certificates@20240203~22.04.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "20240203~22.04.1", "Arch": "all", "SrcName": "ca-certificates", "SrcVersion": "20240203~22.04.1", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "MPL-2.0" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "openssl@3.0.2-0ubuntu1.20" ], "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" } }, { "ID": "coreutils@8.32-4.1ubuntu1", "Name": "coreutils", "Identifier": { "PURL": "pkg:deb/ubuntu/coreutils@8.32-4.1ubuntu1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "142752eb68fc96c2", "BOMRef": "pkg:deb/ubuntu/coreutils@8.32-4.1ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "8.32-4.1ubuntu1", "Arch": "amd64", "SrcName": "coreutils", "SrcVersion": "8.32", "SrcRelease": "4.1ubuntu1", "Licenses": [ "GPL-3.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "dash@0.5.11+git20210903+057cd650a4ed-3build1", "Name": "dash", "Identifier": { "PURL": "pkg:deb/ubuntu/dash@0.5.11%2Bgit20210903%2B057cd650a4ed-3build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b8f341501ac60dd3", "BOMRef": "pkg:deb/ubuntu/dash@0.5.11%2Bgit20210903%2B057cd650a4ed-3build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.5.11+git20210903+057cd650a4ed-3build1", "Arch": "amd64", "SrcName": "dash", "SrcVersion": "0.5.11+git20210903+057cd650a4ed", "SrcRelease": "3build1", "Licenses": [ "BSD-3-Clause", "FSFULLR", "FSFUL", "MIT", "GPL-2.0-or-later", "public-domain", "GPL-2.0-only" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "debianutils@5.5-1ubuntu2", "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "debconf@1.5.79ubuntu1", "Name": "debconf", "Identifier": { "PURL": "pkg:deb/ubuntu/debconf@1.5.79ubuntu1?arch=all\u0026distro=ubuntu-22.04", "UID": "4aaa4de27e4fc2d3", "BOMRef": "pkg:deb/ubuntu/debconf@1.5.79ubuntu1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.5.79ubuntu1", "Arch": "all", "SrcName": "debconf", "SrcVersion": "1.5.79ubuntu1", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "debianutils@5.5-1ubuntu2", "Name": "debianutils", "Identifier": { "PURL": "pkg:deb/ubuntu/debianutils@5.5-1ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d154ba181f486616", "BOMRef": "pkg:deb/ubuntu/debianutils@5.5-1ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.5-1ubuntu2", "Arch": "amd64", "SrcName": "debianutils", "SrcVersion": "5.5", "SrcRelease": "1ubuntu2", "Licenses": [ "GPL-2.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "diffutils@1:3.8-0ubuntu2", "Name": "diffutils", "Identifier": { "PURL": "pkg:deb/ubuntu/diffutils@3.8-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "cc776128efa5ad9a", "BOMRef": "pkg:deb/ubuntu/diffutils@3.8-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "3.8-0ubuntu2", "Epoch": 1, "Arch": "amd64", "SrcName": "diffutils", "SrcVersion": "3.8", "SrcRelease": "0ubuntu2", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-or-later", "GFDL-1.3-or-later" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "dpkg@1.21.1ubuntu2.1", "Name": "dpkg", "Identifier": { "PURL": "pkg:deb/ubuntu/dpkg@1.21.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8781567b680a5dbe", "BOMRef": "pkg:deb/ubuntu/dpkg@1.21.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.21.1ubuntu2.1", "Arch": "amd64", "SrcName": "dpkg", "SrcVersion": "1.21.1ubuntu2.1", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "BSD-2-Clause", "public-domain-s-s-d", "public-domain-md5" ], "DependsOn": [ "tar@1.34+dfsg-1ubuntu0.1.22.04.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "e2fsprogs@1.46.5-2ubuntu1.1", "Name": "e2fsprogs", "Identifier": { "PURL": "pkg:deb/ubuntu/e2fsprogs@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "360211ddb4c7062c", "BOMRef": "pkg:deb/ubuntu/e2fsprogs@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.46.5-2ubuntu1.1", "Arch": "amd64", "SrcName": "e2fsprogs", "SrcVersion": "1.46.5", "SrcRelease": "2ubuntu1.1", "Licenses": [ "GPL-2.0-only", "LGPL-2.0-only" ], "DependsOn": [ "logsave@1.46.5-2ubuntu1.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "findutils@4.8.0-1ubuntu3", "Name": "findutils", "Identifier": { "PURL": "pkg:deb/ubuntu/findutils@4.8.0-1ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5c2cbdd5973d236", "BOMRef": "pkg:deb/ubuntu/findutils@4.8.0-1ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "4.8.0-1ubuntu3", "Arch": "amd64", "SrcName": "findutils", "SrcVersion": "4.8.0", "SrcRelease": "1ubuntu3", "Licenses": [ "GPL-3.0-only", "GFDL-1.3-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "gcc-12-base@12.1.0-2ubuntu1~22.04", "Name": "gcc-12-base", "Identifier": { "PURL": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "eb3d8453e26c5e35", "BOMRef": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "12.1.0-2ubuntu1~22.04", "Arch": "i386", "SrcName": "gcc-12", "SrcVersion": "12.1.0", "SrcRelease": "2ubuntu1~22.04", "Licenses": [ "GPL-2.0-or-later", "GPL-3.0-only", "GFDL-1.2-only", "GPL-2.0-only", "Artistic-2.0", "LGPL-2.0-or-later" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "gpgv@2.2.27-3ubuntu2.1", "Name": "gpgv", "Identifier": { "PURL": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "10c4962094550539", "BOMRef": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.2.27-3ubuntu2.1", "Arch": "amd64", "SrcName": "gnupg2", "SrcVersion": "2.2.27", "SrcRelease": "3ubuntu2.1", "Licenses": [ "GPL-3.0-or-later", "permissive", "LGPL-2.1-or-later", "MIT", "BSD-3-Clause", "LGPL-3.0-or-later", "RFC-Reference", "TinySCHEME", "CC0-1.0", "GPL-3.0-only", "LGPL-3.0-only", "LGPL-2.1-only" ], "DependsOn": [ "libbz2-1.0@1.0.8-5build1", "libc6@2.35-0ubuntu3.1", "libgcrypt20@1.9.4-3ubuntu3", "libgpg-error0@1.43-3", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "grep@3.7-1build1", "Name": "grep", "Identifier": { "PURL": "pkg:deb/ubuntu/grep@3.7-1build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8effcf21bb273828", "BOMRef": "pkg:deb/ubuntu/grep@3.7-1build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.7-1build1", "Arch": "amd64", "SrcName": "grep", "SrcVersion": "3.7", "SrcRelease": "1build1", "Licenses": [ "GPL-3.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "gzip@1.10-4ubuntu4.1", "Name": "gzip", "Identifier": { "PURL": "pkg:deb/ubuntu/gzip@1.10-4ubuntu4.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ac6a0beab944a6b5", "BOMRef": "pkg:deb/ubuntu/gzip@1.10-4ubuntu4.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.10-4ubuntu4.1", "Arch": "amd64", "SrcName": "gzip", "SrcVersion": "1.10", "SrcRelease": "4ubuntu4.1", "Licenses": [ "GPL-3.0-or-later", "GFDL-1.3--no-invariant", "FSF-manpages", "GPL-3.0-only", "GFDL-3" ], "DependsOn": [ "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "hostname@3.23ubuntu2", "Name": "hostname", "Identifier": { "PURL": "pkg:deb/ubuntu/hostname@3.23ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f4a8fd1ffd20138a", "BOMRef": "pkg:deb/ubuntu/hostname@3.23ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.23ubuntu2", "Arch": "amd64", "SrcName": "hostname", "SrcVersion": "3.23ubuntu2", "Licenses": [ "GPL-2.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "init-system-helpers@1.62", "Name": "init-system-helpers", "Identifier": { "PURL": "pkg:deb/ubuntu/init-system-helpers@1.62?arch=all\u0026distro=ubuntu-22.04", "UID": "4f514076a882a365", "BOMRef": "pkg:deb/ubuntu/init-system-helpers@1.62?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.62", "Arch": "all", "SrcName": "init-system-helpers", "SrcVersion": "1.62", "Licenses": [ "BSD-3-Clause", "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "perl-base@5.34.0-3ubuntu1.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libacl1@2.3.1-1", "Name": "libacl1", "Identifier": { "PURL": "pkg:deb/ubuntu/libacl1@2.3.1-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "18182a2805f6f9df", "BOMRef": "pkg:deb/ubuntu/libacl1@2.3.1-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.3.1-1", "Arch": "amd64", "SrcName": "acl", "SrcVersion": "2.3.1", "SrcRelease": "1", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "LGPL-2.0-or-later", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libapt-pkg6.0@2.4.9", "Name": "libapt-pkg6.0", "Identifier": { "PURL": "pkg:deb/ubuntu/libapt-pkg6.0@2.4.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53e645d4006f4e62", "BOMRef": "pkg:deb/ubuntu/libapt-pkg6.0@2.4.9?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.4.9", "Arch": "amd64", "SrcName": "apt", "SrcVersion": "2.4.9", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libbz2-1.0@1.0.8-5build1", "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libgcrypt20@1.9.4-3ubuntu3", "liblz4-1@1.9.3-2build2", "liblzma5@5.2.5-2ubuntu1", "libstdc++6@12.1.0-2ubuntu1~22.04", "libsystemd0@249.11-0ubuntu3.9", "libudev1@249.11-0ubuntu3.9", "libxxhash0@0.8.1-1", "libzstd1@1.4.8+dfsg-3build1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libatomic1@12.1.0-2ubuntu1~22.04", "Name": "libatomic1", "Identifier": { "PURL": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "de89eee0da10c546", "BOMRef": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "12.1.0-2ubuntu1~22.04", "Arch": "i386", "SrcName": "gcc-12", "SrcVersion": "12.1.0", "SrcRelease": "2ubuntu1~22.04", "DependsOn": [ "gcc-12-base@12.1.0-2ubuntu1~22.04", "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libattr1@1:2.5.1-1build1", "Name": "libattr1", "Identifier": { "PURL": "pkg:deb/ubuntu/libattr1@2.5.1-1build1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "de5f22deec63ab41", "BOMRef": "pkg:deb/ubuntu/libattr1@2.5.1-1build1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "2.5.1-1build1", "Epoch": 1, "Arch": "amd64", "SrcName": "attr", "SrcVersion": "2.5.1", "SrcRelease": "1build1", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "LGPL-2.0-or-later", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libaudit-common@1:3.0.7-1build1", "Name": "libaudit-common", "Identifier": { "PURL": "pkg:deb/ubuntu/libaudit-common@3.0.7-1build1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "36ca334d6a51087c", "BOMRef": "pkg:deb/ubuntu/libaudit-common@3.0.7-1build1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "3.0.7-1build1", "Epoch": 1, "Arch": "all", "SrcName": "audit", "SrcVersion": "3.0.7", "SrcRelease": "1build1", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-only", "LGPL-2.1-only", "GPL-1.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libaudit1@1:3.0.7-1build1", "Name": "libaudit1", "Identifier": { "PURL": "pkg:deb/ubuntu/libaudit1@3.0.7-1build1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "cbb5b09e7d8fda8c", "BOMRef": "pkg:deb/ubuntu/libaudit1@3.0.7-1build1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "3.0.7-1build1", "Epoch": 1, "Arch": "amd64", "SrcName": "audit", "SrcVersion": "3.0.7", "SrcRelease": "1build1", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-only", "LGPL-2.1-only", "GPL-1.0-only" ], "DependsOn": [ "libaudit-common@1:3.0.7-1build1", "libc6@2.35-0ubuntu3.1", "libcap-ng0@0.7.9-2.2build3" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libblkid1@2.37.2-4ubuntu3", "Name": "libblkid1", "Identifier": { "PURL": "pkg:deb/ubuntu/libblkid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "711bb225c7e5017c", "BOMRef": "pkg:deb/ubuntu/libblkid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libbsd0@0.11.5-1", "Name": "libbsd0", "Identifier": { "PURL": "pkg:deb/ubuntu/libbsd0@0.11.5-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "ca418f39950777eb", "BOMRef": "pkg:deb/ubuntu/libbsd0@0.11.5-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "0.11.5-1", "Arch": "i386", "SrcName": "libbsd", "SrcVersion": "0.11.5", "SrcRelease": "1", "Licenses": [ "BSD-3-Clause", "BSD-4-clause-Niels-Provos", "BSD-4-clause-Christopher-G-Demetriou", "BSD-3-clause-Regents", "BSD-2-Clause-NetBSD", "BSD-3-clause-author", "BSD-3-clause-John-Birrell", "BSD-5-clause-Peter-Wemm", "BSD-2-Clause", "BSD-2-clause-verbatim", "BSD-2-clause-author", "ISC", "ISC-Original", "MIT", "public-domain", "Beerware" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libmd0@1.0.4-1build1" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libbz2-1.0@1.0.8-5build1", "Name": "libbz2-1.0", "Identifier": { "PURL": "pkg:deb/ubuntu/libbz2-1.0@1.0.8-5build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4f990dba204c22af", "BOMRef": "pkg:deb/ubuntu/libbz2-1.0@1.0.8-5build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.0.8-5build1", "Arch": "amd64", "SrcName": "bzip2", "SrcVersion": "1.0.8", "SrcRelease": "5build1", "Licenses": [ "BSD-3-Clause", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libc-bin@2.35-0ubuntu3.1", "Name": "libc-bin", "Identifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.35-0ubuntu3.1", "Arch": "amd64", "SrcName": "glibc", "SrcVersion": "2.35", "SrcRelease": "0ubuntu3.1", "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only", "GFDL-1.3-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libc6@2.35-0ubuntu3.1", "Name": "libc6", "Identifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.35-0ubuntu3.1", "Arch": "i386", "SrcName": "glibc", "SrcVersion": "2.35", "SrcRelease": "0ubuntu3.1", "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only", "GFDL-1.3-only" ], "DependsOn": [ "libcrypt1@1:4.4.27-1", "libgcc-s1@12.1.0-2ubuntu1~22.04" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libcap-ng0@0.7.9-2.2build3", "Name": "libcap-ng0", "Identifier": { "PURL": "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.2build3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b128764c7c9197f8", "BOMRef": "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.2build3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.7.9-2.2build3", "Arch": "amd64", "SrcName": "libcap-ng", "SrcVersion": "0.7.9", "SrcRelease": "2.2build3", "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libcap2@1:2.44-1build3", "Name": "libcap2", "Identifier": { "PURL": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "bc5361cbf7d8d2e6", "BOMRef": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "2.44-1build3", "Epoch": 1, "Arch": "amd64", "SrcName": "libcap2", "SrcVersion": "2.44", "SrcRelease": "1build3", "SrcEpoch": 1, "Licenses": [ "BSD-3-Clause", "GPL-2.0-only", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libcom-err2@1.46.5-2ubuntu1.1", "Name": "libcom-err2", "Identifier": { "PURL": "pkg:deb/ubuntu/libcom-err2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9df07fb0cbb37c09", "BOMRef": "pkg:deb/ubuntu/libcom-err2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.46.5-2ubuntu1.1", "Arch": "amd64", "SrcName": "e2fsprogs", "SrcVersion": "1.46.5", "SrcRelease": "2ubuntu1.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libcrypt1@1:4.4.27-1", "Name": "libcrypt1", "Identifier": { "PURL": "pkg:deb/ubuntu/libcrypt1@4.4.27-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "76dc08faa3f52afa", "BOMRef": "pkg:deb/ubuntu/libcrypt1@4.4.27-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "4.4.27-1", "Epoch": 1, "Arch": "i386", "SrcName": "libxcrypt", "SrcVersion": "4.4.27", "SrcRelease": "1", "SrcEpoch": 1, "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libdb5.3@5.3.28+dfsg1-0.8ubuntu3", "Name": "libdb5.3", "Identifier": { "PURL": "pkg:deb/ubuntu/libdb5.3@5.3.28%2Bdfsg1-0.8ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5d17aebfc7f355cc", "BOMRef": "pkg:deb/ubuntu/libdb5.3@5.3.28%2Bdfsg1-0.8ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.3.28+dfsg1-0.8ubuntu3", "Arch": "amd64", "SrcName": "db5.3", "SrcVersion": "5.3.28+dfsg1", "SrcRelease": "0.8ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libdebconfclient0@0.261ubuntu1", "Name": "libdebconfclient0", "Identifier": { "PURL": "pkg:deb/ubuntu/libdebconfclient0@0.261ubuntu1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "59c817508724f715", "BOMRef": "pkg:deb/ubuntu/libdebconfclient0@0.261ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.261ubuntu1", "Arch": "amd64", "SrcName": "cdebconf", "SrcVersion": "0.261ubuntu1", "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libdpkg-perl@1.21.1ubuntu2.1", "Name": "libdpkg-perl", "Identifier": { "PURL": "pkg:deb/ubuntu/libdpkg-perl@1.21.1ubuntu2.1?arch=all\u0026distro=ubuntu-22.04", "UID": "8bb1e0d1f95b96fc", "BOMRef": "pkg:deb/ubuntu/libdpkg-perl@1.21.1ubuntu2.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.21.1ubuntu2.1", "Arch": "all", "SrcName": "dpkg", "SrcVersion": "1.21.1ubuntu2.1", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "BSD-2-Clause", "public-domain-s-s-d", "public-domain-md5" ], "DependsOn": [ "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libdrm-amdgpu1@2.4.113-2~ubuntu0.22.04.1", "Name": "libdrm-amdgpu1", "Identifier": { "PURL": "pkg:deb/ubuntu/libdrm-amdgpu1@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "f5529872ef8125ec", "BOMRef": "pkg:deb/ubuntu/libdrm-amdgpu1@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.4.113-2~ubuntu0.22.04.1", "Arch": "i386", "SrcName": "libdrm", "SrcVersion": "2.4.113", "SrcRelease": "2~ubuntu0.22.04.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libdrm-common@2.4.113-2~ubuntu0.22.04.1", "Name": "libdrm-common", "Identifier": { "PURL": "pkg:deb/ubuntu/libdrm-common@2.4.113-2~ubuntu0.22.04.1?arch=all\u0026distro=ubuntu-22.04", "UID": "672f36a8b031fbc5", "BOMRef": "pkg:deb/ubuntu/libdrm-common@2.4.113-2~ubuntu0.22.04.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "2.4.113-2~ubuntu0.22.04.1", "Arch": "all", "SrcName": "libdrm", "SrcVersion": "2.4.113", "SrcRelease": "2~ubuntu0.22.04.1", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libdrm-nouveau2@2.4.113-2~ubuntu0.22.04.1", "Name": "libdrm-nouveau2", "Identifier": { "PURL": "pkg:deb/ubuntu/libdrm-nouveau2@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "b6d4278a359ac5ed", "BOMRef": "pkg:deb/ubuntu/libdrm-nouveau2@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.4.113-2~ubuntu0.22.04.1", "Arch": "i386", "SrcName": "libdrm", "SrcVersion": "2.4.113", "SrcRelease": "2~ubuntu0.22.04.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libdrm-radeon1@2.4.113-2~ubuntu0.22.04.1", "Name": "libdrm-radeon1", "Identifier": { "PURL": "pkg:deb/ubuntu/libdrm-radeon1@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "3f1721dfd501710d", "BOMRef": "pkg:deb/ubuntu/libdrm-radeon1@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.4.113-2~ubuntu0.22.04.1", "Arch": "i386", "SrcName": "libdrm", "SrcVersion": "2.4.113", "SrcRelease": "2~ubuntu0.22.04.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libdrm2@2.4.113-2~ubuntu0.22.04.1", "Name": "libdrm2", "Identifier": { "PURL": "pkg:deb/ubuntu/libdrm2@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "87cf09b5b0643d57", "BOMRef": "pkg:deb/ubuntu/libdrm2@2.4.113-2~ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.4.113-2~ubuntu0.22.04.1", "Arch": "i386", "SrcName": "libdrm", "SrcVersion": "2.4.113", "SrcRelease": "2~ubuntu0.22.04.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm-common@2.4.113-2~ubuntu0.22.04.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libedit2@3.1-20210910-1build1", "Name": "libedit2", "Identifier": { "PURL": "pkg:deb/ubuntu/libedit2@3.1-20210910-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "29093ce2670ca00f", "BOMRef": "pkg:deb/ubuntu/libedit2@3.1-20210910-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "3.1-20210910-1build1", "Arch": "i386", "SrcName": "libedit", "SrcVersion": "3.1-20210910", "SrcRelease": "1build1", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "libbsd0@0.11.5-1", "libc6@2.35-0ubuntu3.1", "libtinfo6@6.3-2" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libegl-dev@1.4.0-1", "Name": "libegl-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libegl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "f86321723cd2c281", "BOMRef": "pkg:deb/ubuntu/libegl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libegl1@1.4.0-1", "libgl-dev@1.4.0-1", "libx11-dev@2:1.7.5-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libegl-mesa0@22.2.5-0ubuntu0.1~22.04.1", "Name": "libegl-mesa0", "Identifier": { "PURL": "pkg:deb/ubuntu/libegl-mesa0@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "31029d3af1ff68e2", "BOMRef": "pkg:deb/ubuntu/libegl-mesa0@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1", "libexpat1@2.4.7-1ubuntu0.2", "libgbm1@22.2.5-0ubuntu0.1~22.04.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1", "libwayland-client0@1.20.0-1ubuntu0.1", "libwayland-server0@1.20.0-1ubuntu0.1", "libx11-xcb1@2:1.7.5-1", "libxcb-dri2-0@1.14-3ubuntu3", "libxcb-dri3-0@1.14-3ubuntu3", "libxcb-present0@1.14-3ubuntu3", "libxcb-sync1@1.14-3ubuntu3", "libxcb-xfixes0@1.14-3ubuntu3", "libxcb1@1.14-3ubuntu3", "libxshmfence1@1.3-1build4" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libegl1@1.4.0-1", "Name": "libegl1", "Identifier": { "PURL": "pkg:deb/ubuntu/libegl1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "54d856c1a3f7ed54", "BOMRef": "pkg:deb/ubuntu/libegl1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libegl-mesa0@22.2.5-0ubuntu0.1~22.04.1", "libglvnd0@1.4.0-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libegl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1", "Name": "libegl1-mesa-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libegl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "5f48c823010ba801", "BOMRef": "pkg:deb/ubuntu/libegl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libegl-dev@1.4.0-1", "libglvnd-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libelf1@0.186-1build1", "Name": "libelf1", "Identifier": { "PURL": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1c5253ff706df94a", "BOMRef": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "0.186-1build1", "Arch": "i386", "SrcName": "elfutils", "SrcVersion": "0.186", "SrcRelease": "1build1", "Licenses": [ "GPL-2.0-only", "GPL-3.0-only", "LGPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libexpat1@2.4.7-1ubuntu0.2", "Name": "libexpat1", "Identifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.4.7-1ubuntu0.2", "Arch": "i386", "SrcName": "expat", "SrcVersion": "2.4.7", "SrcRelease": "1ubuntu0.2", "Licenses": [ "MIT" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libext2fs2@1.46.5-2ubuntu1.1", "Name": "libext2fs2", "Identifier": { "PURL": "pkg:deb/ubuntu/libext2fs2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d0196ec911a5a2c5", "BOMRef": "pkg:deb/ubuntu/libext2fs2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.46.5-2ubuntu1.1", "Arch": "amd64", "SrcName": "e2fsprogs", "SrcVersion": "1.46.5", "SrcRelease": "2ubuntu1.1", "Licenses": [ "GPL-2.0-only", "LGPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libffi8@3.4.2-4", "Name": "libffi8", "Identifier": { "PURL": "pkg:deb/ubuntu/libffi8@3.4.2-4?arch=i386\u0026distro=ubuntu-22.04", "UID": "90af6fbace03d2be", "BOMRef": "pkg:deb/ubuntu/libffi8@3.4.2-4?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "3.4.2-4", "Arch": "i386", "SrcName": "libffi", "SrcVersion": "3.4.2", "SrcRelease": "4", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgbm1@22.2.5-0ubuntu0.1~22.04.1", "Name": "libgbm1", "Identifier": { "PURL": "pkg:deb/ubuntu/libgbm1@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "d4a1bb202b91097c", "BOMRef": "pkg:deb/ubuntu/libgbm1@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1", "libexpat1@2.4.7-1ubuntu0.2", "libwayland-server0@1.20.0-1ubuntu0.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libgcc-s1@12.1.0-2ubuntu1~22.04", "Name": "libgcc-s1", "Identifier": { "PURL": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0c93d2000807a7", "BOMRef": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "12.1.0-2ubuntu1~22.04", "Arch": "i386", "SrcName": "gcc-12", "SrcVersion": "12.1.0", "SrcRelease": "2ubuntu1~22.04", "DependsOn": [ "gcc-12-base@12.1.0-2ubuntu1~22.04", "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgcrypt20@1.9.4-3ubuntu3", "Name": "libgcrypt20", "Identifier": { "PURL": "pkg:deb/ubuntu/libgcrypt20@1.9.4-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "2491cdf860298798", "BOMRef": "pkg:deb/ubuntu/libgcrypt20@1.9.4-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.9.4-3ubuntu3", "Arch": "amd64", "SrcName": "libgcrypt20", "SrcVersion": "1.9.4", "SrcRelease": "3ubuntu3", "Licenses": [ "LGPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgpg-error0@1.43-3" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgdbm-compat4@1.23-1", "Name": "libgdbm-compat4", "Identifier": { "PURL": "pkg:deb/ubuntu/libgdbm-compat4@1.23-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "2d24e99ce4d77474", "BOMRef": "pkg:deb/ubuntu/libgdbm-compat4@1.23-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.23-1", "Arch": "amd64", "SrcName": "gdbm", "SrcVersion": "1.23", "SrcRelease": "1", "Licenses": [ "GPL-3.0-or-later", "GPL-2.0-or-later", "GFDL-1.3-no-invariants-or-later", "GPL-3.0-only", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgdbm6@1.23-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgdbm6@1.23-1", "Name": "libgdbm6", "Identifier": { "PURL": "pkg:deb/ubuntu/libgdbm6@1.23-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3431cb49811f3367", "BOMRef": "pkg:deb/ubuntu/libgdbm6@1.23-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.23-1", "Arch": "amd64", "SrcName": "gdbm", "SrcVersion": "1.23", "SrcRelease": "1", "Licenses": [ "GPL-3.0-or-later", "GPL-2.0-or-later", "GFDL-1.3-no-invariants-or-later", "GPL-3.0-only", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgl-dev@1.4.0-1", "Name": "libgl-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libgl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "df2a650644dde7d", "BOMRef": "pkg:deb/ubuntu/libgl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libgl1@1.4.0-1", "libglx-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgl1@1.4.0-1", "Name": "libgl1", "Identifier": { "PURL": "pkg:deb/ubuntu/libgl1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "160f7042ab582a6d", "BOMRef": "pkg:deb/ubuntu/libgl1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libglvnd0@1.4.0-1", "libglx0@1.4.0-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libgl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1", "Name": "libgl1-mesa-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libgl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "3c64fef091cbf5f9", "BOMRef": "pkg:deb/ubuntu/libgl1-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libgl-dev@1.4.0-1", "libglvnd-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgl1-mesa-dri@22.2.5-0ubuntu0.1~22.04.1", "Name": "libgl1-mesa-dri", "Identifier": { "PURL": "pkg:deb/ubuntu/libgl1-mesa-dri@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "c4b98d199fe20fc3", "BOMRef": "pkg:deb/ubuntu/libgl1-mesa-dri@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm-amdgpu1@2.4.113-2~ubuntu0.22.04.1", "libdrm-nouveau2@2.4.113-2~ubuntu0.22.04.1", "libdrm-radeon1@2.4.113-2~ubuntu0.22.04.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1", "libelf1@0.186-1build1", "libexpat1@2.4.7-1ubuntu0.2", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1", "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "libsensors5@1:3.6.0-7ubuntu1", "libstdc++6@12.1.0-2ubuntu1~22.04", "libxcb-dri3-0@1.14-3ubuntu3", "libzstd1@1.4.8+dfsg-3build1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1", "Name": "libglapi-mesa", "Identifier": { "PURL": "pkg:deb/ubuntu/libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "aa5a50c9f667a82c", "BOMRef": "pkg:deb/ubuntu/libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libgles-dev@1.4.0-1", "Name": "libgles-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libgles-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "b71ce9d30785c09f", "BOMRef": "pkg:deb/ubuntu/libgles-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libegl-dev@1.4.0-1", "libgl-dev@1.4.0-1", "libgles1@1.4.0-1", "libgles2@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgles1@1.4.0-1", "Name": "libgles1", "Identifier": { "PURL": "pkg:deb/ubuntu/libgles1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "37b4170c86b3abc4", "BOMRef": "pkg:deb/ubuntu/libgles1@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libglvnd0@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libgles2@1.4.0-1", "Name": "libgles2", "Identifier": { "PURL": "pkg:deb/ubuntu/libgles2@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "549c1ec8700a72a4", "BOMRef": "pkg:deb/ubuntu/libgles2@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libglvnd0@1.4.0-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libgles2-mesa-dev@22.2.5-0ubuntu0.1~22.04.1", "Name": "libgles2-mesa-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libgles2-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "147311e3e4f9835c", "BOMRef": "pkg:deb/ubuntu/libgles2-mesa-dev@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libgles-dev@1.4.0-1", "libglvnd-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libglib2.0-0@2.72.4-0ubuntu2", "Name": "libglib2.0-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.72.4-0ubuntu2", "Arch": "amd64", "SrcName": "glib2.0", "SrcVersion": "2.72.4", "SrcRelease": "0ubuntu2", "Licenses": [ "LGPL-2.0-or-later", "MIT", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libffi8@3.4.2-4", "libmount1@2.37.2-4ubuntu3", "libpcre3@2:8.39-13ubuntu0.22.04.1", "libselinux1@3.3-1build2", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libglvnd-core-dev@1.4.0-1", "Name": "libglvnd-core-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libglvnd-core-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "8059a9c9d227c98c", "BOMRef": "pkg:deb/ubuntu/libglvnd-core-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libglvnd-dev@1.4.0-1", "Name": "libglvnd-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libglvnd-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "d9db0a2ca574f980", "BOMRef": "pkg:deb/ubuntu/libglvnd-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libegl-dev@1.4.0-1", "libgl-dev@1.4.0-1", "libgles-dev@1.4.0-1", "libglvnd-core-dev@1.4.0-1", "libglvnd0@1.4.0-1", "libglx-dev@1.4.0-1", "libopengl-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libglvnd0@1.4.0-1", "Name": "libglvnd0", "Identifier": { "PURL": "pkg:deb/ubuntu/libglvnd0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "326d1f529db2c8ca", "BOMRef": "pkg:deb/ubuntu/libglvnd0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libglx-dev@1.4.0-1", "Name": "libglx-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libglx-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "dd590c64452e0f7e", "BOMRef": "pkg:deb/ubuntu/libglx-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libglx0@1.4.0-1", "libx11-dev@2:1.7.5-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libglx-mesa0@22.2.5-0ubuntu0.1~22.04.1", "Name": "libglx-mesa0", "Identifier": { "PURL": "pkg:deb/ubuntu/libglx-mesa0@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "ed6ffbd3ce476bbe", "BOMRef": "pkg:deb/ubuntu/libglx-mesa0@22.2.5-0ubuntu0.1~22.04.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "22.2.5-0ubuntu0.1~22.04.1", "Arch": "i386", "SrcName": "mesa", "SrcVersion": "22.2.5", "SrcRelease": "0ubuntu0.1~22.04.1", "Licenses": [ "MIT", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1", "libexpat1@2.4.7-1ubuntu0.2", "libgl1-mesa-dri@22.2.5-0ubuntu0.1~22.04.1", "libglapi-mesa@22.2.5-0ubuntu0.1~22.04.1", "libx11-6@2:1.7.5-1", "libx11-xcb1@2:1.7.5-1", "libxcb-dri2-0@1.14-3ubuntu3", "libxcb-dri3-0@1.14-3ubuntu3", "libxcb-glx0@1.14-3ubuntu3", "libxcb-present0@1.14-3ubuntu3", "libxcb-shm0@1.14-3ubuntu3", "libxcb-sync1@1.14-3ubuntu3", "libxcb-xfixes0@1.14-3ubuntu3", "libxcb1@1.14-3ubuntu3", "libxext6@2:1.3.4-1build1", "libxfixes3@1:6.0.0-1", "libxshmfence1@1.3-1build4", "libxxf86vm1@1:1.1.4-1build3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libglx0@1.4.0-1", "Name": "libglx0", "Identifier": { "PURL": "pkg:deb/ubuntu/libglx0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1f4a2fe42a850aad", "BOMRef": "pkg:deb/ubuntu/libglx0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libglvnd0@1.4.0-1", "libglx-mesa0@22.2.5-0ubuntu0.1~22.04.1", "libx11-6@2:1.7.5-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libgmp10@2:6.2.1+dfsg-3ubuntu1", "Name": "libgmp10", "Identifier": { "PURL": "pkg:deb/ubuntu/libgmp10@6.2.1%2Bdfsg-3ubuntu1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "fed31139e2d76482", "BOMRef": "pkg:deb/ubuntu/libgmp10@6.2.1%2Bdfsg-3ubuntu1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "6.2.1+dfsg-3ubuntu1", "Epoch": 2, "Arch": "amd64", "SrcName": "gmp", "SrcVersion": "6.2.1+dfsg", "SrcRelease": "3ubuntu1", "SrcEpoch": 2, "Licenses": [ "LGPL-3.0-only", "GPL-2.0-only", "GPL-3.0-only", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgnutls30@3.7.3-4ubuntu1.2", "Name": "libgnutls30", "Identifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.7.3-4ubuntu1.2", "Arch": "amd64", "SrcName": "gnutls28", "SrcVersion": "3.7.3", "SrcRelease": "4ubuntu1.2", "Licenses": [ "LGPL-2.1-only", "LGPL-2.0-or-later", "LGPL-3.0-only", "GPL-2.0-or-later", "GPL-3.0-only", "GFDL-1.3-only", "CC0-1.0", "MIT", "Apache-2.0", "LGPL-3.0-or-later", "LGPL-2.1-or-later", "GPL-3.0-or-later", "BSD-3-Clause" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgmp10@2:6.2.1+dfsg-3ubuntu1", "libhogweed6@3.7.3-1build2", "libidn2-0@2.3.2-2build1", "libnettle8@3.7.3-1build2", "libp11-kit0@0.24.0-6build1", "libtasn1-6@4.18.0-4build1", "libunistring2@1.0-1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgpg-error0@1.43-3", "Name": "libgpg-error0", "Identifier": { "PURL": "pkg:deb/ubuntu/libgpg-error0@1.43-3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1fd79593e0a79009", "BOMRef": "pkg:deb/ubuntu/libgpg-error0@1.43-3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.43-3", "Arch": "amd64", "SrcName": "libgpg-error", "SrcVersion": "1.43", "SrcRelease": "3", "Licenses": [ "LGPL-2.1-or-later", "BSD-3-Clause", "g10-permissive", "GPL-3.0-or-later", "LGPL-2.1-only", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "Name": "libgssapi-krb5-2", "Identifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.19.2-2ubuntu0.1", "Arch": "amd64", "SrcName": "krb5", "SrcVersion": "1.19.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libcom-err2@1.46.5-2ubuntu1.1", "libk5crypto3@1.19.2-2ubuntu0.1", "libkrb5-3@1.19.2-2ubuntu0.1", "libkrb5support0@1.19.2-2ubuntu0.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libhogweed6@3.7.3-1build2", "Name": "libhogweed6", "Identifier": { "PURL": "pkg:deb/ubuntu/libhogweed6@3.7.3-1build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1ff7f51fd6aac509", "BOMRef": "pkg:deb/ubuntu/libhogweed6@3.7.3-1build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.7.3-1build2", "Arch": "amd64", "SrcName": "nettle", "SrcVersion": "3.7.3", "SrcRelease": "1build2", "Licenses": [ "LGPL-3.0-or-later", "GPL-2.0-or-later", "LGPL-2.0-or-later", "LGPL-2.0-only", "MIT", "GPL-3.0-or-later", "GPL-3.0-only WITH autoconf-exception+", "public-domain", "GPL-2.0-only", "GAP" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgmp10@2:6.2.1+dfsg-3ubuntu1", "libnettle8@3.7.3-1build2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libicu70@70.1-2", "Name": "libicu70", "Identifier": { "PURL": "pkg:deb/ubuntu/libicu70@70.1-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "1ecad657a93d1b21", "BOMRef": "pkg:deb/ubuntu/libicu70@70.1-2?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "70.1-2", "Arch": "i386", "SrcName": "icu", "SrcVersion": "70.1", "SrcRelease": "2", "Licenses": [ "MIT", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libstdc++6@12.1.0-2ubuntu1~22.04" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libidn2-0@2.3.2-2build1", "Name": "libidn2-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libidn2-0@2.3.2-2build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d4495b2187a2a078", "BOMRef": "pkg:deb/ubuntu/libidn2-0@2.3.2-2build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.3.2-2build1", "Arch": "amd64", "SrcName": "libidn2", "SrcVersion": "2.3.2", "SrcRelease": "2build1", "Licenses": [ "GPL-3.0-or-later", "LGPL-3.0-or-later", "GPL-2.0-or-later", "Unicode", "GPL-3.0-only", "GPL-2.0-only", "LGPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libunistring2@1.0-1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libk5crypto3@1.19.2-2ubuntu0.1", "Name": "libk5crypto3", "Identifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.19.2-2ubuntu0.1", "Arch": "amd64", "SrcName": "krb5", "SrcVersion": "1.19.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libkrb5support0@1.19.2-2ubuntu0.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libkeyutils1@1.6.1-2ubuntu3", "Name": "libkeyutils1", "Identifier": { "PURL": "pkg:deb/ubuntu/libkeyutils1@1.6.1-2ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d67a6b9faf62a87c", "BOMRef": "pkg:deb/ubuntu/libkeyutils1@1.6.1-2ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.6.1-2ubuntu3", "Arch": "amd64", "SrcName": "keyutils", "SrcVersion": "1.6.1", "SrcRelease": "2ubuntu3", "Licenses": [ "GPL-2.0-or-later", "LGPL-2.0-or-later", "GPL-2.0-only", "LGPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libkrb5-3@1.19.2-2ubuntu0.1", "Name": "libkrb5-3", "Identifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.19.2-2ubuntu0.1", "Arch": "amd64", "SrcName": "krb5", "SrcVersion": "1.19.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libcom-err2@1.46.5-2ubuntu1.1", "libk5crypto3@1.19.2-2ubuntu0.1", "libkeyutils1@1.6.1-2ubuntu3", "libkrb5support0@1.19.2-2ubuntu0.1", "libssl3@3.0.2-0ubuntu1.9" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libkrb5support0@1.19.2-2ubuntu0.1", "Name": "libkrb5support0", "Identifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.19.2-2ubuntu0.1", "Arch": "amd64", "SrcName": "krb5", "SrcVersion": "1.19.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "Name": "libllvm15", "Identifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "15.0.7-0ubuntu0.22.04.1", "Epoch": 1, "Arch": "i386", "SrcName": "llvm-toolchain-15", "SrcVersion": "15.0.7", "SrcRelease": "0ubuntu0.22.04.1", "SrcEpoch": 1, "Licenses": [ "APACHE-2-LLVM-EXCEPTIONS", "Apache-2.0", "MIT", "BSD-3-Clause", "solar-public-domain", "Python-2.0" ], "DependsOn": [ "libatomic1@12.1.0-2ubuntu1~22.04", "libc6@2.35-0ubuntu3.1", "libedit2@3.1-20210910-1build1", "libffi8@3.4.2-4", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libstdc++6@12.1.0-2ubuntu1~22.04", "libtinfo6@6.3-2", "libxml2@2.9.13+dfsg-1ubuntu0.3", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "liblz4-1@1.9.3-2build2", "Name": "liblz4-1", "Identifier": { "PURL": "pkg:deb/ubuntu/liblz4-1@1.9.3-2build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "b64d936ea941e8d8", "BOMRef": "pkg:deb/ubuntu/liblz4-1@1.9.3-2build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.9.3-2build2", "Arch": "amd64", "SrcName": "lz4", "SrcVersion": "1.9.3", "SrcRelease": "2build2", "Licenses": [ "BSD-2-Clause", "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "liblzma5@5.2.5-2ubuntu1", "Name": "liblzma5", "Identifier": { "PURL": "pkg:deb/ubuntu/liblzma5@5.2.5-2ubuntu1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e2248ca07540fc91", "BOMRef": "pkg:deb/ubuntu/liblzma5@5.2.5-2ubuntu1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "5.2.5-2ubuntu1", "Arch": "i386", "SrcName": "xz-utils", "SrcVersion": "5.2.5", "SrcRelease": "2ubuntu1", "Licenses": [ "PD", "probably-PD", "GPL-2.0-or-later", "LGPL-2.1-or-later", "permissive-fsf", "Autoconf", "permissive-nowarranty", "GPL-2.0-only", "none", "config-h", "LGPL-2.0-only", "LGPL-2.1-only", "noderivs", "PD-debian", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libmd0@1.0.4-1build1", "Name": "libmd0", "Identifier": { "PURL": "pkg:deb/ubuntu/libmd0@1.0.4-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "5edf6ec3b591888a", "BOMRef": "pkg:deb/ubuntu/libmd0@1.0.4-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.0.4-1build1", "Arch": "i386", "SrcName": "libmd", "SrcVersion": "1.0.4", "SrcRelease": "1build1", "Licenses": [ "BSD-3-Clause", "BSD-3-clause-Aaron-D-Gifford", "BSD-2-Clause", "BSD-2-Clause-NetBSD", "ISC", "Beerware", "public-domain-md4", "public-domain-md5", "public-domain-sha1" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libmount1@2.37.2-4ubuntu3", "Name": "libmount1", "Identifier": { "PURL": "pkg:deb/ubuntu/libmount1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "7d0178ea5aeaeed9", "BOMRef": "pkg:deb/ubuntu/libmount1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "DependsOn": [ "libblkid1@2.37.2-4ubuntu3", "libc6@2.35-0ubuntu3.1", "libselinux1@3.3-1build2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libmpdec3@2.5.1-2build2", "Name": "libmpdec3", "Identifier": { "PURL": "pkg:deb/ubuntu/libmpdec3@2.5.1-2build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "fb40adc29fcaa929", "BOMRef": "pkg:deb/ubuntu/libmpdec3@2.5.1-2build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.5.1-2build2", "Arch": "amd64", "SrcName": "mpdecimal", "SrcVersion": "2.5.1", "SrcRelease": "2build2", "Licenses": [ "BSD-3-Clause", "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libstdc++6@12.1.0-2ubuntu1~22.04" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "libncurses6@6.3-2", "Name": "libncurses6", "Identifier": { "PURL": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9a860c449d03ad00", "BOMRef": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "6.3-2", "Arch": "amd64", "SrcName": "ncurses", "SrcVersion": "6.3", "SrcRelease": "2", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libtinfo6@6.3-2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libncursesw6@6.3-2", "Name": "libncursesw6", "Identifier": { "PURL": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "84da8346908c9794", "BOMRef": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "6.3-2", "Arch": "amd64", "SrcName": "ncurses", "SrcVersion": "6.3", "SrcRelease": "2", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libtinfo6@6.3-2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libnettle8@3.7.3-1build2", "Name": "libnettle8", "Identifier": { "PURL": "pkg:deb/ubuntu/libnettle8@3.7.3-1build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e18e3b0a620a2d92", "BOMRef": "pkg:deb/ubuntu/libnettle8@3.7.3-1build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.7.3-1build2", "Arch": "amd64", "SrcName": "nettle", "SrcVersion": "3.7.3", "SrcRelease": "1build2", "Licenses": [ "LGPL-3.0-or-later", "GPL-2.0-or-later", "LGPL-2.0-or-later", "LGPL-2.0-only", "MIT", "GPL-3.0-or-later", "GPL-3.0-only WITH autoconf-exception+", "public-domain", "GPL-2.0-only", "GAP" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libnsl2@1.3.0-2build2", "Name": "libnsl2", "Identifier": { "PURL": "pkg:deb/ubuntu/libnsl2@1.3.0-2build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e3a32dd9d6115d41", "BOMRef": "pkg:deb/ubuntu/libnsl2@1.3.0-2build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.0-2build2", "Arch": "amd64", "SrcName": "libnsl", "SrcVersion": "1.3.0", "SrcRelease": "2build2", "Licenses": [ "LGPL-2.1-or-later", "LGPL-2.1-only", "BSD-3-Clause", "permissive-fsf", "permissive-makefile-in", "permissive-autoconf-m4-no-warranty", "GPL-3--autoconf-exception", "permissive-configure", "GPL-2--autoconf-exception", "MIT", "GPL-2--libtool-exception", "permissive-autoconf-m4", "GPL-2.0-only", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libtirpc3@1.3.2-2ubuntu0.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libopengl-dev@1.4.0-1", "Name": "libopengl-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libopengl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "9ad940c968c9ad1e", "BOMRef": "pkg:deb/ubuntu/libopengl-dev@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libopengl0@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libopengl0@1.4.0-1", "Name": "libopengl0", "Identifier": { "PURL": "pkg:deb/ubuntu/libopengl0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1a4a71cdc162fbf5", "BOMRef": "pkg:deb/ubuntu/libopengl0@1.4.0-1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "i386", "SrcName": "libglvnd", "SrcVersion": "1.4.0", "SrcRelease": "1", "Licenses": [ "MIT", "Apache-2.0", "public-domain", "GPL-3.0-or-later", "BSD-1-Clause", "GPL-2.0-or-later", "GPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libglvnd0@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libp11-kit0@0.24.0-6build1", "Name": "libp11-kit0", "Identifier": { "PURL": "pkg:deb/ubuntu/libp11-kit0@0.24.0-6build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d1a43a8c741df7b6", "BOMRef": "pkg:deb/ubuntu/libp11-kit0@0.24.0-6build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.24.0-6build1", "Arch": "amd64", "SrcName": "p11-kit", "SrcVersion": "0.24.0", "SrcRelease": "6build1", "Licenses": [ "BSD-3-Clause", "permissive-like-automake-output", "ISC", "ISC-IBM", "LGPL-2.1-or-later", "Apache-2.0", "same-as-rest-of-p11kit", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libffi8@3.4.2-4" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpam-modules@1.4.0-11ubuntu2.3", "Name": "libpam-modules", "Identifier": { "PURL": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d8632da2ea866f12", "BOMRef": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-11ubuntu2.3", "Arch": "amd64", "SrcName": "pam", "SrcVersion": "1.4.0", "SrcRelease": "11ubuntu2.3", "Licenses": [ "GPL-2.0-or-later" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpam-modules-bin@1.4.0-11ubuntu2.3", "Name": "libpam-modules-bin", "Identifier": { "PURL": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8c931f0fdc9b837d", "BOMRef": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-11ubuntu2.3", "Arch": "amd64", "SrcName": "pam", "SrcVersion": "1.4.0", "SrcRelease": "11ubuntu2.3", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "libaudit1@1:3.0.7-1build1", "libc6@2.35-0ubuntu3.1", "libcrypt1@1:4.4.27-1", "libpam0g@1.4.0-11ubuntu2.3", "libselinux1@3.3-1build2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpam-runtime@1.4.0-11ubuntu2.3", "Name": "libpam-runtime", "Identifier": { "PURL": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04", "UID": "bbc13483c48a47f3", "BOMRef": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-11ubuntu2.3", "Arch": "all", "SrcName": "pam", "SrcVersion": "1.4.0", "SrcRelease": "11ubuntu2.3", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "libpam-modules@1.4.0-11ubuntu2.3" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpam0g@1.4.0-11ubuntu2.3", "Name": "libpam0g", "Identifier": { "PURL": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3dab8c75dfb28def", "BOMRef": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-11ubuntu2.3", "Arch": "amd64", "SrcName": "pam", "SrcVersion": "1.4.0", "SrcRelease": "11ubuntu2.3", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "libaudit1@1:3.0.7-1build1", "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpcre2-8-0@10.39-3ubuntu0.1", "Name": "libpcre2-8-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libpcre2-8-0@10.39-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9eaa40b8550aa53c", "BOMRef": "pkg:deb/ubuntu/libpcre2-8-0@10.39-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "10.39-3ubuntu0.1", "Arch": "amd64", "SrcName": "pcre2", "SrcVersion": "10.39", "SrcRelease": "3ubuntu0.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpcre3@2:8.39-13ubuntu0.22.04.1", "Name": "libpcre3", "Identifier": { "PURL": "pkg:deb/ubuntu/libpcre3@8.39-13ubuntu0.22.04.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "92207cfb866df534", "BOMRef": "pkg:deb/ubuntu/libpcre3@8.39-13ubuntu0.22.04.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "8.39-13ubuntu0.22.04.1", "Epoch": 2, "Arch": "amd64", "SrcName": "pcre3", "SrcVersion": "8.39", "SrcRelease": "13ubuntu0.22.04.1", "SrcEpoch": 2, "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libperl5.34@5.34.0-3ubuntu1.1", "Name": "libperl5.34", "Identifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.34.0-3ubuntu1.1", "Arch": "amd64", "SrcName": "perl", "SrcVersion": "5.34.0", "SrcRelease": "3ubuntu1.1", "Licenses": [ "GPL-1.0-or-later", "Artistic-2.0", "MIT", "REGCOMP", "GPL-2.0-only WITH bison-exception+", "Unicode", "BZIP", "Zlib", "GPL-2.0-or-later", "RRA-KEEP-THIS-NOTICE", "BSD-3-Clause WITH weird-numbering", "CC0-1.0", "TEXT-TABS", "BSD-4-clause-POWERDOG", "BSD-3-clause-GENERIC", "BSD-3-Clause", "SDBM-PUBLIC-DOMAIN", "DONT-CHANGE-THE-GPL", "Artistic-dist", "LGPL-2.1-only", "GPL-1.0-only", "GPL-2.0-only", "Artistic-2", "HSIEH-DERIVATIVE", "HSIEH-BSD" ], "DependsOn": [ "libbz2-1.0@1.0.8-5build1", "libc6@2.35-0ubuntu3.1", "libcrypt1@1:4.4.27-1", "libdb5.3@5.3.28+dfsg1-0.8ubuntu3", "libgdbm-compat4@1.23-1", "libgdbm6@1.23-1", "perl-modules-5.34@5.34.0-3ubuntu1.1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libprocps8@2:3.3.17-6ubuntu2", "Name": "libprocps8", "Identifier": { "PURL": "pkg:deb/ubuntu/libprocps8@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a5c5ac86365bc0e9", "BOMRef": "pkg:deb/ubuntu/libprocps8@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "3.3.17-6ubuntu2", "Epoch": 2, "Arch": "amd64", "SrcName": "procps", "SrcVersion": "3.3.17", "SrcRelease": "6ubuntu2", "SrcEpoch": 2, "Licenses": [ "LGPL-2.1-or-later", "LGPL-2.0-or-later", "GPL-2.0-or-later", "GPL-2.0-only", "LGPL-2.0-only", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libsystemd0@249.11-0ubuntu3.9" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libpthread-stubs0-dev@0.4-1build2", "Name": "libpthread-stubs0-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libpthread-stubs0-dev@0.4-1build2?arch=i386\u0026distro=ubuntu-22.04", "UID": "9244ecc020e991af", "BOMRef": "pkg:deb/ubuntu/libpthread-stubs0-dev@0.4-1build2?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "0.4-1build2", "Arch": "i386", "SrcName": "libpthread-stubs", "SrcVersion": "0.4", "SrcRelease": "1build2", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libpython3-stdlib@3.10.6-1~22.04.1", "Name": "libpython3-stdlib", "Identifier": { "PURL": "pkg:deb/ubuntu/libpython3-stdlib@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "6a56880985a7dc21", "BOMRef": "pkg:deb/ubuntu/libpython3-stdlib@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.6-1~22.04.1", "Arch": "amd64", "SrcName": "python3-defaults", "SrcVersion": "3.10.6", "SrcRelease": "1~22.04.1", "DependsOn": [ "libpython3.10-stdlib@3.10.12-1~22.04.12" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "libpython3.10-minimal@3.10.12-1~22.04.12", "Name": "libpython3.10-minimal", "Identifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d26117e94d7a82a", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.12-1~22.04.12", "Arch": "amd64", "SrcName": "python3.10", "SrcVersion": "3.10.12", "SrcRelease": "1~22.04.12", "Licenses": [ "GPL-2.0-only", "Redistribution and use in source and binary forms, with or without", "By obtaining, using, and/or copying this software and/or its", "Permission to use, copy, modify, and distribute this software and", "This software is provided 'as-is', without any express or implied", "Permission is hereby granted, free of charge, to any person", "Permission is hereby granted, free of charge, to any person obtaining", "Permission to use, copy, modify, and distribute this software and its", "This software is provided as-is, without express or implied", "Permission to use, copy, modify, and distribute this software for any", "* Permission to use this software in any way is granted without" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libssl3@3.0.2-0ubuntu1.9" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "Name": "libpython3.10-stdlib", "Identifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "56c19e4f21bf9432", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.12-1~22.04.12", "Arch": "amd64", "SrcName": "python3.10", "SrcVersion": "3.10.12", "SrcRelease": "1~22.04.12", "DependsOn": [ "libbz2-1.0@1.0.8-5build1", "libc6@2.35-0ubuntu3.1", "libcrypt1@1:4.4.27-1", "libdb5.3@5.3.28+dfsg1-0.8ubuntu3", "libffi8@3.4.2-4", "liblzma5@5.2.5-2ubuntu1", "libmpdec3@2.5.1-2build2", "libncursesw6@6.3-2", "libnsl2@1.3.0-2build2", "libpython3.10-minimal@3.10.12-1~22.04.12", "libreadline8@8.1.2-1", "libsqlite3-0@3.37.2-2ubuntu0.5", "libtinfo6@6.3-2", "libtirpc3@1.3.2-2ubuntu0.1", "libuuid1@2.37.2-4ubuntu3", "media-types@7.0.0" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "libreadline8@8.1.2-1", "Name": "libreadline8", "Identifier": { "PURL": "pkg:deb/ubuntu/libreadline8@8.1.2-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9495dbd2c1efaa1c", "BOMRef": "pkg:deb/ubuntu/libreadline8@8.1.2-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "8.1.2-1", "Arch": "amd64", "SrcName": "readline", "SrcVersion": "8.1.2", "SrcRelease": "1", "Licenses": [ "GPL-3.0-only", "GFDL-1.3-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libtinfo6@6.3-2", "readline-common@8.1.2-1" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "libseccomp2@2.5.3-2ubuntu2", "Name": "libseccomp2", "Identifier": { "PURL": "pkg:deb/ubuntu/libseccomp2@2.5.3-2ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ad783472036421c3", "BOMRef": "pkg:deb/ubuntu/libseccomp2@2.5.3-2ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.5.3-2ubuntu2", "Arch": "amd64", "SrcName": "libseccomp", "SrcVersion": "2.5.3", "SrcRelease": "2ubuntu2", "Licenses": [ "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libselinux1@3.3-1build2", "Name": "libselinux1", "Identifier": { "PURL": "pkg:deb/ubuntu/libselinux1@3.3-1build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "6a26ddd8d0836e1", "BOMRef": "pkg:deb/ubuntu/libselinux1@3.3-1build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.3-1build2", "Arch": "amd64", "SrcName": "libselinux", "SrcVersion": "3.3", "SrcRelease": "1build2", "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libpcre2-8-0@10.39-3ubuntu0.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsemanage-common@3.3-1build2", "Name": "libsemanage-common", "Identifier": { "PURL": "pkg:deb/ubuntu/libsemanage-common@3.3-1build2?arch=all\u0026distro=ubuntu-22.04", "UID": "5c3b97e1f6570b7e", "BOMRef": "pkg:deb/ubuntu/libsemanage-common@3.3-1build2?arch=all\u0026distro=ubuntu-22.04" }, "Version": "3.3-1build2", "Arch": "all", "SrcName": "libsemanage", "SrcVersion": "3.3", "SrcRelease": "1build2", "Licenses": [ "LGPL-2.0-or-later", "GPL-2.0-or-later" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsemanage2@3.3-1build2", "Name": "libsemanage2", "Identifier": { "PURL": "pkg:deb/ubuntu/libsemanage2@3.3-1build2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3f05f406486fabc9", "BOMRef": "pkg:deb/ubuntu/libsemanage2@3.3-1build2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.3-1build2", "Arch": "amd64", "SrcName": "libsemanage", "SrcVersion": "3.3", "SrcRelease": "1build2", "Licenses": [ "LGPL-2.0-or-later", "GPL-2.0-or-later" ], "DependsOn": [ "libaudit1@1:3.0.7-1build1", "libbz2-1.0@1.0.8-5build1", "libc6@2.35-0ubuntu3.1", "libselinux1@3.3-1build2", "libsemanage-common@3.3-1build2", "libsepol2@3.3-1build1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsensors-config@1:3.6.0-7ubuntu1", "Name": "libsensors-config", "Identifier": { "PURL": "pkg:deb/ubuntu/libsensors-config@3.6.0-7ubuntu1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "da4133c9293967c0", "BOMRef": "pkg:deb/ubuntu/libsensors-config@3.6.0-7ubuntu1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "3.6.0-7ubuntu1", "Epoch": 1, "Arch": "all", "SrcName": "lm-sensors", "SrcVersion": "3.6.0", "SrcRelease": "7ubuntu1", "SrcEpoch": 1, "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libsensors5@1:3.6.0-7ubuntu1", "Name": "libsensors5", "Identifier": { "PURL": "pkg:deb/ubuntu/libsensors5@3.6.0-7ubuntu1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "1eee0f2f253d6463", "BOMRef": "pkg:deb/ubuntu/libsensors5@3.6.0-7ubuntu1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "3.6.0-7ubuntu1", "Epoch": 1, "Arch": "i386", "SrcName": "lm-sensors", "SrcVersion": "3.6.0", "SrcRelease": "7ubuntu1", "SrcEpoch": 1, "Licenses": [ "LGPL-2.1-only", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libsensors-config@1:3.6.0-7ubuntu1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libsepol2@3.3-1build1", "Name": "libsepol2", "Identifier": { "PURL": "pkg:deb/ubuntu/libsepol2@3.3-1build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "7dba3fe8afb9b30c", "BOMRef": "pkg:deb/ubuntu/libsepol2@3.3-1build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.3-1build1", "Arch": "amd64", "SrcName": "libsepol", "SrcVersion": "3.3", "SrcRelease": "1build1", "Licenses": [ "LGPL-2.0-or-later", "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsmartcols1@2.37.2-4ubuntu3", "Name": "libsmartcols1", "Identifier": { "PURL": "pkg:deb/ubuntu/libsmartcols1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "fb3b2255a47d5ea7", "BOMRef": "pkg:deb/ubuntu/libsmartcols1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsqlite3-0@3.37.2-2ubuntu0.5", "Name": "libsqlite3-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libsqlite3-0@3.37.2-2ubuntu0.5?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1e0ffa6eef43531a", "BOMRef": "pkg:deb/ubuntu/libsqlite3-0@3.37.2-2ubuntu0.5?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.37.2-2ubuntu0.5", "Arch": "amd64", "SrcName": "sqlite3", "SrcVersion": "3.37.2", "SrcRelease": "2ubuntu0.5", "Licenses": [ "public-domain", "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "libss2@1.46.5-2ubuntu1.1", "Name": "libss2", "Identifier": { "PURL": "pkg:deb/ubuntu/libss2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "6b55a8dda41ca48a", "BOMRef": "pkg:deb/ubuntu/libss2@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.46.5-2ubuntu1.1", "Arch": "amd64", "SrcName": "e2fsprogs", "SrcVersion": "1.46.5", "SrcRelease": "2ubuntu1.1", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libcom-err2@1.46.5-2ubuntu1.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libssl3@3.0.2-0ubuntu1.9", "Name": "libssl3", "Identifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.0.2-0ubuntu1.9", "Arch": "amd64", "SrcName": "openssl", "SrcVersion": "3.0.2", "SrcRelease": "0ubuntu1.9", "Licenses": [ "Apache-2.0", "Artistic-2.0", "GPL-1.0-or-later", "GPL-1.0-only" ], "DependsOn": [ "debconf@1.5.79ubuntu1", "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libstdc++6@12.1.0-2ubuntu1~22.04", "Name": "libstdc++6", "Identifier": { "PURL": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0e795624f7a9e39", "BOMRef": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "12.1.0-2ubuntu1~22.04", "Arch": "i386", "SrcName": "gcc-12", "SrcVersion": "12.1.0", "SrcRelease": "2ubuntu1~22.04", "DependsOn": [ "gcc-12-base@12.1.0-2ubuntu1~22.04", "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libsystemd0@249.11-0ubuntu3.9", "Name": "libsystemd0", "Identifier": { "PURL": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8fc50e9d6218a3c5", "BOMRef": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "249.11-0ubuntu3.9", "Arch": "amd64", "SrcName": "systemd", "SrcVersion": "249.11", "SrcRelease": "0ubuntu3.9", "Licenses": [ "LGPL-2.1-or-later", "CC0-1.0", "GPL-2.0-only", "GPL-2.0-only WITH Linux-syscall-note-exception", "MIT", "public-domain", "GPL-2.0-or-later", "LGPL-2.1-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libtasn1-6@4.18.0-4build1", "Name": "libtasn1-6", "Identifier": { "PURL": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "293e71af62e5b4c1", "BOMRef": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "4.18.0-4build1", "Arch": "amd64", "SrcName": "libtasn1-6", "SrcVersion": "4.18.0", "SrcRelease": "4build1", "Licenses": [ "LGPL-2.0-or-later", "LGPL-2.1-only", "GPL-3.0-only", "GFDL-1.3-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libtinfo6@6.3-2", "Name": "libtinfo6", "Identifier": { "PURL": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "fa7375b15eaca5cc", "BOMRef": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "6.3-2", "Arch": "i386", "SrcName": "ncurses", "SrcVersion": "6.3", "SrcRelease": "2", "Licenses": [ "MIT-X11", "X11", "BSD-3-Clause" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libtirpc-common@1.3.2-2ubuntu0.1", "Name": "libtirpc-common", "Identifier": { "PURL": "pkg:deb/ubuntu/libtirpc-common@1.3.2-2ubuntu0.1?arch=all\u0026distro=ubuntu-22.04", "UID": "f7b92ae92d78b280", "BOMRef": "pkg:deb/ubuntu/libtirpc-common@1.3.2-2ubuntu0.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.3.2-2ubuntu0.1", "Arch": "all", "SrcName": "libtirpc", "SrcVersion": "1.3.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "BSD-3-Clause", "GPL-2.0-only", "--AUTO-PERMISSIVE--", "BSD-2-Clause", "BSD-4-Clause", "LGPL-2.1-or-later", "PERMISSIVE", "LGPL-2.1-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libtirpc3@1.3.2-2ubuntu0.1", "Name": "libtirpc3", "Identifier": { "PURL": "pkg:deb/ubuntu/libtirpc3@1.3.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1b8d4ee351d78de", "BOMRef": "pkg:deb/ubuntu/libtirpc3@1.3.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.2-2ubuntu0.1", "Arch": "amd64", "SrcName": "libtirpc", "SrcVersion": "1.3.2", "SrcRelease": "2ubuntu0.1", "Licenses": [ "BSD-3-Clause", "GPL-2.0-only", "--AUTO-PERMISSIVE--", "BSD-2-Clause", "BSD-4-Clause", "LGPL-2.1-or-later", "PERMISSIVE", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "libtirpc-common@1.3.2-2ubuntu0.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libudev1@249.11-0ubuntu3.9", "Name": "libudev1", "Identifier": { "PURL": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "31f61eb9b05df0f1", "BOMRef": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "249.11-0ubuntu3.9", "Arch": "amd64", "SrcName": "systemd", "SrcVersion": "249.11", "SrcRelease": "0ubuntu3.9", "Licenses": [ "LGPL-2.1-or-later", "CC0-1.0", "GPL-2.0-only", "GPL-2.0-only WITH Linux-syscall-note-exception", "MIT", "public-domain", "GPL-2.0-or-later", "LGPL-2.1-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libunistring2@1.0-1", "Name": "libunistring2", "Identifier": { "PURL": "pkg:deb/ubuntu/libunistring2@1.0-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "1eba7f3ef792fc06", "BOMRef": "pkg:deb/ubuntu/libunistring2@1.0-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.0-1", "Arch": "amd64", "SrcName": "libunistring", "SrcVersion": "1.0", "SrcRelease": "1", "Licenses": [ "LGPL-3.0-or-later", "GPL-2.0-or-later", "FreeSoftware", "GPL-3.0-or-later", "GFDL-1.2-or-later", "GPL-2.0-or-later WITH distribution-exception", "MIT", "LGPL-3.0-only", "GPL-3.0-only", "GPL-2.0-only", "GFDL-1.2-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libunwind8@1.3.2-2build2.1", "Name": "libunwind8", "Identifier": { "PURL": "pkg:deb/ubuntu/libunwind8@1.3.2-2build2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f62cae780c5bd8", "BOMRef": "pkg:deb/ubuntu/libunwind8@1.3.2-2build2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.2-2build2.1", "Arch": "amd64", "SrcName": "libunwind", "SrcVersion": "1.3.2", "SrcRelease": "2build2.1", "Licenses": [ "MIT", "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "liblzma5@5.2.5-2ubuntu1" ], "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" } }, { "ID": "libuuid1@2.37.2-4ubuntu3", "Name": "libuuid1", "Identifier": { "PURL": "pkg:deb/ubuntu/libuuid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "189fc01c7ee1cffd", "BOMRef": "pkg:deb/ubuntu/libuuid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libvulkan-dev@1.3.204.1-2", "Name": "libvulkan-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libvulkan-dev@1.3.204.1-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "a66cac559d38e825", "BOMRef": "pkg:deb/ubuntu/libvulkan-dev@1.3.204.1-2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.204.1-2", "Arch": "amd64", "SrcName": "vulkan-loader", "SrcVersion": "1.3.204.1", "SrcRelease": "2", "Licenses": [ "Apache-2.0", "MIT" ], "DependsOn": [ "libvulkan1@1.3.204.1-2" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "libvulkan1@1.3.204.1-2", "Name": "libvulkan1", "Identifier": { "PURL": "pkg:deb/ubuntu/libvulkan1@1.3.204.1-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "32af96f9d168cf9a", "BOMRef": "pkg:deb/ubuntu/libvulkan1@1.3.204.1-2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.204.1-2", "Arch": "amd64", "SrcName": "vulkan-loader", "SrcVersion": "1.3.204.1", "SrcRelease": "2", "Licenses": [ "Apache-2.0", "MIT" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "libwayland-client0@1.20.0-1ubuntu0.1", "Name": "libwayland-client0", "Identifier": { "PURL": "pkg:deb/ubuntu/libwayland-client0@1.20.0-1ubuntu0.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "eafe0822c84ec8bf", "BOMRef": "pkg:deb/ubuntu/libwayland-client0@1.20.0-1ubuntu0.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.20.0-1ubuntu0.1", "Arch": "i386", "SrcName": "wayland", "SrcVersion": "1.20.0", "SrcRelease": "1ubuntu0.1", "Licenses": [ "X11" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libffi8@3.4.2-4" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libwayland-server0@1.20.0-1ubuntu0.1", "Name": "libwayland-server0", "Identifier": { "PURL": "pkg:deb/ubuntu/libwayland-server0@1.20.0-1ubuntu0.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "de635a485b213678", "BOMRef": "pkg:deb/ubuntu/libwayland-server0@1.20.0-1ubuntu0.1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.20.0-1ubuntu0.1", "Arch": "i386", "SrcName": "wayland", "SrcVersion": "1.20.0", "SrcRelease": "1ubuntu0.1", "Licenses": [ "X11" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libffi8@3.4.2-4" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libx11-6@2:1.7.5-1", "Name": "libx11-6", "Identifier": { "PURL": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a327a803ee8e21f7", "BOMRef": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "1.7.5-1", "Epoch": 2, "Arch": "i386", "SrcName": "libx11", "SrcVersion": "1.7.5", "SrcRelease": "1", "SrcEpoch": 2, "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libx11-data@2:1.7.5-1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libx11-data@2:1.7.5-1", "Name": "libx11-data", "Identifier": { "PURL": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f83eeb7f13e45a5", "BOMRef": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "1.7.5-1", "Epoch": 2, "Arch": "all", "SrcName": "libx11", "SrcVersion": "1.7.5", "SrcRelease": "1", "SrcEpoch": 2, "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libx11-dev@2:1.7.5-1", "Name": "libx11-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "67b6ce2121379529", "BOMRef": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "1.7.5-1", "Epoch": 2, "Arch": "i386", "SrcName": "libx11", "SrcVersion": "1.7.5", "SrcRelease": "1", "SrcEpoch": 2, "DependsOn": [ "libx11-6@2:1.7.5-1", "libxau-dev@1:1.0.9-1build5", "libxcb1-dev@1.14-3ubuntu3", "libxdmcp-dev@1:1.1.3-0ubuntu5", "x11proto-dev@2021.5-1", "xtrans-dev@1.4.0-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libx11-xcb1@2:1.7.5-1", "Name": "libx11-xcb1", "Identifier": { "PURL": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "ea45f5e41b8d25a5", "BOMRef": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "1.7.5-1", "Epoch": 2, "Arch": "i386", "SrcName": "libx11", "SrcVersion": "1.7.5", "SrcRelease": "1", "SrcEpoch": 2, "DependsOn": [ "libx11-6@2:1.7.5-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxau-dev@1:1.0.9-1build5", "Name": "libxau-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libxau-dev@1.0.9-1build5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "55aad96ee00277a6", "BOMRef": "pkg:deb/ubuntu/libxau-dev@1.0.9-1build5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.0.9-1build5", "Epoch": 1, "Arch": "i386", "SrcName": "libxau", "SrcVersion": "1.0.9", "SrcRelease": "1build5", "SrcEpoch": 1, "DependsOn": [ "libxau6@1:1.0.9-1build5", "x11proto-dev@2021.5-1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libxau6@1:1.0.9-1build5", "Name": "libxau6", "Identifier": { "PURL": "pkg:deb/ubuntu/libxau6@1.0.9-1build5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "4f64547f2bacfe91", "BOMRef": "pkg:deb/ubuntu/libxau6@1.0.9-1build5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.0.9-1build5", "Epoch": 1, "Arch": "i386", "SrcName": "libxau", "SrcVersion": "1.0.9", "SrcRelease": "1build5", "SrcEpoch": 1, "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libxcb-dri2-0@1.14-3ubuntu3", "Name": "libxcb-dri2-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-dri2-0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "858818f5ba6dad08", "BOMRef": "pkg:deb/ubuntu/libxcb-dri2-0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-dri3-0@1.14-3ubuntu3", "Name": "libxcb-dri3-0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-dri3-0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "6e13a9b4a1539591", "BOMRef": "pkg:deb/ubuntu/libxcb-dri3-0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-glx0@1.14-3ubuntu3", "Name": "libxcb-glx0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-glx0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "71caab91d4fbce51", "BOMRef": "pkg:deb/ubuntu/libxcb-glx0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-present0@1.14-3ubuntu3", "Name": "libxcb-present0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-present0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "adcf4d73e062147a", "BOMRef": "pkg:deb/ubuntu/libxcb-present0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-randr0@1.14-3ubuntu3", "Name": "libxcb-randr0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-randr0@1.14-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "2e1001cf6bbca9e6", "BOMRef": "pkg:deb/ubuntu/libxcb-randr0@1.14-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "amd64", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "libxcb-shm0@1.14-3ubuntu3", "Name": "libxcb-shm0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-shm0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "9d5df9fb7f75c98c", "BOMRef": "pkg:deb/ubuntu/libxcb-shm0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-sync1@1.14-3ubuntu3", "Name": "libxcb-sync1", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-sync1@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "5560763b4d8168a", "BOMRef": "pkg:deb/ubuntu/libxcb-sync1@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb-xfixes0@1.14-3ubuntu3", "Name": "libxcb-xfixes0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb-xfixes0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "9065ca84380d1c8b", "BOMRef": "pkg:deb/ubuntu/libxcb-xfixes0@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxcb1@1.14-3ubuntu3", "Name": "libxcb1", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb1@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "14930c90fe4aea81", "BOMRef": "pkg:deb/ubuntu/libxcb1@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libxau6@1:1.0.9-1build5", "libxdmcp6@1:1.1.3-0ubuntu5" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libxcb1-dev@1.14-3ubuntu3", "Name": "libxcb1-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libxcb1-dev@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04", "UID": "b94a2203db19a5c4", "BOMRef": "pkg:deb/ubuntu/libxcb1-dev@1.14-3ubuntu3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.14-3ubuntu3", "Arch": "i386", "SrcName": "libxcb", "SrcVersion": "1.14", "SrcRelease": "3ubuntu3", "DependsOn": [ "libpthread-stubs0-dev@0.4-1build2", "libxau-dev@1:1.0.9-1build5", "libxcb1@1.14-3ubuntu3", "libxdmcp-dev@1:1.1.3-0ubuntu5" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libxdmcp-dev@1:1.1.3-0ubuntu5", "Name": "libxdmcp-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/libxdmcp-dev@1.1.3-0ubuntu5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "b332aaa5a3eaf147", "BOMRef": "pkg:deb/ubuntu/libxdmcp-dev@1.1.3-0ubuntu5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.1.3-0ubuntu5", "Epoch": 1, "Arch": "i386", "SrcName": "libxdmcp", "SrcVersion": "1.1.3", "SrcRelease": "0ubuntu5", "SrcEpoch": 1, "DependsOn": [ "libxdmcp6@1:1.1.3-0ubuntu5" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "libxdmcp6@1:1.1.3-0ubuntu5", "Name": "libxdmcp6", "Identifier": { "PURL": "pkg:deb/ubuntu/libxdmcp6@1.1.3-0ubuntu5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "102fb2e6c13fb013", "BOMRef": "pkg:deb/ubuntu/libxdmcp6@1.1.3-0ubuntu5?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.1.3-0ubuntu5", "Epoch": 1, "Arch": "i386", "SrcName": "libxdmcp", "SrcVersion": "1.1.3", "SrcRelease": "0ubuntu5", "SrcEpoch": 1, "DependsOn": [ "libbsd0@0.11.5-1", "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libxext6@2:1.3.4-1build1", "Name": "libxext6", "Identifier": { "PURL": "pkg:deb/ubuntu/libxext6@1.3.4-1build1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "218fce2e6f1eaed7", "BOMRef": "pkg:deb/ubuntu/libxext6@1.3.4-1build1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "1.3.4-1build1", "Epoch": 2, "Arch": "i386", "SrcName": "libxext", "SrcVersion": "1.3.4", "SrcRelease": "1build1", "SrcEpoch": 2, "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libx11-6@2:1.7.5-1" ], "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" } }, { "ID": "libxfixes3@1:6.0.0-1", "Name": "libxfixes3", "Identifier": { "PURL": "pkg:deb/ubuntu/libxfixes3@6.0.0-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "9ac33c84855f9626", "BOMRef": "pkg:deb/ubuntu/libxfixes3@6.0.0-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "6.0.0-1", "Epoch": 1, "Arch": "i386", "SrcName": "libxfixes", "SrcVersion": "6.0.0", "SrcRelease": "1", "SrcEpoch": 1, "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libx11-6@2:1.7.5-1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "Name": "libxml2", "Identifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "2.9.13+dfsg-1ubuntu0.3", "Arch": "i386", "SrcName": "libxml2", "SrcVersion": "2.9.13+dfsg", "SrcRelease": "1ubuntu0.3", "Licenses": [ "MIT-1", "ISC" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libicu70@70.1-2", "liblzma5@5.2.5-2ubuntu1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxshmfence1@1.3-1build4", "Name": "libxshmfence1", "Identifier": { "PURL": "pkg:deb/ubuntu/libxshmfence1@1.3-1build4?arch=i386\u0026distro=ubuntu-22.04", "UID": "7aa3e0306cf761e6", "BOMRef": "pkg:deb/ubuntu/libxshmfence1@1.3-1build4?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.3-1build4", "Arch": "i386", "SrcName": "libxshmfence", "SrcVersion": "1.3", "SrcRelease": "1build4", "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxxf86vm1@1:1.1.4-1build3", "Name": "libxxf86vm1", "Identifier": { "PURL": "pkg:deb/ubuntu/libxxf86vm1@1.1.4-1build3?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "47bbbe0666dad957", "BOMRef": "pkg:deb/ubuntu/libxxf86vm1@1.1.4-1build3?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.1.4-1build3", "Epoch": 1, "Arch": "i386", "SrcName": "libxxf86vm", "SrcVersion": "1.1.4", "SrcRelease": "1build3", "SrcEpoch": 1, "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libx11-6@2:1.7.5-1", "libxext6@2:1.3.4-1build1" ], "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" } }, { "ID": "libxxhash0@0.8.1-1", "Name": "libxxhash0", "Identifier": { "PURL": "pkg:deb/ubuntu/libxxhash0@0.8.1-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5e1fd54a1fb1e77b", "BOMRef": "pkg:deb/ubuntu/libxxhash0@0.8.1-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.8.1-1", "Arch": "amd64", "SrcName": "xxhash", "SrcVersion": "0.8.1", "SrcRelease": "1", "Licenses": [ "BSD-2-Clause", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "libzstd1@1.4.8+dfsg-3build1", "Name": "libzstd1", "Identifier": { "PURL": "pkg:deb/ubuntu/libzstd1@1.4.8%2Bdfsg-3build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "efbf7875f9285a06", "BOMRef": "pkg:deb/ubuntu/libzstd1@1.4.8%2Bdfsg-3build1?arch=i386\u0026distro=ubuntu-22.04" }, "Version": "1.4.8+dfsg-3build1", "Arch": "i386", "SrcName": "libzstd", "SrcVersion": "1.4.8+dfsg", "SrcRelease": "3build1", "Licenses": [ "BSD-3-Clause", "GPL-2.0-only", "Zlib", "MIT" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "login@1:4.8.1-2ubuntu2.1", "Name": "login", "Identifier": { "PURL": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "f6b18d3c8eaf4120", "BOMRef": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "4.8.1-2ubuntu2.1", "Epoch": 1, "Arch": "amd64", "SrcName": "shadow", "SrcVersion": "4.8.1", "SrcRelease": "2ubuntu2.1", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "logsave@1.46.5-2ubuntu1.1", "Name": "logsave", "Identifier": { "PURL": "pkg:deb/ubuntu/logsave@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e65883280a869dde", "BOMRef": "pkg:deb/ubuntu/logsave@1.46.5-2ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.46.5-2ubuntu1.1", "Arch": "amd64", "SrcName": "e2fsprogs", "SrcVersion": "1.46.5", "SrcRelease": "2ubuntu1.1", "Licenses": [ "GPL-2.0-only", "LGPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "lsb-base@11.1.0ubuntu4", "Name": "lsb-base", "Identifier": { "PURL": "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu4?arch=all\u0026distro=ubuntu-22.04", "UID": "54697e11facb0c6", "BOMRef": "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu4?arch=all\u0026distro=ubuntu-22.04" }, "Version": "11.1.0ubuntu4", "Arch": "all", "SrcName": "lsb", "SrcVersion": "11.1.0ubuntu4", "Licenses": [ "GPL-2.0-only", "BSD-3-Clause" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "mawk@1.3.4.20200120-3", "Name": "mawk", "Identifier": { "PURL": "pkg:deb/ubuntu/mawk@1.3.4.20200120-3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d68f177e01c5e51", "BOMRef": "pkg:deb/ubuntu/mawk@1.3.4.20200120-3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.4.20200120-3", "Arch": "amd64", "SrcName": "mawk", "SrcVersion": "1.3.4.20200120", "SrcRelease": "3", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "media-types@7.0.0", "Name": "media-types", "Identifier": { "PURL": "pkg:deb/ubuntu/media-types@7.0.0?arch=all\u0026distro=ubuntu-22.04", "UID": "d70ee37920ed05cf", "BOMRef": "pkg:deb/ubuntu/media-types@7.0.0?arch=all\u0026distro=ubuntu-22.04" }, "Version": "7.0.0", "Arch": "all", "SrcName": "media-types", "SrcVersion": "7.0.0", "Licenses": [ "ad-hoc" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "mesa-vulkan-drivers@23.2.1-1ubuntu3.1~22.04.3", "Name": "mesa-vulkan-drivers", "Identifier": { "PURL": "pkg:deb/ubuntu/mesa-vulkan-drivers@23.2.1-1ubuntu3.1~22.04.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d7fee1605f0eb44f", "BOMRef": "pkg:deb/ubuntu/mesa-vulkan-drivers@23.2.1-1ubuntu3.1~22.04.3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "23.2.1-1ubuntu3.1~22.04.3", "Arch": "amd64", "SrcName": "mesa", "SrcVersion": "23.2.1", "SrcRelease": "1ubuntu3.1~22.04.3", "Licenses": [ "MIT", "GPL-2.0-only", "GPL-1.0-or-later", "BSD-3-google", "Khronos", "Apache-2.0", "BSL-1.0", "MLAA", "SGI", "BSD-2-Clause", "GPL-2.0-or-later", "GPL-1.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdrm-amdgpu1@2.4.113-2~ubuntu0.22.04.1", "libdrm2@2.4.113-2~ubuntu0.22.04.1", "libelf1@0.186-1build1", "libexpat1@2.4.7-1ubuntu0.2", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "libstdc++6@12.1.0-2ubuntu1~22.04", "libvulkan1@1.3.204.1-2", "libwayland-client0@1.20.0-1ubuntu0.1", "libx11-xcb1@2:1.7.5-1", "libxcb-dri3-0@1.14-3ubuntu3", "libxcb-present0@1.14-3ubuntu3", "libxcb-randr0@1.14-3ubuntu3", "libxcb-shm0@1.14-3ubuntu3", "libxcb-sync1@1.14-3ubuntu3", "libxcb-xfixes0@1.14-3ubuntu3", "libxcb1@1.14-3ubuntu3", "libxshmfence1@1.3-1build4", "libzstd1@1.4.8+dfsg-3build1", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "mount@2.37.2-4ubuntu3", "Name": "mount", "Identifier": { "PURL": "pkg:deb/ubuntu/mount@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f67614957785e847", "BOMRef": "pkg:deb/ubuntu/mount@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "ncurses-base@6.3-2", "Name": "ncurses-base", "Identifier": { "PURL": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04", "UID": "3a589d901234074a", "BOMRef": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04" }, "Version": "6.3-2", "Arch": "all", "SrcName": "ncurses", "SrcVersion": "6.3", "SrcRelease": "2", "Licenses": [ "MIT-X11", "X11", "BSD-3-Clause" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "ncurses-bin@6.3-2", "Name": "ncurses-bin", "Identifier": { "PURL": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e68a54a2be1b49a3", "BOMRef": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "6.3-2", "Arch": "amd64", "SrcName": "ncurses", "SrcVersion": "6.3", "SrcRelease": "2", "Licenses": [ "MIT-X11", "X11", "BSD-3-Clause" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "openssl@3.0.2-0ubuntu1.20", "Name": "openssl", "Identifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f892c3d07497c738", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.0.2-0ubuntu1.20", "Arch": "amd64", "SrcName": "openssl", "SrcVersion": "3.0.2", "SrcRelease": "0ubuntu1.20", "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libssl3@3.0.2-0ubuntu1.9" ], "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" } }, { "ID": "passwd@1:4.8.1-2ubuntu2.1", "Name": "passwd", "Identifier": { "PURL": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "4b89c00035057c2", "BOMRef": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "4.8.1-2ubuntu2.1", "Epoch": 1, "Arch": "amd64", "SrcName": "shadow", "SrcVersion": "4.8.1", "SrcRelease": "2ubuntu2.1", "SrcEpoch": 1, "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "libaudit1@1:3.0.7-1build1", "libc6@2.35-0ubuntu3.1", "libcrypt1@1:4.4.27-1", "libpam-modules@1.4.0-11ubuntu2.3", "libpam0g@1.4.0-11ubuntu2.3", "libselinux1@3.3-1build2", "libsemanage2@3.3-1build2" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "perl@5.34.0-3ubuntu1.1", "Name": "perl", "Identifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.34.0-3ubuntu1.1", "Arch": "amd64", "SrcName": "perl", "SrcVersion": "5.34.0", "SrcRelease": "3ubuntu1.1", "Licenses": [ "GPL-1.0-or-later", "Artistic-2.0", "MIT", "REGCOMP", "GPL-2.0-only WITH bison-exception+", "Unicode", "BZIP", "Zlib", "GPL-2.0-or-later", "RRA-KEEP-THIS-NOTICE", "BSD-3-Clause WITH weird-numbering", "CC0-1.0", "TEXT-TABS", "BSD-4-clause-POWERDOG", "BSD-3-clause-GENERIC", "BSD-3-Clause", "SDBM-PUBLIC-DOMAIN", "DONT-CHANGE-THE-GPL", "Artistic-dist", "LGPL-2.1-only", "GPL-1.0-only", "GPL-2.0-only", "Artistic-2", "HSIEH-DERIVATIVE", "HSIEH-BSD" ], "DependsOn": [ "libperl5.34@5.34.0-3ubuntu1.1", "perl-base@5.34.0-3ubuntu1.1", "perl-modules-5.34@5.34.0-3ubuntu1.1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "perl-base@5.34.0-3ubuntu1.1", "Name": "perl-base", "Identifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "5.34.0-3ubuntu1.1", "Arch": "amd64", "SrcName": "perl", "SrcVersion": "5.34.0", "SrcRelease": "3ubuntu1.1", "Licenses": [ "GPL-1.0-or-later", "Artistic-2.0", "MIT", "REGCOMP", "GPL-2.0-only WITH bison-exception+", "Unicode", "BZIP", "Zlib", "GPL-2.0-or-later", "RRA-KEEP-THIS-NOTICE", "BSD-3-Clause WITH weird-numbering", "CC0-1.0", "TEXT-TABS", "BSD-4-clause-POWERDOG", "BSD-3-clause-GENERIC", "BSD-3-Clause", "SDBM-PUBLIC-DOMAIN", "DONT-CHANGE-THE-GPL", "Artistic-dist", "LGPL-2.1-only", "GPL-1.0-only", "GPL-2.0-only", "Artistic-2", "HSIEH-DERIVATIVE", "HSIEH-BSD" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "Name": "perl-modules-5.34", "Identifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "5.34.0-3ubuntu1.1", "Arch": "all", "SrcName": "perl", "SrcVersion": "5.34.0", "SrcRelease": "3ubuntu1.1", "Licenses": [ "GPL-1.0-or-later", "Artistic-2.0", "MIT", "REGCOMP", "GPL-2.0-only WITH bison-exception+", "Unicode", "BZIP", "Zlib", "GPL-2.0-or-later", "RRA-KEEP-THIS-NOTICE", "BSD-3-Clause WITH weird-numbering", "CC0-1.0", "TEXT-TABS", "BSD-4-clause-POWERDOG", "BSD-3-clause-GENERIC", "BSD-3-Clause", "SDBM-PUBLIC-DOMAIN", "DONT-CHANGE-THE-GPL", "Artistic-dist", "LGPL-2.1-only", "GPL-1.0-only", "GPL-2.0-only", "Artistic-2", "HSIEH-DERIVATIVE", "HSIEH-BSD" ], "DependsOn": [ "perl-base@5.34.0-3ubuntu1.1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "pkg-config@0.29.2-1ubuntu3", "Name": "pkg-config", "Identifier": { "PURL": "pkg:deb/ubuntu/pkg-config@0.29.2-1ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f482125f2cc9ac76", "BOMRef": "pkg:deb/ubuntu/pkg-config@0.29.2-1ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "0.29.2-1ubuntu3", "Arch": "amd64", "SrcName": "pkg-config", "SrcVersion": "0.29.2", "SrcRelease": "1ubuntu3", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libdpkg-perl@1.21.1ubuntu2.1", "libglib2.0-0@2.72.4-0ubuntu2" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "procps@2:3.3.17-6ubuntu2", "Name": "procps", "Identifier": { "PURL": "pkg:deb/ubuntu/procps@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f7508553e0c13459", "BOMRef": "pkg:deb/ubuntu/procps@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "Version": "3.3.17-6ubuntu2", "Epoch": 2, "Arch": "amd64", "SrcName": "procps", "SrcVersion": "3.3.17", "SrcRelease": "6ubuntu2", "SrcEpoch": 2, "Licenses": [ "LGPL-2.1-or-later", "LGPL-2.0-or-later", "GPL-2.0-or-later", "GPL-2.0-only", "LGPL-2.0-only", "LGPL-2.1-only" ], "DependsOn": [ "init-system-helpers@1.62", "libc6@2.35-0ubuntu3.1", "libncurses6@6.3-2", "libncursesw6@6.3-2", "libprocps8@2:3.3.17-6ubuntu2", "libtinfo6@6.3-2", "lsb-base@11.1.0ubuntu4" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "python3@3.10.6-1~22.04.1", "Name": "python3", "Identifier": { "PURL": "pkg:deb/ubuntu/python3@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "7e1f408b0341866a", "BOMRef": "pkg:deb/ubuntu/python3@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.6-1~22.04.1", "Arch": "amd64", "SrcName": "python3-defaults", "SrcVersion": "3.10.6", "SrcRelease": "1~22.04.1", "DependsOn": [ "libpython3-stdlib@3.10.6-1~22.04.1", "python3.10@3.10.12-1~22.04.12" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "python3-minimal@3.10.6-1~22.04.1", "Name": "python3-minimal", "Identifier": { "PURL": "pkg:deb/ubuntu/python3-minimal@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c28ff03da648ce7f", "BOMRef": "pkg:deb/ubuntu/python3-minimal@3.10.6-1~22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.6-1~22.04.1", "Arch": "amd64", "SrcName": "python3-defaults", "SrcVersion": "3.10.6", "SrcRelease": "1~22.04.1", "DependsOn": [ "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "python3.10@3.10.12-1~22.04.12", "Name": "python3.10", "Identifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5dfc3f54b61ed9d6", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.12-1~22.04.12", "Arch": "amd64", "SrcName": "python3.10", "SrcVersion": "3.10.12", "SrcRelease": "1~22.04.12", "Licenses": [ "GPL-2.0-only", "Redistribution and use in source and binary forms, with or without", "By obtaining, using, and/or copying this software and/or its", "Permission to use, copy, modify, and distribute this software and", "This software is provided 'as-is', without any express or implied", "Permission is hereby granted, free of charge, to any person", "Permission is hereby granted, free of charge, to any person obtaining", "Permission to use, copy, modify, and distribute this software and its", "This software is provided as-is, without express or implied", "Permission to use, copy, modify, and distribute this software for any", "* Permission to use this software in any way is granted without" ], "DependsOn": [ "libpython3.10-stdlib@3.10.12-1~22.04.12", "media-types@7.0.0", "python3.10-minimal@3.10.12-1~22.04.12" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "python3.10-minimal@3.10.12-1~22.04.12", "Name": "python3.10-minimal", "Identifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "68d1ad876ae0e39e", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.10.12-1~22.04.12", "Arch": "amd64", "SrcName": "python3.10", "SrcVersion": "3.10.12", "SrcRelease": "1~22.04.12", "Licenses": [ "GPL-2.0-only", "Redistribution and use in source and binary forms, with or without", "By obtaining, using, and/or copying this software and/or its", "Permission to use, copy, modify, and distribute this software and", "This software is provided 'as-is', without any express or implied", "Permission is hereby granted, free of charge, to any person", "Permission is hereby granted, free of charge, to any person obtaining", "Permission to use, copy, modify, and distribute this software and its", "This software is provided as-is, without express or implied", "Permission to use, copy, modify, and distribute this software for any", "* Permission to use this software in any way is granted without" ], "DependsOn": [ "libexpat1@2.4.7-1ubuntu0.2", "libpython3.10-minimal@3.10.12-1~22.04.12", "zlib1g@1:1.2.11.dfsg-2ubuntu9.2" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "readline-common@8.1.2-1", "Name": "readline-common", "Identifier": { "PURL": "pkg:deb/ubuntu/readline-common@8.1.2-1?arch=all\u0026distro=ubuntu-22.04", "UID": "d7a77c1ff2aa9cbc", "BOMRef": "pkg:deb/ubuntu/readline-common@8.1.2-1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "8.1.2-1", "Arch": "all", "SrcName": "readline", "SrcVersion": "8.1.2", "SrcRelease": "1", "Licenses": [ "GPL-3.0-only", "GFDL-1.3-or-later" ], "DependsOn": [ "dpkg@1.21.1ubuntu2.1" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "sed@4.8-1ubuntu2", "Name": "sed", "Identifier": { "PURL": "pkg:deb/ubuntu/sed@4.8-1ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "45468b702c3ba035", "BOMRef": "pkg:deb/ubuntu/sed@4.8-1ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "4.8-1ubuntu2", "Arch": "amd64", "SrcName": "sed", "SrcVersion": "4.8", "SrcRelease": "1ubuntu2", "Licenses": [ "GPL-3.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "sensible-utils@0.0.17", "Name": "sensible-utils", "Identifier": { "PURL": "pkg:deb/ubuntu/sensible-utils@0.0.17?arch=all\u0026distro=ubuntu-22.04", "UID": "668f7b27597bd067", "BOMRef": "pkg:deb/ubuntu/sensible-utils@0.0.17?arch=all\u0026distro=ubuntu-22.04" }, "Version": "0.0.17", "Arch": "all", "SrcName": "sensible-utils", "SrcVersion": "0.0.17", "Licenses": [ "GPL-2.0-or-later", "All-permissive", "configure", "installsh", "GPL-2.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "sysvinit-utils@3.01-1ubuntu1", "Name": "sysvinit-utils", "Identifier": { "PURL": "pkg:deb/ubuntu/sysvinit-utils@3.01-1ubuntu1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3378697d0c6726e6", "BOMRef": "pkg:deb/ubuntu/sysvinit-utils@3.01-1ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "3.01-1ubuntu1", "Arch": "amd64", "SrcName": "sysvinit", "SrcVersion": "3.01", "SrcRelease": "1ubuntu1", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "lsb-base@11.1.0ubuntu4" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "tar@1.34+dfsg-1ubuntu0.1.22.04.1", "Name": "tar", "Identifier": { "PURL": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9b61a5f18e49d407", "BOMRef": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.34+dfsg-1ubuntu0.1.22.04.1", "Arch": "amd64", "SrcName": "tar", "SrcVersion": "1.34+dfsg", "SrcRelease": "1ubuntu0.1.22.04.1", "Licenses": [ "GPL-3.0-only", "GPL-2.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "tzdata@2025b-0ubuntu0.22.04.1", "Name": "tzdata", "Identifier": { "PURL": "pkg:deb/ubuntu/tzdata@2025b-0ubuntu0.22.04.1?arch=all\u0026distro=ubuntu-22.04", "UID": "37740fcfba2c3651", "BOMRef": "pkg:deb/ubuntu/tzdata@2025b-0ubuntu0.22.04.1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "2025b-0ubuntu0.22.04.1", "Arch": "all", "SrcName": "tzdata", "SrcVersion": "2025b", "SrcRelease": "0ubuntu0.22.04.1", "Licenses": [ "ICU" ], "DependsOn": [ "debconf@1.5.79ubuntu1" ], "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" } }, { "ID": "ubuntu-keyring@2021.03.26", "Name": "ubuntu-keyring", "Identifier": { "PURL": "pkg:deb/ubuntu/ubuntu-keyring@2021.03.26?arch=all\u0026distro=ubuntu-22.04", "UID": "2a163b508bd03bc8", "BOMRef": "pkg:deb/ubuntu/ubuntu-keyring@2021.03.26?arch=all\u0026distro=ubuntu-22.04" }, "Version": "2021.03.26", "Arch": "all", "SrcName": "ubuntu-keyring", "SrcVersion": "2021.03.26", "Licenses": [ "GPL-2.0-or-later" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "usrmerge@25ubuntu2", "Name": "usrmerge", "Identifier": { "PURL": "pkg:deb/ubuntu/usrmerge@25ubuntu2?arch=all\u0026distro=ubuntu-22.04", "UID": "900c5920fec2b63d", "BOMRef": "pkg:deb/ubuntu/usrmerge@25ubuntu2?arch=all\u0026distro=ubuntu-22.04" }, "Version": "25ubuntu2", "Arch": "all", "SrcName": "usrmerge", "SrcVersion": "25ubuntu2", "Licenses": [ "GPL-2.0-or-later" ], "DependsOn": [ "perl-base@5.34.0-3ubuntu1.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "util-linux@2.37.2-4ubuntu3", "Name": "util-linux", "Identifier": { "PURL": "pkg:deb/ubuntu/util-linux@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "87365d9d2616f051", "BOMRef": "pkg:deb/ubuntu/util-linux@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "2.37.2-4ubuntu3", "Arch": "amd64", "SrcName": "util-linux", "SrcVersion": "2.37.2", "SrcRelease": "4ubuntu3", "Licenses": [ "GPL-2.0-or-later", "GPL-2.0-only", "GPL-3.0-or-later", "public-domain", "BSD-4-Clause", "MIT", "BSD-2-Clause", "BSD-3-Clause", "LGPL-2.0-or-later", "LGPL-2.1-or-later", "LGPL-3.0-or-later", "GPL-3.0-only", "LGPL-2.0-only", "LGPL-2.1-only", "LGPL-3.0-only" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } }, { "ID": "vulkan-tools@1.3.204.0+dfsg1-1", "Name": "vulkan-tools", "Identifier": { "PURL": "pkg:deb/ubuntu/vulkan-tools@1.3.204.0%2Bdfsg1-1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "eeb1430669062556", "BOMRef": "pkg:deb/ubuntu/vulkan-tools@1.3.204.0%2Bdfsg1-1?arch=amd64\u0026distro=ubuntu-22.04" }, "Version": "1.3.204.0+dfsg1-1", "Arch": "amd64", "SrcName": "vulkan-tools", "SrcVersion": "1.3.204.0+dfsg1", "SrcRelease": "1", "Licenses": [ "Apache-2.0", "MIT" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1", "libgcc-s1@12.1.0-2ubuntu1~22.04", "libstdc++6@12.1.0-2ubuntu1~22.04", "libvulkan1@1.3.204.1-2", "libwayland-client0@1.20.0-1ubuntu0.1", "libx11-6@2:1.7.5-1", "libxcb1@1.14-3ubuntu3" ], "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" } }, { "ID": "x11proto-dev@2021.5-1", "Name": "x11proto-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/x11proto-dev@2021.5-1?arch=all\u0026distro=ubuntu-22.04", "UID": "4ba03d9fc362f27b", "BOMRef": "pkg:deb/ubuntu/x11proto-dev@2021.5-1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "2021.5-1", "Arch": "all", "SrcName": "xorgproto", "SrcVersion": "2021.5", "SrcRelease": "1", "Licenses": [ "MIT", "SGI" ], "DependsOn": [ "xorg-sgml-doctools@1:1.11-1.1" ], "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "xorg-sgml-doctools@1:1.11-1.1", "Name": "xorg-sgml-doctools", "Identifier": { "PURL": "pkg:deb/ubuntu/xorg-sgml-doctools@1.11-1.1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "c25e42011a17c3f0", "BOMRef": "pkg:deb/ubuntu/xorg-sgml-doctools@1.11-1.1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.11-1.1", "Epoch": 1, "Arch": "all", "SrcName": "xorg-sgml-doctools", "SrcVersion": "1.11", "SrcRelease": "1.1", "SrcEpoch": 1, "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "xtrans-dev@1.4.0-1", "Name": "xtrans-dev", "Identifier": { "PURL": "pkg:deb/ubuntu/xtrans-dev@1.4.0-1?arch=all\u0026distro=ubuntu-22.04", "UID": "dfd450fa93aac609", "BOMRef": "pkg:deb/ubuntu/xtrans-dev@1.4.0-1?arch=all\u0026distro=ubuntu-22.04" }, "Version": "1.4.0-1", "Arch": "all", "SrcName": "xtrans", "SrcVersion": "1.4.0", "SrcRelease": "1", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" } }, { "ID": "zlib1g@1:1.2.11.dfsg-2ubuntu9.2", "Name": "zlib1g", "Identifier": { "PURL": "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu9.2?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "84603c3e51b4bbcf", "BOMRef": "pkg:deb/ubuntu/zlib1g@1.2.11.dfsg-2ubuntu9.2?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "Version": "1.2.11.dfsg-2ubuntu9.2", "Epoch": 1, "Arch": "i386", "SrcName": "zlib", "SrcVersion": "1.2.11.dfsg", "SrcRelease": "2ubuntu9.2", "SrcEpoch": 1, "Licenses": [ "Zlib" ], "DependsOn": [ "libc6@2.35-0ubuntu3.1" ], "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" } } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2022-3715", "PkgID": "bash@5.1-6ubuntu1", "PkgName": "bash", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1738e0c17c879de", "BOMRef": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.1-6ubuntu1", "FixedVersion": "5.1-6ubuntu1.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-3715", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7aadbfa5e6228061df2762f777e235fdc50c264f88648115579b3f23118d54f5", "Title": "bash: a heap-buffer-overflow in valid_parameter_transform", "Description": "A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "V3Score": 6.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:0340", "https://access.redhat.com/security/cve/CVE-2022-3715", "https://bugzilla.redhat.com/2126720", "https://bugzilla.redhat.com/show_bug.cgi?id=2126720", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3715", "https://errata.almalinux.org/9/ALSA-2023-0340.html", "https://errata.rockylinux.org/RLSA-2023:0340", "https://linux.oracle.com/cve/CVE-2022-3715.html", "https://linux.oracle.com/errata/ELSA-2023-0340.html", "https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-3715", "https://security.netapp.com/advisory/ntap-20241108-0002/", "https://ubuntu.com/security/notices/USN-6697-1", "https://www.cve.org/CVERecord?id=CVE-2022-3715" ], "PublishedDate": "2023-01-05T15:15:10.41Z", "LastModifiedDate": "2025-11-03T22:16:00.343Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "bsdutils@1:2.37.2-4ubuntu3", "PkgName": "bsdutils", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/bsdutils@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "fdef9652c0b46c7b", "BOMRef": "pkg:deb/ubuntu/bsdutils@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:126751601a421b83c0c0058b2d8096fcf2ebdfa37d97824b3ba6fa4b375e31e6", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2025-6297", "PkgID": "dpkg@1.21.1ubuntu2.1", "PkgName": "dpkg", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/dpkg@1.21.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8781567b680a5dbe", "BOMRef": "pkg:deb/ubuntu/dpkg@1.21.1ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.21.1ubuntu2.1", "FixedVersion": "1.21.1ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6297", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6b5ae119b159ae289ab2262889ec0fb489c082ca87dd97a77c768bd85039939f", "Title": "It was discovered that dpkg-deb does not properly sanitize directory p ...", "Description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is\ndocumented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on\nadversarial .deb packages or with well compressible files, placed\ninside a directory with permissions not allowing removal by a non-root\nuser, this can end up in a DoS scenario due to causing disk quota\nexhaustion or disk full conditions.", "Severity": "LOW", "CweIDs": [ "CWE-400", "CWE-732" ], "VendorSeverity": { "ubuntu": 1 }, "References": [ "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ed6bbd445dd8800308c67236ba35d08004c98e82", "https://ubuntu.com/security/notices/USN-7768-1", "https://www.cve.org/CVERecord?id=CVE-2025-6297" ], "PublishedDate": "2025-07-01T17:15:30.177Z", "LastModifiedDate": "2025-08-19T17:50:38.047Z" }, { "VulnerabilityID": "CVE-2022-27943", "PkgID": "gcc-12-base@12.1.0-2ubuntu1~22.04", "PkgName": "gcc-12-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "eb3d8453e26c5e35", "BOMRef": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-27943", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3fa92625a83b1049967bddf18b0b26bb96452a7332e19466df42454dcb33ef61", "Title": "binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const", "Description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "Severity": "LOW", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 1, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V2Score": 4.3, "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-27943", "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead", "https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "https://sourceware.org/bugzilla/show_bug.cgi?id=28995", "https://www.cve.org/CVERecord?id=CVE-2022-27943" ], "PublishedDate": "2022-03-26T13:15:07.9Z", "LastModifiedDate": "2024-11-21T06:56:31.04Z" }, { "VulnerabilityID": "CVE-2023-4039", "PkgID": "gcc-12-base@12.1.0-2ubuntu1~22.04", "PkgName": "gcc-12-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "eb3d8453e26c5e35", "BOMRef": "pkg:deb/ubuntu/gcc-12-base@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "FixedVersion": "12.3.0-1ubuntu1~22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4039", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9c22f5505e6a146065d9bc4ec408456e4b3ce1a6c2a203fc38350904bf82ffef", "Title": "gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64", "Description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "Severity": "LOW", "CweIDs": [ "CWE-693" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-4039", "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64", "https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt", "https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html", "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf", "https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org", "https://linux.oracle.com/cve/CVE-2023-4039.html", "https://linux.oracle.com/errata/ELSA-2023-28766.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4039", "https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html", "https://ubuntu.com/security/notices/USN-7700-1", "https://www.cve.org/CVERecord?id=CVE-2023-4039" ], "PublishedDate": "2023-09-13T09:15:15.69Z", "LastModifiedDate": "2025-02-13T17:17:14.717Z" }, { "VulnerabilityID": "CVE-2025-68973", "PkgID": "gpgv@2.2.27-3ubuntu2.1", "PkgName": "gpgv", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "10c4962094550539", "BOMRef": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.2.27-3ubuntu2.1", "FixedVersion": "2.2.27-3ubuntu2.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-68973", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:711b9616299aaf3e24eab4c440091e668cc431abcb7921d2371d080ba2fca74a", "Title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write", "Description": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)", "Severity": "HIGH", "CweIDs": [ "CWE-675", "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 3 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/12/29/11", "https://access.redhat.com/errata/RHSA-2026:0719", "https://access.redhat.com/security/cve/CVE-2025-68973", "https://bugzilla.redhat.com/2425966", "https://bugzilla.redhat.com/show_bug.cgi?id=2425966", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973", "https://dev.gnupg.org/T7906", "https://dev.gnupg.org/T8001", "https://errata.almalinux.org/9/ALSA-2026-0719.html", "https://errata.rockylinux.org/RLSA-2026:0719", "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306", "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9", "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9 (gnupg-2.5.14)", "https://github.com/gpg/gnupg/commit/1e929abd20fa2e4be3797a137caca63a971d5372 (gnupg-2.2.51)", "https://github.com/gpg/gnupg/commit/4ecc5122f20e10c17172ed72f4fa46c784b5fb48 (gnupg-2.4.9)", "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51", "https://gpg.fail/memcpy", "https://linux.oracle.com/cve/CVE-2025-68973.html", "https://linux.oracle.com/errata/ELSA-2026-1677.html", "https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html", "https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i", "https://news.ycombinator.com/item?id=46403200", "https://nvd.nist.gov/vuln/detail/CVE-2025-68973", "https://ubuntu.com/security/notices/USN-7946-1", "https://ubuntu.com/security/notices/USN-7946-2", "https://www.cve.org/CVERecord?id=CVE-2025-68973", "https://www.openwall.com/lists/oss-security/2025/12/28/5" ], "PublishedDate": "2025-12-28T17:16:01.5Z", "LastModifiedDate": "2026-01-14T19:16:46.857Z" }, { "VulnerabilityID": "CVE-2025-30258", "PkgID": "gpgv@2.2.27-3ubuntu2.1", "PkgName": "gpgv", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "10c4962094550539", "BOMRef": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.2.27-3ubuntu2.1", "FixedVersion": "2.2.27-3ubuntu2.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-30258", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:aa294dfa916a9793241c27b5fafcc7351f493bab5abce253b84ef8aebb5a9634", "Title": "gnupg: verification DoS due to a malicious subkey in the keyring", "Description": "In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a \"verification DoS.\"", "Severity": "MEDIUM", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "amazon": 1, "nvd": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 4.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L", "V3Score": 2.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-30258", "https://dev.gnupg.org/T7527", "https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158", "https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-30258", "https://ubuntu.com/security/notices/USN-7412-1", "https://ubuntu.com/security/notices/USN-7412-3", "https://www.cve.org/CVERecord?id=CVE-2025-30258" ], "PublishedDate": "2025-03-19T20:15:20.14Z", "LastModifiedDate": "2025-10-16T16:53:07.557Z" }, { "VulnerabilityID": "CVE-2022-27943", "PkgID": "libatomic1@12.1.0-2ubuntu1~22.04", "PkgName": "libatomic1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "de89eee0da10c546", "BOMRef": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-27943", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:627a5b5d01f4bda2dbc1295a78bcc9c2305c7e6df275f86d23b80d3f5b33e73e", "Title": "binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const", "Description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "Severity": "LOW", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 1, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V2Score": 4.3, "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-27943", "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead", "https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "https://sourceware.org/bugzilla/show_bug.cgi?id=28995", "https://www.cve.org/CVERecord?id=CVE-2022-27943" ], "PublishedDate": "2022-03-26T13:15:07.9Z", "LastModifiedDate": "2024-11-21T06:56:31.04Z" }, { "VulnerabilityID": "CVE-2023-4039", "PkgID": "libatomic1@12.1.0-2ubuntu1~22.04", "PkgName": "libatomic1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "de89eee0da10c546", "BOMRef": "pkg:deb/ubuntu/libatomic1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "FixedVersion": "12.3.0-1ubuntu1~22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4039", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3200caef0b5cef794aa8eb6048011b3ff1ac9c6088d367e1badf7590b512f121", "Title": "gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64", "Description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "Severity": "LOW", "CweIDs": [ "CWE-693" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-4039", "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64", "https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt", "https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html", "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf", "https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org", "https://linux.oracle.com/cve/CVE-2023-4039.html", "https://linux.oracle.com/errata/ELSA-2023-28766.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4039", "https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html", "https://ubuntu.com/security/notices/USN-7700-1", "https://www.cve.org/CVERecord?id=CVE-2023-4039" ], "PublishedDate": "2023-09-13T09:15:15.69Z", "LastModifiedDate": "2025-02-13T17:17:14.717Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "libblkid1@2.37.2-4ubuntu3", "PkgName": "libblkid1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libblkid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "711bb225c7e5017c", "BOMRef": "pkg:deb/ubuntu/libblkid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5d5e54b72c8018614dadc24081e57e28caf08c22a4adcf671c20236958638c9f", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2023-4911", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4911", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:01250693b7b2ab0e962717ddd3427c46dd0e1ac6e19363a5dafc1dabb1dfe679", "Title": "glibc: buffer overflow in ld.so leading to privilege escalation", "Description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "Severity": "HIGH", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 3 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html", "http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html", "http://seclists.org/fulldisclosure/2023/Oct/11", "http://www.openwall.com/lists/oss-security/2023/10/03/2", "http://www.openwall.com/lists/oss-security/2023/10/03/3", "http://www.openwall.com/lists/oss-security/2023/10/05/1", "http://www.openwall.com/lists/oss-security/2023/10/13/11", "http://www.openwall.com/lists/oss-security/2023/10/14/3", "http://www.openwall.com/lists/oss-security/2023/10/14/5", "http://www.openwall.com/lists/oss-security/2023/10/14/6", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5454", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:5476", "https://access.redhat.com/errata/RHSA-2024:0033", "https://access.redhat.com/security/cve/CVE-2023-4911", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4911.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4911", "https://security.gentoo.org/glsa/202310-03", "https://security.netapp.com/advisory/ntap-20231013-0006/", "https://ubuntu.com/security/notices/USN-6409-1", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911", "https://www.cve.org/CVERecord?id=CVE-2023-4911", "https://www.debian.org/security/2023/dsa-5514", "https://www.exploit-db.com/exploits/52479", "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt", "https://www.qualys.com/cve-2023-4911/" ], "PublishedDate": "2023-10-03T18:15:10.463Z", "LastModifiedDate": "2026-02-13T21:25:07.227Z" }, { "VulnerabilityID": "CVE-2023-5156", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-5156", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:50ed685396932306219aaaef361d2f387fbf2af3902fcdf67388df38bd587770", "Title": "glibc: DoS due to memory leak in getaddrinfo.c", "Description": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "amazon": 1, "azure": 3, "cbl-mariner": 3, "nvd": 3, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/4", "http://www.openwall.com/lists/oss-security/2023/10/03/5", "http://www.openwall.com/lists/oss-security/2023/10/03/6", "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/security/cve/CVE-2023-5156", "https://bugzilla.redhat.com/show_bug.cgi?id=2240541", "https://nvd.nist.gov/vuln/detail/CVE-2023-5156", "https://security.gentoo.org/glsa/202402-01", "https://sourceware.org/bugzilla/show_bug.cgi?id=30884", "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796", "https://sourceware.org/pipermail/libc-alpha/2023-September/151691.html", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-5156" ], "PublishedDate": "2023-09-25T16:15:15.613Z", "LastModifiedDate": "2024-11-21T08:41:10.837Z" }, { "VulnerabilityID": "CVE-2024-2961", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-2961", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ea19bce2b1ca5882da2d27b7faf87d7ba2058eaa70e08a5da7f08f0c5bfe12f7", "Title": "glibc: Out of bounds write in iconv may lead to remote code execution", "Description": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/04/17/9", "http://www.openwall.com/lists/oss-security/2024/04/18/4", "http://www.openwall.com/lists/oss-security/2024/04/24/2", "http://www.openwall.com/lists/oss-security/2024/05/27/1", "http://www.openwall.com/lists/oss-security/2024/05/27/2", "http://www.openwall.com/lists/oss-security/2024/05/27/3", "http://www.openwall.com/lists/oss-security/2024/05/27/4", "http://www.openwall.com/lists/oss-security/2024/05/27/5", "http://www.openwall.com/lists/oss-security/2024/05/27/6", "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-2961", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://linux.oracle.com/cve/CVE-2024-2961.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/", "https://nvd.nist.gov/vuln/detail/CVE-2024-2961", "https://security.netapp.com/advisory/ntap-20240531-0002/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004", "https://ubuntu.com/security/notices/USN-6737-1", "https://ubuntu.com/security/notices/USN-6737-2", "https://ubuntu.com/security/notices/USN-6762-1", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p1", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p2", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p3", "https://www.cve.org/CVERecord?id=CVE-2024-2961", "https://www.openwall.com/lists/oss-security/2024/04/17/9" ], "PublishedDate": "2024-04-17T18:15:15.833Z", "LastModifiedDate": "2026-04-03T16:36:35.057Z" }, { "VulnerabilityID": "CVE-2024-33599", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33599", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:be527d976cddd7336017bd4b66907e8c9310b8b9b12aa2308f30fa911eb8969c", "Title": "glibc: stack-based buffer overflow in netgroup cache", "Description": "nscd: Stack-based buffer overflow in netgroup cache\n\nIf the Name Service Cache Daemon's (nscd) fixed size cache is exhausted\nby client requests then a subsequent client request for netgroup data\nmay result in a stack-based buffer overflow. This flaw was introduced\nin glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.6 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33599", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33599.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33599", "https://security.netapp.com/advisory/ntap-20240524-0011/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33599", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.437Z", "LastModifiedDate": "2025-06-18T14:56:01.037Z" }, { "VulnerabilityID": "CVE-2024-33600", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33600", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1fc4fbecd3121b3c59e24b9e1f2dd4b3cc1995afa614f67696636335ad7b4874", "Title": "glibc: null pointer dereferences after failed netgroup cache insertion", "Description": "nscd: Null pointer crashes after notfound response\n\nIf the Name Service Cache Daemon's (nscd) cache fails to add a not-found\nnetgroup response to the cache, the client request can result in a null\npointer dereference. This flaw was introduced in glibc 2.15 when the\ncache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33600", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33600.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33600", "https://security.netapp.com/advisory/ntap-20240524-0013/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33600", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.523Z", "LastModifiedDate": "2025-06-18T14:50:25.44Z" }, { "VulnerabilityID": "CVE-2024-33601", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33601", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8e0b815d5b347dca5cb0a2ea307117f096c87985599cf0128f0eb61b9778a70a", "Title": "glibc: netgroup cache may terminate daemon on memory allocation failure", "Description": "nscd: netgroup cache may terminate daemon on memory allocation failure\n\nThe Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or\nxrealloc and these functions may terminate the process due to a memory\nallocation failure resulting in a denial of service to the clients. The\nflaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-617" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33601", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33601.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33601", "https://security.netapp.com/advisory/ntap-20240524-0014/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33601", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.603Z", "LastModifiedDate": "2025-08-01T01:56:26.467Z" }, { "VulnerabilityID": "CVE-2024-33602", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33602", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0d3b4882cd8385abf4864d16b54e0d5e1f0cfb1cdff69730d7b329ee4ce28273", "Title": "glibc: netgroup cache assumes NSS callback uses in-buffer strings", "Description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings\n\nThe Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory\nwhen the NSS callback does not store all strings in the provided buffer.\nThe flaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-466" ], "VendorSeverity": { "alma": 3, "amazon": 2, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33602", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33602.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33602", "https://security.netapp.com/advisory/ntap-20240524-0012/", "https://sourceware.org/bugzilla/show_bug.cgi?id=31680", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33602", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.68Z", "LastModifiedDate": "2025-06-18T14:40:48.823Z" }, { "VulnerabilityID": "CVE-2025-0395", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.9", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-0395", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:47a0971fc221bebaf63371872a2ec2f977436882e3a1a7ae5d36635457dc7156", "Title": "glibc: buffer overflow in the GNU C Library's assert()", "Description": "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "Severity": "MEDIUM", "CweIDs": [ "CWE-131" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 1, "cbl-mariner": 1, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/01/22/4", "http://www.openwall.com/lists/oss-security/2025/01/23/2", "http://www.openwall.com/lists/oss-security/2025/04/13/1", "http://www.openwall.com/lists/oss-security/2025/04/24/7", "https://access.redhat.com/errata/RHSA-2025:4244", "https://access.redhat.com/security/cve/CVE-2025-0395", "https://bugzilla.redhat.com/2339460", "https://bugzilla.redhat.com/show_bug.cgi?id=2339460", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0395", "https://errata.almalinux.org/9/ALSA-2025-4244.html", "https://errata.rockylinux.org/RLSA-2025:4244", "https://linux.oracle.com/cve/CVE-2025-0395.html", "https://linux.oracle.com/errata/ELSA-2025-4244.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00039.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-0395", "https://security.netapp.com/advisory/ntap-20250228-0006/", "https://sourceware.org/bugzilla/show_bug.cgi?id=32582", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001", "https://sourceware.org/pipermail/libc-announce/2025/000044.html", "https://ubuntu.com/security/notices/USN-7259-1", "https://ubuntu.com/security/notices/USN-7259-2", "https://ubuntu.com/security/notices/USN-7259-3", "https://www.cve.org/CVERecord?id=CVE-2025-0395", "https://www.openwall.com/lists/oss-security/2025/01/22/4" ], "PublishedDate": "2025-01-22T13:15:20.933Z", "LastModifiedDate": "2026-02-04T21:15:56.993Z" }, { "VulnerabilityID": "CVE-2025-15281", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15281", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:720ed2e8f28b6afdb1156f8249b74ffe07b4e86db411f17c6d86cfd61908c864", "Title": "glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory", "Description": "Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.", "Severity": "MEDIUM", "CweIDs": [ "CWE-908" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/20/3", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2025-15281", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2025-15281.html", "https://linux.oracle.com/errata/ELSA-2026-50174.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-15281", "https://sourceware.org/bugzilla/show_bug.cgi?id=33814", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2025-15281", "https://www.openwall.com/lists/oss-security/2026/01/20/3" ], "PublishedDate": "2026-01-20T14:16:07.843Z", "LastModifiedDate": "2026-02-05T17:43:18.63Z" }, { "VulnerabilityID": "CVE-2025-4802", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.10", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-4802", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f840ea029fe4f1d4fa944f8f6660c839ad56910663d72ecf528ec5de0ce7dab3", "Title": "glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH", "Description": "Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).", "Severity": "MEDIUM", "CweIDs": [ "CWE-426" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/05/16/7", "http://www.openwall.com/lists/oss-security/2025/05/17/2", "https://access.redhat.com/errata/RHSA-2025:8655", "https://access.redhat.com/security/cve/CVE-2025-4802", "https://bugzilla.redhat.com/2367468", "https://bugzilla.redhat.com/show_bug.cgi?id=2367468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802", "https://errata.almalinux.org/9/ALSA-2025-8655.html", "https://errata.rockylinux.org/RLSA-2025:8655", "https://inbox.sourceware.org/libc-announce/3ac997b0-28a5-4129-af53-675efe4c2dec@redhat.com/T/#u", "https://linux.oracle.com/cve/CVE-2025-4802.html", "https://linux.oracle.com/errata/ELSA-2025-8686.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00033.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-4802", "https://sourceware.org/bugzilla/show_bug.cgi?id=32976", "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e", "https://sourceware.org/cgit/glibc/commit/?id=5451fa962cd0a90a0e2ec1d8910a559ace02bba0", "https://ubuntu.com/security/notices/USN-7541-1", "https://www.cve.org/CVERecord?id=CVE-2025-4802", "https://www.openwall.com/lists/oss-security/2025/05/16/7", "https://www.openwall.com/lists/oss-security/2025/05/17/2" ], "PublishedDate": "2025-05-16T20:15:22.28Z", "LastModifiedDate": "2025-11-03T20:19:11.153Z" }, { "VulnerabilityID": "CVE-2025-8058", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.11", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-8058", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bde7981a85afbca70f54304ced248c9bde51279bc82fb104acc6cfbdb62ff50e", "Title": "glibc: Double free in glibc", "Description": "The regcomp function in the GNU C library version from 2.4 to 2.41 is \nsubject to a double free if some previous allocation fails. It can be \naccomplished either by a malloc failure or by using an interposed malloc\n that injects random malloc failures. The double free can allow buffer \nmanipulation depending of how the regex is constructed. This issue \naffects all architectures and ABIs supported by the GNU C library.", "Severity": "MEDIUM", "CweIDs": [ "CWE-415" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "V3Score": 4.2 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/23/1", "https://access.redhat.com/errata/RHSA-2025:12980", "https://access.redhat.com/security/cve/CVE-2025-8058", "https://bugzilla.redhat.com/2383146", "https://bugzilla.redhat.com/show_bug.cgi?id=2383146", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8058", "https://errata.almalinux.org/8/ALSA-2025-12980.html", "https://errata.rockylinux.org/RLSA-2025:12748", "https://linux.oracle.com/cve/CVE-2025-8058.html", "https://linux.oracle.com/errata/ELSA-2025-28054.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-8058", "https://sourceware.org/bugzilla/show_bug.cgi?id=33185", "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2025-0005", "https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f", "https://ubuntu.com/security/notices/USN-7760-1", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2025-8058" ], "PublishedDate": "2025-07-23T20:15:27.747Z", "LastModifiedDate": "2025-11-04T22:16:44.44Z" }, { "VulnerabilityID": "CVE-2026-0861", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0861", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9e4c5295d1e2d219c159cfc3b1365d43387a83970b2280ad147f3bc7fa279da5", "Title": "glibc: Integer overflow in memalign leads to heap corruption", "Description": "Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption.\n\nNote that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for the alignment for memalign to the range [1\u003c\u003c62+ 1, 1\u003c\u003c63] and exactly 1\u003c\u003c63 for posix_memalign and aligned_alloc.\n\nTypically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice. An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/16/5", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2026-0861", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2026-0861.html", "https://linux.oracle.com/errata/ELSA-2026-50120.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-0861", "https://sourceware.org/bugzilla/show_bug.cgi?id=33796", "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0001", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2026-0861" ], "PublishedDate": "2026-01-14T21:15:52.617Z", "LastModifiedDate": "2026-02-03T18:26:25.39Z" }, { "VulnerabilityID": "CVE-2026-0915", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0915", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:29d10ecf16ee03dc00298ced7c20660d7e8b9133985c23a6e4ec770a2f237dfa", "Title": "glibc: glibc: Information disclosure via zero-valued network query", "Description": "Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.", "Severity": "MEDIUM", "CweIDs": [ "CWE-908" ], "VendorSeverity": { "alma": 2, "azure": 1, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/16/6", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2026-0915", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2026-0915.html", "https://linux.oracle.com/errata/ELSA-2026-50174.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-0915", "https://sourceware.org/bugzilla/show_bug.cgi?id=33802", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2026-0915", "https://www.openwall.com/lists/oss-security/2026/01/16/6" ], "PublishedDate": "2026-01-15T22:16:12.457Z", "LastModifiedDate": "2026-01-23T19:36:50.73Z" }, { "VulnerabilityID": "CVE-2023-4806", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4806", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:258c13f1cbb185ef52d493cbb9015eb99fface5756ff144a381c8e6f68773e9e", "Title": "glibc: potential use-after-free in getaddrinfo()", "Description": "A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "Severity": "LOW", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/4", "http://www.openwall.com/lists/oss-security/2023/10/03/5", "http://www.openwall.com/lists/oss-security/2023/10/03/6", "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/errata/RHBA-2024:2413", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:7409", "https://access.redhat.com/security/cve/CVE-2023-4806", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4806.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4806", "https://security.gentoo.org/glsa/202310-03", "https://security.netapp.com/advisory/ntap-20240125-0008/", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-4806" ], "PublishedDate": "2023-09-18T17:15:55.813Z", "LastModifiedDate": "2025-09-26T12:15:32.717Z" }, { "VulnerabilityID": "CVE-2023-4813", "PkgID": "libc-bin@2.35-0ubuntu3.1", "PkgName": "libc-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9174e388974bd46a", "BOMRef": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4813", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1922fd64ee4c3b02681b6f109a03afac0c09b6b102f80e9894db56713207f757", "Title": "glibc: potential use-after-free in gaih_inet()", "Description": "A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "Severity": "LOW", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/errata/RHBA-2024:2413", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:7409", "https://access.redhat.com/security/cve/CVE-2023-4813", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4813.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4813", "https://security.netapp.com/advisory/ntap-20231110-0003/", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-4813" ], "PublishedDate": "2023-09-12T22:15:08.277Z", "LastModifiedDate": "2025-09-26T12:15:34.583Z" }, { "VulnerabilityID": "CVE-2023-4911", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4911", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7840fefe87aa34a30b22a483672ad6aa324a4faee51a6052f34427133f32f343", "Title": "glibc: buffer overflow in ld.so leading to privilege escalation", "Description": "A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.", "Severity": "HIGH", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 3 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html", "http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html", "http://seclists.org/fulldisclosure/2023/Oct/11", "http://www.openwall.com/lists/oss-security/2023/10/03/2", "http://www.openwall.com/lists/oss-security/2023/10/03/3", "http://www.openwall.com/lists/oss-security/2023/10/05/1", "http://www.openwall.com/lists/oss-security/2023/10/13/11", "http://www.openwall.com/lists/oss-security/2023/10/14/3", "http://www.openwall.com/lists/oss-security/2023/10/14/5", "http://www.openwall.com/lists/oss-security/2023/10/14/6", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5454", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:5476", "https://access.redhat.com/errata/RHSA-2024:0033", "https://access.redhat.com/security/cve/CVE-2023-4911", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4911.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4911", "https://security.gentoo.org/glsa/202310-03", "https://security.netapp.com/advisory/ntap-20231013-0006/", "https://ubuntu.com/security/notices/USN-6409-1", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911", "https://www.cve.org/CVERecord?id=CVE-2023-4911", "https://www.debian.org/security/2023/dsa-5514", "https://www.exploit-db.com/exploits/52479", "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt", "https://www.qualys.com/cve-2023-4911/" ], "PublishedDate": "2023-10-03T18:15:10.463Z", "LastModifiedDate": "2026-02-13T21:25:07.227Z" }, { "VulnerabilityID": "CVE-2023-5156", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-5156", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:589f5b410de0e7583487a865680d8fa343b043fcc3cdd40c0a9467c1a33c6d4b", "Title": "glibc: DoS due to memory leak in getaddrinfo.c", "Description": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "amazon": 1, "azure": 3, "cbl-mariner": 3, "nvd": 3, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/4", "http://www.openwall.com/lists/oss-security/2023/10/03/5", "http://www.openwall.com/lists/oss-security/2023/10/03/6", "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/security/cve/CVE-2023-5156", "https://bugzilla.redhat.com/show_bug.cgi?id=2240541", "https://nvd.nist.gov/vuln/detail/CVE-2023-5156", "https://security.gentoo.org/glsa/202402-01", "https://sourceware.org/bugzilla/show_bug.cgi?id=30884", "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796", "https://sourceware.org/pipermail/libc-alpha/2023-September/151691.html", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-5156" ], "PublishedDate": "2023-09-25T16:15:15.613Z", "LastModifiedDate": "2024-11-21T08:41:10.837Z" }, { "VulnerabilityID": "CVE-2024-2961", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-2961", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c4299db56c2d33c4bc975dd2313b6d6f8e1841fcdce530b24303d65a31a30ad3", "Title": "glibc: Out of bounds write in iconv may lead to remote code execution", "Description": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/04/17/9", "http://www.openwall.com/lists/oss-security/2024/04/18/4", "http://www.openwall.com/lists/oss-security/2024/04/24/2", "http://www.openwall.com/lists/oss-security/2024/05/27/1", "http://www.openwall.com/lists/oss-security/2024/05/27/2", "http://www.openwall.com/lists/oss-security/2024/05/27/3", "http://www.openwall.com/lists/oss-security/2024/05/27/4", "http://www.openwall.com/lists/oss-security/2024/05/27/5", "http://www.openwall.com/lists/oss-security/2024/05/27/6", "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-2961", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://linux.oracle.com/cve/CVE-2024-2961.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/", "https://nvd.nist.gov/vuln/detail/CVE-2024-2961", "https://security.netapp.com/advisory/ntap-20240531-0002/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004", "https://ubuntu.com/security/notices/USN-6737-1", "https://ubuntu.com/security/notices/USN-6737-2", "https://ubuntu.com/security/notices/USN-6762-1", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p1", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p2", "https://www.ambionics.io/blog/iconv-cve-2024-2961-p3", "https://www.cve.org/CVERecord?id=CVE-2024-2961", "https://www.openwall.com/lists/oss-security/2024/04/17/9" ], "PublishedDate": "2024-04-17T18:15:15.833Z", "LastModifiedDate": "2026-04-03T16:36:35.057Z" }, { "VulnerabilityID": "CVE-2024-33599", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33599", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:80d2442d0bc9168236b62fbc6d62bf1f69b5529222824c6b522db4a53da9ad8f", "Title": "glibc: stack-based buffer overflow in netgroup cache", "Description": "nscd: Stack-based buffer overflow in netgroup cache\n\nIf the Name Service Cache Daemon's (nscd) fixed size cache is exhausted\nby client requests then a subsequent client request for netgroup data\nmay result in a stack-based buffer overflow. This flaw was introduced\nin glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.6 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33599", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33599.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33599", "https://security.netapp.com/advisory/ntap-20240524-0011/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33599", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.437Z", "LastModifiedDate": "2025-06-18T14:56:01.037Z" }, { "VulnerabilityID": "CVE-2024-33600", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33600", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bc4e45140159e5873f7aff987f294b5233a145722b3c576ceb22d9a5db0bc7df", "Title": "glibc: null pointer dereferences after failed netgroup cache insertion", "Description": "nscd: Null pointer crashes after notfound response\n\nIf the Name Service Cache Daemon's (nscd) cache fails to add a not-found\nnetgroup response to the cache, the client request can result in a null\npointer dereference. This flaw was introduced in glibc 2.15 when the\ncache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33600", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33600.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33600", "https://security.netapp.com/advisory/ntap-20240524-0013/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33600", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.523Z", "LastModifiedDate": "2025-06-18T14:50:25.44Z" }, { "VulnerabilityID": "CVE-2024-33601", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33601", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0fccb75816ad5dbb394c1903950369266a2f555e44dece99fda65ae3a6eee30b", "Title": "glibc: netgroup cache may terminate daemon on memory allocation failure", "Description": "nscd: netgroup cache may terminate daemon on memory allocation failure\n\nThe Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or\nxrealloc and these functions may terminate the process due to a memory\nallocation failure resulting in a denial of service to the clients. The\nflaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-617" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33601", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33601.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33601", "https://security.netapp.com/advisory/ntap-20240524-0014/", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33601", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.603Z", "LastModifiedDate": "2025-08-01T01:56:26.467Z" }, { "VulnerabilityID": "CVE-2024-33602", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-33602", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:fb4d3bbede9980ff256f66eb51b1f4f7ff7b1b3324827f6c83fc9236dd2ac0b7", "Title": "glibc: netgroup cache assumes NSS callback uses in-buffer strings", "Description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings\n\nThe Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory\nwhen the NSS callback does not store all strings in the provided buffer.\nThe flaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-466" ], "VendorSeverity": { "alma": 3, "amazon": 2, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/22/5", "https://access.redhat.com/errata/RHSA-2024:3339", "https://access.redhat.com/security/cve/CVE-2024-33602", "https://bugzilla.redhat.com/2273404", "https://bugzilla.redhat.com/2277202", "https://bugzilla.redhat.com/2277204", "https://bugzilla.redhat.com/2277205", "https://bugzilla.redhat.com/2277206", "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "https://errata.almalinux.org/9/ALSA-2024-3339.html", "https://errata.rockylinux.org/RLSA-2024:3339", "https://inbox.sourceware.org/libc-alpha/cover.1713974801.git.fweimer@redhat.com/", "https://linux.oracle.com/cve/CVE-2024-33602.html", "https://linux.oracle.com/errata/ELSA-2024-3588.html", "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-33602", "https://security.netapp.com/advisory/ntap-20240524-0012/", "https://sourceware.org/bugzilla/show_bug.cgi?id=31680", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008", "https://ubuntu.com/security/notices/USN-6804-1", "https://www.cve.org/CVERecord?id=CVE-2024-33602", "https://www.openwall.com/lists/oss-security/2024/04/24/2" ], "PublishedDate": "2024-05-06T20:15:11.68Z", "LastModifiedDate": "2025-06-18T14:40:48.823Z" }, { "VulnerabilityID": "CVE-2025-0395", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.9", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-0395", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e97596b70c2fb185719a2da281a5e82a55adc6456bb4c46dccf2a1e7ccbe4236", "Title": "glibc: buffer overflow in the GNU C Library's assert()", "Description": "When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.", "Severity": "MEDIUM", "CweIDs": [ "CWE-131" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 1, "cbl-mariner": 1, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/01/22/4", "http://www.openwall.com/lists/oss-security/2025/01/23/2", "http://www.openwall.com/lists/oss-security/2025/04/13/1", "http://www.openwall.com/lists/oss-security/2025/04/24/7", "https://access.redhat.com/errata/RHSA-2025:4244", "https://access.redhat.com/security/cve/CVE-2025-0395", "https://bugzilla.redhat.com/2339460", "https://bugzilla.redhat.com/show_bug.cgi?id=2339460", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0395", "https://errata.almalinux.org/9/ALSA-2025-4244.html", "https://errata.rockylinux.org/RLSA-2025:4244", "https://linux.oracle.com/cve/CVE-2025-0395.html", "https://linux.oracle.com/errata/ELSA-2025-4244.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00039.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-0395", "https://security.netapp.com/advisory/ntap-20250228-0006/", "https://sourceware.org/bugzilla/show_bug.cgi?id=32582", "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001", "https://sourceware.org/pipermail/libc-announce/2025/000044.html", "https://ubuntu.com/security/notices/USN-7259-1", "https://ubuntu.com/security/notices/USN-7259-2", "https://ubuntu.com/security/notices/USN-7259-3", "https://www.cve.org/CVERecord?id=CVE-2025-0395", "https://www.openwall.com/lists/oss-security/2025/01/22/4" ], "PublishedDate": "2025-01-22T13:15:20.933Z", "LastModifiedDate": "2026-02-04T21:15:56.993Z" }, { "VulnerabilityID": "CVE-2025-15281", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15281", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:67a3096e828f5b0832091afab8032270185de9b17efb5852b746c76074ec67e6", "Title": "glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory", "Description": "Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.", "Severity": "MEDIUM", "CweIDs": [ "CWE-908" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/20/3", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2025-15281", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2025-15281.html", "https://linux.oracle.com/errata/ELSA-2026-50174.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-15281", "https://sourceware.org/bugzilla/show_bug.cgi?id=33814", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2025-15281", "https://www.openwall.com/lists/oss-security/2026/01/20/3" ], "PublishedDate": "2026-01-20T14:16:07.843Z", "LastModifiedDate": "2026-02-05T17:43:18.63Z" }, { "VulnerabilityID": "CVE-2025-4802", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.10", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-4802", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:94e710df5a4e47d50dbe16f441f958c0c16a7df071ea0b8e05fb5a3fad156807", "Title": "glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH", "Description": "Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).", "Severity": "MEDIUM", "CweIDs": [ "CWE-426" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/05/16/7", "http://www.openwall.com/lists/oss-security/2025/05/17/2", "https://access.redhat.com/errata/RHSA-2025:8655", "https://access.redhat.com/security/cve/CVE-2025-4802", "https://bugzilla.redhat.com/2367468", "https://bugzilla.redhat.com/show_bug.cgi?id=2367468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802", "https://errata.almalinux.org/9/ALSA-2025-8655.html", "https://errata.rockylinux.org/RLSA-2025:8655", "https://inbox.sourceware.org/libc-announce/3ac997b0-28a5-4129-af53-675efe4c2dec@redhat.com/T/#u", "https://linux.oracle.com/cve/CVE-2025-4802.html", "https://linux.oracle.com/errata/ELSA-2025-8686.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00033.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-4802", "https://sourceware.org/bugzilla/show_bug.cgi?id=32976", "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e", "https://sourceware.org/cgit/glibc/commit/?id=5451fa962cd0a90a0e2ec1d8910a559ace02bba0", "https://ubuntu.com/security/notices/USN-7541-1", "https://www.cve.org/CVERecord?id=CVE-2025-4802", "https://www.openwall.com/lists/oss-security/2025/05/16/7", "https://www.openwall.com/lists/oss-security/2025/05/17/2" ], "PublishedDate": "2025-05-16T20:15:22.28Z", "LastModifiedDate": "2025-11-03T20:19:11.153Z" }, { "VulnerabilityID": "CVE-2025-8058", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.11", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-8058", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d82a4a9ad6a56a960f3248fcee51ede90b23572aa2a318a9a60822fa771552c4", "Title": "glibc: Double free in glibc", "Description": "The regcomp function in the GNU C library version from 2.4 to 2.41 is \nsubject to a double free if some previous allocation fails. It can be \naccomplished either by a malloc failure or by using an interposed malloc\n that injects random malloc failures. The double free can allow buffer \nmanipulation depending of how the regex is constructed. This issue \naffects all architectures and ABIs supported by the GNU C library.", "Severity": "MEDIUM", "CweIDs": [ "CWE-415" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", "V3Score": 4.2 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/23/1", "https://access.redhat.com/errata/RHSA-2025:12980", "https://access.redhat.com/security/cve/CVE-2025-8058", "https://bugzilla.redhat.com/2383146", "https://bugzilla.redhat.com/show_bug.cgi?id=2383146", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8058", "https://errata.almalinux.org/8/ALSA-2025-12980.html", "https://errata.rockylinux.org/RLSA-2025:12748", "https://linux.oracle.com/cve/CVE-2025-8058.html", "https://linux.oracle.com/errata/ELSA-2025-28054.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-8058", "https://sourceware.org/bugzilla/show_bug.cgi?id=33185", "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2025-0005", "https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f", "https://ubuntu.com/security/notices/USN-7760-1", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2025-8058" ], "PublishedDate": "2025-07-23T20:15:27.747Z", "LastModifiedDate": "2025-11-04T22:16:44.44Z" }, { "VulnerabilityID": "CVE-2026-0861", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0861", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4460c9c8a405b79f1f49920df2f16898f8130be0f642a57ac8370d52b182ead6", "Title": "glibc: Integer overflow in memalign leads to heap corruption", "Description": "Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption.\n\nNote that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for the alignment for memalign to the range [1\u003c\u003c62+ 1, 1\u003c\u003c63] and exactly 1\u003c\u003c63 for posix_memalign and aligned_alloc.\n\nTypically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice. An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/16/5", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2026-0861", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2026-0861.html", "https://linux.oracle.com/errata/ELSA-2026-50120.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-0861", "https://sourceware.org/bugzilla/show_bug.cgi?id=33796", "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0001", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2026-0861" ], "PublishedDate": "2026-01-14T21:15:52.617Z", "LastModifiedDate": "2026-02-03T18:26:25.39Z" }, { "VulnerabilityID": "CVE-2026-0915", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.13", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0915", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8bc739719c2fa322e7d244c099cf2ca7ca041b58cc1d7fe4f1c226d912288794", "Title": "glibc: glibc: Information disclosure via zero-valued network query", "Description": "Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.", "Severity": "MEDIUM", "CweIDs": [ "CWE-908" ], "VendorSeverity": { "alma": 2, "azure": 1, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/16/6", "https://access.redhat.com/errata/RHSA-2026:2786", "https://access.redhat.com/security/cve/CVE-2026-0915", "https://bugzilla.redhat.com/2429771", "https://bugzilla.redhat.com/2430201", "https://bugzilla.redhat.com/2431196", "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "https://errata.almalinux.org/9/ALSA-2026-2786.html", "https://errata.rockylinux.org/RLSA-2026:2786", "https://linux.oracle.com/cve/CVE-2026-0915.html", "https://linux.oracle.com/errata/ELSA-2026-50174.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-0915", "https://sourceware.org/bugzilla/show_bug.cgi?id=33802", "https://ubuntu.com/security/notices/USN-8005-1", "https://www.cve.org/CVERecord?id=CVE-2026-0915", "https://www.openwall.com/lists/oss-security/2026/01/16/6" ], "PublishedDate": "2026-01-15T22:16:12.457Z", "LastModifiedDate": "2026-01-23T19:36:50.73Z" }, { "VulnerabilityID": "CVE-2023-4806", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4806", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4e497d44b2099f4511a7b1afac76769542a08d41763f08f26c109129d3f71927", "Title": "glibc: potential use-after-free in getaddrinfo()", "Description": "A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.", "Severity": "LOW", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/4", "http://www.openwall.com/lists/oss-security/2023/10/03/5", "http://www.openwall.com/lists/oss-security/2023/10/03/6", "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/errata/RHBA-2024:2413", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:7409", "https://access.redhat.com/security/cve/CVE-2023-4806", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4806.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4806", "https://security.gentoo.org/glsa/202310-03", "https://security.netapp.com/advisory/ntap-20240125-0008/", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-4806" ], "PublishedDate": "2023-09-18T17:15:55.813Z", "LastModifiedDate": "2025-09-26T12:15:32.717Z" }, { "VulnerabilityID": "CVE-2023-4813", "PkgID": "libc6@2.35-0ubuntu3.1", "PkgName": "libc6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04", "UID": "e97ecbec2d0898a", "BOMRef": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.35-0ubuntu3.1", "FixedVersion": "2.35-0ubuntu3.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4813", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:545b2b07b77b416ee2323fe8ad00eea915b3634a929ff525d8bc3619ce031576", "Title": "glibc: potential use-after-free in gaih_inet()", "Description": "A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.", "Severity": "LOW", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 3, "photon": 2, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/03/8", "https://access.redhat.com/errata/RHBA-2024:2413", "https://access.redhat.com/errata/RHSA-2023:5453", "https://access.redhat.com/errata/RHSA-2023:5455", "https://access.redhat.com/errata/RHSA-2023:7409", "https://access.redhat.com/security/cve/CVE-2023-4813", "https://bugzilla.redhat.com/2234712", "https://bugzilla.redhat.com/2237782", "https://bugzilla.redhat.com/2237798", "https://bugzilla.redhat.com/2238352", "https://bugzilla.redhat.com/show_bug.cgi?id=2234712", "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4527", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "https://errata.almalinux.org/9/ALSA-2023-5453.html", "https://errata.rockylinux.org/RLSA-2023:5455", "https://linux.oracle.com/cve/CVE-2023-4813.html", "https://linux.oracle.com/errata/ELSA-2023-5455.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4813", "https://security.netapp.com/advisory/ntap-20231110-0003/", "https://ubuntu.com/security/notices/USN-6541-1", "https://ubuntu.com/security/notices/USN-6541-2", "https://www.cve.org/CVERecord?id=CVE-2023-4813" ], "PublishedDate": "2023-09-12T22:15:08.277Z", "LastModifiedDate": "2025-09-26T12:15:34.583Z" }, { "VulnerabilityID": "CVE-2023-2603", "PkgID": "libcap2@1:2.44-1build3", "PkgName": "libcap2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "bc5361cbf7d8d2e6", "BOMRef": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:2.44-1build3", "FixedVersion": "1:2.44-1ubuntu0.22.04.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-2603", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f71f7b0f3ccce35bca5a7fcb7e79eb8ccda9d02534f19e6569939e760223fb7a", "Title": "libcap: Integer Overflow in _libcap_strdup()", "Description": "A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:5071", "https://access.redhat.com/security/cve/CVE-2023-2603", "https://bugzilla.redhat.com/2209113", "https://bugzilla.redhat.com/2209114", "https://bugzilla.redhat.com/show_bug.cgi?id=2209113", "https://bugzilla.redhat.com/show_bug.cgi?id=2209114", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2602", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2603", "https://errata.almalinux.org/9/ALSA-2023-5071.html", "https://errata.rockylinux.org/RLSA-2023:4524", "https://linux.oracle.com/cve/CVE-2023-2603.html", "https://linux.oracle.com/errata/ELSA-2023-5071.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/", "https://nvd.nist.gov/vuln/detail/CVE-2023-2603", "https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.iuvg7sbjg8pe", "https://ubuntu.com/security/notices/USN-6166-1", "https://ubuntu.com/security/notices/USN-6166-2", "https://www.cve.org/CVERecord?id=CVE-2023-2603", "https://www.openwall.com/lists/oss-security/2023/05/15/4", "https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf" ], "PublishedDate": "2023-06-06T20:15:13.187Z", "LastModifiedDate": "2025-12-02T21:15:51.163Z" }, { "VulnerabilityID": "CVE-2025-1390", "PkgID": "libcap2@1:2.44-1build3", "PkgName": "libcap2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "bc5361cbf7d8d2e6", "BOMRef": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:2.44-1build3", "FixedVersion": "1:2.44-1ubuntu0.22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-1390", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a99f7e8e9210ee82b68e75ec46490ae567562db2290438c5572d760aa2b6ae30", "Title": "libcap: pam_cap: Fix potential configuration parsing error", "Description": "The PAM module pam_cap.so of libcap configuration supports group names starting with “@”, during actual parsing, configurations not starting with “@” are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potentially leading to security risks. Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames.", "Severity": "MEDIUM", "CweIDs": [ "CWE-284" ], "VendorSeverity": { "amazon": 3, "azure": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "V3Score": 6.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-1390", "https://bugzilla.openanolis.cn/show_bug.cgi?id=18804", "https://nvd.nist.gov/vuln/detail/CVE-2025-1390", "https://ubuntu.com/security/notices/USN-7287-1", "https://www.cve.org/CVERecord?id=CVE-2025-1390" ], "PublishedDate": "2025-02-18T03:15:10.447Z", "LastModifiedDate": "2025-02-18T03:15:10.447Z" }, { "VulnerabilityID": "CVE-2023-2602", "PkgID": "libcap2@1:2.44-1build3", "PkgName": "libcap2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "bc5361cbf7d8d2e6", "BOMRef": "pkg:deb/ubuntu/libcap2@2.44-1build3?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:2.44-1build3", "FixedVersion": "1:2.44-1ubuntu0.22.04.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-2602", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:51038180c0a547556ef51ad168a1e217111be4a466e0e5be5b30166a5be0ff4d", "Title": "libcap: Memory Leak on pthread_create() Error", "Description": "A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.", "Severity": "LOW", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "alma": 2, "amazon": 1, "cbl-mariner": 1, "nvd": 1, "oracle-oval": 2, "photon": 1, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:5071", "https://access.redhat.com/security/cve/CVE-2023-2602", "https://bugzilla.redhat.com/2209113", "https://bugzilla.redhat.com/2209114", "https://bugzilla.redhat.com/show_bug.cgi?id=2209113", "https://bugzilla.redhat.com/show_bug.cgi?id=2209114", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2602", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2603", "https://errata.almalinux.org/9/ALSA-2023-5071.html", "https://errata.rockylinux.org/RLSA-2023:4524", "https://linux.oracle.com/cve/CVE-2023-2602.html", "https://linux.oracle.com/errata/ELSA-2023-5071.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/", "https://nvd.nist.gov/vuln/detail/CVE-2023-2602", "https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.iuvg7sbjg8pe", "https://ubuntu.com/security/notices/USN-6166-1", "https://www.cve.org/CVERecord?id=CVE-2023-2602", "https://www.openwall.com/lists/oss-security/2023/05/15/4", "https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf" ], "PublishedDate": "2023-06-06T20:15:12.76Z", "LastModifiedDate": "2024-11-21T07:58:54.713Z" }, { "VulnerabilityID": "CVE-2025-6297", "PkgID": "libdpkg-perl@1.21.1ubuntu2.1", "PkgName": "libdpkg-perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libdpkg-perl@1.21.1ubuntu2.1?arch=all\u0026distro=ubuntu-22.04", "UID": "8bb1e0d1f95b96fc", "BOMRef": "pkg:deb/ubuntu/libdpkg-perl@1.21.1ubuntu2.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.21.1ubuntu2.1", "FixedVersion": "1.21.1ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6297", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9c45e12249979acd6b7b4b620f7f9da237ef4e1d52d70bd37c03005fe7745161", "Title": "It was discovered that dpkg-deb does not properly sanitize directory p ...", "Description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is\ndocumented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on\nadversarial .deb packages or with well compressible files, placed\ninside a directory with permissions not allowing removal by a non-root\nuser, this can end up in a DoS scenario due to causing disk quota\nexhaustion or disk full conditions.", "Severity": "LOW", "CweIDs": [ "CWE-400", "CWE-732" ], "VendorSeverity": { "ubuntu": 1 }, "References": [ "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ed6bbd445dd8800308c67236ba35d08004c98e82", "https://ubuntu.com/security/notices/USN-7768-1", "https://www.cve.org/CVERecord?id=CVE-2025-6297" ], "PublishedDate": "2025-07-01T17:15:30.177Z", "LastModifiedDate": "2025-08-19T17:50:38.047Z" }, { "VulnerabilityID": "CVE-2025-1372", "PkgID": "libelf1@0.186-1build1", "PkgName": "libelf1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1c5253ff706df94a", "BOMRef": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "0.186-1build1", "FixedVersion": "0.186-1ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-1372", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3fe0133eb6c1537f27c5b9eb4c81b4e235dc54c91912b08ff3b3143da7f8c194", "Title": "elfutils: GNU elfutils eu-readelf readelf.c print_string_section buffer overflow", "Description": "A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-120" ], "VendorSeverity": { "amazon": 2, "azure": 2, "nvd": 3, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-1372", "https://nvd.nist.gov/vuln/detail/CVE-2025-1372", "https://sourceware.org/bugzilla/attachment.cgi?id=15927", "https://sourceware.org/bugzilla/show_bug.cgi?id=32656", "https://sourceware.org/bugzilla/show_bug.cgi?id=32656#c3", "https://sourceware.org/bugzilla/show_bug.cgi?id=32657", "https://ubuntu.com/security/notices/USN-7369-1", "https://vuldb.com/?ctiid.295981", "https://vuldb.com/?id.295981", "https://vuldb.com/?submit.496485", "https://www.cve.org/CVERecord?id=CVE-2025-1372", "https://www.gnu.org/" ], "PublishedDate": "2025-02-17T03:15:09.573Z", "LastModifiedDate": "2025-11-04T20:19:09.52Z" }, { "VulnerabilityID": "CVE-2025-1377", "PkgID": "libelf1@0.186-1build1", "PkgName": "libelf1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1c5253ff706df94a", "BOMRef": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "0.186-1build1", "FixedVersion": "0.186-1ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-1377", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:dd4a42f3eb5d3e21a44629db4ae5978c25e76d602dfea0f4c42be3ae17e45b74", "Title": "elfutils: GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service", "Description": "A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-404" ], "VendorSeverity": { "azure": 1, "nvd": 2, "photon": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-1377", "https://nvd.nist.gov/vuln/detail/CVE-2025-1377", "https://sourceware.org/bugzilla/attachment.cgi?id=15941", "https://sourceware.org/bugzilla/show_bug.cgi?id=32673", "https://sourceware.org/bugzilla/show_bug.cgi?id=32673#c2", "https://ubuntu.com/security/notices/USN-7369-1", "https://vuldb.com/?ctiid.295985", "https://vuldb.com/?id.295985", "https://vuldb.com/?submit.497539", "https://www.cve.org/CVERecord?id=CVE-2025-1377", "https://www.gnu.org/" ], "PublishedDate": "2025-02-17T05:15:10.09Z", "LastModifiedDate": "2025-11-04T20:26:20.043Z" }, { "VulnerabilityID": "CVE-2025-1352", "PkgID": "libelf1@0.186-1build1", "PkgName": "libelf1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1c5253ff706df94a", "BOMRef": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "0.186-1build1", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-1352", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:49cc51707f04f8efa6cf4cba0fe7a021e672eb24db87d9ba9557974bb0f364e7", "Title": "elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption", "Description": "A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue.", "Severity": "LOW", "CweIDs": [ "CWE-119" ], "VendorSeverity": { "amazon": 2, "azure": 1, "nvd": 3, "photon": 3, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "V3Score": 5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-1352", "https://nvd.nist.gov/vuln/detail/CVE-2025-1352", "https://sourceware.org/bugzilla/attachment.cgi?id=15923", "https://sourceware.org/bugzilla/show_bug.cgi?id=32650", "https://sourceware.org/bugzilla/show_bug.cgi?id=32650#c2", "https://vuldb.com/?ctiid.295960", "https://vuldb.com/?id.295960", "https://vuldb.com/?submit.495965", "https://www.cve.org/CVERecord?id=CVE-2025-1352", "https://www.gnu.org/" ], "PublishedDate": "2025-02-16T15:15:09.133Z", "LastModifiedDate": "2025-11-03T20:34:23.89Z" }, { "VulnerabilityID": "CVE-2025-1376", "PkgID": "libelf1@0.186-1build1", "PkgName": "libelf1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "1c5253ff706df94a", "BOMRef": "pkg:deb/ubuntu/libelf1@0.186-1build1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "0.186-1build1", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-1376", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e5849e137ac3b20c5acd4861c7efb12e21a65eba65e5a7a359868b2fcc3718b2", "Title": "elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service", "Description": "A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue.", "Severity": "LOW", "CweIDs": [ "CWE-404" ], "VendorSeverity": { "azure": 1, "nvd": 2, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 4.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 2.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-1376", "https://nvd.nist.gov/vuln/detail/CVE-2025-1376", "https://sourceware.org/bugzilla/attachment.cgi?id=15940", "https://sourceware.org/bugzilla/show_bug.cgi?id=32672", "https://sourceware.org/bugzilla/show_bug.cgi?id=32672#c3", "https://vuldb.com/?ctiid.295984", "https://vuldb.com/?id.295984", "https://vuldb.com/?submit.497538", "https://www.cve.org/CVERecord?id=CVE-2025-1376", "https://www.gnu.org/" ], "PublishedDate": "2025-02-17T05:15:09.807Z", "LastModifiedDate": "2025-11-04T20:21:18.26Z" }, { "VulnerabilityID": "CVE-2023-52425", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-52425", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6cd1dfe2310c2ce2d0a3d7fb2d28c7010d5e5231366443d49370cff45cd93c3f", "Title": "expat: parsing large tokens can trigger a denial of service", "Description": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/20/5", "https://access.redhat.com/errata/RHSA-2024:1530", "https://access.redhat.com/security/cve/CVE-2023-52425", "https://bugzilla.redhat.com/2262877", "https://bugzilla.redhat.com/2268766", "https://bugzilla.redhat.com/show_bug.cgi?id=2262877", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52425", "https://errata.almalinux.org/9/ALSA-2024-1530.html", "https://errata.rockylinux.org/RLSA-2024:1615", "https://github.com/libexpat/libexpat/pull/789", "https://linux.oracle.com/cve/CVE-2023-52425.html", "https://linux.oracle.com/errata/ELSA-2024-4259.html", "https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/", "https://nvd.nist.gov/vuln/detail/CVE-2023-52425", "https://security.netapp.com/advisory/ntap-20240614-0003/", "https://ubuntu.com/security/notices/USN-6694-1", "https://www.cve.org/CVERecord?id=CVE-2023-52425" ], "PublishedDate": "2024-02-04T20:15:46.063Z", "LastModifiedDate": "2025-11-04T19:16:22.74Z" }, { "VulnerabilityID": "CVE-2024-28757", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28757", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3fc9167db0535ddeefda8e6399d2932000a531e0d0d87df6ebe8e6b984a31d34", "Title": "expat: XML Entity Expansion", "Description": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).", "Severity": "MEDIUM", "CweIDs": [ "CWE-776" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/15/1", "https://access.redhat.com/errata/RHSA-2024:1530", "https://access.redhat.com/security/cve/CVE-2024-28757", "https://bugzilla.redhat.com/2262877", "https://bugzilla.redhat.com/2268766", "https://errata.almalinux.org/9/ALSA-2024-1530.html", "https://github.com/libexpat/libexpat/issues/839", "https://github.com/libexpat/libexpat/pull/842", "https://linux.oracle.com/cve/CVE-2024-28757.html", "https://linux.oracle.com/errata/ELSA-2024-1530.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28757", "https://security.netapp.com/advisory/ntap-20240322-0001/", "https://ubuntu.com/security/notices/USN-6694-1", "https://www.cve.org/CVERecord?id=CVE-2024-28757" ], "PublishedDate": "2024-03-10T05:15:06.57Z", "LastModifiedDate": "2025-11-04T22:15:59.8Z" }, { "VulnerabilityID": "CVE-2024-45490", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-45490", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f1439d44643eda6e50b3e3e1741b3ff80b76c883174e1d780fe2aa2b8839bbc1", "Title": "libexpat: Negative Length Parsing Vulnerability in libexpat", "Description": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-611", "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Dec/10", "http://seclists.org/fulldisclosure/2024/Dec/12", "http://seclists.org/fulldisclosure/2024/Dec/6", "http://seclists.org/fulldisclosure/2024/Dec/7", "http://seclists.org/fulldisclosure/2024/Dec/8", "https://access.redhat.com/errata/RHSA-2024:6754", "https://access.redhat.com/security/cve/CVE-2024-45490", "https://bugzilla.redhat.com/2308615", "https://bugzilla.redhat.com/2308616", "https://bugzilla.redhat.com/2308617", "https://bugzilla.redhat.com/show_bug.cgi?id=2308615", "https://bugzilla.redhat.com/show_bug.cgi?id=2308616", "https://bugzilla.redhat.com/show_bug.cgi?id=2308617", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492", "https://errata.almalinux.org/9/ALSA-2024-6754.html", "https://errata.rockylinux.org/RLSA-2024:6754", "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes", "https://github.com/libexpat/libexpat/issues/887", "https://github.com/libexpat/libexpat/pull/890", "https://linux.oracle.com/cve/CVE-2024-45490.html", "https://linux.oracle.com/errata/ELSA-2024-6989.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-45490", "https://security.netapp.com/advisory/ntap-20241018-0004/", "https://ubuntu.com/security/notices/USN-7000-1", "https://ubuntu.com/security/notices/USN-7000-2", "https://ubuntu.com/security/notices/USN-7001-1", "https://ubuntu.com/security/notices/USN-7001-2", "https://www.cve.org/CVERecord?id=CVE-2024-45490" ], "PublishedDate": "2024-08-30T03:15:03.757Z", "LastModifiedDate": "2025-11-04T17:16:15.06Z" }, { "VulnerabilityID": "CVE-2024-45491", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-45491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5eb9300636b076f78d57551421f76fb55a68fb6d1ce5ba1d82973040a16d1ea1", "Title": "libexpat: Integer Overflow or Wraparound", "Description": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 2, "photon": 4, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6754", "https://access.redhat.com/security/cve/CVE-2024-45491", "https://bugzilla.redhat.com/2308615", "https://bugzilla.redhat.com/2308616", "https://bugzilla.redhat.com/2308617", "https://bugzilla.redhat.com/show_bug.cgi?id=2308615", "https://bugzilla.redhat.com/show_bug.cgi?id=2308616", "https://bugzilla.redhat.com/show_bug.cgi?id=2308617", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492", "https://errata.almalinux.org/9/ALSA-2024-6754.html", "https://errata.rockylinux.org/RLSA-2024:6754", "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes", "https://github.com/libexpat/libexpat/issues/888", "https://github.com/libexpat/libexpat/pull/891", "https://linux.oracle.com/cve/CVE-2024-45491.html", "https://linux.oracle.com/errata/ELSA-2024-8859.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-45491", "https://security.netapp.com/advisory/ntap-20241018-0003/", "https://ubuntu.com/security/notices/USN-7000-1", "https://ubuntu.com/security/notices/USN-7000-2", "https://ubuntu.com/security/notices/USN-7001-1", "https://ubuntu.com/security/notices/USN-7001-2", "https://www.cve.org/CVERecord?id=CVE-2024-45491" ], "PublishedDate": "2024-08-30T03:15:03.85Z", "LastModifiedDate": "2025-11-04T17:16:15.26Z" }, { "VulnerabilityID": "CVE-2024-45492", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-45492", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:dcedcb0b39e89286da81a9710202317f8c05f60437523a8b2af188f04d1179ea", "Title": "libexpat: integer overflow", "Description": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 2, "photon": 4, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6754", "https://access.redhat.com/security/cve/CVE-2024-45492", "https://bugzilla.redhat.com/2308615", "https://bugzilla.redhat.com/2308616", "https://bugzilla.redhat.com/2308617", "https://bugzilla.redhat.com/show_bug.cgi?id=2308615", "https://bugzilla.redhat.com/show_bug.cgi?id=2308616", "https://bugzilla.redhat.com/show_bug.cgi?id=2308617", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492", "https://errata.almalinux.org/9/ALSA-2024-6754.html", "https://errata.rockylinux.org/RLSA-2024:6754", "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes", "https://github.com/libexpat/libexpat/issues/889", "https://github.com/libexpat/libexpat/pull/892", "https://linux.oracle.com/cve/CVE-2024-45492.html", "https://linux.oracle.com/errata/ELSA-2024-6989.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-45492", "https://security.netapp.com/advisory/ntap-20241018-0005/", "https://ubuntu.com/security/notices/USN-7000-1", "https://ubuntu.com/security/notices/USN-7000-2", "https://www.cve.org/CVERecord?id=CVE-2024-45492" ], "PublishedDate": "2024-08-30T03:15:03.93Z", "LastModifiedDate": "2025-11-04T17:16:15.43Z" }, { "VulnerabilityID": "CVE-2024-50602", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-50602", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:819156ffac4ee4be3ac1158c832c440e18331cb688393af078d7e13be663daf8", "Title": "libexpat: expat: DoS via XML_ResumeParser", "Description": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.", "Severity": "MEDIUM", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9541", "https://access.redhat.com/security/cve/CVE-2024-50602", "https://bugzilla.redhat.com/2321987", "https://bugzilla.redhat.com/show_bug.cgi?id=2321987", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50602", "https://docs.python.org/release/3.10.16/whatsnew/changelog.html", "https://docs.python.org/release/3.11.11/whatsnew/changelog.html#python-3-11-11", "https://docs.python.org/release/3.12.8/whatsnew/changelog.html#python-3-12-8", "https://docs.python.org/release/3.13.1/whatsnew/changelog.html#python-3-13-1", "https://docs.python.org/release/3.9.21/whatsnew/changelog.html", "https://errata.almalinux.org/9/ALSA-2024-9541.html", "https://errata.rockylinux.org/RLSA-2024:9502", "https://github.com/libexpat/libexpat/pull/915", "https://github.com/python/cpython/issues/126623", "https://linux.oracle.com/cve/CVE-2024-50602.html", "https://linux.oracle.com/errata/ELSA-2024-9541.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00040.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-50602", "https://security.netapp.com/advisory/ntap-20250404-0008/", "https://ubuntu.com/security/notices/USN-7145-1", "https://www.cve.org/CVERecord?id=CVE-2024-50602" ], "PublishedDate": "2024-10-27T05:15:04.09Z", "LastModifiedDate": "2025-10-15T17:54:22.117Z" }, { "VulnerabilityID": "CVE-2024-8176", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-8176", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5e10b993741b15f7160f783b2596779c11b5c6194078c854fc3b3070d658b32f", "Title": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat", "Description": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://seclists.org/fulldisclosure/2025/May/10", "http://seclists.org/fulldisclosure/2025/May/11", "http://seclists.org/fulldisclosure/2025/May/12", "http://seclists.org/fulldisclosure/2025/May/6", "http://seclists.org/fulldisclosure/2025/May/7", "http://seclists.org/fulldisclosure/2025/May/8", "http://www.openwall.com/lists/oss-security/2025/03/15/1", "http://www.openwall.com/lists/oss-security/2025/09/24/11", "https://access.redhat.com/errata/RHSA-2025:13681", "https://access.redhat.com/errata/RHSA-2025:22033", "https://access.redhat.com/errata/RHSA-2025:22034", "https://access.redhat.com/errata/RHSA-2025:22035", "https://access.redhat.com/errata/RHSA-2025:22607", "https://access.redhat.com/errata/RHSA-2025:22785", "https://access.redhat.com/errata/RHSA-2025:22842", "https://access.redhat.com/errata/RHSA-2025:22871", "https://access.redhat.com/errata/RHSA-2025:3531", "https://access.redhat.com/errata/RHSA-2025:3734", "https://access.redhat.com/errata/RHSA-2025:3913", "https://access.redhat.com/errata/RHSA-2025:4048", "https://access.redhat.com/errata/RHSA-2025:4446", "https://access.redhat.com/errata/RHSA-2025:4447", "https://access.redhat.com/errata/RHSA-2025:4448", "https://access.redhat.com/errata/RHSA-2025:4449", "https://access.redhat.com/errata/RHSA-2025:7444", "https://access.redhat.com/errata/RHSA-2025:7512", "https://access.redhat.com/errata/RHSA-2025:8385", "https://access.redhat.com/security/cve/CVE-2024-8176", "https://blog.hartwork.org/posts/expat-2-7-0-released/", "https://bugzilla.redhat.com/2310137", "https://bugzilla.redhat.com/show_bug.cgi?id=2310137", "https://bugzilla.suse.com/show_bug.cgi?id=1239618", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8176", "https://errata.almalinux.org/9/ALSA-2025-7444.html", "https://errata.rockylinux.org/RLSA-2025:7444", "https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52", "https://github.com/libexpat/libexpat/issues/893", "https://github.com/libexpat/libexpat/pull/973", "https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53", "https://linux.oracle.com/cve/CVE-2024-8176.html", "https://linux.oracle.com/errata/ELSA-2025-7512.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-8176", "https://security-tracker.debian.org/tracker/CVE-2024-8176", "https://security.netapp.com/advisory/ntap-20250328-0009/", "https://ubuntu.com/security/CVE-2024-8176", "https://ubuntu.com/security/notices/USN-7424-1", "https://www.cve.org/CVERecord?id=CVE-2024-8176", "https://www.kb.cert.org/vuls/id/760160" ], "PublishedDate": "2025-03-14T09:15:14.157Z", "LastModifiedDate": "2026-03-20T03:15:58.12Z" }, { "VulnerabilityID": "CVE-2025-66382", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-66382", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5001ee54daaef34faf99c8c7236a1d09df6b9439c5b76e9017f1bc4015b05152", "Title": "libexpat: libexpat: Denial of service via crafted file processing", "Description": "In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "nvd": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 2.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/12/02/1", "https://access.redhat.com/security/cve/CVE-2025-66382", "https://github.com/libexpat/libexpat/issues/1076", "https://nvd.nist.gov/vuln/detail/CVE-2025-66382", "https://www.cve.org/CVERecord?id=CVE-2025-66382" ], "PublishedDate": "2025-11-28T07:15:57.9Z", "LastModifiedDate": "2025-12-19T16:05:03.557Z" }, { "VulnerabilityID": "CVE-2026-24515", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-24515", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d3e9e717759f312d9810ade3de46101bde9ee36712ee650d3da472eca84a934d", "Title": "libexpat: libexpat null pointer dereference", "Description": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.", "Severity": "MEDIUM", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "nvd": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 2.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 2.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-24515", "https://github.com/libexpat/libexpat/pull/1131", "https://nvd.nist.gov/vuln/detail/CVE-2026-24515", "https://ubuntu.com/security/notices/USN-8022-1", "https://ubuntu.com/security/notices/USN-8022-2", "https://ubuntu.com/security/notices/USN-8023-1", "https://www.cve.org/CVERecord?id=CVE-2026-24515" ], "PublishedDate": "2026-01-23T08:16:01.49Z", "LastModifiedDate": "2026-02-05T17:27:53.29Z" }, { "VulnerabilityID": "CVE-2026-25210", "PkgID": "libexpat1@2.4.7-1ubuntu0.2", "PkgName": "libexpat1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04", "UID": "ff99f7e88f9a7cde", "BOMRef": "pkg:deb/ubuntu/libexpat1@2.4.7-1ubuntu0.2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.4.7-1ubuntu0.2", "FixedVersion": "2.4.7-1ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25210", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a3ddb928bbbe5d6e46da8266163d0f3e3a5b1a75cc53f6436fddadb43bdb8f8d", "Title": "libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation", "Description": "In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 3, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "V3Score": 6.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-25210", "https://github.com/libexpat/libexpat/pull/1075", "https://github.com/libexpat/libexpat/pull/1075/commits/9c2d990389e6abe2e44527eeaa8b39f16fe859c7", "https://nvd.nist.gov/vuln/detail/CVE-2026-25210", "https://ubuntu.com/security/notices/USN-8022-1", "https://ubuntu.com/security/notices/USN-8022-2", "https://ubuntu.com/security/notices/USN-8023-1", "https://www.cve.org/CVERecord?id=CVE-2026-25210" ], "PublishedDate": "2026-01-30T07:16:15.57Z", "LastModifiedDate": "2026-03-10T18:17:12.78Z" }, { "VulnerabilityID": "CVE-2022-27943", "PkgID": "libgcc-s1@12.1.0-2ubuntu1~22.04", "PkgName": "libgcc-s1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0c93d2000807a7", "BOMRef": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-27943", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6aed9f2743b9bedbf428b6dacf2664e09cee7a3c529d3ea58438762c1f840f7b", "Title": "binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const", "Description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "Severity": "LOW", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 1, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V2Score": 4.3, "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-27943", "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead", "https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "https://sourceware.org/bugzilla/show_bug.cgi?id=28995", "https://www.cve.org/CVERecord?id=CVE-2022-27943" ], "PublishedDate": "2022-03-26T13:15:07.9Z", "LastModifiedDate": "2024-11-21T06:56:31.04Z" }, { "VulnerabilityID": "CVE-2023-4039", "PkgID": "libgcc-s1@12.1.0-2ubuntu1~22.04", "PkgName": "libgcc-s1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0c93d2000807a7", "BOMRef": "pkg:deb/ubuntu/libgcc-s1@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "FixedVersion": "12.3.0-1ubuntu1~22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4039", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2df2175ce89bcc57b5686204ce3a4fb6dff28ab1dafcf2b630c7d97dac4f5f1f", "Title": "gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64", "Description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "Severity": "LOW", "CweIDs": [ "CWE-693" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-4039", "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64", "https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt", "https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html", "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf", "https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org", "https://linux.oracle.com/cve/CVE-2023-4039.html", "https://linux.oracle.com/errata/ELSA-2023-28766.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4039", "https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html", "https://ubuntu.com/security/notices/USN-7700-1", "https://www.cve.org/CVERecord?id=CVE-2023-4039" ], "PublishedDate": "2023-09-13T09:15:15.69Z", "LastModifiedDate": "2025-02-13T17:17:14.717Z" }, { "VulnerabilityID": "CVE-2024-2236", "PkgID": "libgcrypt20@1.9.4-3ubuntu3", "PkgName": "libgcrypt20", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgcrypt20@1.9.4-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "2491cdf860298798", "BOMRef": "pkg:deb/ubuntu/libgcrypt20@1.9.4-3ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.9.4-3ubuntu3", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-2236", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c59b90ae863e354bf4d7c0821639c19db94f7a48ccf74811403601de6eec765c", "Title": "libgcrypt: vulnerable to Marvin Attack", "Description": "A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.", "Severity": "LOW", "CweIDs": [ "CWE-385" ], "VendorSeverity": { "alma": 2, "amazon": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9404", "https://access.redhat.com/errata/RHSA-2025:3530", "https://access.redhat.com/errata/RHSA-2025:3534", "https://access.redhat.com/security/cve/CVE-2024-2236", "https://bugzilla.redhat.com/2245218", "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", "https://bugzilla.redhat.com/show_bug.cgi?id=2268268", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2236", "https://dev.gnupg.org/T7136", "https://errata.almalinux.org/9/ALSA-2024-9404.html", "https://errata.rockylinux.org/RLSA-2024:9404", "https://github.com/tomato42/marvin-toolkit/tree/master/example/libgcrypt", "https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/17", "https://linux.oracle.com/cve/CVE-2024-2236.html", "https://linux.oracle.com/errata/ELSA-2024-9404.html", "https://lists.gnupg.org/pipermail/gcrypt-devel/2024-March/005607.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-2236", "https://www.cve.org/CVERecord?id=CVE-2024-2236" ], "PublishedDate": "2024-03-06T22:15:57.977Z", "LastModifiedDate": "2026-02-25T20:17:20.547Z" }, { "VulnerabilityID": "CVE-2023-29499", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29499", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1d46aebbf604694001d541f93037b16706f8c0f4ea996877ca42d05a75549af4", "Title": "glib: GVariant offset table entry size is not checked in is_normal()", "Description": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 1, "amazon": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2528", "https://access.redhat.com/security/cve/CVE-2023-29499", "https://bugzilla.redhat.com/2211827", "https://bugzilla.redhat.com/2211828", "https://bugzilla.redhat.com/2211829", "https://bugzilla.redhat.com/2211833", "https://bugzilla.redhat.com/show_bug.cgi?id=2211828", "https://errata.almalinux.org/9/ALSA-2024-2528.html", "https://gitlab.gnome.org/GNOME/glib/-/issues/2794", "https://linux.oracle.com/cve/CVE-2023-29499.html", "https://linux.oracle.com/errata/ELSA-2024-2528.html", "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-29499", "https://security.gentoo.org/glsa/202311-18", "https://security.netapp.com/advisory/ntap-20231103-0001/", "https://ubuntu.com/security/notices/USN-6165-1", "https://ubuntu.com/security/notices/USN-6165-2", "https://www.cve.org/CVERecord?id=CVE-2023-29499" ], "PublishedDate": "2023-09-14T20:15:09.42Z", "LastModifiedDate": "2024-11-21T07:57:10.807Z" }, { "VulnerabilityID": "CVE-2023-32611", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-32611", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f617f50b1acb0be81635193c454a2c580107fd075ba769107e3a3e4f3eaf4897", "Title": "glib: g_variant_byteswap() can take a long time with some non-normal inputs", "Description": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 1, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2528", "https://access.redhat.com/security/cve/CVE-2023-32611", "https://bugzilla.redhat.com/2211827", "https://bugzilla.redhat.com/2211828", "https://bugzilla.redhat.com/2211829", "https://bugzilla.redhat.com/2211833", "https://bugzilla.redhat.com/show_bug.cgi?id=2211829", "https://errata.almalinux.org/9/ALSA-2024-2528.html", "https://gitlab.gnome.org/GNOME/glib/-/issues/2797", "https://linux.oracle.com/cve/CVE-2023-32611.html", "https://linux.oracle.com/errata/ELSA-2024-2528.html", "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-32611", "https://security.gentoo.org/glsa/202311-18", "https://security.netapp.com/advisory/ntap-20231027-0005/", "https://ubuntu.com/security/notices/USN-6165-1", "https://ubuntu.com/security/notices/USN-6165-2", "https://www.cve.org/CVERecord?id=CVE-2023-32611" ], "PublishedDate": "2023-09-14T20:15:09.55Z", "LastModifiedDate": "2024-11-21T08:03:41.77Z" }, { "VulnerabilityID": "CVE-2023-32636", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-32636", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:05b6a241d048f6de4c212ed6d3b9fb6a3e5f297e6c334bf221782a22881daca3", "Title": "glib: Timeout in fuzz_variant_text", "Description": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-502" ], "VendorSeverity": { "alma": 1, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2528", "https://access.redhat.com/security/cve/CVE-2023-32636", "https://bugzilla.redhat.com/2211827", "https://bugzilla.redhat.com/2211828", "https://bugzilla.redhat.com/2211829", "https://bugzilla.redhat.com/2211833", "https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835", "https://errata.almalinux.org/9/ALSA-2024-2528.html", "https://gitlab.gnome.org/GNOME/glib/-/issues/2841", "https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835", "https://linux.oracle.com/cve/CVE-2023-32636.html", "https://linux.oracle.com/errata/ELSA-2024-2528.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-32636", "https://security.netapp.com/advisory/ntap-20231110-0002/", "https://ubuntu.com/security/notices/USN-6165-1", "https://ubuntu.com/security/notices/USN-6165-2", "https://www.cve.org/CVERecord?id=CVE-2023-32636" ], "PublishedDate": "2023-09-14T20:15:09.653Z", "LastModifiedDate": "2024-11-21T08:03:44.8Z" }, { "VulnerabilityID": "CVE-2023-32643", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-32643", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0c1b0301d1c77547fbcf87371c420ff9a269dc3d40615fb9a6d9a13d924265c8", "Title": "glib: Heap-buffer-overflow in g_variant_serialised_get_child", "Description": "A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "amazon": 3, "cbl-mariner": 3, "nvd": 3, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-32643", "https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835", "https://gitlab.gnome.org/GNOME/glib/-/issues/2840", "https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835", "https://nvd.nist.gov/vuln/detail/CVE-2023-32643", "https://security.netapp.com/advisory/ntap-20240426-0005/", "https://ubuntu.com/security/notices/USN-6165-1", "https://ubuntu.com/security/notices/USN-6165-2", "https://www.cve.org/CVERecord?id=CVE-2023-32643" ], "PublishedDate": "2023-09-14T20:15:09.77Z", "LastModifiedDate": "2024-11-21T08:03:45.57Z" }, { "VulnerabilityID": "CVE-2023-32665", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-32665", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:03f110ad56264e1744d61d551f678d277825308226a0bf2a9e73bd6bb4ab3f0f", "Title": "glib: GVariant deserialisation does not match spec for non-normal data", "Description": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-502" ], "VendorSeverity": { "alma": 1, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2528", "https://access.redhat.com/security/cve/CVE-2023-32665", "https://bugzilla.redhat.com/2211827", "https://bugzilla.redhat.com/2211828", "https://bugzilla.redhat.com/2211829", "https://bugzilla.redhat.com/2211833", "https://bugzilla.redhat.com/show_bug.cgi?id=2211827", "https://errata.almalinux.org/9/ALSA-2024-2528.html", "https://gitlab.gnome.org/GNOME/glib/-/issues/2121", "https://linux.oracle.com/cve/CVE-2023-32665.html", "https://linux.oracle.com/errata/ELSA-2024-2528.html", "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-32665", "https://security.gentoo.org/glsa/202311-18", "https://security.netapp.com/advisory/ntap-20240426-0006/", "https://ubuntu.com/security/notices/USN-6165-1", "https://ubuntu.com/security/notices/USN-6165-2", "https://www.cve.org/CVERecord?id=CVE-2023-32665" ], "PublishedDate": "2023-09-14T20:15:09.883Z", "LastModifiedDate": "2024-11-21T08:03:48.437Z" }, { "VulnerabilityID": "CVE-2024-34397", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-34397", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3f86e0dffd6bcc38c791b5e6a33d4330cd5bda449cc27ce980df7e5a6d834526", "Title": "glib2: Signal subscription vulnerabilities", "Description": "An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.", "Severity": "MEDIUM", "CweIDs": [ "CWE-290" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "V3Score": 3.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9442", "https://access.redhat.com/security/cve/CVE-2024-34397", "https://bugzilla.redhat.com/2279632", "https://bugzilla.redhat.com/show_bug.cgi?id=2279632", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34397", "https://discourse.gnome.org/t/security-fixes-for-signal-handling-in-gdbus-in-glib/20882/1", "https://errata.almalinux.org/9/ALSA-2024-9442.html", "https://errata.rockylinux.org/RLSA-2024:6464", "https://gitlab.gnome.org/GNOME/glib/-/issues/3268", "https://linux.oracle.com/cve/CVE-2024-34397.html", "https://linux.oracle.com/errata/ELSA-2025-11327.html", "https://lists.debian.org/debian-lts-announce/2024/05/msg00008.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRSFYAE5X23TNRWX7ZWEJOMISLCDSYNS/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCDY3KA7G7D3DRXYTT46K6LFHS2KHWBH/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LL6HSJDXCXMLEIJBYV6CPOR4K2NTCTXW/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UNFJHISR4O6VFOHBFWH5I5WWMG37H63A/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IRSFYAE5X23TNRWX7ZWEJOMISLCDSYNS/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCDY3KA7G7D3DRXYTT46K6LFHS2KHWBH/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LL6HSJDXCXMLEIJBYV6CPOR4K2NTCTXW/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNFJHISR4O6VFOHBFWH5I5WWMG37H63A/", "https://nvd.nist.gov/vuln/detail/CVE-2024-34397", "https://security.netapp.com/advisory/ntap-20240531-0008/", "https://ubuntu.com/security/notices/USN-6768-1", "https://www.cve.org/CVERecord?id=CVE-2024-34397", "https://www.openwall.com/lists/oss-security/2024/05/07/5" ], "PublishedDate": "2024-05-07T18:15:08.35Z", "LastModifiedDate": "2025-11-04T22:16:01.24Z" }, { "VulnerabilityID": "CVE-2024-52533", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.4", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-52533", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ead2762d617ccd11c63a365ae2ffadbb01c63a31ac1309f17422f90f5e1c75a4", "Title": "glib: buffer overflow in set_connect_msg()", "Description": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\\0' character.", "Severity": "MEDIUM", "CweIDs": [ "CWE-120" ], "VendorSeverity": { "alma": 2, "azure": 4, "cbl-mariner": 4, "oracle-oval": 2, "photon": 4, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/11/12/11", "https://access.redhat.com/errata/RHSA-2025:11140", "https://access.redhat.com/security/cve/CVE-2024-52533", "https://bugzilla.redhat.com/2325340", "https://bugzilla.redhat.com/2364265", "https://bugzilla.redhat.com/show_bug.cgi?id=2325340", "https://bugzilla.redhat.com/show_bug.cgi?id=2364265", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52533", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4373", "https://errata.almalinux.org/9/ALSA-2025-11140.html", "https://errata.rockylinux.org/RLSA-2025:11140", "https://gitlab.gnome.org/GNOME/glib/-/issues/3461", "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1", "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", "https://linux.oracle.com/cve/CVE-2024-52533.html", "https://linux.oracle.com/errata/ELSA-2025-11327.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00020.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-52533", "https://security.netapp.com/advisory/ntap-20241206-0009/", "https://ubuntu.com/security/notices/USN-7114-1", "https://www.cve.org/CVERecord?id=CVE-2024-52533" ], "PublishedDate": "2024-11-11T23:15:05.967Z", "LastModifiedDate": "2025-06-17T01:23:56.15Z" }, { "VulnerabilityID": "CVE-2025-13601", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.7", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13601", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ceb4535b0efc86999245b375c8e3f894d4b52b4ed310c64fc3c363bf6c7f8110", "Title": "glib: Integer overflow in in g_escape_uri_string()", "Description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "V3Score": 7.7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:0936", "https://access.redhat.com/errata/RHSA-2026:0975", "https://access.redhat.com/errata/RHSA-2026:0991", "https://access.redhat.com/errata/RHSA-2026:1323", "https://access.redhat.com/errata/RHSA-2026:1324", "https://access.redhat.com/errata/RHSA-2026:1326", "https://access.redhat.com/errata/RHSA-2026:1327", "https://access.redhat.com/errata/RHSA-2026:1465", "https://access.redhat.com/errata/RHSA-2026:1608", "https://access.redhat.com/errata/RHSA-2026:1624", "https://access.redhat.com/errata/RHSA-2026:1625", "https://access.redhat.com/errata/RHSA-2026:1626", "https://access.redhat.com/errata/RHSA-2026:1627", "https://access.redhat.com/errata/RHSA-2026:1652", "https://access.redhat.com/errata/RHSA-2026:1736", "https://access.redhat.com/errata/RHSA-2026:2064", "https://access.redhat.com/errata/RHSA-2026:2072", "https://access.redhat.com/errata/RHSA-2026:2485", "https://access.redhat.com/errata/RHSA-2026:2563", "https://access.redhat.com/errata/RHSA-2026:2633", "https://access.redhat.com/errata/RHSA-2026:2659", "https://access.redhat.com/errata/RHSA-2026:2671", "https://access.redhat.com/errata/RHSA-2026:2974", "https://access.redhat.com/errata/RHSA-2026:3415", "https://access.redhat.com/errata/RHSA-2026:4419", "https://access.redhat.com/security/cve/CVE-2025-13601", "https://bugzilla.redhat.com/2416741", "https://bugzilla.redhat.com/show_bug.cgi?id=2416741", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601", "https://errata.almalinux.org/9/ALSA-2026-0936.html", "https://errata.rockylinux.org/RLSA-2026:0936", "https://gitlab.gnome.org/GNOME/glib/-/issues/3827", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914", "https://linux.oracle.com/cve/CVE-2025-13601.html", "https://linux.oracle.com/errata/ELSA-2026-1608.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-13601", "https://ubuntu.com/security/notices/USN-7942-1", "https://ubuntu.com/security/notices/USN-7942-2", "https://www.cve.org/CVERecord?id=CVE-2025-13601" ], "PublishedDate": "2025-11-26T15:15:51.723Z", "LastModifiedDate": "2026-03-19T06:16:24.557Z" }, { "VulnerabilityID": "CVE-2025-14087", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.7", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-14087", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8a29d87850a46ac97808ea5e547ae936fc9a6000b4a9a709bd4dae1743919a82", "Title": "glib: GLib: Buffer underflow in GVariant parser leads to heap corruption", "Description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "amazon": 3, "azure": 2, "cbl-mariner": 2, "nvd": 4, "photon": 4, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-14087", "https://bugzilla.redhat.com/show_bug.cgi?id=2419093", "https://gitlab.gnome.org/GNOME/glib/-/issues/3834", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4933", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4934", "https://nvd.nist.gov/vuln/detail/CVE-2025-14087", "https://ubuntu.com/security/notices/USN-7942-1", "https://ubuntu.com/security/notices/USN-7942-2", "https://www.cve.org/CVERecord?id=CVE-2025-14087" ], "PublishedDate": "2025-12-10T09:15:47.053Z", "LastModifiedDate": "2026-03-18T17:16:03.597Z" }, { "VulnerabilityID": "CVE-2025-14512", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.7", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-14512", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f3dec8f01521c6f19fa43ec4e4b09c09e863f07c7184cbd2ab15db785eea3f3f", "Title": "glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow", "Description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "azure": 2, "cbl-mariner": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-14512", "https://bugzilla.redhat.com/show_bug.cgi?id=2421339", "https://gitlab.gnome.org/GNOME/glib/-/issues/3845", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4935", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4936", "https://nvd.nist.gov/vuln/detail/CVE-2025-14512", "https://www.cve.org/CVERecord?id=CVE-2025-14512" ], "PublishedDate": "2025-12-11T07:16:00.463Z", "LastModifiedDate": "2026-03-19T10:16:16.66Z" }, { "VulnerabilityID": "CVE-2025-4373", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.5", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-4373", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b56fe4b9f7384155828a6292c4f3ea4a4eac4c107429e9efbe838024e38ea678", "Title": "glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar", "Description": "A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.", "Severity": "MEDIUM", "CweIDs": [ "CWE-124" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:10855", "https://access.redhat.com/errata/RHSA-2025:11140", "https://access.redhat.com/errata/RHSA-2025:11327", "https://access.redhat.com/errata/RHSA-2025:11373", "https://access.redhat.com/errata/RHSA-2025:11374", "https://access.redhat.com/errata/RHSA-2025:11662", "https://access.redhat.com/errata/RHSA-2025:12275", "https://access.redhat.com/errata/RHSA-2025:13335", "https://access.redhat.com/errata/RHSA-2025:14988", "https://access.redhat.com/errata/RHSA-2025:14989", "https://access.redhat.com/errata/RHSA-2025:14990", "https://access.redhat.com/errata/RHSA-2025:14991", "https://access.redhat.com/security/cve/CVE-2025-4373", "https://bugzilla.redhat.com/2325340", "https://bugzilla.redhat.com/2364265", "https://bugzilla.redhat.com/show_bug.cgi?id=2325340", "https://bugzilla.redhat.com/show_bug.cgi?id=2364265", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52533", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4373", "https://errata.almalinux.org/9/ALSA-2025-11140.html", "https://errata.rockylinux.org/RLSA-2025:11140", "https://gitlab.gnome.org/GNOME/glib/-/issues/3677", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4588", "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4592", "https://linux.oracle.com/cve/CVE-2025-4373.html", "https://linux.oracle.com/errata/ELSA-2025-11327.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-4373", "https://ubuntu.com/security/notices/USN-7532-1", "https://www.cve.org/CVERecord?id=CVE-2025-4373" ], "PublishedDate": "2025-05-06T15:16:05.32Z", "LastModifiedDate": "2025-09-02T03:15:41.65Z" }, { "VulnerabilityID": "CVE-2026-0988", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.8", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0988", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:72474301606abc9daeac12768a6e32954957820842714bc01c5f1539f0e43dd6", "Title": "glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek()", "Description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0988", "https://bugzilla.redhat.com/show_bug.cgi?id=2429886", "https://gitlab.gnome.org/GNOME/glib/-/issues/3851", "https://nvd.nist.gov/vuln/detail/CVE-2026-0988", "https://ubuntu.com/security/notices/USN-7971-1", "https://www.cve.org/CVERecord?id=CVE-2026-0988" ], "PublishedDate": "2026-01-21T12:15:55.56Z", "LastModifiedDate": "2026-03-19T10:16:17.323Z" }, { "VulnerabilityID": "CVE-2026-1484", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.9", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1484", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0202de767783028c21d88b5f6f0cb93d356dcf423755c275d6b3bbc5576547d4", "Title": "Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode()", "Description": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "azure": 1, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "V3Score": 4.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1484", "https://bugzilla.redhat.com/show_bug.cgi?id=2433259", "https://gitlab.gnome.org/GNOME/glib/-/issues/3870", "https://nvd.nist.gov/vuln/detail/CVE-2026-1484", "https://ubuntu.com/security/notices/USN-8017-1", "https://www.cve.org/CVERecord?id=CVE-2026-1484" ], "PublishedDate": "2026-01-27T14:15:56.05Z", "LastModifiedDate": "2026-03-19T10:16:17.51Z" }, { "VulnerabilityID": "CVE-2026-1485", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.9", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1485", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6739171b80e0713f5e2995fa1f34fbe9897059927c33eed56354b2ce357585ee", "Title": "Glib: Glib: Local denial of service via buffer underflow in content type parsing", "Description": "A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access. Exploitation requires a local user to install or process a specially crafted treemagic file, which can lead to local denial of service or application instability.", "Severity": "MEDIUM", "CweIDs": [ "CWE-124" ], "VendorSeverity": { "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "V3Score": 2.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1485", "https://bugzilla.redhat.com/show_bug.cgi?id=2433325", "https://gitlab.gnome.org/GNOME/glib/-/issues/3871", "https://nvd.nist.gov/vuln/detail/CVE-2026-1485", "https://ubuntu.com/security/notices/USN-8017-1", "https://www.cve.org/CVERecord?id=CVE-2026-1485" ], "PublishedDate": "2026-01-27T14:15:56.223Z", "LastModifiedDate": "2026-03-18T17:16:05.69Z" }, { "VulnerabilityID": "CVE-2026-1489", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.9", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1489", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ed1c4f31cc70bd99057e7cf65378f210b10b4a1aea237e416e4358c79ce06e94", "Title": "Glib: GLib: Memory corruption via integer overflow in Unicode case conversion", "Description": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "azure": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "V3Score": 5.4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1489", "https://bugzilla.redhat.com/show_bug.cgi?id=2433348", "https://gitlab.gnome.org/GNOME/glib/-/issues/3872", "https://nvd.nist.gov/vuln/detail/CVE-2026-1489", "https://ubuntu.com/security/notices/USN-8017-1", "https://www.cve.org/CVERecord?id=CVE-2026-1489" ], "PublishedDate": "2026-01-27T15:15:57.37Z", "LastModifiedDate": "2026-03-19T10:16:17.693Z" }, { "VulnerabilityID": "CVE-2025-3360", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.7", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-3360", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7247dbb01d145f83bbb4746d08cb559a2be984e015788c7b5ac00b1ca53e3a7c", "Title": "glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601().", "Description": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.", "Severity": "LOW", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "amazon": 3, "azure": 1, "cbl-mariner": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-3360", "https://bugzilla.redhat.com/show_bug.cgi?id=2357754", "https://lists.debian.org/debian-lts-announce/2025/04/msg00024.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-3360", "https://ubuntu.com/security/notices/USN-7942-1", "https://ubuntu.com/security/notices/USN-7942-2", "https://www.cve.org/CVERecord?id=CVE-2025-3360" ], "PublishedDate": "2025-04-07T13:15:43.687Z", "LastModifiedDate": "2025-04-14T12:15:16.087Z" }, { "VulnerabilityID": "CVE-2025-7039", "PkgID": "libglib2.0-0@2.72.4-0ubuntu2", "PkgName": "libglib2.0-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "80127ee6cc0e86a1", "BOMRef": "pkg:deb/ubuntu/libglib2.0-0@2.72.4-0ubuntu2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.72.4-0ubuntu2", "FixedVersion": "2.72.4-0ubuntu2.7", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-7039", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a0d13b12c6d378b0cc94fa4e5eeccb576b6e2a6504292ff3da692378e6973e9c", "Title": "glib: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file()", "Description": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.", "Severity": "LOW", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-7039", "https://bugzilla.redhat.com/show_bug.cgi?id=2392423", "https://nvd.nist.gov/vuln/detail/CVE-2025-7039", "https://ubuntu.com/security/notices/USN-7942-1", "https://ubuntu.com/security/notices/USN-7942-2", "https://www.cve.org/CVERecord?id=CVE-2025-7039" ], "PublishedDate": "2025-09-03T02:15:38.12Z", "LastModifiedDate": "2025-09-04T15:36:56.447Z" }, { "VulnerabilityID": "CVE-2023-5981", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-5981", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5ea7da424cdef2654a6bbc20a10ccfa733e7c3e366d6d334819afaca2012ba5a", "Title": "gnutls: timing side-channel in the RSA-PSK authentication", "Description": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.", "Severity": "MEDIUM", "CweIDs": [ "CWE-208", "CWE-203" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/19/3", "https://access.redhat.com/errata/RHSA-2024:0155", "https://access.redhat.com/errata/RHSA-2024:0319", "https://access.redhat.com/errata/RHSA-2024:0399", "https://access.redhat.com/errata/RHSA-2024:0451", "https://access.redhat.com/errata/RHSA-2024:0533", "https://access.redhat.com/errata/RHSA-2024:1383", "https://access.redhat.com/errata/RHSA-2024:2094", "https://access.redhat.com/security/cve/CVE-2023-5981", "https://bugzilla.redhat.com/2248445", "https://bugzilla.redhat.com/2258412", "https://bugzilla.redhat.com/2258544", "https://bugzilla.redhat.com/show_bug.cgi?id=2248445", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5981", "https://errata.almalinux.org/9/ALSA-2024-0533.html", "https://errata.rockylinux.org/RLSA-2024:0155", "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23", "https://linux.oracle.com/cve/CVE-2023-5981.html", "https://linux.oracle.com/errata/ELSA-2024-12336.html", "https://lists.debian.org/debian-lts-announce/2023/11/msg00016.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/", "https://lists.gnupg.org/pipermail/gnutls-help/2023-November/004837.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-5981", "https://ubuntu.com/security/notices/USN-6499-1", "https://ubuntu.com/security/notices/USN-6499-2", "https://www.cve.org/CVERecord?id=CVE-2023-5981" ], "PublishedDate": "2023-11-28T12:15:07.04Z", "LastModifiedDate": "2026-03-25T20:01:09.507Z" }, { "VulnerabilityID": "CVE-2024-0553", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-0553", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:cd9db334082dbed89809946fed7507313e9eb8b81d30d70fb201a725e6761d3e", "Title": "gnutls: incomplete fix for CVE-2023-5981", "Description": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.", "Severity": "MEDIUM", "CweIDs": [ "CWE-203" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/19/3", "https://access.redhat.com/errata/RHSA-2024:0533", "https://access.redhat.com/errata/RHSA-2024:0627", "https://access.redhat.com/errata/RHSA-2024:0796", "https://access.redhat.com/errata/RHSA-2024:1082", "https://access.redhat.com/errata/RHSA-2024:1108", "https://access.redhat.com/errata/RHSA-2024:1383", "https://access.redhat.com/errata/RHSA-2024:2094", "https://access.redhat.com/security/cve/CVE-2024-0553", "https://bugzilla.redhat.com/2248445", "https://bugzilla.redhat.com/2258412", "https://bugzilla.redhat.com/2258544", "https://bugzilla.redhat.com/show_bug.cgi?id=2258412", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0553", "https://errata.almalinux.org/9/ALSA-2024-0533.html", "https://errata.rockylinux.org/RLSA-2024:0627", "https://gitlab.com/gnutls/gnutls/-/issues/1522", "https://gnutls.org/security-new.html#GNUTLS-SA-2024-01-14", "https://linux.oracle.com/cve/CVE-2024-0553.html", "https://linux.oracle.com/errata/ELSA-2024-12336.html", "https://lists.debian.org/debian-lts-announce/2024/02/msg00010.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/", "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-0553", "https://security.netapp.com/advisory/ntap-20240202-0011/", "https://ubuntu.com/security/notices/USN-6593-1", "https://www.cve.org/CVERecord?id=CVE-2024-0553" ], "PublishedDate": "2024-01-16T12:15:45.557Z", "LastModifiedDate": "2026-03-24T12:16:10.683Z" }, { "VulnerabilityID": "CVE-2024-0567", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-0567", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f37ed224a4a1b6ec1e619172b644eb590c5472350df830d1d3456fa635b7f35a", "Title": "gnutls: rejects certificate chain with distributed trust", "Description": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.", "Severity": "MEDIUM", "CweIDs": [ "CWE-347" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/19/3", "https://access.redhat.com/errata/RHSA-2024:0533", "https://access.redhat.com/errata/RHSA-2024:1082", "https://access.redhat.com/errata/RHSA-2024:1383", "https://access.redhat.com/errata/RHSA-2024:2094", "https://access.redhat.com/security/cve/CVE-2024-0567", "https://bugzilla.redhat.com/2248445", "https://bugzilla.redhat.com/2258412", "https://bugzilla.redhat.com/2258544", "https://bugzilla.redhat.com/show_bug.cgi?id=2258544", "https://errata.almalinux.org/9/ALSA-2024-0533.html", "https://gitlab.com/gnutls/gnutls/-/issues/1521", "https://gnutls.org/security-new.html#GNUTLS-SA-2024-01-09", "https://linux.oracle.com/cve/CVE-2024-0567.html", "https://linux.oracle.com/errata/ELSA-2024-12336.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/", "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-0567", "https://security.netapp.com/advisory/ntap-20240202-0011/", "https://ubuntu.com/security/notices/USN-6593-1", "https://www.cve.org/CVERecord?id=CVE-2024-0567" ], "PublishedDate": "2024-01-16T14:15:48.527Z", "LastModifiedDate": "2024-11-21T08:46:53.563Z" }, { "VulnerabilityID": "CVE-2024-12243", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-12243", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:944af454e73d75f76fcdf06ee9374f96d7d07841ad29f2b8a2d4cde496a4b538", "Title": "gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS", "Description": "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:17361", "https://access.redhat.com/errata/RHSA-2025:4051", "https://access.redhat.com/errata/RHSA-2025:7076", "https://access.redhat.com/errata/RHSA-2025:8020", "https://access.redhat.com/errata/RHSA-2025:8385", "https://access.redhat.com/security/cve/CVE-2024-12243", "https://bugzilla.redhat.com/2344615", "https://bugzilla.redhat.com/show_bug.cgi?id=2344615", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12243", "https://errata.almalinux.org/9/ALSA-2025-7076.html", "https://errata.rockylinux.org/RLSA-2025:7076", "https://gitlab.com/gnutls/gnutls/-/issues/1553", "https://gitlab.com/gnutls/libtasn1/-/issues/52", "https://linux.oracle.com/cve/CVE-2024-12243.html", "https://linux.oracle.com/errata/ELSA-2025-7076.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00027.html", "https://lists.gnupg.org/pipermail/gnutls-help/2025-February/004875.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-12243", "https://security.netapp.com/advisory/ntap-20250523-0002/", "https://ubuntu.com/security/notices/USN-7281-1", "https://www.cve.org/CVERecord?id=CVE-2024-12243", "https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-02-07" ], "PublishedDate": "2025-02-10T16:15:37.423Z", "LastModifiedDate": "2026-03-24T23:17:07.753Z" }, { "VulnerabilityID": "CVE-2024-28834", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28834", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5b0f818efdbb087b3d2b9047b6151cb63eb2188f6f39eac9ed6653567213dc5a", "Title": "gnutls: vulnerable to Minerva side-channel information leak", "Description": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.", "Severity": "MEDIUM", "CweIDs": [ "CWE-327" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/22/1", "http://www.openwall.com/lists/oss-security/2024/03/22/2", "https://access.redhat.com/errata/RHSA-2024:1784", "https://access.redhat.com/errata/RHSA-2024:1879", "https://access.redhat.com/errata/RHSA-2024:1997", "https://access.redhat.com/errata/RHSA-2024:2044", "https://access.redhat.com/errata/RHSA-2024:2570", "https://access.redhat.com/errata/RHSA-2024:2889", "https://access.redhat.com/security/cve/CVE-2024-28834", "https://bugzilla.redhat.com/2269084", "https://bugzilla.redhat.com/2269228", "https://bugzilla.redhat.com/show_bug.cgi?id=2269084", "https://bugzilla.redhat.com/show_bug.cgi?id=2269228", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28834", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28835", "https://errata.almalinux.org/9/ALSA-2024-2570.html", "https://errata.rockylinux.org/RLSA-2024:2570", "https://linux.oracle.com/cve/CVE-2024-28834.html", "https://linux.oracle.com/errata/ELSA-2024-2570.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00019.html", "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html", "https://minerva.crocs.fi.muni.cz/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28834", "https://people.redhat.com/~hkario/marvin/", "https://security.netapp.com/advisory/ntap-20240524-0004/", "https://ubuntu.com/security/notices/USN-6733-1", "https://ubuntu.com/security/notices/USN-6733-2", "https://www.cve.org/CVERecord?id=CVE-2024-28834", "https://www.gnutls.org/security-new.html#GNUTLS-SA-2023-12-04" ], "PublishedDate": "2024-03-21T14:15:07.547Z", "LastModifiedDate": "2025-11-04T17:15:49.793Z" }, { "VulnerabilityID": "CVE-2024-28835", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28835", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3d96969273f2b8d7909e07e93fbc21b855a8391165aa316283a8a50078d93725", "Title": "gnutls: potential crash during chain building/verification", "Description": "A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the \"certtool --verify-chain\" command.", "Severity": "MEDIUM", "CweIDs": [ "CWE-248" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/22/1", "http://www.openwall.com/lists/oss-security/2024/03/22/2", "https://access.redhat.com/errata/RHSA-2024:1879", "https://access.redhat.com/errata/RHSA-2024:2570", "https://access.redhat.com/errata/RHSA-2024:2889", "https://access.redhat.com/security/cve/CVE-2024-28835", "https://bugzilla.redhat.com/2269084", "https://bugzilla.redhat.com/2269228", "https://bugzilla.redhat.com/show_bug.cgi?id=2269084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28834", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28835", "https://errata.almalinux.org/9/ALSA-2024-2570.html", "https://errata.rockylinux.org/RLSA-2024:2570", "https://linux.oracle.com/cve/CVE-2024-28835.html", "https://linux.oracle.com/errata/ELSA-2024-2570.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00019.html", "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-28835", "https://security.netapp.com/advisory/ntap-20241122-0009/", "https://ubuntu.com/security/notices/USN-6733-1", "https://ubuntu.com/security/notices/USN-6733-2", "https://www.cve.org/CVERecord?id=CVE-2024-28835", "https://www.gnutls.org/security-new.html#GNUTLS-SA-2024-01-23" ], "PublishedDate": "2024-03-21T06:15:45.113Z", "LastModifiedDate": "2025-11-04T17:15:50Z" }, { "VulnerabilityID": "CVE-2025-14831", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-14831", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:eb67c48cd9731da3a99f3cf71f97ab0891dc0fe8cf60fdab4fba3ff57ea4b81e", "Title": "gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification", "Description": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:3477", "https://access.redhat.com/errata/RHSA-2026:4188", "https://access.redhat.com/errata/RHSA-2026:4655", "https://access.redhat.com/errata/RHSA-2026:4943", "https://access.redhat.com/errata/RHSA-2026:5585", "https://access.redhat.com/errata/RHSA-2026:5606", "https://access.redhat.com/security/cve/CVE-2025-14831", "https://bugzilla.redhat.com/2392528", "https://bugzilla.redhat.com/2423177", "https://bugzilla.redhat.com/show_bug.cgi?id=2392528", "https://bugzilla.redhat.com/show_bug.cgi?id=2423177", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14831", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9820", "https://errata.almalinux.org/9/ALSA-2026-4188.html", "https://errata.rockylinux.org/RLSA-2026:4188", "https://gitlab.com/gnutls/gnutls/-/issues/1773", "https://linux.oracle.com/cve/CVE-2025-14831.html", "https://linux.oracle.com/errata/ELSA-2026-5585.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-14831", "https://ubuntu.com/security/notices/USN-8043-1", "https://www.cve.org/CVERecord?id=CVE-2025-14831" ], "PublishedDate": "2026-02-09T15:16:09.937Z", "LastModifiedDate": "2026-03-24T11:16:21.903Z" }, { "VulnerabilityID": "CVE-2025-32988", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32988", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2c885d31116fa7136f0f6b7b08372c0bdfc91d05ee814cc697cdea6cace2584d", "Title": "gnutls: Vulnerability in GnuTLS otherName SAN export", "Description": "A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure.\n\nThis vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.", "Severity": "MEDIUM", "CweIDs": [ "CWE-415" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 8.2 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 6.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/11/3", "https://access.redhat.com/errata/RHSA-2025:16115", "https://access.redhat.com/errata/RHSA-2025:16116", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:17348", "https://access.redhat.com/errata/RHSA-2025:17361", "https://access.redhat.com/errata/RHSA-2025:17415", "https://access.redhat.com/errata/RHSA-2025:19088", "https://access.redhat.com/errata/RHSA-2025:22529", "https://access.redhat.com/security/cve/CVE-2025-32988", "https://bugzilla.redhat.com/2359620", "https://bugzilla.redhat.com/2359621", "https://bugzilla.redhat.com/2359622", "https://bugzilla.redhat.com/2376755", "https://bugzilla.redhat.com/show_bug.cgi?id=2359620", "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", "https://bugzilla.redhat.com/show_bug.cgi?id=2359622", "https://bugzilla.redhat.com/show_bug.cgi?id=2376755", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6395", "https://errata.almalinux.org/9/ALSA-2025-16116.html", "https://errata.rockylinux.org/RLSA-2025:16116", "https://linux.oracle.com/cve/CVE-2025-32988.html", "https://linux.oracle.com/errata/ELSA-2025-20606.html", "https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html", "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-32988", "https://ubuntu.com/security/notices/USN-7635-1", "https://ubuntu.com/security/notices/USN-7742-1", "https://www.cve.org/CVERecord?id=CVE-2025-32988" ], "PublishedDate": "2025-07-10T08:15:24.223Z", "LastModifiedDate": "2026-03-26T17:16:26.463Z" }, { "VulnerabilityID": "CVE-2025-32989", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32989", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6feda0aae0d39bc500d0c24355de731876d52fd593429105ccae42e159f51bb4", "Title": "gnutls: Vulnerability in GnuTLS SCT extension parsing", "Description": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.", "Severity": "MEDIUM", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/11/3", "https://access.redhat.com/errata/RHSA-2025:16115", "https://access.redhat.com/errata/RHSA-2025:16116", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:17348", "https://access.redhat.com/errata/RHSA-2025:17361", "https://access.redhat.com/errata/RHSA-2025:19088", "https://access.redhat.com/errata/RHSA-2025:22529", "https://access.redhat.com/security/cve/CVE-2025-32989", "https://bugzilla.redhat.com/2359620", "https://bugzilla.redhat.com/2359621", "https://bugzilla.redhat.com/2359622", "https://bugzilla.redhat.com/2376755", "https://bugzilla.redhat.com/show_bug.cgi?id=2359620", "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", "https://bugzilla.redhat.com/show_bug.cgi?id=2359622", "https://bugzilla.redhat.com/show_bug.cgi?id=2376755", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6395", "https://errata.almalinux.org/9/ALSA-2025-16116.html", "https://errata.rockylinux.org/RLSA-2025:16116", "https://linux.oracle.com/cve/CVE-2025-32989.html", "https://linux.oracle.com/errata/ELSA-2025-20606.html", "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-32989", "https://ubuntu.com/security/notices/USN-7635-1", "https://www.cve.org/CVERecord?id=CVE-2025-32989" ], "PublishedDate": "2025-07-10T08:15:24.43Z", "LastModifiedDate": "2025-12-01T22:15:48.027Z" }, { "VulnerabilityID": "CVE-2025-32990", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32990", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5fdb5c5ad648c4435534e612126c0b3fdae9df04d2a5d4326fb29da42d79a292", "Title": "gnutls: Vulnerability in GnuTLS certtool template parsing", "Description": "A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 8.2 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/11/3", "https://access.redhat.com/errata/RHSA-2025:16115", "https://access.redhat.com/errata/RHSA-2025:16116", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:17348", "https://access.redhat.com/errata/RHSA-2025:17361", "https://access.redhat.com/errata/RHSA-2025:17415", "https://access.redhat.com/errata/RHSA-2025:19088", "https://access.redhat.com/errata/RHSA-2025:22529", "https://access.redhat.com/security/cve/CVE-2025-32990", "https://bugzilla.redhat.com/2359620", "https://bugzilla.redhat.com/2359621", "https://bugzilla.redhat.com/2359622", "https://bugzilla.redhat.com/2376755", "https://bugzilla.redhat.com/show_bug.cgi?id=2359620", "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", "https://bugzilla.redhat.com/show_bug.cgi?id=2359622", "https://bugzilla.redhat.com/show_bug.cgi?id=2376755", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6395", "https://errata.almalinux.org/9/ALSA-2025-16116.html", "https://errata.rockylinux.org/RLSA-2025:16116", "https://linux.oracle.com/cve/CVE-2025-32990.html", "https://linux.oracle.com/errata/ELSA-2025-20606.html", "https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html", "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-32990", "https://ubuntu.com/security/notices/USN-7635-1", "https://ubuntu.com/security/notices/USN-7742-1", "https://www.cve.org/CVERecord?id=CVE-2025-32990" ], "PublishedDate": "2025-07-10T10:15:33.06Z", "LastModifiedDate": "2025-12-01T22:15:48.2Z" }, { "VulnerabilityID": "CVE-2025-6395", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6395", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b9b02ebdc68d46c02c73fd979586db51fec5d3d1bb063063b502b2f859f9d000", "Title": "gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()", "Description": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().", "Severity": "MEDIUM", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 6.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/07/11/3", "https://access.redhat.com/errata/RHSA-2025:16115", "https://access.redhat.com/errata/RHSA-2025:16116", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:17348", "https://access.redhat.com/errata/RHSA-2025:17361", "https://access.redhat.com/errata/RHSA-2025:17415", "https://access.redhat.com/errata/RHSA-2025:19088", "https://access.redhat.com/errata/RHSA-2025:22529", "https://access.redhat.com/security/cve/CVE-2025-6395", "https://bugzilla.redhat.com/2359620", "https://bugzilla.redhat.com/2359621", "https://bugzilla.redhat.com/2359622", "https://bugzilla.redhat.com/2376755", "https://bugzilla.redhat.com/show_bug.cgi?id=2359620", "https://bugzilla.redhat.com/show_bug.cgi?id=2359621", "https://bugzilla.redhat.com/show_bug.cgi?id=2359622", "https://bugzilla.redhat.com/show_bug.cgi?id=2376755", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32989", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6395", "https://errata.almalinux.org/9/ALSA-2025-16116.html", "https://errata.rockylinux.org/RLSA-2025:16116", "https://linux.oracle.com/cve/CVE-2025-6395.html", "https://linux.oracle.com/errata/ELSA-2025-20606.html", "https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html", "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6395", "https://ubuntu.com/security/notices/USN-7635-1", "https://ubuntu.com/security/notices/USN-7742-1", "https://www.cve.org/CVERecord?id=CVE-2025-6395" ], "PublishedDate": "2025-07-10T16:15:25.11Z", "LastModifiedDate": "2025-12-01T22:15:51.513Z" }, { "VulnerabilityID": "CVE-2025-9820", "PkgID": "libgnutls30@3.7.3-4ubuntu1.2", "PkgName": "libgnutls30", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "4923ba580c0e73a5", "BOMRef": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1.2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.7.3-4ubuntu1.2", "FixedVersion": "3.7.3-4ubuntu1.8", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-9820", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4e7168937489ee62e6e53fe03a22b91ee10c515aa0781c4c1a43767c2ffcccbd", "Title": "gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function", "Description": "A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.", "Severity": "LOW", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/11/20/2", "https://access.redhat.com/errata/RHSA-2026:3477", "https://access.redhat.com/errata/RHSA-2026:4188", "https://access.redhat.com/errata/RHSA-2026:4655", "https://access.redhat.com/errata/RHSA-2026:4943", "https://access.redhat.com/errata/RHSA-2026:5585", "https://access.redhat.com/errata/RHSA-2026:5606", "https://access.redhat.com/security/cve/CVE-2025-9820", "https://bugzilla.redhat.com/2392528", "https://bugzilla.redhat.com/2423177", "https://bugzilla.redhat.com/show_bug.cgi?id=2392528", "https://bugzilla.redhat.com/show_bug.cgi?id=2423177", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14831", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9820", "https://errata.almalinux.org/9/ALSA-2026-4188.html", "https://errata.rockylinux.org/RLSA-2026:4188", "https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5", "https://gitlab.com/gnutls/gnutls/-/issues/1732", "https://linux.oracle.com/cve/CVE-2025-9820.html", "https://linux.oracle.com/errata/ELSA-2026-5585.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-9820", "https://ubuntu.com/security/notices/USN-8043-1", "https://www.cve.org/CVERecord?id=CVE-2025-9820", "https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18" ], "PublishedDate": "2026-01-26T20:16:09.37Z", "LastModifiedDate": "2026-03-24T11:16:22.723Z" }, { "VulnerabilityID": "CVE-2023-36054", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-36054", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8d6e30e8808c1c176986a4b91e1ae7e4831a170f27c179e1892e957a3d498e34", "Title": "krb5: Denial of service through freeing uninitialized pointer", "Description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "Severity": "MEDIUM", "CweIDs": [ "CWE-824" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6699", "https://access.redhat.com/security/cve/CVE-2023-36054", "https://bugzilla.redhat.com/2230178", "https://bugzilla.redhat.com/2232682", "https://errata.almalinux.org/9/ALSA-2023-6699.html", "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", "https://linux.oracle.com/cve/CVE-2023-36054.html", "https://linux.oracle.com/errata/ELSA-2023-6699.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-36054", "https://security.netapp.com/advisory/ntap-20230908-0004/", "https://ubuntu.com/security/notices/USN-6467-1", "https://ubuntu.com/security/notices/USN-6467-2", "https://web.mit.edu/kerberos/www/advisories/", "https://www.cve.org/CVERecord?id=CVE-2023-36054" ], "PublishedDate": "2023-08-07T19:15:09.84Z", "LastModifiedDate": "2024-11-21T08:09:15.227Z" }, { "VulnerabilityID": "CVE-2024-3596", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-3596", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e86403bebc014ed97622dbf1ef8f08d8e2b3bb588bd14d51b62296eb1f318ecf", "Title": "freeradius: forgery attack", "Description": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.", "Severity": "MEDIUM", "CweIDs": [ "CWE-354", "CWE-924" ], "VendorSeverity": { "alma": 3, "amazon": 3, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/09/4", "https://access.redhat.com/errata/RHSA-2024:9474", "https://access.redhat.com/security/cve/CVE-2024-3596", "https://bugzilla.redhat.com/2263240", "https://bugzilla.redhat.com/show_bug.cgi?id=2263240", "https://cert-portal.siemens.com/productcert/html/ssa-723487.html", "https://cert-portal.siemens.com/productcert/html/ssa-794185.html", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3596", "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/", "https://datatracker.ietf.org/doc/html/rfc2865", "https://errata.almalinux.org/9/ALSA-2024-9474.html", "https://errata.rockylinux.org/RLSA-2024:9474", "https://kb.cert.org/vince/comm/case/1515/", "https://linux.oracle.com/cve/CVE-2024-3596.html", "https://linux.oracle.com/errata/ELSA-2024-9474.html", "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf", "https://nvd.nist.gov/vuln/detail/CVE-2024-3596", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014", "https://security.netapp.com/advisory/ntap-20240822-0001/", "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol", "https://ubuntu.com/security/notices/USN-7055-1", "https://ubuntu.com/security/notices/USN-7257-1", "https://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt", "https://www.blastradius.fail/", "https://www.cve.org/CVERecord?id=CVE-2024-3596", "https://www.kb.cert.org/vuls/id/456537" ], "PublishedDate": "2024-07-09T12:15:20.7Z", "LastModifiedDate": "2025-11-04T18:16:31.367Z" }, { "VulnerabilityID": "CVE-2024-37370", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37370", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:15fd6082e7fe99358cb01ac5fe61614f290631a748c363f61cc12c6a70317e5e", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "Severity": "MEDIUM", "CweIDs": [ "CWE-345" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6166", "https://access.redhat.com/security/cve/CVE-2024-37370", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2294677", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2294677", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://errata.almalinux.org/9/ALSA-2024-6166.html", "https://errata.rockylinux.org/RLSA-2024:5312", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37370.html", "https://linux.oracle.com/errata/ELSA-2024-6166.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37370", "https://security.netapp.com/advisory/ntap-20241108-0007/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37370" ], "PublishedDate": "2024-06-28T22:15:02.293Z", "LastModifiedDate": "2026-02-18T16:22:27.4Z" }, { "VulnerabilityID": "CVE-2024-37371", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37371", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6fda20732d34ebf5f8b77f38b79a430a2ae4f3357b8b55ea9f33d83bd7416796", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:1671", "https://access.redhat.com/security/cve/CVE-2024-37371", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2301888", "https://bugzilla.redhat.com/2318857", "https://bugzilla.redhat.com/2318858", "https://bugzilla.redhat.com/2318870", "https://bugzilla.redhat.com/2318873", "https://bugzilla.redhat.com/2318874", "https://bugzilla.redhat.com/2318876", "https://bugzilla.redhat.com/2318882", "https://bugzilla.redhat.com/2318883", "https://bugzilla.redhat.com/2318884", "https://bugzilla.redhat.com/2318885", "https://bugzilla.redhat.com/2318886", "https://bugzilla.redhat.com/2318897", "https://bugzilla.redhat.com/2318900", "https://bugzilla.redhat.com/2318905", "https://bugzilla.redhat.com/2318914", "https://bugzilla.redhat.com/2318922", "https://bugzilla.redhat.com/2318923", "https://bugzilla.redhat.com/2318925", "https://bugzilla.redhat.com/2318926", "https://bugzilla.redhat.com/2318927", "https://bugzilla.redhat.com/2331191", "https://bugzilla.redhat.com/2339218", "https://bugzilla.redhat.com/2339220", "https://bugzilla.redhat.com/2339221", "https://bugzilla.redhat.com/2339226", "https://bugzilla.redhat.com/2339231", "https://bugzilla.redhat.com/2339236", "https://bugzilla.redhat.com/2339238", "https://bugzilla.redhat.com/2339243", "https://bugzilla.redhat.com/2339247", "https://bugzilla.redhat.com/2339252", "https://bugzilla.redhat.com/2339259", "https://bugzilla.redhat.com/2339266", "https://bugzilla.redhat.com/2339270", "https://bugzilla.redhat.com/2339271", "https://bugzilla.redhat.com/2339275", "https://bugzilla.redhat.com/2339277", "https://bugzilla.redhat.com/2339281", "https://bugzilla.redhat.com/2339284", "https://bugzilla.redhat.com/2339291", "https://bugzilla.redhat.com/2339293", "https://bugzilla.redhat.com/2339295", "https://bugzilla.redhat.com/2339299", "https://bugzilla.redhat.com/2339300", "https://bugzilla.redhat.com/2339304", "https://bugzilla.redhat.com/2339305", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "https://bugzilla.redhat.com/show_bug.cgi?id=2318857", "https://bugzilla.redhat.com/show_bug.cgi?id=2318858", "https://bugzilla.redhat.com/show_bug.cgi?id=2318870", "https://bugzilla.redhat.com/show_bug.cgi?id=2318873", "https://bugzilla.redhat.com/show_bug.cgi?id=2318874", "https://bugzilla.redhat.com/show_bug.cgi?id=2318876", "https://bugzilla.redhat.com/show_bug.cgi?id=2318882", "https://bugzilla.redhat.com/show_bug.cgi?id=2318883", "https://bugzilla.redhat.com/show_bug.cgi?id=2318884", "https://bugzilla.redhat.com/show_bug.cgi?id=2318885", "https://bugzilla.redhat.com/show_bug.cgi?id=2318886", "https://bugzilla.redhat.com/show_bug.cgi?id=2318897", "https://bugzilla.redhat.com/show_bug.cgi?id=2318900", "https://bugzilla.redhat.com/show_bug.cgi?id=2318905", "https://bugzilla.redhat.com/show_bug.cgi?id=2318914", "https://bugzilla.redhat.com/show_bug.cgi?id=2318922", "https://bugzilla.redhat.com/show_bug.cgi?id=2318923", "https://bugzilla.redhat.com/show_bug.cgi?id=2318925", "https://bugzilla.redhat.com/show_bug.cgi?id=2318926", "https://bugzilla.redhat.com/show_bug.cgi?id=2318927", "https://bugzilla.redhat.com/show_bug.cgi?id=2331191", "https://bugzilla.redhat.com/show_bug.cgi?id=2339218", "https://bugzilla.redhat.com/show_bug.cgi?id=2339220", "https://bugzilla.redhat.com/show_bug.cgi?id=2339221", "https://bugzilla.redhat.com/show_bug.cgi?id=2339226", "https://bugzilla.redhat.com/show_bug.cgi?id=2339231", "https://bugzilla.redhat.com/show_bug.cgi?id=2339236", "https://bugzilla.redhat.com/show_bug.cgi?id=2339238", "https://bugzilla.redhat.com/show_bug.cgi?id=2339243", "https://bugzilla.redhat.com/show_bug.cgi?id=2339247", "https://bugzilla.redhat.com/show_bug.cgi?id=2339252", "https://bugzilla.redhat.com/show_bug.cgi?id=2339259", "https://bugzilla.redhat.com/show_bug.cgi?id=2339266", "https://bugzilla.redhat.com/show_bug.cgi?id=2339270", "https://bugzilla.redhat.com/show_bug.cgi?id=2339271", "https://bugzilla.redhat.com/show_bug.cgi?id=2339275", "https://bugzilla.redhat.com/show_bug.cgi?id=2339277", "https://bugzilla.redhat.com/show_bug.cgi?id=2339281", "https://bugzilla.redhat.com/show_bug.cgi?id=2339284", "https://bugzilla.redhat.com/show_bug.cgi?id=2339291", "https://bugzilla.redhat.com/show_bug.cgi?id=2339293", "https://bugzilla.redhat.com/show_bug.cgi?id=2339295", "https://bugzilla.redhat.com/show_bug.cgi?id=2339299", "https://bugzilla.redhat.com/show_bug.cgi?id=2339300", "https://bugzilla.redhat.com/show_bug.cgi?id=2339304", "https://bugzilla.redhat.com/show_bug.cgi?id=2339305", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21193", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21194", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21197", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21198", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21201", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21203", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21212", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21213", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21218", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21219", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21230", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21231", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21236", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21238", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21239", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21241", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21247", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21497", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21500", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21501", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21503", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21504", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21505", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21518", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21519", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21520", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21521", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21522", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21525", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21529", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21531", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21534", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21536", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21540", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21543", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21546", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21555", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21559", "https://errata.almalinux.org/9/ALSA-2025-1671.html", "https://errata.rockylinux.org/RLSA-2025:1671", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37371.html", "https://linux.oracle.com/errata/ELSA-2025-1673.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37371", "https://security.netapp.com/advisory/ntap-20241108-0009/", "https://security.netapp.com/advisory/ntap-20250124-0010/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37371", "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL" ], "PublishedDate": "2024-06-28T23:15:11.603Z", "LastModifiedDate": "2025-11-03T21:16:13.997Z" }, { "VulnerabilityID": "CVE-2025-24528", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-24528", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:adb85750b70f837376e5d5400c4f20fd3c5afb012dee4e2df48d740a2cc9f74e", "Title": "krb5: overflow when calculating ulog block size", "Description": "In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:7067", "https://access.redhat.com/security/cve/CVE-2025-24528", "https://bugzilla.redhat.com/2342796", "https://bugzilla.redhat.com/show_bug.cgi?id=2342796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528", "https://errata.almalinux.org/9/ALSA-2025-7067.html", "https://errata.rockylinux.org/RLSA-2025:7067", "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0", "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final", "https://linux.oracle.com/cve/CVE-2025-24528.html", "https://linux.oracle.com/errata/ELSA-2025-7067.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-24528", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2025-24528" ], "PublishedDate": "2026-01-16T18:16:06.633Z", "LastModifiedDate": "2026-01-26T15:05:57.19Z" }, { "VulnerabilityID": "CVE-2025-3576", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-3576", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b10243cde747b79de8f8d639af315f2fc5c6c33bb02adecc6d027eac9c17e812", "Title": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions", "Description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "Severity": "MEDIUM", "CweIDs": [ "CWE-328" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:13664", "https://access.redhat.com/errata/RHSA-2025:13777", "https://access.redhat.com/errata/RHSA-2025:15000", "https://access.redhat.com/errata/RHSA-2025:15001", "https://access.redhat.com/errata/RHSA-2025:15002", "https://access.redhat.com/errata/RHSA-2025:15003", "https://access.redhat.com/errata/RHSA-2025:15004", "https://access.redhat.com/errata/RHSA-2025:8411", "https://access.redhat.com/errata/RHSA-2025:9418", "https://access.redhat.com/errata/RHSA-2025:9430", "https://access.redhat.com/security/cve/CVE-2025-3576", "https://bugzilla.redhat.com/2359465", "https://bugzilla.redhat.com/show_bug.cgi?id=2359465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576", "https://errata.almalinux.org/9/ALSA-2025-9430.html", "https://errata.rockylinux.org/RLSA-2025:9430", "https://linux.oracle.com/cve/CVE-2025-3576.html", "https://linux.oracle.com/errata/ELSA-2025-9430.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-3576", "https://ubuntu.com/security/notices/USN-7542-1", "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html", "https://www.cve.org/CVERecord?id=CVE-2025-3576" ], "PublishedDate": "2025-04-15T06:15:44.047Z", "LastModifiedDate": "2025-09-02T10:15:34.32Z" }, { "VulnerabilityID": "CVE-2024-26458", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:aca20f09a26362c0a40d8a226ef1ef891bbc7b8b546c4c4a6f1c30174f203f21", "Title": "krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "Severity": "LOW", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26458", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md", "https://linux.oracle.com/cve/CVE-2024-26458.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26458", "https://security.netapp.com/advisory/ntap-20240415-0010/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26458" ], "PublishedDate": "2024-02-29T01:44:18.78Z", "LastModifiedDate": "2025-05-23T15:39:31.357Z" }, { "VulnerabilityID": "CVE-2024-26461", "PkgID": "libgssapi-krb5-2@1.19.2-2ubuntu0.1", "PkgName": "libgssapi-krb5-2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c1992130da536703", "BOMRef": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26461", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2e4141ab723d960ea96d3cb49f306df5701f7568c471e2884b179a083e158eb1", "Title": "krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26461", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md", "https://linux.oracle.com/cve/CVE-2024-26461.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26461", "https://security.netapp.com/advisory/ntap-20240415-0011/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26461" ], "PublishedDate": "2024-02-29T01:44:18.82Z", "LastModifiedDate": "2025-05-23T15:30:30.847Z" }, { "VulnerabilityID": "CVE-2025-5222", "PkgID": "libicu70@70.1-2", "PkgName": "libicu70", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libicu70@70.1-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "1ecad657a93d1b21", "BOMRef": "pkg:deb/ubuntu/libicu70@70.1-2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "70.1-2", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-5222", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:65901999009c2eb7f8ae1f245d9bb9dda81b3eaa4cd1338c98149c56a9956d8d", "Title": "icu: Stack buffer overflow in the SRBRoot::addTag function", "Description": "A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.", "Severity": "LOW", "CweIDs": [ "CWE-120" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:11888", "https://access.redhat.com/errata/RHSA-2025:12083", "https://access.redhat.com/errata/RHSA-2025:12331", "https://access.redhat.com/errata/RHSA-2025:12332", "https://access.redhat.com/errata/RHSA-2025:12333", "https://access.redhat.com/security/cve/CVE-2025-5222", "https://bugzilla.redhat.com/2368600", "https://bugzilla.redhat.com/show_bug.cgi?id=2368600", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5222", "https://errata.almalinux.org/9/ALSA-2025-12083.html", "https://errata.rockylinux.org/RLSA-2025:12083", "https://linux.oracle.com/cve/CVE-2025-5222.html", "https://linux.oracle.com/errata/ELSA-2025-12083.html", "https://lists.debian.org/debian-lts-announce/2025/06/msg00015.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-5222", "https://www.cve.org/CVERecord?id=CVE-2025-5222" ], "PublishedDate": "2025-05-27T21:15:23.03Z", "LastModifiedDate": "2026-01-23T11:33:07.2Z" }, { "VulnerabilityID": "CVE-2023-36054", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-36054", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d33f3cbf614c13807551b15ec3689f4a3765a19de4fc5d914da784607dee2c9a", "Title": "krb5: Denial of service through freeing uninitialized pointer", "Description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "Severity": "MEDIUM", "CweIDs": [ "CWE-824" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6699", "https://access.redhat.com/security/cve/CVE-2023-36054", "https://bugzilla.redhat.com/2230178", "https://bugzilla.redhat.com/2232682", "https://errata.almalinux.org/9/ALSA-2023-6699.html", "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", "https://linux.oracle.com/cve/CVE-2023-36054.html", "https://linux.oracle.com/errata/ELSA-2023-6699.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-36054", "https://security.netapp.com/advisory/ntap-20230908-0004/", "https://ubuntu.com/security/notices/USN-6467-1", "https://ubuntu.com/security/notices/USN-6467-2", "https://web.mit.edu/kerberos/www/advisories/", "https://www.cve.org/CVERecord?id=CVE-2023-36054" ], "PublishedDate": "2023-08-07T19:15:09.84Z", "LastModifiedDate": "2024-11-21T08:09:15.227Z" }, { "VulnerabilityID": "CVE-2024-3596", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-3596", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:71b8bd035c0b8f987f45ca43838be3ae997849747488ea138b068a58fc7a3ebb", "Title": "freeradius: forgery attack", "Description": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.", "Severity": "MEDIUM", "CweIDs": [ "CWE-354", "CWE-924" ], "VendorSeverity": { "alma": 3, "amazon": 3, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/09/4", "https://access.redhat.com/errata/RHSA-2024:9474", "https://access.redhat.com/security/cve/CVE-2024-3596", "https://bugzilla.redhat.com/2263240", "https://bugzilla.redhat.com/show_bug.cgi?id=2263240", "https://cert-portal.siemens.com/productcert/html/ssa-723487.html", "https://cert-portal.siemens.com/productcert/html/ssa-794185.html", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3596", "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/", "https://datatracker.ietf.org/doc/html/rfc2865", "https://errata.almalinux.org/9/ALSA-2024-9474.html", "https://errata.rockylinux.org/RLSA-2024:9474", "https://kb.cert.org/vince/comm/case/1515/", "https://linux.oracle.com/cve/CVE-2024-3596.html", "https://linux.oracle.com/errata/ELSA-2024-9474.html", "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf", "https://nvd.nist.gov/vuln/detail/CVE-2024-3596", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014", "https://security.netapp.com/advisory/ntap-20240822-0001/", "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol", "https://ubuntu.com/security/notices/USN-7055-1", "https://ubuntu.com/security/notices/USN-7257-1", "https://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt", "https://www.blastradius.fail/", "https://www.cve.org/CVERecord?id=CVE-2024-3596", "https://www.kb.cert.org/vuls/id/456537" ], "PublishedDate": "2024-07-09T12:15:20.7Z", "LastModifiedDate": "2025-11-04T18:16:31.367Z" }, { "VulnerabilityID": "CVE-2024-37370", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37370", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a433b21dcdca01c46b4ab66712ba02976435dcf24f9a588d8989147f7e444703", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "Severity": "MEDIUM", "CweIDs": [ "CWE-345" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6166", "https://access.redhat.com/security/cve/CVE-2024-37370", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2294677", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2294677", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://errata.almalinux.org/9/ALSA-2024-6166.html", "https://errata.rockylinux.org/RLSA-2024:5312", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37370.html", "https://linux.oracle.com/errata/ELSA-2024-6166.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37370", "https://security.netapp.com/advisory/ntap-20241108-0007/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37370" ], "PublishedDate": "2024-06-28T22:15:02.293Z", "LastModifiedDate": "2026-02-18T16:22:27.4Z" }, { "VulnerabilityID": "CVE-2024-37371", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37371", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:be99776ff51f085da44640dcb7b0385752516744cb74ab57c93a86e5f433eab1", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:1671", "https://access.redhat.com/security/cve/CVE-2024-37371", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2301888", "https://bugzilla.redhat.com/2318857", "https://bugzilla.redhat.com/2318858", "https://bugzilla.redhat.com/2318870", "https://bugzilla.redhat.com/2318873", "https://bugzilla.redhat.com/2318874", "https://bugzilla.redhat.com/2318876", "https://bugzilla.redhat.com/2318882", "https://bugzilla.redhat.com/2318883", "https://bugzilla.redhat.com/2318884", "https://bugzilla.redhat.com/2318885", "https://bugzilla.redhat.com/2318886", "https://bugzilla.redhat.com/2318897", "https://bugzilla.redhat.com/2318900", "https://bugzilla.redhat.com/2318905", "https://bugzilla.redhat.com/2318914", "https://bugzilla.redhat.com/2318922", "https://bugzilla.redhat.com/2318923", "https://bugzilla.redhat.com/2318925", "https://bugzilla.redhat.com/2318926", "https://bugzilla.redhat.com/2318927", "https://bugzilla.redhat.com/2331191", "https://bugzilla.redhat.com/2339218", "https://bugzilla.redhat.com/2339220", "https://bugzilla.redhat.com/2339221", "https://bugzilla.redhat.com/2339226", "https://bugzilla.redhat.com/2339231", "https://bugzilla.redhat.com/2339236", "https://bugzilla.redhat.com/2339238", "https://bugzilla.redhat.com/2339243", "https://bugzilla.redhat.com/2339247", "https://bugzilla.redhat.com/2339252", "https://bugzilla.redhat.com/2339259", "https://bugzilla.redhat.com/2339266", "https://bugzilla.redhat.com/2339270", "https://bugzilla.redhat.com/2339271", "https://bugzilla.redhat.com/2339275", "https://bugzilla.redhat.com/2339277", "https://bugzilla.redhat.com/2339281", "https://bugzilla.redhat.com/2339284", "https://bugzilla.redhat.com/2339291", "https://bugzilla.redhat.com/2339293", "https://bugzilla.redhat.com/2339295", "https://bugzilla.redhat.com/2339299", "https://bugzilla.redhat.com/2339300", "https://bugzilla.redhat.com/2339304", "https://bugzilla.redhat.com/2339305", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "https://bugzilla.redhat.com/show_bug.cgi?id=2318857", "https://bugzilla.redhat.com/show_bug.cgi?id=2318858", "https://bugzilla.redhat.com/show_bug.cgi?id=2318870", "https://bugzilla.redhat.com/show_bug.cgi?id=2318873", "https://bugzilla.redhat.com/show_bug.cgi?id=2318874", "https://bugzilla.redhat.com/show_bug.cgi?id=2318876", "https://bugzilla.redhat.com/show_bug.cgi?id=2318882", "https://bugzilla.redhat.com/show_bug.cgi?id=2318883", "https://bugzilla.redhat.com/show_bug.cgi?id=2318884", "https://bugzilla.redhat.com/show_bug.cgi?id=2318885", "https://bugzilla.redhat.com/show_bug.cgi?id=2318886", "https://bugzilla.redhat.com/show_bug.cgi?id=2318897", "https://bugzilla.redhat.com/show_bug.cgi?id=2318900", "https://bugzilla.redhat.com/show_bug.cgi?id=2318905", "https://bugzilla.redhat.com/show_bug.cgi?id=2318914", "https://bugzilla.redhat.com/show_bug.cgi?id=2318922", "https://bugzilla.redhat.com/show_bug.cgi?id=2318923", "https://bugzilla.redhat.com/show_bug.cgi?id=2318925", "https://bugzilla.redhat.com/show_bug.cgi?id=2318926", "https://bugzilla.redhat.com/show_bug.cgi?id=2318927", "https://bugzilla.redhat.com/show_bug.cgi?id=2331191", "https://bugzilla.redhat.com/show_bug.cgi?id=2339218", "https://bugzilla.redhat.com/show_bug.cgi?id=2339220", "https://bugzilla.redhat.com/show_bug.cgi?id=2339221", "https://bugzilla.redhat.com/show_bug.cgi?id=2339226", "https://bugzilla.redhat.com/show_bug.cgi?id=2339231", "https://bugzilla.redhat.com/show_bug.cgi?id=2339236", "https://bugzilla.redhat.com/show_bug.cgi?id=2339238", "https://bugzilla.redhat.com/show_bug.cgi?id=2339243", "https://bugzilla.redhat.com/show_bug.cgi?id=2339247", "https://bugzilla.redhat.com/show_bug.cgi?id=2339252", "https://bugzilla.redhat.com/show_bug.cgi?id=2339259", "https://bugzilla.redhat.com/show_bug.cgi?id=2339266", "https://bugzilla.redhat.com/show_bug.cgi?id=2339270", "https://bugzilla.redhat.com/show_bug.cgi?id=2339271", "https://bugzilla.redhat.com/show_bug.cgi?id=2339275", "https://bugzilla.redhat.com/show_bug.cgi?id=2339277", "https://bugzilla.redhat.com/show_bug.cgi?id=2339281", "https://bugzilla.redhat.com/show_bug.cgi?id=2339284", "https://bugzilla.redhat.com/show_bug.cgi?id=2339291", "https://bugzilla.redhat.com/show_bug.cgi?id=2339293", "https://bugzilla.redhat.com/show_bug.cgi?id=2339295", "https://bugzilla.redhat.com/show_bug.cgi?id=2339299", "https://bugzilla.redhat.com/show_bug.cgi?id=2339300", "https://bugzilla.redhat.com/show_bug.cgi?id=2339304", "https://bugzilla.redhat.com/show_bug.cgi?id=2339305", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21193", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21194", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21197", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21198", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21201", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21203", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21212", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21213", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21218", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21219", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21230", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21231", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21236", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21238", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21239", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21241", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21247", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21497", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21500", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21501", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21503", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21504", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21505", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21518", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21519", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21520", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21521", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21522", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21525", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21529", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21531", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21534", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21536", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21540", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21543", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21546", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21555", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21559", "https://errata.almalinux.org/9/ALSA-2025-1671.html", "https://errata.rockylinux.org/RLSA-2025:1671", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37371.html", "https://linux.oracle.com/errata/ELSA-2025-1673.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37371", "https://security.netapp.com/advisory/ntap-20241108-0009/", "https://security.netapp.com/advisory/ntap-20250124-0010/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37371", "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL" ], "PublishedDate": "2024-06-28T23:15:11.603Z", "LastModifiedDate": "2025-11-03T21:16:13.997Z" }, { "VulnerabilityID": "CVE-2025-24528", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-24528", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f82b62982058a9d4de4b7669e4a0f85fc3d48745602ded51d98bbd40155f8ee9", "Title": "krb5: overflow when calculating ulog block size", "Description": "In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:7067", "https://access.redhat.com/security/cve/CVE-2025-24528", "https://bugzilla.redhat.com/2342796", "https://bugzilla.redhat.com/show_bug.cgi?id=2342796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528", "https://errata.almalinux.org/9/ALSA-2025-7067.html", "https://errata.rockylinux.org/RLSA-2025:7067", "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0", "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final", "https://linux.oracle.com/cve/CVE-2025-24528.html", "https://linux.oracle.com/errata/ELSA-2025-7067.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-24528", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2025-24528" ], "PublishedDate": "2026-01-16T18:16:06.633Z", "LastModifiedDate": "2026-01-26T15:05:57.19Z" }, { "VulnerabilityID": "CVE-2025-3576", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-3576", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:472f5dfc2d89309fe3945f80b5fe4c6b285202d54d07883314d558414ac8cf8a", "Title": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions", "Description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "Severity": "MEDIUM", "CweIDs": [ "CWE-328" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:13664", "https://access.redhat.com/errata/RHSA-2025:13777", "https://access.redhat.com/errata/RHSA-2025:15000", "https://access.redhat.com/errata/RHSA-2025:15001", "https://access.redhat.com/errata/RHSA-2025:15002", "https://access.redhat.com/errata/RHSA-2025:15003", "https://access.redhat.com/errata/RHSA-2025:15004", "https://access.redhat.com/errata/RHSA-2025:8411", "https://access.redhat.com/errata/RHSA-2025:9418", "https://access.redhat.com/errata/RHSA-2025:9430", "https://access.redhat.com/security/cve/CVE-2025-3576", "https://bugzilla.redhat.com/2359465", "https://bugzilla.redhat.com/show_bug.cgi?id=2359465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576", "https://errata.almalinux.org/9/ALSA-2025-9430.html", "https://errata.rockylinux.org/RLSA-2025:9430", "https://linux.oracle.com/cve/CVE-2025-3576.html", "https://linux.oracle.com/errata/ELSA-2025-9430.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-3576", "https://ubuntu.com/security/notices/USN-7542-1", "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html", "https://www.cve.org/CVERecord?id=CVE-2025-3576" ], "PublishedDate": "2025-04-15T06:15:44.047Z", "LastModifiedDate": "2025-09-02T10:15:34.32Z" }, { "VulnerabilityID": "CVE-2024-26458", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:da4433e51e6dede7f4f4973170f28be43ae9930d112be3ecbf4a94081cde06f1", "Title": "krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "Severity": "LOW", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26458", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md", "https://linux.oracle.com/cve/CVE-2024-26458.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26458", "https://security.netapp.com/advisory/ntap-20240415-0010/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26458" ], "PublishedDate": "2024-02-29T01:44:18.78Z", "LastModifiedDate": "2025-05-23T15:39:31.357Z" }, { "VulnerabilityID": "CVE-2024-26461", "PkgID": "libk5crypto3@1.19.2-2ubuntu0.1", "PkgName": "libk5crypto3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "53d8bd1c62f25935", "BOMRef": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26461", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a4e24eb09d3049ffd712248f4dfe7cb17709dbf8c7ffa149f23f7514e596a1a8", "Title": "krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26461", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md", "https://linux.oracle.com/cve/CVE-2024-26461.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26461", "https://security.netapp.com/advisory/ntap-20240415-0011/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26461" ], "PublishedDate": "2024-02-29T01:44:18.82Z", "LastModifiedDate": "2025-05-23T15:30:30.847Z" }, { "VulnerabilityID": "CVE-2023-36054", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-36054", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:529f61d8028b2bee5e8d1cff2bb292d98699684e0198323a24d9f666ff08f9e7", "Title": "krb5: Denial of service through freeing uninitialized pointer", "Description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "Severity": "MEDIUM", "CweIDs": [ "CWE-824" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6699", "https://access.redhat.com/security/cve/CVE-2023-36054", "https://bugzilla.redhat.com/2230178", "https://bugzilla.redhat.com/2232682", "https://errata.almalinux.org/9/ALSA-2023-6699.html", "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", "https://linux.oracle.com/cve/CVE-2023-36054.html", "https://linux.oracle.com/errata/ELSA-2023-6699.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-36054", "https://security.netapp.com/advisory/ntap-20230908-0004/", "https://ubuntu.com/security/notices/USN-6467-1", "https://ubuntu.com/security/notices/USN-6467-2", "https://web.mit.edu/kerberos/www/advisories/", "https://www.cve.org/CVERecord?id=CVE-2023-36054" ], "PublishedDate": "2023-08-07T19:15:09.84Z", "LastModifiedDate": "2024-11-21T08:09:15.227Z" }, { "VulnerabilityID": "CVE-2024-3596", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-3596", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ec83a19ed58120455dffccca89673efd4579f23060ddaf34baf79390fdfc84b5", "Title": "freeradius: forgery attack", "Description": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.", "Severity": "MEDIUM", "CweIDs": [ "CWE-354", "CWE-924" ], "VendorSeverity": { "alma": 3, "amazon": 3, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/09/4", "https://access.redhat.com/errata/RHSA-2024:9474", "https://access.redhat.com/security/cve/CVE-2024-3596", "https://bugzilla.redhat.com/2263240", "https://bugzilla.redhat.com/show_bug.cgi?id=2263240", "https://cert-portal.siemens.com/productcert/html/ssa-723487.html", "https://cert-portal.siemens.com/productcert/html/ssa-794185.html", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3596", "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/", "https://datatracker.ietf.org/doc/html/rfc2865", "https://errata.almalinux.org/9/ALSA-2024-9474.html", "https://errata.rockylinux.org/RLSA-2024:9474", "https://kb.cert.org/vince/comm/case/1515/", "https://linux.oracle.com/cve/CVE-2024-3596.html", "https://linux.oracle.com/errata/ELSA-2024-9474.html", "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf", "https://nvd.nist.gov/vuln/detail/CVE-2024-3596", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014", "https://security.netapp.com/advisory/ntap-20240822-0001/", "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol", "https://ubuntu.com/security/notices/USN-7055-1", "https://ubuntu.com/security/notices/USN-7257-1", "https://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt", "https://www.blastradius.fail/", "https://www.cve.org/CVERecord?id=CVE-2024-3596", "https://www.kb.cert.org/vuls/id/456537" ], "PublishedDate": "2024-07-09T12:15:20.7Z", "LastModifiedDate": "2025-11-04T18:16:31.367Z" }, { "VulnerabilityID": "CVE-2024-37370", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37370", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:26943a55e97500ee9c44e098bc8f3f90b0e1ceae61bdb9c701e0fc824bd70ce7", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "Severity": "MEDIUM", "CweIDs": [ "CWE-345" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6166", "https://access.redhat.com/security/cve/CVE-2024-37370", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2294677", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2294677", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://errata.almalinux.org/9/ALSA-2024-6166.html", "https://errata.rockylinux.org/RLSA-2024:5312", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37370.html", "https://linux.oracle.com/errata/ELSA-2024-6166.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37370", "https://security.netapp.com/advisory/ntap-20241108-0007/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37370" ], "PublishedDate": "2024-06-28T22:15:02.293Z", "LastModifiedDate": "2026-02-18T16:22:27.4Z" }, { "VulnerabilityID": "CVE-2024-37371", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37371", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9df15cd3291485f9a67a18137e8e440813fdca82823ea671d3ac0cf71ec65eaf", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:1671", "https://access.redhat.com/security/cve/CVE-2024-37371", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2301888", "https://bugzilla.redhat.com/2318857", "https://bugzilla.redhat.com/2318858", "https://bugzilla.redhat.com/2318870", "https://bugzilla.redhat.com/2318873", "https://bugzilla.redhat.com/2318874", "https://bugzilla.redhat.com/2318876", "https://bugzilla.redhat.com/2318882", "https://bugzilla.redhat.com/2318883", "https://bugzilla.redhat.com/2318884", "https://bugzilla.redhat.com/2318885", "https://bugzilla.redhat.com/2318886", "https://bugzilla.redhat.com/2318897", "https://bugzilla.redhat.com/2318900", "https://bugzilla.redhat.com/2318905", "https://bugzilla.redhat.com/2318914", "https://bugzilla.redhat.com/2318922", "https://bugzilla.redhat.com/2318923", "https://bugzilla.redhat.com/2318925", "https://bugzilla.redhat.com/2318926", "https://bugzilla.redhat.com/2318927", "https://bugzilla.redhat.com/2331191", "https://bugzilla.redhat.com/2339218", "https://bugzilla.redhat.com/2339220", "https://bugzilla.redhat.com/2339221", "https://bugzilla.redhat.com/2339226", "https://bugzilla.redhat.com/2339231", "https://bugzilla.redhat.com/2339236", "https://bugzilla.redhat.com/2339238", "https://bugzilla.redhat.com/2339243", "https://bugzilla.redhat.com/2339247", "https://bugzilla.redhat.com/2339252", "https://bugzilla.redhat.com/2339259", "https://bugzilla.redhat.com/2339266", "https://bugzilla.redhat.com/2339270", "https://bugzilla.redhat.com/2339271", "https://bugzilla.redhat.com/2339275", "https://bugzilla.redhat.com/2339277", "https://bugzilla.redhat.com/2339281", "https://bugzilla.redhat.com/2339284", "https://bugzilla.redhat.com/2339291", "https://bugzilla.redhat.com/2339293", "https://bugzilla.redhat.com/2339295", "https://bugzilla.redhat.com/2339299", "https://bugzilla.redhat.com/2339300", "https://bugzilla.redhat.com/2339304", "https://bugzilla.redhat.com/2339305", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "https://bugzilla.redhat.com/show_bug.cgi?id=2318857", "https://bugzilla.redhat.com/show_bug.cgi?id=2318858", "https://bugzilla.redhat.com/show_bug.cgi?id=2318870", "https://bugzilla.redhat.com/show_bug.cgi?id=2318873", "https://bugzilla.redhat.com/show_bug.cgi?id=2318874", "https://bugzilla.redhat.com/show_bug.cgi?id=2318876", "https://bugzilla.redhat.com/show_bug.cgi?id=2318882", "https://bugzilla.redhat.com/show_bug.cgi?id=2318883", "https://bugzilla.redhat.com/show_bug.cgi?id=2318884", "https://bugzilla.redhat.com/show_bug.cgi?id=2318885", "https://bugzilla.redhat.com/show_bug.cgi?id=2318886", "https://bugzilla.redhat.com/show_bug.cgi?id=2318897", "https://bugzilla.redhat.com/show_bug.cgi?id=2318900", "https://bugzilla.redhat.com/show_bug.cgi?id=2318905", "https://bugzilla.redhat.com/show_bug.cgi?id=2318914", "https://bugzilla.redhat.com/show_bug.cgi?id=2318922", "https://bugzilla.redhat.com/show_bug.cgi?id=2318923", "https://bugzilla.redhat.com/show_bug.cgi?id=2318925", "https://bugzilla.redhat.com/show_bug.cgi?id=2318926", "https://bugzilla.redhat.com/show_bug.cgi?id=2318927", "https://bugzilla.redhat.com/show_bug.cgi?id=2331191", "https://bugzilla.redhat.com/show_bug.cgi?id=2339218", "https://bugzilla.redhat.com/show_bug.cgi?id=2339220", "https://bugzilla.redhat.com/show_bug.cgi?id=2339221", "https://bugzilla.redhat.com/show_bug.cgi?id=2339226", "https://bugzilla.redhat.com/show_bug.cgi?id=2339231", "https://bugzilla.redhat.com/show_bug.cgi?id=2339236", "https://bugzilla.redhat.com/show_bug.cgi?id=2339238", "https://bugzilla.redhat.com/show_bug.cgi?id=2339243", "https://bugzilla.redhat.com/show_bug.cgi?id=2339247", "https://bugzilla.redhat.com/show_bug.cgi?id=2339252", "https://bugzilla.redhat.com/show_bug.cgi?id=2339259", "https://bugzilla.redhat.com/show_bug.cgi?id=2339266", "https://bugzilla.redhat.com/show_bug.cgi?id=2339270", "https://bugzilla.redhat.com/show_bug.cgi?id=2339271", "https://bugzilla.redhat.com/show_bug.cgi?id=2339275", "https://bugzilla.redhat.com/show_bug.cgi?id=2339277", "https://bugzilla.redhat.com/show_bug.cgi?id=2339281", "https://bugzilla.redhat.com/show_bug.cgi?id=2339284", "https://bugzilla.redhat.com/show_bug.cgi?id=2339291", "https://bugzilla.redhat.com/show_bug.cgi?id=2339293", "https://bugzilla.redhat.com/show_bug.cgi?id=2339295", "https://bugzilla.redhat.com/show_bug.cgi?id=2339299", "https://bugzilla.redhat.com/show_bug.cgi?id=2339300", "https://bugzilla.redhat.com/show_bug.cgi?id=2339304", "https://bugzilla.redhat.com/show_bug.cgi?id=2339305", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21193", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21194", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21197", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21198", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21201", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21203", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21212", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21213", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21218", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21219", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21230", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21231", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21236", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21238", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21239", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21241", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21247", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21497", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21500", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21501", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21503", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21504", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21505", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21518", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21519", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21520", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21521", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21522", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21525", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21529", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21531", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21534", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21536", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21540", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21543", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21546", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21555", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21559", "https://errata.almalinux.org/9/ALSA-2025-1671.html", "https://errata.rockylinux.org/RLSA-2025:1671", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37371.html", "https://linux.oracle.com/errata/ELSA-2025-1673.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37371", "https://security.netapp.com/advisory/ntap-20241108-0009/", "https://security.netapp.com/advisory/ntap-20250124-0010/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37371", "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL" ], "PublishedDate": "2024-06-28T23:15:11.603Z", "LastModifiedDate": "2025-11-03T21:16:13.997Z" }, { "VulnerabilityID": "CVE-2025-24528", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-24528", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:37837565f5f3e46d62aee63391cec38700e74ab3f214f35c95f81ea6186a2945", "Title": "krb5: overflow when calculating ulog block size", "Description": "In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:7067", "https://access.redhat.com/security/cve/CVE-2025-24528", "https://bugzilla.redhat.com/2342796", "https://bugzilla.redhat.com/show_bug.cgi?id=2342796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528", "https://errata.almalinux.org/9/ALSA-2025-7067.html", "https://errata.rockylinux.org/RLSA-2025:7067", "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0", "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final", "https://linux.oracle.com/cve/CVE-2025-24528.html", "https://linux.oracle.com/errata/ELSA-2025-7067.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-24528", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2025-24528" ], "PublishedDate": "2026-01-16T18:16:06.633Z", "LastModifiedDate": "2026-01-26T15:05:57.19Z" }, { "VulnerabilityID": "CVE-2025-3576", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-3576", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:61d7e7605508fd0c1b0229219841c519917fbfb6ebabe4be2b430e728e2f92c9", "Title": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions", "Description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "Severity": "MEDIUM", "CweIDs": [ "CWE-328" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:13664", "https://access.redhat.com/errata/RHSA-2025:13777", "https://access.redhat.com/errata/RHSA-2025:15000", "https://access.redhat.com/errata/RHSA-2025:15001", "https://access.redhat.com/errata/RHSA-2025:15002", "https://access.redhat.com/errata/RHSA-2025:15003", "https://access.redhat.com/errata/RHSA-2025:15004", "https://access.redhat.com/errata/RHSA-2025:8411", "https://access.redhat.com/errata/RHSA-2025:9418", "https://access.redhat.com/errata/RHSA-2025:9430", "https://access.redhat.com/security/cve/CVE-2025-3576", "https://bugzilla.redhat.com/2359465", "https://bugzilla.redhat.com/show_bug.cgi?id=2359465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576", "https://errata.almalinux.org/9/ALSA-2025-9430.html", "https://errata.rockylinux.org/RLSA-2025:9430", "https://linux.oracle.com/cve/CVE-2025-3576.html", "https://linux.oracle.com/errata/ELSA-2025-9430.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-3576", "https://ubuntu.com/security/notices/USN-7542-1", "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html", "https://www.cve.org/CVERecord?id=CVE-2025-3576" ], "PublishedDate": "2025-04-15T06:15:44.047Z", "LastModifiedDate": "2025-09-02T10:15:34.32Z" }, { "VulnerabilityID": "CVE-2024-26458", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:37c4dc9bbf6461e44ec52dd6ee11f18fb6f7961f968e70452ae951cb6f5e14b2", "Title": "krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "Severity": "LOW", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26458", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md", "https://linux.oracle.com/cve/CVE-2024-26458.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26458", "https://security.netapp.com/advisory/ntap-20240415-0010/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26458" ], "PublishedDate": "2024-02-29T01:44:18.78Z", "LastModifiedDate": "2025-05-23T15:39:31.357Z" }, { "VulnerabilityID": "CVE-2024-26461", "PkgID": "libkrb5-3@1.19.2-2ubuntu0.1", "PkgName": "libkrb5-3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0470aa5b2fced19", "BOMRef": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26461", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:fa90a9017f7448c453ca6a94c5d60731db7a4fcec2310bc1d7cfd1e320cc3088", "Title": "krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26461", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md", "https://linux.oracle.com/cve/CVE-2024-26461.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26461", "https://security.netapp.com/advisory/ntap-20240415-0011/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26461" ], "PublishedDate": "2024-02-29T01:44:18.82Z", "LastModifiedDate": "2025-05-23T15:30:30.847Z" }, { "VulnerabilityID": "CVE-2023-36054", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-36054", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e3fb9b47110ad6977bfb98f3d541432d8f6fe19ee27c19c0ef978026dd6b16b5", "Title": "krb5: Denial of service through freeing uninitialized pointer", "Description": "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", "Severity": "MEDIUM", "CweIDs": [ "CWE-824" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6699", "https://access.redhat.com/security/cve/CVE-2023-36054", "https://bugzilla.redhat.com/2230178", "https://bugzilla.redhat.com/2232682", "https://errata.almalinux.org/9/ALSA-2023-6699.html", "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", "https://linux.oracle.com/cve/CVE-2023-36054.html", "https://linux.oracle.com/errata/ELSA-2023-6699.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-36054", "https://security.netapp.com/advisory/ntap-20230908-0004/", "https://ubuntu.com/security/notices/USN-6467-1", "https://ubuntu.com/security/notices/USN-6467-2", "https://web.mit.edu/kerberos/www/advisories/", "https://www.cve.org/CVERecord?id=CVE-2023-36054" ], "PublishedDate": "2023-08-07T19:15:09.84Z", "LastModifiedDate": "2024-11-21T08:09:15.227Z" }, { "VulnerabilityID": "CVE-2024-3596", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-3596", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:edf086edfd60f41439d1847ae5eae278cd9b0cc41ffd1a09ece9b62a6c8fa0f7", "Title": "freeradius: forgery attack", "Description": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.", "Severity": "MEDIUM", "CweIDs": [ "CWE-354", "CWE-924" ], "VendorSeverity": { "alma": 3, "amazon": 3, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/07/09/4", "https://access.redhat.com/errata/RHSA-2024:9474", "https://access.redhat.com/security/cve/CVE-2024-3596", "https://bugzilla.redhat.com/2263240", "https://bugzilla.redhat.com/show_bug.cgi?id=2263240", "https://cert-portal.siemens.com/productcert/html/ssa-723487.html", "https://cert-portal.siemens.com/productcert/html/ssa-794185.html", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3596", "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/", "https://datatracker.ietf.org/doc/html/rfc2865", "https://errata.almalinux.org/9/ALSA-2024-9474.html", "https://errata.rockylinux.org/RLSA-2024:9474", "https://kb.cert.org/vince/comm/case/1515/", "https://linux.oracle.com/cve/CVE-2024-3596.html", "https://linux.oracle.com/errata/ELSA-2024-9474.html", "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf", "https://nvd.nist.gov/vuln/detail/CVE-2024-3596", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014", "https://security.netapp.com/advisory/ntap-20240822-0001/", "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol", "https://ubuntu.com/security/notices/USN-7055-1", "https://ubuntu.com/security/notices/USN-7257-1", "https://w1.fi/security/2024-1/hostapd-and-radius-protocol-forgery-attacks.txt", "https://www.blastradius.fail/", "https://www.cve.org/CVERecord?id=CVE-2024-3596", "https://www.kb.cert.org/vuls/id/456537" ], "PublishedDate": "2024-07-09T12:15:20.7Z", "LastModifiedDate": "2025-11-04T18:16:31.367Z" }, { "VulnerabilityID": "CVE-2024-37370", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37370", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5da8d0701d953374639915a47f9d8773004398f19c1d87fc93f4a01df33cead9", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.", "Severity": "MEDIUM", "CweIDs": [ "CWE-345" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:6166", "https://access.redhat.com/security/cve/CVE-2024-37370", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2294677", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2294677", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://errata.almalinux.org/9/ALSA-2024-6166.html", "https://errata.rockylinux.org/RLSA-2024:5312", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37370.html", "https://linux.oracle.com/errata/ELSA-2024-6166.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37370", "https://security.netapp.com/advisory/ntap-20241108-0007/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37370" ], "PublishedDate": "2024-06-28T22:15:02.293Z", "LastModifiedDate": "2026-02-18T16:22:27.4Z" }, { "VulnerabilityID": "CVE-2024-37371", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-37371", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c714e817bbbea054aa3f87dd306b26f6844b59be124a4de7d9c02a88564b9266", "Title": "krb5: GSS message token handling", "Description": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 4, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:1671", "https://access.redhat.com/security/cve/CVE-2024-37371", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2301888", "https://bugzilla.redhat.com/2318857", "https://bugzilla.redhat.com/2318858", "https://bugzilla.redhat.com/2318870", "https://bugzilla.redhat.com/2318873", "https://bugzilla.redhat.com/2318874", "https://bugzilla.redhat.com/2318876", "https://bugzilla.redhat.com/2318882", "https://bugzilla.redhat.com/2318883", "https://bugzilla.redhat.com/2318884", "https://bugzilla.redhat.com/2318885", "https://bugzilla.redhat.com/2318886", "https://bugzilla.redhat.com/2318897", "https://bugzilla.redhat.com/2318900", "https://bugzilla.redhat.com/2318905", "https://bugzilla.redhat.com/2318914", "https://bugzilla.redhat.com/2318922", "https://bugzilla.redhat.com/2318923", "https://bugzilla.redhat.com/2318925", "https://bugzilla.redhat.com/2318926", "https://bugzilla.redhat.com/2318927", "https://bugzilla.redhat.com/2331191", "https://bugzilla.redhat.com/2339218", "https://bugzilla.redhat.com/2339220", "https://bugzilla.redhat.com/2339221", "https://bugzilla.redhat.com/2339226", "https://bugzilla.redhat.com/2339231", "https://bugzilla.redhat.com/2339236", "https://bugzilla.redhat.com/2339238", "https://bugzilla.redhat.com/2339243", "https://bugzilla.redhat.com/2339247", "https://bugzilla.redhat.com/2339252", "https://bugzilla.redhat.com/2339259", "https://bugzilla.redhat.com/2339266", "https://bugzilla.redhat.com/2339270", "https://bugzilla.redhat.com/2339271", "https://bugzilla.redhat.com/2339275", "https://bugzilla.redhat.com/2339277", "https://bugzilla.redhat.com/2339281", "https://bugzilla.redhat.com/2339284", "https://bugzilla.redhat.com/2339291", "https://bugzilla.redhat.com/2339293", "https://bugzilla.redhat.com/2339295", "https://bugzilla.redhat.com/2339299", "https://bugzilla.redhat.com/2339300", "https://bugzilla.redhat.com/2339304", "https://bugzilla.redhat.com/2339305", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "https://bugzilla.redhat.com/show_bug.cgi?id=2301888", "https://bugzilla.redhat.com/show_bug.cgi?id=2318857", "https://bugzilla.redhat.com/show_bug.cgi?id=2318858", "https://bugzilla.redhat.com/show_bug.cgi?id=2318870", "https://bugzilla.redhat.com/show_bug.cgi?id=2318873", "https://bugzilla.redhat.com/show_bug.cgi?id=2318874", "https://bugzilla.redhat.com/show_bug.cgi?id=2318876", "https://bugzilla.redhat.com/show_bug.cgi?id=2318882", "https://bugzilla.redhat.com/show_bug.cgi?id=2318883", "https://bugzilla.redhat.com/show_bug.cgi?id=2318884", "https://bugzilla.redhat.com/show_bug.cgi?id=2318885", "https://bugzilla.redhat.com/show_bug.cgi?id=2318886", "https://bugzilla.redhat.com/show_bug.cgi?id=2318897", "https://bugzilla.redhat.com/show_bug.cgi?id=2318900", "https://bugzilla.redhat.com/show_bug.cgi?id=2318905", "https://bugzilla.redhat.com/show_bug.cgi?id=2318914", "https://bugzilla.redhat.com/show_bug.cgi?id=2318922", "https://bugzilla.redhat.com/show_bug.cgi?id=2318923", "https://bugzilla.redhat.com/show_bug.cgi?id=2318925", "https://bugzilla.redhat.com/show_bug.cgi?id=2318926", "https://bugzilla.redhat.com/show_bug.cgi?id=2318927", "https://bugzilla.redhat.com/show_bug.cgi?id=2331191", "https://bugzilla.redhat.com/show_bug.cgi?id=2339218", "https://bugzilla.redhat.com/show_bug.cgi?id=2339220", "https://bugzilla.redhat.com/show_bug.cgi?id=2339221", "https://bugzilla.redhat.com/show_bug.cgi?id=2339226", "https://bugzilla.redhat.com/show_bug.cgi?id=2339231", "https://bugzilla.redhat.com/show_bug.cgi?id=2339236", "https://bugzilla.redhat.com/show_bug.cgi?id=2339238", "https://bugzilla.redhat.com/show_bug.cgi?id=2339243", "https://bugzilla.redhat.com/show_bug.cgi?id=2339247", "https://bugzilla.redhat.com/show_bug.cgi?id=2339252", "https://bugzilla.redhat.com/show_bug.cgi?id=2339259", "https://bugzilla.redhat.com/show_bug.cgi?id=2339266", "https://bugzilla.redhat.com/show_bug.cgi?id=2339270", "https://bugzilla.redhat.com/show_bug.cgi?id=2339271", "https://bugzilla.redhat.com/show_bug.cgi?id=2339275", "https://bugzilla.redhat.com/show_bug.cgi?id=2339277", "https://bugzilla.redhat.com/show_bug.cgi?id=2339281", "https://bugzilla.redhat.com/show_bug.cgi?id=2339284", "https://bugzilla.redhat.com/show_bug.cgi?id=2339291", "https://bugzilla.redhat.com/show_bug.cgi?id=2339293", "https://bugzilla.redhat.com/show_bug.cgi?id=2339295", "https://bugzilla.redhat.com/show_bug.cgi?id=2339299", "https://bugzilla.redhat.com/show_bug.cgi?id=2339300", "https://bugzilla.redhat.com/show_bug.cgi?id=2339304", "https://bugzilla.redhat.com/show_bug.cgi?id=2339305", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21193", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21194", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21196", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21197", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21198", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21201", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21203", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21212", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21213", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21218", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21219", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21230", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21231", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21236", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21238", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21239", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21241", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21247", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21490", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21491", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21497", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21500", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21501", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21503", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21504", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21505", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21518", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21519", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21520", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21521", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21522", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21525", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21529", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21531", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21534", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21536", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21540", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21543", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21546", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21555", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21559", "https://errata.almalinux.org/9/ALSA-2025-1671.html", "https://errata.rockylinux.org/RLSA-2025:1671", "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "https://linux.oracle.com/cve/CVE-2024-37371.html", "https://linux.oracle.com/errata/ELSA-2025-1673.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-37371", "https://security.netapp.com/advisory/ntap-20241108-0009/", "https://security.netapp.com/advisory/ntap-20250124-0010/", "https://ubuntu.com/security/notices/USN-6947-1", "https://web.mit.edu/kerberos/www/advisories/", "https://web.mit.edu/kerberos/www/krb5-1.21/", "https://www.cve.org/CVERecord?id=CVE-2024-37371", "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL" ], "PublishedDate": "2024-06-28T23:15:11.603Z", "LastModifiedDate": "2025-11-03T21:16:13.997Z" }, { "VulnerabilityID": "CVE-2025-24528", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-24528", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9ff8ae14999d597f5398665cff031b67f8f5c29253f1d807b2282d165cc83e37", "Title": "krb5: overflow when calculating ulog block size", "Description": "In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.", "Severity": "MEDIUM", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:7067", "https://access.redhat.com/security/cve/CVE-2025-24528", "https://bugzilla.redhat.com/2342796", "https://bugzilla.redhat.com/show_bug.cgi?id=2342796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528", "https://errata.almalinux.org/9/ALSA-2025-7067.html", "https://errata.rockylinux.org/RLSA-2025:7067", "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0", "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final", "https://linux.oracle.com/cve/CVE-2025-24528.html", "https://linux.oracle.com/errata/ELSA-2025-7067.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-24528", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2025-24528" ], "PublishedDate": "2026-01-16T18:16:06.633Z", "LastModifiedDate": "2026-01-26T15:05:57.19Z" }, { "VulnerabilityID": "CVE-2025-3576", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-3576", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:89375ef14de521e7da0f668da60211dd7dc92cdd14de8f40f291e56f3559aeff", "Title": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions", "Description": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.", "Severity": "MEDIUM", "CweIDs": [ "CWE-328" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:13664", "https://access.redhat.com/errata/RHSA-2025:13777", "https://access.redhat.com/errata/RHSA-2025:15000", "https://access.redhat.com/errata/RHSA-2025:15001", "https://access.redhat.com/errata/RHSA-2025:15002", "https://access.redhat.com/errata/RHSA-2025:15003", "https://access.redhat.com/errata/RHSA-2025:15004", "https://access.redhat.com/errata/RHSA-2025:8411", "https://access.redhat.com/errata/RHSA-2025:9418", "https://access.redhat.com/errata/RHSA-2025:9430", "https://access.redhat.com/security/cve/CVE-2025-3576", "https://bugzilla.redhat.com/2359465", "https://bugzilla.redhat.com/show_bug.cgi?id=2359465", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576", "https://errata.almalinux.org/9/ALSA-2025-9430.html", "https://errata.rockylinux.org/RLSA-2025:9430", "https://linux.oracle.com/cve/CVE-2025-3576.html", "https://linux.oracle.com/errata/ELSA-2025-9430.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-3576", "https://ubuntu.com/security/notices/USN-7542-1", "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html", "https://www.cve.org/CVERecord?id=CVE-2025-3576" ], "PublishedDate": "2025-04-15T06:15:44.047Z", "LastModifiedDate": "2025-09-02T10:15:34.32Z" }, { "VulnerabilityID": "CVE-2024-26458", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:80c15a89de6da32421b601cc495b8703f2847a8b97d392098707efe2171c887e", "Title": "krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.", "Severity": "LOW", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26458", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md", "https://linux.oracle.com/cve/CVE-2024-26458.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26458", "https://security.netapp.com/advisory/ntap-20240415-0010/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26458" ], "PublishedDate": "2024-02-29T01:44:18.78Z", "LastModifiedDate": "2025-05-23T15:39:31.357Z" }, { "VulnerabilityID": "CVE-2024-26461", "PkgID": "libkrb5support0@1.19.2-2ubuntu0.1", "PkgName": "libkrb5support0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ffc1727f0cca9a87", "BOMRef": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.19.2-2ubuntu0.1", "FixedVersion": "1.19.2-2ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-26461", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c1e5601cac1c95fa54ee4c853acee440b12bde4a873334e9f0bf63190fc0c59c", "Title": "krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c", "Description": "Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9331", "https://access.redhat.com/security/cve/CVE-2024-26461", "https://bugzilla.redhat.com/2266731", "https://bugzilla.redhat.com/2266740", "https://bugzilla.redhat.com/2266742", "https://bugzilla.redhat.com/show_bug.cgi?id=2266731", "https://bugzilla.redhat.com/show_bug.cgi?id=2266740", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461", "https://errata.almalinux.org/9/ALSA-2024-9331.html", "https://errata.rockylinux.org/RLSA-2024:3268", "https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md", "https://linux.oracle.com/cve/CVE-2024-26461.html", "https://linux.oracle.com/errata/ELSA-2024-9331.html", "https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-26461", "https://security.netapp.com/advisory/ntap-20240415-0011/", "https://ubuntu.com/security/notices/USN-7314-1", "https://www.cve.org/CVERecord?id=CVE-2024-26461" ], "PublishedDate": "2024-02-29T01:44:18.82Z", "LastModifiedDate": "2025-05-23T15:30:30.847Z" }, { "VulnerabilityID": "CVE-2023-29932", "PkgID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "PkgName": "libllvm15", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:15.0.7-0ubuntu0.22.04.1", "FixedVersion": "1:15.0.7-0ubuntu0.22.04.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29932", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:733ade5fb20d30c9703fc25ac042719a56d5ae5059eff288ab86586430240e2c", "Title": "llvm: canonicalize pass crashed with segmentation fault", "Description": "llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand\u003cmlir::OpOperand.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-120" ], "VendorSeverity": { "cbl-mariner": 2, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-29932", "https://github.com/llvm/llvm-project/commit/d35fcf0e97e7bb02381506a71e61ec282b292c50", "https://github.com/llvm/llvm-project/issues/58745", "https://nvd.nist.gov/vuln/detail/CVE-2023-29932", "https://ubuntu.com/security/notices/USN-6258-1", "https://www.cve.org/CVERecord?id=CVE-2023-29932" ], "PublishedDate": "2023-05-05T15:15:09.633Z", "LastModifiedDate": "2025-01-29T21:15:16.35Z" }, { "VulnerabilityID": "CVE-2023-29933", "PkgID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "PkgName": "libllvm15", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:15.0.7-0ubuntu0.22.04.1", "FixedVersion": "1:15.0.7-0ubuntu0.22.04.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29933", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2522a2d99e8e4924c7f7a05fa9b2de390a8f8ab7504160e8ed1fb769fe18913f", "Title": "llvm: one shot bufferize crashed with segmentation fault", "Description": "llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "cbl-mariner": 2, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-29933", "https://github.com/llvm/llvm-project/issues/59442", "https://nvd.nist.gov/vuln/detail/CVE-2023-29933", "https://ubuntu.com/security/notices/USN-6258-1", "https://www.cve.org/CVERecord?id=CVE-2023-29933" ], "PublishedDate": "2023-05-05T15:15:09.683Z", "LastModifiedDate": "2025-01-29T21:15:16.503Z" }, { "VulnerabilityID": "CVE-2023-29934", "PkgID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "PkgName": "libllvm15", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:15.0.7-0ubuntu0.22.04.1", "FixedVersion": "1:15.0.7-0ubuntu0.22.04.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29934", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:cf2014a4f30ced2490f38fa590524f4ca811230cf67424052a972f7e181b325c", "Title": "llvm: convert-scf-to-spirv Pass crashed with segmentation fault", "Description": "llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-29934", "https://github.com/llvm/llvm-project/commit/80d5400d924e543c5420f4e924f5818313605e99", "https://github.com/llvm/llvm-project/issues/59136", "https://nvd.nist.gov/vuln/detail/CVE-2023-29934", "https://ubuntu.com/security/notices/USN-6258-1", "https://www.cve.org/CVERecord?id=CVE-2023-29934" ], "PublishedDate": "2023-05-05T15:15:09.733Z", "LastModifiedDate": "2025-01-29T21:15:16.65Z" }, { "VulnerabilityID": "CVE-2023-29939", "PkgID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "PkgName": "libllvm15", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:15.0.7-0ubuntu0.22.04.1", "FixedVersion": "1:15.0.7-0ubuntu0.22.04.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29939", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a397f966cec233f98b858a4f7c398544ae5d2492a286ad0e884280525db93622", "Title": "llvm-project commit a0138390 was discovered to contain a segmentation ...", "Description": "llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "nvd": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://github.com/llvm/llvm-project/commit/466aa585c6dfb096bf9a7ad9bcbc6ce8cc7abff1", "https://github.com/llvm/llvm-project/issues/59983", "https://ubuntu.com/security/notices/USN-6258-1", "https://www.cve.org/CVERecord?id=CVE-2023-29939" ], "PublishedDate": "2023-05-05T15:15:09.85Z", "LastModifiedDate": "2025-01-29T21:15:16.987Z" }, { "VulnerabilityID": "CVE-2024-7883", "PkgID": "libllvm15@1:15.0.7-0ubuntu0.22.04.1", "PkgName": "libllvm15", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "e1b146104668e317", "BOMRef": "pkg:deb/ubuntu/libllvm15@15.0.7-0ubuntu0.22.04.1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:15.0.7-0ubuntu0.22.04.1", "Status": "affected", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-7883", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a30ec75c731647c2faa3a847093735244afcf060e15e2e0140c2a1c7b022d8d8", "Title": "clang: CMSE secure state may leak from stack to floating-point registers", "Description": "When using Arm Cortex-M Security Extensions (CMSE), Secure stack \ncontents can be leaked to Non-secure state via floating-point registers \nwhen a Secure to Non-secure function call is made that returns a \nfloating-point value and when this is the first use of floating-point \nsince entering Secure state. This allows an attacker to read a limited \nquantity of Secure stack contents with an impact on confidentiality. \nThis issue is specific to code generated using LLVM-based compilers.", "Severity": "LOW", "CweIDs": [ "CWE-226" ], "VendorSeverity": { "azure": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2024-7883", "https://developer.arm.com/Arm%20Security%20Center/Cortex-M%20Security%20Extensions%20Vulnerability", "https://github.com/llvm/llvm-project/pull/114433", "https://nvd.nist.gov/vuln/detail/CVE-2024-7883", "https://www.cve.org/CVERecord?id=CVE-2024-7883" ], "PublishedDate": "2024-10-31T17:15:14.013Z", "LastModifiedDate": "2025-12-23T15:30:31.55Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "libmount1@2.37.2-4ubuntu3", "PkgName": "libmount1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libmount1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "7d0178ea5aeaeed9", "BOMRef": "pkg:deb/ubuntu/libmount1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:74f0c6b54d9359956a6c42ffedc56677ee1181cfd7b6087d79b14e5da3e01307", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2023-29491", "PkgID": "libncurses6@6.3-2", "PkgName": "libncurses6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9a860c449d03ad00", "BOMRef": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2ed018e8d15263421f63c484eaf31ceb055adda0c784da2a9638ba935c6e2353", "Title": "ncurses: Local users can trigger security-relevant memory corruption via malformed data", "Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", "http://www.openwall.com/lists/oss-security/2023/04/19/11", "https://access.redhat.com/errata/RHSA-2023:6698", "https://access.redhat.com/security/cve/CVE-2023-29491", "https://bugzilla.redhat.com/2191704", "https://errata.almalinux.org/9/ALSA-2023-6698.html", "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", "https://linux.oracle.com/cve/CVE-2023-29491.html", "https://linux.oracle.com/errata/ELSA-2023-6698.html", "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", "https://security.netapp.com/advisory/ntap-20230517-0009/", "https://support.apple.com/kb/HT213843", "https://support.apple.com/kb/HT213844", "https://support.apple.com/kb/HT213845", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2023-29491", "https://www.openwall.com/lists/oss-security/2023/04/12/5", "https://www.openwall.com/lists/oss-security/2023/04/13/4" ], "PublishedDate": "2023-04-14T01:15:08.57Z", "LastModifiedDate": "2025-11-04T19:15:42.307Z" }, { "VulnerabilityID": "CVE-2022-29458", "PkgID": "libncurses6@6.3-2", "PkgName": "libncurses6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9a860c449d03ad00", "BOMRef": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-29458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:023fcc92a98fe48905f121951e42861ef7e92ecf9177e0f0535951cbf508dc61", "Title": "ncurses: segfaulting OOB read", "Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "V2Score": 5.8, "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "V3Score": 6.1 } }, "References": [ "http://seclists.org/fulldisclosure/2022/Oct/28", "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", "https://bugzilla.redhat.com/show_bug.cgi?id=2076483", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", "https://errata.rockylinux.org/RLSA-2025:12876", "https://invisible-island.net/ncurses/NEWS.html#t20220416", "https://linux.oracle.com/cve/CVE-2022-29458.html", "https://linux.oracle.com/errata/ELSA-2025-12876.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "https://support.apple.com/kb/HT213488", "https://ubuntu.com/security/notices/USN-5477-1", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2022-29458" ], "PublishedDate": "2022-04-18T21:15:07.6Z", "LastModifiedDate": "2025-06-09T15:15:27.43Z" }, { "VulnerabilityID": "CVE-2023-50495", "PkgID": "libncurses6@6.3-2", "PkgName": "libncurses6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9a860c449d03ad00", "BOMRef": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50495", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ed7bbb847ead49aa791d028a05025b3e2dc9bb98b4723021bb094b8bd262a767", "Title": "ncurses: segmentation fault via _nc_wrap_entry()", "Description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "Severity": "LOW", "VendorSeverity": { "amazon": 2, "cbl-mariner": 2, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-50495", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-50495", "https://security.netapp.com/advisory/ntap-20240119-0008/", "https://ubuntu.com/security/notices/USN-6684-1", "https://www.cve.org/CVERecord?id=CVE-2023-50495" ], "PublishedDate": "2023-12-12T15:15:07.867Z", "LastModifiedDate": "2025-11-04T19:16:14.45Z" }, { "VulnerabilityID": "CVE-2023-29491", "PkgID": "libncursesw6@6.3-2", "PkgName": "libncursesw6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "84da8346908c9794", "BOMRef": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4838fb6814e7a1fcc4b58439f7f47d18a62380e104548cc7b42de6f118973066", "Title": "ncurses: Local users can trigger security-relevant memory corruption via malformed data", "Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", "http://www.openwall.com/lists/oss-security/2023/04/19/11", "https://access.redhat.com/errata/RHSA-2023:6698", "https://access.redhat.com/security/cve/CVE-2023-29491", "https://bugzilla.redhat.com/2191704", "https://errata.almalinux.org/9/ALSA-2023-6698.html", "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", "https://linux.oracle.com/cve/CVE-2023-29491.html", "https://linux.oracle.com/errata/ELSA-2023-6698.html", "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", "https://security.netapp.com/advisory/ntap-20230517-0009/", "https://support.apple.com/kb/HT213843", "https://support.apple.com/kb/HT213844", "https://support.apple.com/kb/HT213845", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2023-29491", "https://www.openwall.com/lists/oss-security/2023/04/12/5", "https://www.openwall.com/lists/oss-security/2023/04/13/4" ], "PublishedDate": "2023-04-14T01:15:08.57Z", "LastModifiedDate": "2025-11-04T19:15:42.307Z" }, { "VulnerabilityID": "CVE-2022-29458", "PkgID": "libncursesw6@6.3-2", "PkgName": "libncursesw6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "84da8346908c9794", "BOMRef": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-29458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:635c484410d853decf7e777a47137e1942f437fed2971eeba3d1e951fd1d62fd", "Title": "ncurses: segfaulting OOB read", "Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "V2Score": 5.8, "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "V3Score": 6.1 } }, "References": [ "http://seclists.org/fulldisclosure/2022/Oct/28", "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", "https://bugzilla.redhat.com/show_bug.cgi?id=2076483", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", "https://errata.rockylinux.org/RLSA-2025:12876", "https://invisible-island.net/ncurses/NEWS.html#t20220416", "https://linux.oracle.com/cve/CVE-2022-29458.html", "https://linux.oracle.com/errata/ELSA-2025-12876.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "https://support.apple.com/kb/HT213488", "https://ubuntu.com/security/notices/USN-5477-1", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2022-29458" ], "PublishedDate": "2022-04-18T21:15:07.6Z", "LastModifiedDate": "2025-06-09T15:15:27.43Z" }, { "VulnerabilityID": "CVE-2023-50495", "PkgID": "libncursesw6@6.3-2", "PkgName": "libncursesw6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "84da8346908c9794", "BOMRef": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50495", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7f70ff7fc5d20019bf7e5e5bd7a62c92684a19cf91bb793adf0c9e137e4c986d", "Title": "ncurses: segmentation fault via _nc_wrap_entry()", "Description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "Severity": "LOW", "VendorSeverity": { "amazon": 2, "cbl-mariner": 2, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-50495", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-50495", "https://security.netapp.com/advisory/ntap-20240119-0008/", "https://ubuntu.com/security/notices/USN-6684-1", "https://www.cve.org/CVERecord?id=CVE-2023-50495" ], "PublishedDate": "2023-12-12T15:15:07.867Z", "LastModifiedDate": "2025-11-04T19:16:14.45Z" }, { "VulnerabilityID": "CVE-2024-22365", "PkgID": "libpam-modules@1.4.0-11ubuntu2.3", "PkgName": "libpam-modules", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d8632da2ea866f12", "BOMRef": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-22365", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:33d8f4754d6288b5831e28a169d4c850f925ab52be1775f6965f5ebfce347578", "Title": "pam: allowing unprivileged user to block another user namespace", "Description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "Severity": "MEDIUM", "CweIDs": [ "CWE-664" ], "VendorSeverity": { "alma": 2, "amazon": 1, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/18/3", "https://access.redhat.com/errata/RHSA-2024:2438", "https://access.redhat.com/security/cve/CVE-2024-22365", "https://bugzilla.redhat.com/2257722", "https://bugzilla.redhat.com/show_bug.cgi?id=2257722", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365", "https://errata.almalinux.org/9/ALSA-2024-2438.html", "https://errata.rockylinux.org/RLSA-2024:3163", "https://github.com/linux-pam/linux-pam", "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", "https://linux.oracle.com/cve/CVE-2024-22365.html", "https://linux.oracle.com/errata/ELSA-2024-3163.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-22365", "https://ubuntu.com/security/notices/USN-6588-1", "https://ubuntu.com/security/notices/USN-6588-2", "https://www.cve.org/CVERecord?id=CVE-2024-22365", "https://www.openwall.com/lists/oss-security/2024/01/18/3" ], "PublishedDate": "2024-02-06T08:15:52.203Z", "LastModifiedDate": "2025-11-03T19:15:42.857Z" }, { "VulnerabilityID": "CVE-2025-6020", "PkgID": "libpam-modules@1.4.0-11ubuntu2.3", "PkgName": "libpam-modules", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d8632da2ea866f12", "BOMRef": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6020", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4a22243d1eb79ae89cff0c5f3c285dee35d36a1b097ced0f696891320a5707a9", "Title": "linux-pam: Linux-pam directory Traversal", "Description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "Severity": "MEDIUM", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/06/17/1", "https://access.redhat.com/errata/RHSA-2025:10024", "https://access.redhat.com/errata/RHSA-2025:10027", "https://access.redhat.com/errata/RHSA-2025:10180", "https://access.redhat.com/errata/RHSA-2025:10354", "https://access.redhat.com/errata/RHSA-2025:10357", "https://access.redhat.com/errata/RHSA-2025:10358", "https://access.redhat.com/errata/RHSA-2025:10359", "https://access.redhat.com/errata/RHSA-2025:10361", "https://access.redhat.com/errata/RHSA-2025:10362", "https://access.redhat.com/errata/RHSA-2025:10735", "https://access.redhat.com/errata/RHSA-2025:10823", "https://access.redhat.com/errata/RHSA-2025:11386", "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:14557", "https://access.redhat.com/errata/RHSA-2025:15099", "https://access.redhat.com/errata/RHSA-2025:15709", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:16524", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:20181", "https://access.redhat.com/errata/RHSA-2025:21885", "https://access.redhat.com/errata/RHSA-2025:22019", "https://access.redhat.com/errata/RHSA-2025:9526", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-6020", "https://bugzilla.redhat.com/2372512", "https://bugzilla.redhat.com/show_bug.cgi?id=2372512", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020", "https://errata.almalinux.org/9/ALSA-2025-9526.html", "https://errata.rockylinux.org/RLSA-2025:9526", "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx", "https://linux.oracle.com/cve/CVE-2025-6020.html", "https://linux.oracle.com/errata/ELSA-2025-9526.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6020", "https://ubuntu.com/security/notices/USN-7580-1", "https://www.cve.org/CVERecord?id=CVE-2025-6020", "https://www.openwall.com/lists/oss-security/2025/06/17/1" ], "PublishedDate": "2025-06-17T13:15:21.66Z", "LastModifiedDate": "2026-03-17T16:16:18.757Z" }, { "VulnerabilityID": "CVE-2024-22365", "PkgID": "libpam-modules-bin@1.4.0-11ubuntu2.3", "PkgName": "libpam-modules-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8c931f0fdc9b837d", "BOMRef": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-22365", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:00d5ab844aa75d4037f1f86f8233922432e75de198d12968627ea3aecf0144dd", "Title": "pam: allowing unprivileged user to block another user namespace", "Description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "Severity": "MEDIUM", "CweIDs": [ "CWE-664" ], "VendorSeverity": { "alma": 2, "amazon": 1, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/18/3", "https://access.redhat.com/errata/RHSA-2024:2438", "https://access.redhat.com/security/cve/CVE-2024-22365", "https://bugzilla.redhat.com/2257722", "https://bugzilla.redhat.com/show_bug.cgi?id=2257722", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365", "https://errata.almalinux.org/9/ALSA-2024-2438.html", "https://errata.rockylinux.org/RLSA-2024:3163", "https://github.com/linux-pam/linux-pam", "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", "https://linux.oracle.com/cve/CVE-2024-22365.html", "https://linux.oracle.com/errata/ELSA-2024-3163.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-22365", "https://ubuntu.com/security/notices/USN-6588-1", "https://ubuntu.com/security/notices/USN-6588-2", "https://www.cve.org/CVERecord?id=CVE-2024-22365", "https://www.openwall.com/lists/oss-security/2024/01/18/3" ], "PublishedDate": "2024-02-06T08:15:52.203Z", "LastModifiedDate": "2025-11-03T19:15:42.857Z" }, { "VulnerabilityID": "CVE-2025-6020", "PkgID": "libpam-modules-bin@1.4.0-11ubuntu2.3", "PkgName": "libpam-modules-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8c931f0fdc9b837d", "BOMRef": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6020", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:780f670882c7a338e74c79d4957e8bb080702ebf3bba9d6ce940ca8256fae690", "Title": "linux-pam: Linux-pam directory Traversal", "Description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "Severity": "MEDIUM", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/06/17/1", "https://access.redhat.com/errata/RHSA-2025:10024", "https://access.redhat.com/errata/RHSA-2025:10027", "https://access.redhat.com/errata/RHSA-2025:10180", "https://access.redhat.com/errata/RHSA-2025:10354", "https://access.redhat.com/errata/RHSA-2025:10357", "https://access.redhat.com/errata/RHSA-2025:10358", "https://access.redhat.com/errata/RHSA-2025:10359", "https://access.redhat.com/errata/RHSA-2025:10361", "https://access.redhat.com/errata/RHSA-2025:10362", "https://access.redhat.com/errata/RHSA-2025:10735", "https://access.redhat.com/errata/RHSA-2025:10823", "https://access.redhat.com/errata/RHSA-2025:11386", "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:14557", "https://access.redhat.com/errata/RHSA-2025:15099", "https://access.redhat.com/errata/RHSA-2025:15709", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:16524", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:20181", "https://access.redhat.com/errata/RHSA-2025:21885", "https://access.redhat.com/errata/RHSA-2025:22019", "https://access.redhat.com/errata/RHSA-2025:9526", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-6020", "https://bugzilla.redhat.com/2372512", "https://bugzilla.redhat.com/show_bug.cgi?id=2372512", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020", "https://errata.almalinux.org/9/ALSA-2025-9526.html", "https://errata.rockylinux.org/RLSA-2025:9526", "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx", "https://linux.oracle.com/cve/CVE-2025-6020.html", "https://linux.oracle.com/errata/ELSA-2025-9526.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6020", "https://ubuntu.com/security/notices/USN-7580-1", "https://www.cve.org/CVERecord?id=CVE-2025-6020", "https://www.openwall.com/lists/oss-security/2025/06/17/1" ], "PublishedDate": "2025-06-17T13:15:21.66Z", "LastModifiedDate": "2026-03-17T16:16:18.757Z" }, { "VulnerabilityID": "CVE-2024-22365", "PkgID": "libpam-runtime@1.4.0-11ubuntu2.3", "PkgName": "libpam-runtime", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04", "UID": "bbc13483c48a47f3", "BOMRef": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-22365", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9de13344b11a8c5f94743252b1027d37cb54168c6dd13b374ba73cb7a64c4840", "Title": "pam: allowing unprivileged user to block another user namespace", "Description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "Severity": "MEDIUM", "CweIDs": [ "CWE-664" ], "VendorSeverity": { "alma": 2, "amazon": 1, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/18/3", "https://access.redhat.com/errata/RHSA-2024:2438", "https://access.redhat.com/security/cve/CVE-2024-22365", "https://bugzilla.redhat.com/2257722", "https://bugzilla.redhat.com/show_bug.cgi?id=2257722", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365", "https://errata.almalinux.org/9/ALSA-2024-2438.html", "https://errata.rockylinux.org/RLSA-2024:3163", "https://github.com/linux-pam/linux-pam", "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", "https://linux.oracle.com/cve/CVE-2024-22365.html", "https://linux.oracle.com/errata/ELSA-2024-3163.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-22365", "https://ubuntu.com/security/notices/USN-6588-1", "https://ubuntu.com/security/notices/USN-6588-2", "https://www.cve.org/CVERecord?id=CVE-2024-22365", "https://www.openwall.com/lists/oss-security/2024/01/18/3" ], "PublishedDate": "2024-02-06T08:15:52.203Z", "LastModifiedDate": "2025-11-03T19:15:42.857Z" }, { "VulnerabilityID": "CVE-2025-6020", "PkgID": "libpam-runtime@1.4.0-11ubuntu2.3", "PkgName": "libpam-runtime", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04", "UID": "bbc13483c48a47f3", "BOMRef": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2.3?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6020", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5dad17508d69e071bfe476ad92de5d79a860cc618f0bffb8426eff6dd92f4c8f", "Title": "linux-pam: Linux-pam directory Traversal", "Description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "Severity": "MEDIUM", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/06/17/1", "https://access.redhat.com/errata/RHSA-2025:10024", "https://access.redhat.com/errata/RHSA-2025:10027", "https://access.redhat.com/errata/RHSA-2025:10180", "https://access.redhat.com/errata/RHSA-2025:10354", "https://access.redhat.com/errata/RHSA-2025:10357", "https://access.redhat.com/errata/RHSA-2025:10358", "https://access.redhat.com/errata/RHSA-2025:10359", "https://access.redhat.com/errata/RHSA-2025:10361", "https://access.redhat.com/errata/RHSA-2025:10362", "https://access.redhat.com/errata/RHSA-2025:10735", "https://access.redhat.com/errata/RHSA-2025:10823", "https://access.redhat.com/errata/RHSA-2025:11386", "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:14557", "https://access.redhat.com/errata/RHSA-2025:15099", "https://access.redhat.com/errata/RHSA-2025:15709", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:16524", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:20181", "https://access.redhat.com/errata/RHSA-2025:21885", "https://access.redhat.com/errata/RHSA-2025:22019", "https://access.redhat.com/errata/RHSA-2025:9526", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-6020", "https://bugzilla.redhat.com/2372512", "https://bugzilla.redhat.com/show_bug.cgi?id=2372512", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020", "https://errata.almalinux.org/9/ALSA-2025-9526.html", "https://errata.rockylinux.org/RLSA-2025:9526", "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx", "https://linux.oracle.com/cve/CVE-2025-6020.html", "https://linux.oracle.com/errata/ELSA-2025-9526.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6020", "https://ubuntu.com/security/notices/USN-7580-1", "https://www.cve.org/CVERecord?id=CVE-2025-6020", "https://www.openwall.com/lists/oss-security/2025/06/17/1" ], "PublishedDate": "2025-06-17T13:15:21.66Z", "LastModifiedDate": "2026-03-17T16:16:18.757Z" }, { "VulnerabilityID": "CVE-2024-22365", "PkgID": "libpam0g@1.4.0-11ubuntu2.3", "PkgName": "libpam0g", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3dab8c75dfb28def", "BOMRef": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-22365", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5892e878eeeb8cbb2f9f4478aa97fa86fd2a831d78aebae568927b9b62995277", "Title": "pam: allowing unprivileged user to block another user namespace", "Description": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", "Severity": "MEDIUM", "CweIDs": [ "CWE-664" ], "VendorSeverity": { "alma": 2, "amazon": 1, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/18/3", "https://access.redhat.com/errata/RHSA-2024:2438", "https://access.redhat.com/security/cve/CVE-2024-22365", "https://bugzilla.redhat.com/2257722", "https://bugzilla.redhat.com/show_bug.cgi?id=2257722", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365", "https://errata.almalinux.org/9/ALSA-2024-2438.html", "https://errata.rockylinux.org/RLSA-2024:3163", "https://github.com/linux-pam/linux-pam", "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", "https://linux.oracle.com/cve/CVE-2024-22365.html", "https://linux.oracle.com/errata/ELSA-2024-3163.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-22365", "https://ubuntu.com/security/notices/USN-6588-1", "https://ubuntu.com/security/notices/USN-6588-2", "https://www.cve.org/CVERecord?id=CVE-2024-22365", "https://www.openwall.com/lists/oss-security/2024/01/18/3" ], "PublishedDate": "2024-02-06T08:15:52.203Z", "LastModifiedDate": "2025-11-03T19:15:42.857Z" }, { "VulnerabilityID": "CVE-2025-6020", "PkgID": "libpam0g@1.4.0-11ubuntu2.3", "PkgName": "libpam0g", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "3dab8c75dfb28def", "BOMRef": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2.3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.0-11ubuntu2.3", "FixedVersion": "1.4.0-11ubuntu2.6", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6020", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e1cb27ef61a6d967236febb359bfe0babae285b04dfd5f9a1c80a207988775d4", "Title": "linux-pam: Linux-pam directory Traversal", "Description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "Severity": "MEDIUM", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/06/17/1", "https://access.redhat.com/errata/RHSA-2025:10024", "https://access.redhat.com/errata/RHSA-2025:10027", "https://access.redhat.com/errata/RHSA-2025:10180", "https://access.redhat.com/errata/RHSA-2025:10354", "https://access.redhat.com/errata/RHSA-2025:10357", "https://access.redhat.com/errata/RHSA-2025:10358", "https://access.redhat.com/errata/RHSA-2025:10359", "https://access.redhat.com/errata/RHSA-2025:10361", "https://access.redhat.com/errata/RHSA-2025:10362", "https://access.redhat.com/errata/RHSA-2025:10735", "https://access.redhat.com/errata/RHSA-2025:10823", "https://access.redhat.com/errata/RHSA-2025:11386", "https://access.redhat.com/errata/RHSA-2025:11487", "https://access.redhat.com/errata/RHSA-2025:14557", "https://access.redhat.com/errata/RHSA-2025:15099", "https://access.redhat.com/errata/RHSA-2025:15709", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:16524", "https://access.redhat.com/errata/RHSA-2025:17181", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:20181", "https://access.redhat.com/errata/RHSA-2025:21885", "https://access.redhat.com/errata/RHSA-2025:22019", "https://access.redhat.com/errata/RHSA-2025:9526", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-6020", "https://bugzilla.redhat.com/2372512", "https://bugzilla.redhat.com/show_bug.cgi?id=2372512", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020", "https://errata.almalinux.org/9/ALSA-2025-9526.html", "https://errata.rockylinux.org/RLSA-2025:9526", "https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx", "https://linux.oracle.com/cve/CVE-2025-6020.html", "https://linux.oracle.com/errata/ELSA-2025-9526.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6020", "https://ubuntu.com/security/notices/USN-7580-1", "https://www.cve.org/CVERecord?id=CVE-2025-6020", "https://www.openwall.com/lists/oss-security/2025/06/17/1" ], "PublishedDate": "2025-06-17T13:15:21.66Z", "LastModifiedDate": "2026-03-17T16:16:18.757Z" }, { "VulnerabilityID": "CVE-2022-41409", "PkgID": "libpcre2-8-0@10.39-3ubuntu0.1", "PkgName": "libpcre2-8-0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpcre2-8-0@10.39-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9eaa40b8550aa53c", "BOMRef": "pkg:deb/ubuntu/libpcre2-8-0@10.39-3ubuntu0.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "10.39-3ubuntu0.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-41409", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d6d4ba854c01e4aa491f9c8e318b263e97b8d3491c167d1bfc01a5df45ca13c5", "Title": "pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop", "Description": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", "Severity": "LOW", "CweIDs": [ "CWE-190" ], "VendorSeverity": { "amazon": 1, "cbl-mariner": 3, "nvd": 3, "photon": 3, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-41409", "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35", "https://github.com/PCRE2Project/pcre2/issues/141", "https://github.com/advisories/GHSA-4qfx-v7wh-3q4j", "https://nvd.nist.gov/vuln/detail/CVE-2022-41409", "https://www.cve.org/CVERecord?id=CVE-2022-41409" ], "PublishedDate": "2023-07-18T14:15:12.197Z", "LastModifiedDate": "2024-11-21T07:23:10.577Z" }, { "VulnerabilityID": "CVE-2017-11164", "PkgID": "libpcre3@2:8.39-13ubuntu0.22.04.1", "PkgName": "libpcre3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpcre3@8.39-13ubuntu0.22.04.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "92207cfb866df534", "BOMRef": "pkg:deb/ubuntu/libpcre3@8.39-13ubuntu0.22.04.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:8.39-13ubuntu0.22.04.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2017-11164", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a6332765542a057b04c4399bcfc73c11b7ba9a279729c217c2c69868bf9f9c4d", "Title": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", "Description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", "Severity": "LOW", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "nvd": 3, "photon": 3, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V2Score": 7.8, "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "http://openwall.com/lists/oss-security/2017/07/11/3", "http://www.openwall.com/lists/oss-security/2023/04/11/1", "http://www.openwall.com/lists/oss-security/2023/04/12/1", "http://www.securityfocus.com/bid/99575", "https://access.redhat.com/security/cve/CVE-2017-11164", "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", "https://nvd.nist.gov/vuln/detail/CVE-2017-11164", "https://www.cve.org/CVERecord?id=CVE-2017-11164" ], "PublishedDate": "2017-07-11T03:29:00.277Z", "LastModifiedDate": "2025-04-20T01:37:25.86Z" }, { "VulnerabilityID": "CVE-2023-31484", "PkgID": "libperl5.34@5.34.0-3ubuntu1.1", "PkgName": "libperl5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-31484", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:805fbe841fbfae99d52d7dc9c21989ea07225ceded191240d473a96cc1da8a73", "Title": "perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS", "Description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/04/29/1", "http://www.openwall.com/lists/oss-security/2023/05/03/3", "http://www.openwall.com/lists/oss-security/2023/05/03/5", "http://www.openwall.com/lists/oss-security/2023/05/07/2", "https://access.redhat.com/errata/RHSA-2023:6539", "https://access.redhat.com/security/cve/CVE-2023-31484", "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "https://bugzilla.redhat.com/2218667", "https://bugzilla.redhat.com/show_bug.cgi?id=2218667", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", "https://errata.almalinux.org/9/ALSA-2023-6539.html", "https://errata.rockylinux.org/RLSA-2023:6539", "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", "https://github.com/andk/cpanpm/pull/175", "https://linux.oracle.com/cve/CVE-2023-31484.html", "https://linux.oracle.com/errata/ELSA-2026-0079.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00017.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/", "https://metacpan.org/dist/CPAN/changes", "https://nvd.nist.gov/vuln/detail/CVE-2023-31484", "https://security.netapp.com/advisory/ntap-20240621-0007/", "https://ubuntu.com/security/notices/USN-6112-1", "https://ubuntu.com/security/notices/USN-6112-2", "https://www.cve.org/CVERecord?id=CVE-2023-31484", "https://www.openwall.com/lists/oss-security/2023/04/18/14" ], "PublishedDate": "2023-04-29T00:15:09Z", "LastModifiedDate": "2025-11-03T22:16:19.47Z" }, { "VulnerabilityID": "CVE-2023-47038", "PkgID": "libperl5.34@5.34.0-3ubuntu1.1", "PkgName": "libperl5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-47038", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a3e17ba0aef51185d6da4394c93f1d460189c9750318d7d69e2ad64a111c75a3", "Title": "perl: Write past buffer end via illegal user-defined Unicode property", "Description": "A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2228", "https://access.redhat.com/errata/RHSA-2024:3128", "https://access.redhat.com/security/cve/CVE-2023-47038", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746", "https://bugzilla.redhat.com/2249523", "https://bugzilla.redhat.com/show_bug.cgi?id=2249523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47038", "https://errata.almalinux.org/9/ALSA-2024-2228.html", "https://errata.rockylinux.org/RLSA-2024:2228", "https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010", "https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6", "https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3", "https://github.com/aquasecurity/trivy/discussions/8400", "https://linux.oracle.com/cve/CVE-2023-47038.html", "https://linux.oracle.com/errata/ELSA-2024-3128.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMDZZ4SCEW6FRWZDMXGAKZ35THTAWFG6/", "https://nvd.nist.gov/vuln/detail/CVE-2023-47038", "https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property", "https://ubuntu.com/security/CVE-2023-47100", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2023-47038", "https://www.suse.com/security/cve/CVE-2023-47100.html" ], "PublishedDate": "2023-12-18T14:15:08.933Z", "LastModifiedDate": "2025-11-04T19:16:05.573Z" }, { "VulnerabilityID": "CVE-2024-56406", "PkgID": "libperl5.34@5.34.0-3ubuntu1.1", "PkgName": "libperl5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56406", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3be261face1cbd002acba654f877494be9fa7dad1236d8945ff343f4c728caed", "Title": "perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes", "Description": "A heap buffer overflow vulnerability was discovered in Perl. \n\nRelease branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.\n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n   $ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n   Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/04/13/3", "http://www.openwall.com/lists/oss-security/2025/04/13/4", "http://www.openwall.com/lists/oss-security/2025/04/13/5", "https://access.redhat.com/security/cve/CVE-2024-56406", "https://bugzilla.redhat.com/show_bug.cgi?id=2359290", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56406", "https://errata.rockylinux.org/RLSA-2025:7500", "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch", "https://linux.oracle.com/cve/CVE-2024-56406.html", "https://linux.oracle.com/errata/ELSA-2025-7500.html", "https://metacpan.org/release/SHAY/perl-5.38.4/changes", "https://metacpan.org/release/SHAY/perl-5.40.2/changes", "https://nvd.nist.gov/vuln/detail/CVE-2024-56406", "https://ubuntu.com/security/notices/USN-7434-1", "https://ubuntu.com/security/notices/USN-7434-2", "https://www.cve.org/CVERecord?id=CVE-2024-56406" ], "PublishedDate": "2025-04-13T14:15:14.527Z", "LastModifiedDate": "2025-10-16T14:15:34.083Z" }, { "VulnerabilityID": "CVE-2025-40909", "PkgID": "libperl5.34@5.34.0-3ubuntu1.1", "PkgName": "libperl5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-40909", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bbee5e3374431fc927edada0e7e32144246d411745580fc652045943720b2964", "Title": "perl: Perl threads have a working directory race condition where file operations may target unintended paths", "Description": "Perl threads have a working directory race condition where file operations may target unintended paths.\n\nIf a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. \n\nThis may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit.\n\nThe bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6", "Severity": "MEDIUM", "CweIDs": [ "CWE-426", "CWE-689" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.9 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Sep/53", "http://seclists.org/fulldisclosure/2025/Sep/54", "http://seclists.org/fulldisclosure/2025/Sep/55", "http://www.openwall.com/lists/oss-security/2025/05/23/1", "http://www.openwall.com/lists/oss-security/2025/05/30/4", "http://www.openwall.com/lists/oss-security/2025/06/02/2", "http://www.openwall.com/lists/oss-security/2025/06/02/5", "http://www.openwall.com/lists/oss-security/2025/06/02/6", "http://www.openwall.com/lists/oss-security/2025/06/02/7", "http://www.openwall.com/lists/oss-security/2025/06/03/1", "https://access.redhat.com/errata/RHSA-2025:11805", "https://access.redhat.com/security/cve/CVE-2025-40909", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226", "https://bugzilla.redhat.com/2369407", "https://bugzilla.redhat.com/show_bug.cgi?id=2369407", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40909", "https://errata.almalinux.org/8/ALSA-2025-11805.html", "https://errata.rockylinux.org/RLSA-2025:11804", "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e", "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch", "https://github.com/Perl/perl5/issues/10387", "https://github.com/Perl/perl5/issues/23010", "https://linux.oracle.com/cve/CVE-2025-40909.html", "https://linux.oracle.com/errata/ELSA-2025-12056.html", "https://lists.security.metacpan.org/cve-announce/msg/30017499/", "https://nvd.nist.gov/vuln/detail/CVE-2025-40909", "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads", "https://ubuntu.com/security/notices/USN-7678-1", "https://www.cve.org/CVERecord?id=CVE-2025-40909", "https://www.openwall.com/lists/oss-security/2025/05/22/2" ], "PublishedDate": "2025-05-30T13:15:22.35Z", "LastModifiedDate": "2025-11-03T19:15:52.563Z" }, { "VulnerabilityID": "CVE-2022-48522", "PkgID": "libperl5.34@5.34.0-3ubuntu1.1", "PkgName": "libperl5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8dc4c338e4ffecd1", "BOMRef": "pkg:deb/ubuntu/libperl5.34@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-48522", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:483e4d7f15d3878b501130add20b60c894ab56f60721db6837526d208bf2d679", "Title": "perl: stack-based crash in S_find_uninit_var()", "Description": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "nvd": 4, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-48522", "https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345", "https://github.com/Perl/perl5/commit/23cca2d1f4544cb47f1124d98c308ce1f31f09a6", "https://github.com/Perl/perl5/issues/19147", "https://nvd.nist.gov/vuln/detail/CVE-2022-48522", "https://security.netapp.com/advisory/ntap-20230915-0008/", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2022-48522" ], "PublishedDate": "2023-08-22T19:16:31.153Z", "LastModifiedDate": "2024-11-21T07:33:29.637Z" }, { "VulnerabilityID": "CVE-2023-4016", "PkgID": "libprocps8@2:3.3.17-6ubuntu2", "PkgName": "libprocps8", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libprocps8@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a5c5ac86365bc0e9", "BOMRef": "pkg:deb/ubuntu/libprocps8@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:3.3.17-6ubuntu2", "FixedVersion": "2:3.3.17-6ubuntu2.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4016", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6750c3e1c22431b9eafa3d4b9b5064d9082c158d74b292d6bbe36576f85e328c", "Title": "procps: ps buffer overflow", "Description": "Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.", "Severity": "LOW", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 1, "nvd": 1, "oracle-oval": 1, "photon": 1, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6705", "https://access.redhat.com/security/cve/CVE-2023-4016", "https://bugzilla.redhat.com/2228494", "https://bugzilla.redhat.com/show_bug.cgi?id=2228494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4016", "https://errata.almalinux.org/9/ALSA-2023-6705.html", "https://errata.rockylinux.org/RLSA-2023:7187", "https://gitlab.com/procps-ng/procps", "https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413", "https://gitlab.com/procps-ng/procps/-/issues/297", "https://linux.oracle.com/cve/CVE-2023-4016.html", "https://linux.oracle.com/errata/ELSA-2023-7187.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4016", "https://ubuntu.com/security/notices/USN-6477-1", "https://www.cve.org/CVERecord?id=CVE-2023-4016", "https://www.freelists.org/post/procps/ps-buffer-overflow-CVE-20234016" ], "PublishedDate": "2023-08-02T05:15:09.85Z", "LastModifiedDate": "2024-11-21T08:34:14.073Z" }, { "VulnerabilityID": "CVE-2025-11468", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d26117e94d7a82a", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-11468", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:826f0660f8132e6fea9cf6a204fedcfa7bdb425d8e5f85318fb68476ca1cb49a", "Title": "cpython: Missing character filtering in Python", "Description": "When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-11468", "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "https://github.com/python/cpython/issues/143935", "https://github.com/python/cpython/pull/143936", "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "https://nvd.nist.gov/vuln/detail/CVE-2025-11468", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-11468" ], "PublishedDate": "2026-01-20T22:15:50.69Z", "LastModifiedDate": "2026-03-03T15:16:13.803Z" }, { "VulnerabilityID": "CVE-2025-12084", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d26117e94d7a82a", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-12084", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8613b3458e2b384c4d0feb31157b2a2e1a9e00a5470d3cf50dcbbb3d13e4a6e4", "Title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service", "Description": "When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1478", "https://access.redhat.com/security/cve/CVE-2025-12084", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://errata.almalinux.org/9/ALSA-2026-1478.html", "https://errata.rockylinux.org/RLSA-2026:1478", "https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0", "https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4", "https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437", "https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af", "https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273", "https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907", "https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d", "https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8", "https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8", "https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0", "https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964", "https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53", "https://github.com/python/cpython/issues/142145", "https://github.com/python/cpython/pull/142146", "https://linux.oracle.com/cve/CVE-2025-12084.html", "https://linux.oracle.com/errata/ELSA-2026-2713.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-12084", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-12084" ], "PublishedDate": "2025-12-03T19:15:55.05Z", "LastModifiedDate": "2026-01-26T15:16:05.95Z" }, { "VulnerabilityID": "CVE-2025-13836", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d26117e94d7a82a", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.13", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13836", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f1c2f32d2157b648c68098201bae49b262bb1402a08492fbe3faa98954affad8", "Title": "cpython: Excessive read buffering DoS in http.client", "Description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 6.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1410", "https://access.redhat.com/security/cve/CVE-2025-13836", "https://bugzilla.redhat.com/2418078", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418078", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836", "https://errata.almalinux.org/9/ALSA-2026-1410.html", "https://errata.rockylinux.org/RLSA-2026:1410", "https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628", "https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155 (3.14 branch)", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5 (main)", "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0", "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c", "https://github.com/python/cpython/issues/119451", "https://github.com/python/cpython/pull/119454", "https://linux.oracle.com/cve/CVE-2025-13836.html", "https://linux.oracle.com/errata/ELSA-2026-2419.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13836", "https://ubuntu.com/security/notices/USN-7951-1", "https://www.cve.org/CVERecord?id=CVE-2025-13836" ], "PublishedDate": "2025-12-01T18:16:04.2Z", "LastModifiedDate": "2026-02-10T19:58:12.13Z" }, { "VulnerabilityID": "CVE-2025-13837", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d26117e94d7a82a", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13837", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b17bdedaf15a9b4bf92b62610a7ced2f4b88bdd4236d970e89a6194797a664b2", "Title": "cpython: Out-of-memory when loading Plist", "Description": "When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 2, "azure": 1, "bitnami": 1, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N", "V40Score": 2.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-13837", "https://github.com/python/cpython/commit/568342cfc8f002d9a15f30238f26b9d2e0e79036", "https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b", "https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70", "https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba", "https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb", "https://github.com/python/cpython/commit/cefee7d118a26ef6cd43db59bb9d98ca9a331111", "https://github.com/python/cpython/issues/119342", "https://github.com/python/cpython/pull/119343", "https://mail.python.org/archives/list/security-announce@python.org/thread/2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13837", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-13837" ], "PublishedDate": "2025-12-01T18:16:04.38Z", "LastModifiedDate": "2026-03-03T15:16:14.483Z" }, { "VulnerabilityID": "CVE-2025-15282", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d26117e94d7a82a", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15282", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:24e7aa9912babc8bb6f80bc6662e159ce142b7450d70ff229e7fed1f961c7c7d", "Title": "cpython: Header injection via newlines in data URL mediatype in Python", "Description": "User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-15282", "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0", "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38", "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47", "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a", "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f", "https://github.com/python/cpython/issues/143925", "https://github.com/python/cpython/pull/143926", "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/", "https://nvd.nist.gov/vuln/detail/CVE-2025-15282", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-15282" ], "PublishedDate": "2026-01-20T22:15:50.883Z", "LastModifiedDate": "2026-01-26T15:16:06.62Z" }, { "VulnerabilityID": "CVE-2026-0672", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d26117e94d7a82a", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0672", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b715bf59ab9da95f21abe40a715aa2fc8e1c8d9502db9211c017a731bbdaf8c3", "Title": "cpython: Header injection in http.cookies.Morsel in Python", "Description": "When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0672", "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172", "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440", "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d", "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca", "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70", "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85", "https://github.com/python/cpython/issues/143919", "https://github.com/python/cpython/pull/143920", "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0672", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0672" ], "PublishedDate": "2026-01-20T22:15:52.68Z", "LastModifiedDate": "2026-01-26T15:16:07.033Z" }, { "VulnerabilityID": "CVE-2026-0865", "PkgID": "libpython3.10-minimal@3.10.12-1~22.04.12", "PkgName": "libpython3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "d26117e94d7a82a", "BOMRef": "pkg:deb/ubuntu/libpython3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0865", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1e9e902ff89010bf49e4654309f59b64c4cbd97dd9d4b702bbf6da12bdb1b22b", "Title": "cpython: wsgiref.headers.Headers allows header newline injection in Python", "Description": "User-controlled header names and values containing newlines can allow injecting HTTP headers.", "Severity": "MEDIUM", "CweIDs": [ "CWE-74" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4168", "https://access.redhat.com/security/cve/CVE-2026-0865", "https://bugzilla.redhat.com/2431368", "https://bugzilla.redhat.com/2431373", "https://bugzilla.redhat.com/2432437", "https://bugzilla.redhat.com/show_bug.cgi?id=2431367", "https://bugzilla.redhat.com/show_bug.cgi?id=2431368", "https://bugzilla.redhat.com/show_bug.cgi?id=2431373", "https://bugzilla.redhat.com/show_bug.cgi?id=2432437", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299", "https://errata.almalinux.org/9/ALSA-2026-4168.html", "https://errata.rockylinux.org/RLSA-2026:4168", "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58", "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510", "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f", "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2", "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5", "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6", "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff", "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97", "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf", "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219", "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995", "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211", "https://github.com/python/cpython/issues/143916", "https://github.com/python/cpython/pull/143917", "https://linux.oracle.com/cve/CVE-2026-0865.html", "https://linux.oracle.com/errata/ELSA-2026-4713.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0865", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0865" ], "PublishedDate": "2026-01-20T22:15:52.8Z", "LastModifiedDate": "2026-03-03T15:16:17.59Z" }, { "VulnerabilityID": "CVE-2025-11468", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "56c19e4f21bf9432", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-11468", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:be40c1f3c7bd4ddc61739519500e96dd987b50fa637bbeefbb2591326ae65e6a", "Title": "cpython: Missing character filtering in Python", "Description": "When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-11468", "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "https://github.com/python/cpython/issues/143935", "https://github.com/python/cpython/pull/143936", "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "https://nvd.nist.gov/vuln/detail/CVE-2025-11468", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-11468" ], "PublishedDate": "2026-01-20T22:15:50.69Z", "LastModifiedDate": "2026-03-03T15:16:13.803Z" }, { "VulnerabilityID": "CVE-2025-12084", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "56c19e4f21bf9432", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-12084", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:25d8901cf3e1a68bbee7fcf3e7b68f4340b0c3272fb4fa40a5b0aefd98e0dc03", "Title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service", "Description": "When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1478", "https://access.redhat.com/security/cve/CVE-2025-12084", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://errata.almalinux.org/9/ALSA-2026-1478.html", "https://errata.rockylinux.org/RLSA-2026:1478", "https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0", "https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4", "https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437", "https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af", "https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273", "https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907", "https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d", "https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8", "https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8", "https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0", "https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964", "https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53", "https://github.com/python/cpython/issues/142145", "https://github.com/python/cpython/pull/142146", "https://linux.oracle.com/cve/CVE-2025-12084.html", "https://linux.oracle.com/errata/ELSA-2026-2713.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-12084", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-12084" ], "PublishedDate": "2025-12-03T19:15:55.05Z", "LastModifiedDate": "2026-01-26T15:16:05.95Z" }, { "VulnerabilityID": "CVE-2025-13836", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "56c19e4f21bf9432", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.13", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13836", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:088ff2db664febf0ae918824705de3cb72e4974dcee9546a3f6a3b1844e6a3f6", "Title": "cpython: Excessive read buffering DoS in http.client", "Description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 6.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1410", "https://access.redhat.com/security/cve/CVE-2025-13836", "https://bugzilla.redhat.com/2418078", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418078", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836", "https://errata.almalinux.org/9/ALSA-2026-1410.html", "https://errata.rockylinux.org/RLSA-2026:1410", "https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628", "https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155 (3.14 branch)", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5 (main)", "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0", "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c", "https://github.com/python/cpython/issues/119451", "https://github.com/python/cpython/pull/119454", "https://linux.oracle.com/cve/CVE-2025-13836.html", "https://linux.oracle.com/errata/ELSA-2026-2419.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13836", "https://ubuntu.com/security/notices/USN-7951-1", "https://www.cve.org/CVERecord?id=CVE-2025-13836" ], "PublishedDate": "2025-12-01T18:16:04.2Z", "LastModifiedDate": "2026-02-10T19:58:12.13Z" }, { "VulnerabilityID": "CVE-2025-13837", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "56c19e4f21bf9432", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13837", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2bc65e6460f4c373aedf4c75cd82d97ecf79695cd020dbf407a76caa6a71b31e", "Title": "cpython: Out-of-memory when loading Plist", "Description": "When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 2, "azure": 1, "bitnami": 1, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N", "V40Score": 2.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-13837", "https://github.com/python/cpython/commit/568342cfc8f002d9a15f30238f26b9d2e0e79036", "https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b", "https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70", "https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba", "https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb", "https://github.com/python/cpython/commit/cefee7d118a26ef6cd43db59bb9d98ca9a331111", "https://github.com/python/cpython/issues/119342", "https://github.com/python/cpython/pull/119343", "https://mail.python.org/archives/list/security-announce@python.org/thread/2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13837", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-13837" ], "PublishedDate": "2025-12-01T18:16:04.38Z", "LastModifiedDate": "2026-03-03T15:16:14.483Z" }, { "VulnerabilityID": "CVE-2025-15282", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "56c19e4f21bf9432", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15282", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:915efd208e6cab284c261795ff67dba3c00af5c18278db8aa35a6fa190594837", "Title": "cpython: Header injection via newlines in data URL mediatype in Python", "Description": "User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-15282", "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0", "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38", "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47", "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a", "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f", "https://github.com/python/cpython/issues/143925", "https://github.com/python/cpython/pull/143926", "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/", "https://nvd.nist.gov/vuln/detail/CVE-2025-15282", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-15282" ], "PublishedDate": "2026-01-20T22:15:50.883Z", "LastModifiedDate": "2026-01-26T15:16:06.62Z" }, { "VulnerabilityID": "CVE-2026-0672", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "56c19e4f21bf9432", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0672", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9a63cac26d45a93e807c8201c6745652d703fc8c985607881b31c917dd0b413b", "Title": "cpython: Header injection in http.cookies.Morsel in Python", "Description": "When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0672", "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172", "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440", "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d", "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca", "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70", "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85", "https://github.com/python/cpython/issues/143919", "https://github.com/python/cpython/pull/143920", "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0672", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0672" ], "PublishedDate": "2026-01-20T22:15:52.68Z", "LastModifiedDate": "2026-01-26T15:16:07.033Z" }, { "VulnerabilityID": "CVE-2026-0865", "PkgID": "libpython3.10-stdlib@3.10.12-1~22.04.12", "PkgName": "libpython3.10-stdlib", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "56c19e4f21bf9432", "BOMRef": "pkg:deb/ubuntu/libpython3.10-stdlib@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0865", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5709f8d723ad47c67a00975619496ad1d9134548921168876599286447d796e6", "Title": "cpython: wsgiref.headers.Headers allows header newline injection in Python", "Description": "User-controlled header names and values containing newlines can allow injecting HTTP headers.", "Severity": "MEDIUM", "CweIDs": [ "CWE-74" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4168", "https://access.redhat.com/security/cve/CVE-2026-0865", "https://bugzilla.redhat.com/2431368", "https://bugzilla.redhat.com/2431373", "https://bugzilla.redhat.com/2432437", "https://bugzilla.redhat.com/show_bug.cgi?id=2431367", "https://bugzilla.redhat.com/show_bug.cgi?id=2431368", "https://bugzilla.redhat.com/show_bug.cgi?id=2431373", "https://bugzilla.redhat.com/show_bug.cgi?id=2432437", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299", "https://errata.almalinux.org/9/ALSA-2026-4168.html", "https://errata.rockylinux.org/RLSA-2026:4168", "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58", "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510", "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f", "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2", "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5", "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6", "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff", "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97", "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf", "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219", "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995", "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211", "https://github.com/python/cpython/issues/143916", "https://github.com/python/cpython/pull/143917", "https://linux.oracle.com/cve/CVE-2026-0865.html", "https://linux.oracle.com/errata/ELSA-2026-4713.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0865", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0865" ], "PublishedDate": "2026-01-20T22:15:52.8Z", "LastModifiedDate": "2026-03-03T15:16:17.59Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "libsmartcols1@2.37.2-4ubuntu3", "PkgName": "libsmartcols1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libsmartcols1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "fb3b2255a47d5ea7", "BOMRef": "pkg:deb/ubuntu/libsmartcols1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3e89721d1a271cebf6ebf59e3e8a11b49f4f7d6319d10004cefc22e47cd4e94f", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2022-40735", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.16", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-40735", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:75019dc3c7094c830b1efeb34660d4d50eddc03349254a6e4e0f1cb0f7f06e9d", "Description": "The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1996 van Oorschot and Wiener paper found that \"(appropriately) short exponents\" can be used when there are adequate subgroup constraints, and these short exponents can lead to less expensive calculations than for long exponents. This issue is different from CVE-2002-20001 because it is based on an observation about exponent size, rather than an observation about numbers that are not public keys. The specific situations in which calculation expense would constitute a server-side vulnerability depend on the protocol (e.g., TLS, SSH, or IKE) and the DHE implementation details. In general, there might be an availability concern because of server-side resource consumption from DHE modular-exponentiation calculations. Finally, it is possible for an attacker to exploit this vulnerability and CVE-2002-20001 together.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "nvd": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://dheatattack.gitlab.io/", "https://gist.github.com/c0r0n3r/9455ddcab985c50fd1912eabf26e058b", "https://github.com/mozilla/ssl-config-generator/issues/162", "https://github.com/openssl/openssl/pull/18480", "https://ieeexplore.ieee.org/document/10374117", "https://link.springer.com/content/pdf/10.1007/3-540-68339-9_29.pdf", "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf", "https://raw.githubusercontent.com/CVEProject/cvelist/9d7fbbcabd3f44cfedc9e8807757d31ece85a2c6/2022/40xxx/CVE-2022-40735.json", "https://ubuntu.com/security/notices/USN-6854-1", "https://www.cve.org/CVERecord?id=CVE-2022-40735", "https://www.researchgate.net/profile/Anton-Stiglic-2/publication/2401745_Security_Issues_in_the_Diffie-Hellman_Key_Agreement_Protocol/links/546c144f0cf20dedafd53e7e/Security-Issues-in-the-Diffie-Hellman-Key-Agreement-Protocol.pdf", "https://www.rfc-editor.org/rfc/rfc3526", "https://www.rfc-editor.org/rfc/rfc4419", "https://www.rfc-editor.org/rfc/rfc5114#section-4", "https://www.rfc-editor.org/rfc/rfc7919#section-5.2" ], "PublishedDate": "2022-11-14T23:15:11.423Z", "LastModifiedDate": "2024-11-21T07:21:56.9Z" }, { "VulnerabilityID": "CVE-2023-2650", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.10", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-2650", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:77262cbd512afc283ee2a7c18760623b104c84621f1c07ca33bb692663c9cdd6", "Title": "openssl: Possible DoS translating ASN.1 object identifiers", "Description": "Issue summary: Processing some specially crafted ASN.1 object identifiers or\ndata containing them may be very slow.\n\nImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\nthe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\nsize limit may experience notable to very long delays when processing those\nmessages, which may lead to a Denial of Service.\n\nAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\nmost of which have no size limit. OBJ_obj2txt() may be used to translate\nan ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\ntype ASN1_OBJECT) to its canonical numeric text form, which are the\nsub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\nperiods.\n\nWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\n(these are sizes that are seen as absurdly large, taking up tens or hundreds\nof KiBs), the translation to a decimal number in text may take a very long\ntime. The time complexity is O(n^2) with 'n' being the size of the\nsub-identifiers in bytes (*).\n\nWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\nidentifiers in string form was introduced. This includes using OBJECT\nIDENTIFIERs in canonical numeric text form as identifiers for fetching\nalgorithms.\n\nSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\nAlgorithmIdentifier, which is commonly used in multiple protocols to specify\nwhat cryptographic algorithm should be used to sign or verify, encrypt or\ndecrypt, or digest passed data.\n\nApplications that call OBJ_obj2txt() directly with untrusted data are\naffected, with any version of OpenSSL. If the use is for the mere purpose\nof display, the severity is considered low.\n\nIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\nCMS, CMP/CRMF or TS. It also impacts anything that processes X.509\ncertificates, including simple things like verifying its signature.\n\nThe impact on TLS is relatively low, because all versions of OpenSSL have a\n100KiB limit on the peer's certificate chain. Additionally, this only\nimpacts clients, or servers that have explicitly enabled client\nauthentication.\n\nIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\nsuch as X.509 certificates. This is assumed to not happen in such a way\nthat it would cause a Denial of Service, so these versions are considered\nnot affected by this issue in such a way that it would be cause for concern,\nand the severity is therefore considered low.", "Severity": "MEDIUM", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/05/30/1", "https://access.redhat.com/errata/RHSA-2023:6330", "https://access.redhat.com/security/cve/CVE-2023-2650", "https://bugzilla.redhat.com/1858038", "https://bugzilla.redhat.com/2207947", "https://errata.almalinux.org/9/ALSA-2023-6330.html", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a", "https://linux.oracle.com/cve/CVE-2023-2650.html", "https://linux.oracle.com/errata/ELSA-2023-6330.html", "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-2650", "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009", "https://security.gentoo.org/glsa/202402-08", "https://security.netapp.com/advisory/ntap-20230703-0001/", "https://security.netapp.com/advisory/ntap-20231027-0009/", "https://ubuntu.com/security/notices/USN-6119-1", "https://ubuntu.com/security/notices/USN-6188-1", "https://ubuntu.com/security/notices/USN-6672-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2023-2650", "https://www.debian.org/security/2023/dsa-5417", "https://www.openssl.org/news/secadv/20230530.txt" ], "PublishedDate": "2023-05-30T14:15:09.683Z", "LastModifiedDate": "2025-03-19T16:15:21.89Z" }, { "VulnerabilityID": "CVE-2023-5363", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.12", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-5363", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f96955dae41d81085724208cff5c99b8f57d9169ef383c7b9a968fc17b84444f", "Title": "openssl: Incorrect cipher key and IV length processing", "Description": "Issue summary: A bug has been identified in the processing of key and\ninitialisation vector (IV) lengths. This can lead to potential truncation\nor overruns during the initialisation of some symmetric ciphers.\n\nImpact summary: A truncation in the IV can result in non-uniqueness,\nwhich could result in loss of confidentiality for some cipher modes.\n\nWhen calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or\nEVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after\nthe key and IV have been established. Any alterations to the key length,\nvia the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter,\nwithin the OSSL_PARAM array will not take effect as intended, potentially\ncausing truncation or overreading of these values. The following ciphers\nand cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.\n\nFor the CCM, GCM and OCB cipher modes, truncation of the IV can result in\nloss of confidentiality. For example, when following NIST's SP 800-38D\nsection 8.2.1 guidance for constructing a deterministic IV for AES in\nGCM mode, truncation of the counter portion could lead to IV reuse.\n\nBoth truncations and overruns of the key and overruns of the IV will\nproduce incorrect results and could, in some cases, trigger a memory\nexception. However, these issues are not currently assessed as security\ncritical.\n\nChanging the key and/or IV lengths is not considered to be a common operation\nand the vulnerable API was recently introduced. Furthermore it is likely that\napplication developers will have spotted this problem during testing since\ndecryption would fail unless both peers in the communication were similarly\nvulnerable. For these reasons we expect the probability of an application being\nvulnerable to this to be quite low. However if an application is vulnerable then\nthis issue is considered very serious. For these reasons we have assessed this\nissue as Moderate severity overall.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because\nthe issue lies outside of the FIPS provider boundary.\n\nOpenSSL 3.1 and 3.0 are vulnerable to this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-684" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/10/24/1", "https://access.redhat.com/errata/RHSA-2024:0310", "https://access.redhat.com/security/cve/CVE-2023-5363", "https://bugzilla.redhat.com/2243839", "https://errata.almalinux.org/9/ALSA-2024-0310.html", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee", "https://linux.oracle.com/cve/CVE-2023-5363.html", "https://linux.oracle.com/errata/ELSA-2024-12093.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-5363", "https://security.netapp.com/advisory/ntap-20231027-0010/", "https://security.netapp.com/advisory/ntap-20240201-0003/", "https://security.netapp.com/advisory/ntap-20240201-0004/", "https://security.netapp.com/advisory/ntap-20241108-0002/", "https://ubuntu.com/security/notices/USN-6450-1", "https://www.cve.org/CVERecord?id=CVE-2023-5363", "https://www.debian.org/security/2023/dsa-5532", "https://www.openssl.org/news/secadv/20231024.txt" ], "PublishedDate": "2023-10-25T18:17:43.613Z", "LastModifiedDate": "2025-12-02T20:15:48.537Z" }, { "VulnerabilityID": "CVE-2024-6119", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.18", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-6119", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ded2bcdff00e252f4a248b6b34a7ee45293f927e152a2cacb6a7b85dac6b6b02", "Title": "openssl: Possible denial of service in X.509 name checks", "Description": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don't perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-843" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/09/03/4", "https://access.redhat.com/errata/RHSA-2024:8935", "https://access.redhat.com/security/cve/CVE-2024-6119", "https://bugzilla.redhat.com/2306158", "https://bugzilla.redhat.com/show_bug.cgi?id=2306158", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6119", "https://errata.almalinux.org/9/ALSA-2024-8935.html", "https://errata.rockylinux.org/RLSA-2024:6783", "https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f", "https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6", "https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2", "https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0", "https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj", "https://linux.oracle.com/cve/CVE-2024-6119.html", "https://linux.oracle.com/errata/ELSA-2024-8935.html", "https://lists.freebsd.org/archives/freebsd-security/2024-September/000303.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-6119", "https://openssl-library.org/news/secadv/20240903.txt", "https://security.netapp.com/advisory/ntap-20240912-0001/", "https://ubuntu.com/security/notices/USN-6986-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-6119" ], "PublishedDate": "2024-09-03T16:15:07.177Z", "LastModifiedDate": "2025-06-03T10:51:54.117Z" }, { "VulnerabilityID": "CVE-2025-15467", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15467", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:60837d103ec364227f09a35def86266eaeaac9cc3fcc296b17cf15c11696abca", "Title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing", "Description": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 4, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/27/10", "http://www.openwall.com/lists/oss-security/2026/02/25/6", "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-15467", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/guiimoraes/CVE-2025-15467", "https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703", "https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9", "https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3", "https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e", "https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc", "https://linux.oracle.com/cve/CVE-2025-15467.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-15467", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://www.cve.org/CVERecord?id=CVE-2025-15467" ], "PublishedDate": "2026-01-27T16:16:14.257Z", "LastModifiedDate": "2026-03-19T19:16:19.23Z" }, { "VulnerabilityID": "CVE-2025-9230", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.20", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-9230", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:be3429ac9362cc1cca57cf8b908ac7a2bef24c2100fdff096f08a5846f39af0c", "Title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap", "Description": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.6 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/09/30/5", "https://access.redhat.com/errata/RHSA-2026:2776", "https://access.redhat.com/security/cve/CVE-2025-9230", "https://bugzilla.redhat.com/2396054", "https://bugzilla.redhat.com/show_bug.cgi?id=2396054", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230", "https://errata.almalinux.org/9/ALSA-2026-2776.html", "https://errata.rockylinux.org/RLSA-2025:21255", "https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45", "https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280", "https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def", "https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd", "https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482", "https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3", "https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba", "https://linux.oracle.com/cve/CVE-2025-9230.html", "https://linux.oracle.com/errata/ELSA-2026-50114.html", "https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-9230", "https://openssl-library.org/news/secadv/20250930.txt", "https://ubuntu.com/security/notices/USN-7786-1", "https://www.cve.org/CVERecord?id=CVE-2025-9230" ], "PublishedDate": "2025-09-30T14:15:41.05Z", "LastModifiedDate": "2025-11-04T22:16:45.36Z" }, { "VulnerabilityID": "CVE-2023-1255", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.10", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-1255", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:80f8c0f95437d5615cc4eb33e6235af7e7ec107a2f774501936bd3d61945f249", "Title": "openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM", "Description": "Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM\nplatform contains a bug that could cause it to read past the input buffer,\nleading to a crash.\n\nImpact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM\nplatform can crash in rare circumstances. The AES-XTS algorithm is usually\nused for disk encryption.\n\nThe AES-XTS cipher decryption implementation for 64 bit ARM platform will read\npast the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16\nbyte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext\nbuffer is unmapped, this will trigger a crash which results in a denial of\nservice.\n\nIf an attacker can control the size and location of the ciphertext buffer\nbeing decrypted by an application using AES-XTS on 64 bit ARM, the\napplication is affected. This is fairly unlikely making this issue\na Low severity one.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.1 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:3722", "https://access.redhat.com/security/cve/CVE-2023-1255", "https://bugzilla.redhat.com/2181082", "https://bugzilla.redhat.com/2182561", "https://bugzilla.redhat.com/2182565", "https://bugzilla.redhat.com/2188461", "https://bugzilla.redhat.com/2207947", "https://errata.almalinux.org/9/ALSA-2023-3722.html", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=02ac9c9420275868472f33b01def01218742b8bb", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc2f61ad70971869b242fc1cb445b98bad50074a", "https://linux.oracle.com/cve/CVE-2023-1255.html", "https://linux.oracle.com/errata/ELSA-2023-3722.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-1255", "https://security.netapp.com/advisory/ntap-20230908-0006/", "https://ubuntu.com/security/notices/USN-6119-1", "https://www.cve.org/CVERecord?id=CVE-2023-1255", "https://www.openssl.org/news/secadv/20230419.txt", "https://www.openssl.org/news/secadv/20230420.txt" ], "PublishedDate": "2023-04-20T17:15:06.883Z", "LastModifiedDate": "2025-02-04T22:15:39.327Z" }, { "VulnerabilityID": "CVE-2023-2975", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.12", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-2975", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1d2c423c2d3b017a3edfadaf4a3c3883795231acb3c3051ba8b6c201ec3bf2b4", "Title": "openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries", "Description": "Issue summary: The AES-SIV cipher implementation contains a bug that causes\nit to ignore empty associated data entries which are unauthenticated as\na consequence.\n\nImpact summary: Applications that use the AES-SIV algorithm and want to\nauthenticate empty data entries as associated data can be misled by removing,\nadding or reordering such empty entries as these are ignored by the OpenSSL\nimplementation. We are currently unaware of any such applications.\n\nThe AES-SIV algorithm allows for authentication of multiple associated\ndata entries along with the encryption. To authenticate empty data the\napplication has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with\nNULL pointer as the output buffer and 0 as the input buffer length.\nThe AES-SIV implementation in OpenSSL just returns success for such a call\ninstead of performing the associated data authentication operation.\nThe empty data thus will not be authenticated.\n\nAs this issue does not affect non-empty associated data authentication and\nwe expect it to be rare for an application to use empty associated data\nentries this is qualified as Low severity issue.", "Severity": "LOW", "CweIDs": [ "CWE-354", "CWE-287" ], "VendorSeverity": { "alma": 1, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/07/15/1", "http://www.openwall.com/lists/oss-security/2023/07/19/5", "https://access.redhat.com/errata/RHSA-2024:2447", "https://access.redhat.com/security/cve/CVE-2023-2975", "https://bugzilla.redhat.com/2223016", "https://bugzilla.redhat.com/2224962", "https://bugzilla.redhat.com/2227852", "https://bugzilla.redhat.com/2248616", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://errata.almalinux.org/9/ALSA-2024-2447.html", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc", "https://linux.oracle.com/cve/CVE-2023-2975.html", "https://linux.oracle.com/errata/ELSA-2024-2447.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-2975", "https://security.gentoo.org/glsa/202402-08", "https://security.netapp.com/advisory/ntap-20230725-0004/", "https://ubuntu.com/security/notices/USN-6450-1", "https://www.cve.org/CVERecord?id=CVE-2023-2975", "https://www.openssl.org/news/secadv/20230714.txt" ], "PublishedDate": "2023-07-14T12:15:09.023Z", "LastModifiedDate": "2025-04-23T17:16:32.467Z" }, { "VulnerabilityID": "CVE-2023-3446", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.12", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3446", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f29c020fa1d9e0d3fd22a6d24edf211392cc8ce4b57a7b341a172cb889a5abb6", "Title": "openssl: Excessive time spent checking DH keys and parameters", "Description": "Issue summary: Checking excessively long DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_check(), DH_check_ex()\nor EVP_PKEY_param_check() to check a DH key or DH parameters may experience long\ndelays. Where the key or parameters that are being checked have been obtained\nfrom an untrusted source this may lead to a Denial of Service.\n\nThe function DH_check() performs various checks on DH parameters. One of those\nchecks confirms that the modulus ('p' parameter) is not too large. Trying to use\na very large modulus is slow and OpenSSL will not normally use a modulus which\nis over 10,000 bits in length.\n\nHowever the DH_check() function checks numerous aspects of the key or parameters\nthat have been supplied. Some of those checks use the supplied modulus value\neven if it has already been found to be too large.\n\nAn application that calls DH_check() and supplies a key or parameters obtained\nfrom an untrusted source could be vulernable to a Denial of Service attack.\n\nThe function DH_check() is itself called by a number of other OpenSSL functions.\nAn application calling any of those other functions may similarly be affected.\nThe other functions affected by this are DH_check_ex() and\nEVP_PKEY_param_check().\n\nAlso vulnerable are the OpenSSL dhparam and pkeyparam command line applications\nwhen using the '-check' option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-606", "CWE-1333" ], "VendorSeverity": { "alma": 1, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/07/19/4", "http://www.openwall.com/lists/oss-security/2023/07/19/5", "http://www.openwall.com/lists/oss-security/2023/07/19/6", "http://www.openwall.com/lists/oss-security/2023/07/31/1", "http://www.openwall.com/lists/oss-security/2024/05/16/1", "https://access.redhat.com/errata/RHSA-2024:2447", "https://access.redhat.com/security/cve/CVE-2023-3446", "https://bugzilla.redhat.com/2223016", "https://bugzilla.redhat.com/2224962", "https://bugzilla.redhat.com/2227852", "https://bugzilla.redhat.com/2248616", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2224962", "https://bugzilla.redhat.com/show_bug.cgi?id=2257582", "https://bugzilla.redhat.com/show_bug.cgi?id=2257583", "https://bugzilla.redhat.com/show_bug.cgi?id=2258677", "https://bugzilla.redhat.com/show_bug.cgi?id=2258688", "https://bugzilla.redhat.com/show_bug.cgi?id=2258691", "https://bugzilla.redhat.com/show_bug.cgi?id=2258694", "https://bugzilla.redhat.com/show_bug.cgi?id=2258700", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36763", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36764", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45229", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45231", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45232", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45233", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45235", "https://errata.almalinux.org/9/ALSA-2024-2447.html", "https://errata.rockylinux.org/RLSA-2024:2264", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23", "https://linux.oracle.com/cve/CVE-2023-3446.html", "https://linux.oracle.com/errata/ELSA-2024-2447.html", "https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3446", "https://security.gentoo.org/glsa/202402-08", "https://security.netapp.com/advisory/ntap-20230803-0011/", "https://ubuntu.com/security/notices/USN-6435-1", "https://ubuntu.com/security/notices/USN-6435-2", "https://ubuntu.com/security/notices/USN-6450-1", "https://ubuntu.com/security/notices/USN-6709-1", "https://ubuntu.com/security/notices/USN-7018-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2023-3446", "https://www.openssl.org/news/secadv/20230719.txt" ], "PublishedDate": "2023-07-19T12:15:10.003Z", "LastModifiedDate": "2025-04-23T17:16:36.967Z" }, { "VulnerabilityID": "CVE-2023-3817", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.12", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3817", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:758410139e03d914dd81c83cbe8cc3aca472e7e4ec37db5e6b1eae0479025249", "Title": "OpenSSL: Excessive time spent checking DH q parameter value", "Description": "Issue summary: Checking excessively long DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_check(), DH_check_ex()\nor EVP_PKEY_param_check() to check a DH key or DH parameters may experience long\ndelays. Where the key or parameters that are being checked have been obtained\nfrom an untrusted source this may lead to a Denial of Service.\n\nThe function DH_check() performs various checks on DH parameters. After fixing\nCVE-2023-3446 it was discovered that a large q parameter value can also trigger\nan overly long computation during some of these checks. A correct q value,\nif present, cannot be larger than the modulus p parameter, thus it is\nunnecessary to perform these checks if q is larger than p.\n\nAn application that calls DH_check() and supplies a key or parameters obtained\nfrom an untrusted source could be vulnerable to a Denial of Service attack.\n\nThe function DH_check() is itself called by a number of other OpenSSL functions.\nAn application calling any of those other functions may similarly be affected.\nThe other functions affected by this are DH_check_ex() and\nEVP_PKEY_param_check().\n\nAlso vulnerable are the OpenSSL dhparam and pkeyparam command line applications\nwhen using the \"-check\" option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-606", "CWE-834" ], "VendorSeverity": { "alma": 1, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://seclists.org/fulldisclosure/2023/Jul/43", "http://www.openwall.com/lists/oss-security/2023/07/31/1", "http://www.openwall.com/lists/oss-security/2023/09/22/11", "http://www.openwall.com/lists/oss-security/2023/09/22/9", "http://www.openwall.com/lists/oss-security/2023/11/06/2", "https://access.redhat.com/errata/RHSA-2024:2447", "https://access.redhat.com/security/cve/CVE-2023-3817", "https://bugzilla.redhat.com/2223016", "https://bugzilla.redhat.com/2224962", "https://bugzilla.redhat.com/2227852", "https://bugzilla.redhat.com/2248616", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2224962", "https://bugzilla.redhat.com/show_bug.cgi?id=2227852", "https://bugzilla.redhat.com/show_bug.cgi?id=2248616", "https://bugzilla.redhat.com/show_bug.cgi?id=2270358", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3817", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5678", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2408", "https://errata.almalinux.org/9/ALSA-2024-2447.html", "https://errata.rockylinux.org/RLSA-2023:7877", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5", "https://linux.oracle.com/cve/CVE-2023-3817.html", "https://linux.oracle.com/errata/ELSA-2024-2447.html", "https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3817", "https://security.gentoo.org/glsa/202402-08", "https://security.netapp.com/advisory/ntap-20230818-0014/", "https://security.netapp.com/advisory/ntap-20231027-0008/", "https://security.netapp.com/advisory/ntap-20240621-0006/", "https://ubuntu.com/security/notices/USN-6435-1", "https://ubuntu.com/security/notices/USN-6435-2", "https://ubuntu.com/security/notices/USN-6450-1", "https://ubuntu.com/security/notices/USN-6709-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2023-3817", "https://www.openssl.org/news/secadv/20230731.txt" ], "PublishedDate": "2023-07-31T16:15:10.497Z", "LastModifiedDate": "2025-05-05T16:15:47.343Z" }, { "VulnerabilityID": "CVE-2023-5678", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.14", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-5678", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a6d3d6d34572d794850b41e61d59150d4a1f56f3e158c6c0a046fc7f21c60e88", "Title": "openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow", "Description": "Issue summary: Generating excessively long X9.42 DH keys or checking\nexcessively long X9.42 DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_generate_key() to\ngenerate an X9.42 DH key may experience long delays. Likewise, applications\nthat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\nto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\nWhere the key or parameters that are being checked have been obtained from\nan untrusted source this may lead to a Denial of Service.\n\nWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\nDH_check_pub_key() doesn't make any of these checks, and is therefore\nvulnerable for excessively large P and Q parameters.\n\nLikewise, while DH_generate_key() performs a check for an excessively large\nP, it doesn't check for an excessively large Q.\n\nAn application that calls DH_generate_key() or DH_check_pub_key() and\nsupplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nDH_generate_key() and DH_check_pub_key() are also called by a number of\nother OpenSSL functions. An application calling any of those other\nfunctions may similarly be affected. The other functions affected by this\nare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\n\nAlso vulnerable are the OpenSSL pkey command line application when using the\n\"-pubcheck\" option, as well as the OpenSSL genpkey command line application.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-606", "CWE-754" ], "VendorSeverity": { "alma": 1, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/11/1", "https://access.redhat.com/errata/RHSA-2024:2447", "https://access.redhat.com/security/cve/CVE-2023-5678", "https://bugzilla.redhat.com/2223016", "https://bugzilla.redhat.com/2224962", "https://bugzilla.redhat.com/2227852", "https://bugzilla.redhat.com/2248616", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2224962", "https://bugzilla.redhat.com/show_bug.cgi?id=2227852", "https://bugzilla.redhat.com/show_bug.cgi?id=2248616", "https://bugzilla.redhat.com/show_bug.cgi?id=2270358", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3446", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3817", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5678", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2408", "https://errata.almalinux.org/9/ALSA-2024-2447.html", "https://errata.rockylinux.org/RLSA-2023:7877", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017", "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6", "https://linux.oracle.com/cve/CVE-2023-5678.html", "https://linux.oracle.com/errata/ELSA-2024-2447.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-5678", "https://security.netapp.com/advisory/ntap-20231130-0010/", "https://ubuntu.com/security/notices/USN-6622-1", "https://ubuntu.com/security/notices/USN-6632-1", "https://ubuntu.com/security/notices/USN-6709-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2023-5678", "https://www.openssl.org/news/secadv/20231106.txt" ], "PublishedDate": "2023-11-06T16:15:42.67Z", "LastModifiedDate": "2025-12-02T20:15:49.157Z" }, { "VulnerabilityID": "CVE-2023-6129", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.14", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-6129", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e4c9c0a83eeba71e69db6ec9193f853a9e2be4dbe465375e4a7a25ec9e9297c4", "Title": "openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC", "Description": "Issue summary: The POLY1305 MAC (message authentication code) implementation\ncontains a bug that might corrupt the internal state of applications running\non PowerPC CPU based platforms if the CPU provides vector instructions.\n\nImpact summary: If an attacker can influence whether the POLY1305 MAC\nalgorithm is used, the application state might be corrupted with various\napplication dependent consequences.\n\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL for\nPowerPC CPUs restores the contents of vector registers in a different order\nthan they are saved. Thus the contents of some of these vector registers\nare corrupted when returning to the caller. The vulnerable code is used only\non newer PowerPC processors supporting the PowerISA 2.07 instructions.\n\nThe consequences of this kind of internal application state corruption can\nbe various - from no consequences, if the calling application does not\ndepend on the contents of non-volatile XMM registers at all, to the worst\nconsequences, where the attacker could get complete control of the application\nprocess. However unless the compiler uses the vector registers for storing\npointers, the most likely consequence, if any, would be an incorrect result\nof some application dependent calculations or a crash leading to a denial of\nservice.\n\nThe POLY1305 MAC algorithm is most frequently used as part of the\nCHACHA20-POLY1305 AEAD (authenticated encryption with associated data)\nalgorithm. The most common usage of this AEAD cipher is with TLS protocol\nversions 1.2 and 1.3. If this cipher is enabled on the server a malicious\nclient can influence whether this AEAD cipher is used. This implies that\nTLS server applications using OpenSSL can be potentially impacted. However\nwe are currently not aware of any concrete application that would be affected\nby this issue therefore we consider this a Low severity security issue.", "Severity": "LOW", "CweIDs": [ "CWE-440", "CWE-787" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 6.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/11/1", "https://access.redhat.com/errata/RHSA-2024:9088", "https://access.redhat.com/security/cve/CVE-2023-6129", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/2284243", "https://bugzilla.redhat.com/show_bug.cgi?id=2257571", "https://bugzilla.redhat.com/show_bug.cgi?id=2258502", "https://bugzilla.redhat.com/show_bug.cgi?id=2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2284243", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6129", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1298", "https://errata.almalinux.org/9/ALSA-2024-9088.html", "https://errata.rockylinux.org/RLSA-2024:9088", "https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35", "https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04", "https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015", "https://linux.oracle.com/cve/CVE-2023-6129.html", "https://linux.oracle.com/errata/ELSA-2024-9088.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-6129", "https://security.netapp.com/advisory/ntap-20240216-0009/", "https://security.netapp.com/advisory/ntap-20240426-0008/", "https://security.netapp.com/advisory/ntap-20240426-0013/", "https://security.netapp.com/advisory/ntap-20240503-0011/", "https://ubuntu.com/security/notices/USN-6622-1", "https://www.cve.org/CVERecord?id=CVE-2023-6129", "https://www.openssl.org/news/secadv/20240109.txt", "https://www.openwall.com/lists/oss-security/2024/01/09/1" ], "PublishedDate": "2024-01-09T17:15:12.147Z", "LastModifiedDate": "2025-06-20T16:15:27.797Z" }, { "VulnerabilityID": "CVE-2023-6237", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.14", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-6237", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4c50a101f5b509ce61266adc8ee72ee02f4c0a1aef98a3621a2ca7cade74ec13", "Title": "openssl: Excessive time spent checking invalid RSA public keys", "Description": "Issue summary: Checking excessively long invalid RSA public keys may take\na long time.\n\nImpact summary: Applications that use the function EVP_PKEY_public_check()\nto check RSA public keys may experience long delays. Where the key that\nis being checked has been obtained from an untrusted source this may lead\nto a Denial of Service.\n\nWhen function EVP_PKEY_public_check() is called on RSA public keys,\na computation is done to confirm that the RSA modulus, n, is composite.\nFor valid RSA keys, n is a product of two or more large primes and this\ncomputation completes quickly. However, if n is an overly large prime,\nthen this computation would take a long time.\n\nAn application that calls EVP_PKEY_public_check() and supplies an RSA key\nobtained from an untrusted source could be vulnerable to a Denial of Service\nattack.\n\nThe function EVP_PKEY_public_check() is not called from other OpenSSL\nfunctions however it is called from the OpenSSL pkey command line\napplication. For that reason that application is also vulnerable if used\nwith the '-pubin' and '-check' options on untrusted data.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-606" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/11/1", "https://access.redhat.com/errata/RHSA-2024:9088", "https://access.redhat.com/security/cve/CVE-2023-6237", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/2284243", "https://bugzilla.redhat.com/show_bug.cgi?id=2257571", "https://bugzilla.redhat.com/show_bug.cgi?id=2258502", "https://bugzilla.redhat.com/show_bug.cgi?id=2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2284243", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6129", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1298", "https://errata.almalinux.org/9/ALSA-2024-9088.html", "https://errata.rockylinux.org/RLSA-2024:9088", "https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d", "https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a", "https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294", "https://linux.oracle.com/cve/CVE-2023-6237.html", "https://linux.oracle.com/errata/ELSA-2024-9088.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-6237", "https://security.netapp.com/advisory/ntap-20240531-0007/", "https://ubuntu.com/security/notices/USN-6622-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2023-6237", "https://www.openssl.org/news/secadv/20240115.txt", "https://www.openwall.com/lists/oss-security/2024/01/15/2" ], "PublishedDate": "2024-04-25T07:15:45.27Z", "LastModifiedDate": "2024-11-21T08:43:25.997Z" }, { "VulnerabilityID": "CVE-2024-0727", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.14", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-0727", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:774ee570d50c5b3e81b52263288d455b4f68fcf85d932d9f46f04848ab130433", "Title": "openssl: denial of service via null dereference", "Description": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL\nto crash leading to a potential Denial of Service attack\n\nImpact summary: Applications loading files in the PKCS12 format from untrusted\nsources might terminate abruptly.\n\nA file in PKCS12 format can contain certificates and keys and may come from an\nuntrusted source. The PKCS12 specification allows certain fields to be NULL, but\nOpenSSL does not correctly check for this case. This can lead to a NULL pointer\ndereference that results in OpenSSL crashing. If an application processes PKCS12\nfiles from an untrusted source using the OpenSSL APIs then that application will\nbe vulnerable to this issue.\n\nOpenSSL APIs that are vulnerable to this are: PKCS12_parse(),\nPKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()\nand PKCS12_newpass().\n\nWe have also fixed a similar issue in SMIME_write_PKCS7(). However since this\nfunction is related to writing data we do not consider it security significant.\n\nThe FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "ghsa": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/03/11/1", "https://access.redhat.com/errata/RHSA-2024:9088", "https://access.redhat.com/security/cve/CVE-2024-0727", "https://bugzilla.redhat.com/2257571", "https://bugzilla.redhat.com/2258502", "https://bugzilla.redhat.com/2259944", "https://bugzilla.redhat.com/2284243", "https://bugzilla.redhat.com/show_bug.cgi?id=2257571", "https://bugzilla.redhat.com/show_bug.cgi?id=2258502", "https://bugzilla.redhat.com/show_bug.cgi?id=2259944", "https://bugzilla.redhat.com/show_bug.cgi?id=2284243", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6129", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6237", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1298", "https://errata.almalinux.org/9/ALSA-2024-9088.html", "https://errata.rockylinux.org/RLSA-2024:9088", "https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2", "https://github.com/github/advisory-database/pull/3472", "https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2", "https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a", "https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c", "https://github.com/openssl/openssl/pull/23362", "https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d", "https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8", "https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539", "https://linux.oracle.com/cve/CVE-2024-0727.html", "https://linux.oracle.com/errata/ELSA-2024-9088.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-0727", "https://security.netapp.com/advisory/ntap-20240208-0006", "https://security.netapp.com/advisory/ntap-20240208-0006/", "https://ubuntu.com/security/notices/USN-6622-1", "https://ubuntu.com/security/notices/USN-6632-1", "https://ubuntu.com/security/notices/USN-6709-1", "https://ubuntu.com/security/notices/USN-7018-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-0727", "https://www.openssl.org/news/secadv/20240125.txt" ], "PublishedDate": "2024-01-26T09:15:07.637Z", "LastModifiedDate": "2025-11-03T22:16:34.223Z" }, { "VulnerabilityID": "CVE-2024-13176", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.19", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-13176", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ce93a88d34909bccba061b1e13cb67a2b42cd75ad61b4b284076d9d7380d1efa", "Title": "openssl: Timing side-channel in ECDSA signature computation", "Description": "Issue summary: A timing side-channel which could potentially allow recovering\nthe private key exists in the ECDSA signature computation.\n\nImpact summary: A timing side-channel in ECDSA signature computations\ncould allow recovering the private key by an attacker. However, measuring\nthe timing would require either local access to the signing application or\na very fast network connection with low latency.\n\nThere is a timing signal of around 300 nanoseconds when the top word of\nthe inverted ECDSA nonce value is zero. This can happen with significant\nprobability only for some of the supported elliptic curves. In particular\nthe NIST P-521 curve is affected. To be able to measure this leak, the attacker\nprocess must either be located in the same physical computer or must\nhave a very fast network connection with low latency. For that reason\nthe severity of this vulnerability is Low.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-385" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 1, "rocky": 2, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/01/20/2", "https://access.redhat.com/errata/RHSA-2025:16046", "https://access.redhat.com/security/cve/CVE-2024-13176", "https://bugzilla.redhat.com/2359885", "https://bugzilla.redhat.com/2359888", "https://bugzilla.redhat.com/2359892", "https://bugzilla.redhat.com/2359894", "https://bugzilla.redhat.com/2359895", "https://bugzilla.redhat.com/2359899", "https://bugzilla.redhat.com/2359900", "https://bugzilla.redhat.com/2359902", "https://bugzilla.redhat.com/2359903", "https://bugzilla.redhat.com/2359911", "https://bugzilla.redhat.com/2359918", "https://bugzilla.redhat.com/2359920", "https://bugzilla.redhat.com/2359924", "https://bugzilla.redhat.com/2359928", "https://bugzilla.redhat.com/2359930", "https://bugzilla.redhat.com/2359932", "https://bugzilla.redhat.com/2359934", "https://bugzilla.redhat.com/2359938", "https://bugzilla.redhat.com/2359940", "https://bugzilla.redhat.com/2359943", "https://bugzilla.redhat.com/2359944", "https://bugzilla.redhat.com/2359945", "https://bugzilla.redhat.com/2359947", "https://bugzilla.redhat.com/2359950", "https://bugzilla.redhat.com/2359963", "https://bugzilla.redhat.com/2359964", "https://bugzilla.redhat.com/2359972", "https://bugzilla.redhat.com/2370920", "https://bugzilla.redhat.com/2380264", "https://bugzilla.redhat.com/2380273", "https://bugzilla.redhat.com/2380274", "https://bugzilla.redhat.com/2380278", "https://bugzilla.redhat.com/2380280", "https://bugzilla.redhat.com/2380283", "https://bugzilla.redhat.com/2380284", "https://bugzilla.redhat.com/2380290", "https://bugzilla.redhat.com/2380291", "https://bugzilla.redhat.com/2380295", "https://bugzilla.redhat.com/2380298", "https://bugzilla.redhat.com/2380306", "https://bugzilla.redhat.com/2380308", "https://bugzilla.redhat.com/2380309", "https://bugzilla.redhat.com/2380310", "https://bugzilla.redhat.com/2380312", "https://bugzilla.redhat.com/2380313", "https://bugzilla.redhat.com/2380320", "https://bugzilla.redhat.com/2380321", "https://bugzilla.redhat.com/2380322", "https://bugzilla.redhat.com/2380326", "https://bugzilla.redhat.com/2380327", "https://bugzilla.redhat.com/2380334", "https://bugzilla.redhat.com/2380335", "https://bugzilla.redhat.com/show_bug.cgi?id=2338999", "https://bugzilla.redhat.com/show_bug.cgi?id=2359885", "https://bugzilla.redhat.com/show_bug.cgi?id=2359888", "https://bugzilla.redhat.com/show_bug.cgi?id=2359892", "https://bugzilla.redhat.com/show_bug.cgi?id=2359894", "https://bugzilla.redhat.com/show_bug.cgi?id=2359895", "https://bugzilla.redhat.com/show_bug.cgi?id=2359899", "https://bugzilla.redhat.com/show_bug.cgi?id=2359900", "https://bugzilla.redhat.com/show_bug.cgi?id=2359902", "https://bugzilla.redhat.com/show_bug.cgi?id=2359903", "https://bugzilla.redhat.com/show_bug.cgi?id=2359911", "https://bugzilla.redhat.com/show_bug.cgi?id=2359918", "https://bugzilla.redhat.com/show_bug.cgi?id=2359920", "https://bugzilla.redhat.com/show_bug.cgi?id=2359924", "https://bugzilla.redhat.com/show_bug.cgi?id=2359928", "https://bugzilla.redhat.com/show_bug.cgi?id=2359930", "https://bugzilla.redhat.com/show_bug.cgi?id=2359932", "https://bugzilla.redhat.com/show_bug.cgi?id=2359934", "https://bugzilla.redhat.com/show_bug.cgi?id=2359938", "https://bugzilla.redhat.com/show_bug.cgi?id=2359940", "https://bugzilla.redhat.com/show_bug.cgi?id=2359943", "https://bugzilla.redhat.com/show_bug.cgi?id=2359944", "https://bugzilla.redhat.com/show_bug.cgi?id=2359945", "https://bugzilla.redhat.com/show_bug.cgi?id=2359947", "https://bugzilla.redhat.com/show_bug.cgi?id=2359950", "https://bugzilla.redhat.com/show_bug.cgi?id=2359963", "https://bugzilla.redhat.com/show_bug.cgi?id=2359964", "https://bugzilla.redhat.com/show_bug.cgi?id=2359972", "https://bugzilla.redhat.com/show_bug.cgi?id=2370920", "https://bugzilla.redhat.com/show_bug.cgi?id=2380264", "https://bugzilla.redhat.com/show_bug.cgi?id=2380273", "https://bugzilla.redhat.com/show_bug.cgi?id=2380274", "https://bugzilla.redhat.com/show_bug.cgi?id=2380278", "https://bugzilla.redhat.com/show_bug.cgi?id=2380280", "https://bugzilla.redhat.com/show_bug.cgi?id=2380283", "https://bugzilla.redhat.com/show_bug.cgi?id=2380284", "https://bugzilla.redhat.com/show_bug.cgi?id=2380290", "https://bugzilla.redhat.com/show_bug.cgi?id=2380291", "https://bugzilla.redhat.com/show_bug.cgi?id=2380295", "https://bugzilla.redhat.com/show_bug.cgi?id=2380298", "https://bugzilla.redhat.com/show_bug.cgi?id=2380306", "https://bugzilla.redhat.com/show_bug.cgi?id=2380308", "https://bugzilla.redhat.com/show_bug.cgi?id=2380309", "https://bugzilla.redhat.com/show_bug.cgi?id=2380310", "https://bugzilla.redhat.com/show_bug.cgi?id=2380312", "https://bugzilla.redhat.com/show_bug.cgi?id=2380313", "https://bugzilla.redhat.com/show_bug.cgi?id=2380320", "https://bugzilla.redhat.com/show_bug.cgi?id=2380321", "https://bugzilla.redhat.com/show_bug.cgi?id=2380322", "https://bugzilla.redhat.com/show_bug.cgi?id=2380326", "https://bugzilla.redhat.com/show_bug.cgi?id=2380327", "https://bugzilla.redhat.com/show_bug.cgi?id=2380334", "https://bugzilla.redhat.com/show_bug.cgi?id=2380335", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21574", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21575", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21577", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21579", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21580", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21581", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21584", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21585", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21588", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30681", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30682", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30683", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30684", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30685", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30687", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30688", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30689", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30693", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30695", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30696", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30699", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30703", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30704", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30705", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30715", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30721", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30722", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50077", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50078", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50079", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50080", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50081", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50082", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50083", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50085", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50086", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50087", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50088", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50091", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50092", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50093", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50094", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50096", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50097", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50098", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50099", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50100", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50101", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50102", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50104", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5399", "https://errata.almalinux.org/9/ALSA-2025-16046.html", "https://errata.rockylinux.org/RLSA-2025:15699", "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844", "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467", "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902", "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65", "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f", "https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded", "https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86", "https://linux.oracle.com/cve/CVE-2024-13176.html", "https://linux.oracle.com/errata/ELSA-2025-16046.html", "https://lists.debian.org/debian-lts-announce/2025/05/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-13176", "https://openssl-library.org/news/secadv/20250120.txt", "https://security.netapp.com/advisory/ntap-20250124-0005/", "https://security.netapp.com/advisory/ntap-20250418-0010/", "https://security.netapp.com/advisory/ntap-20250502-0006/", "https://ubuntu.com/security/notices/USN-7264-1", "https://ubuntu.com/security/notices/USN-7278-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-13176", "https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixMSQL" ], "PublishedDate": "2025-01-20T14:15:26.247Z", "LastModifiedDate": "2025-11-03T20:16:08.203Z" }, { "VulnerabilityID": "CVE-2024-2511", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.17", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-2511", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:66443cb1b83130f2d5c5c166a45909d9ed87131e4da32c74216a1fd2d8c012ca", "Title": "openssl: Unbounded memory growth with session handling in TLSv1.3", "Description": "Issue summary: Some non-default TLS server configurations can cause unbounded\nmemory growth when processing TLSv1.3 sessions\n\nImpact summary: An attacker may exploit certain server configurations to trigger\nunbounded memory growth that would lead to a Denial of Service\n\nThis problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is\nbeing used (but not if early_data support is also configured and the default\nanti-replay protection is in use). In this case, under certain conditions, the\nsession cache can get into an incorrect state and it will fail to flush properly\nas it fills. The session cache will continue to grow in an unbounded manner. A\nmalicious client could deliberately create the scenario for this failure to\nforce a Denial of Service. It may also happen by accident in normal operation.\n\nThis issue only affects TLS servers supporting TLSv1.3. It does not affect TLS\nclients.\n\nThe FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL\n1.0.2 is also not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-1325" ], "VendorSeverity": { "alma": 1, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/04/08/5", "https://access.redhat.com/errata/RHSA-2024:9333", "https://access.redhat.com/security/cve/CVE-2024-2511", "https://bugzilla.redhat.com/2274020", "https://bugzilla.redhat.com/2281029", "https://bugzilla.redhat.com/2283757", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4603", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://errata.almalinux.org/9/ALSA-2024-9333.html", "https://errata.rockylinux.org/RLSA-2024:9333", "https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce", "https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d", "https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08", "https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640", "https://linux.oracle.com/cve/CVE-2024-2511.html", "https://linux.oracle.com/errata/ELSA-2024-9333.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", "https://security.netapp.com/advisory/ntap-20240503-0013/", "https://ubuntu.com/security/notices/USN-6937-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-2511", "https://www.openssl.org/news/secadv/20240408.txt", "https://www.openssl.org/news/vulnerabilities.html" ], "PublishedDate": "2024-04-08T14:15:07.66Z", "LastModifiedDate": "2025-11-03T22:16:50.9Z" }, { "VulnerabilityID": "CVE-2024-4603", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.17", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-4603", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f3c76c9f9eafdc2e7b2b7f63eef0b22485c0272e6d94a99d9b91efee49003fd4", "Title": "openssl: Excessive time spent checking DSA keys and parameters", "Description": "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-606", "CWE-834" ], "VendorSeverity": { "alma": 1, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 1, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/05/16/2", "https://access.redhat.com/errata/RHSA-2024:9333", "https://access.redhat.com/security/cve/CVE-2024-4603", "https://bugzilla.redhat.com/2274020", "https://bugzilla.redhat.com/2281029", "https://bugzilla.redhat.com/2283757", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4603", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://errata.almalinux.org/9/ALSA-2024-9333.html", "https://errata.rockylinux.org/RLSA-2024:9333", "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397", "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e", "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d", "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740", "https://linux.oracle.com/cve/CVE-2024-4603.html", "https://linux.oracle.com/errata/ELSA-2024-9333.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", "https://security.netapp.com/advisory/ntap-20240621-0001/", "https://ubuntu.com/security/notices/USN-6937-1", "https://www.cve.org/CVERecord?id=CVE-2024-4603", "https://www.openssl.org/news/secadv/20240516.txt" ], "PublishedDate": "2024-05-16T16:15:10.643Z", "LastModifiedDate": "2024-11-21T09:43:11.753Z" }, { "VulnerabilityID": "CVE-2024-4741", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.17", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-4741", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3541f5e3d762cca68574dd7e81d749316d3e26eb62e43ae437445465a489eea7", "Title": "openssl: Use After Free with SSL_free_buffers", "Description": "Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause\nmemory to be accessed that was previously freed in some situations\n\nImpact summary: A use after free can have a range of potential consequences such\nas the corruption of valid data, crashes or execution of arbitrary code.\nHowever, only applications that directly call the SSL_free_buffers function are\naffected by this issue. Applications that do not call this function are not\nvulnerable. Our investigations indicate that this function is rarely used by\napplications.\n\nThe SSL_free_buffers function is used to free the internal OpenSSL buffer used\nwhen processing an incoming record from the network. The call is only expected\nto succeed if the buffer is not currently in use. However, two scenarios have\nbeen identified where the buffer is freed even when still in use.\n\nThe first scenario occurs where a record header has been received from the\nnetwork and processed by OpenSSL, but the full record body has not yet arrived.\nIn this case calling SSL_free_buffers will succeed even though a record has only\nbeen partially processed and the buffer is still in use.\n\nThe second scenario occurs where a full record containing application data has\nbeen received and processed by OpenSSL but the application has only read part of\nthis data. Again a call to SSL_free_buffers will succeed even though the buffer\nis still in use.\n\nWhile these scenarios could occur accidentally during normal operation a\nmalicious attacker could attempt to engineer a stituation where this occurs.\nWe are not aware of this issue being actively exploited.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 1, "amazon": 2, "azure": 3, "cbl-mariner": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:9333", "https://access.redhat.com/security/cve/CVE-2024-4741", "https://bugzilla.redhat.com/2274020", "https://bugzilla.redhat.com/2281029", "https://bugzilla.redhat.com/2283757", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4603", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://errata.almalinux.org/9/ALSA-2024-9333.html", "https://errata.rockylinux.org/RLSA-2024:9333", "https://github.com/openssl/openssl/commit/704f725b96aa373ee45ecfb23f6abfe8be8d9177", "https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d", "https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac", "https://github.com/openssl/openssl/commit/e5093133c35ca82874ad83697af76f4b0f7e3bd8", "https://github.openssl.org/openssl/extended-releases/commit/f7a045f3143fc6da2ee66bf52d8df04829590dd4", "https://linux.oracle.com/cve/CVE-2024-4741.html", "https://linux.oracle.com/errata/ELSA-2024-9333.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-4741", "https://security.netapp.com/advisory/ntap-20240621-0004/", "https://ubuntu.com/security/notices/USN-6937-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-4741", "https://www.openssl.org/news/secadv/20240528.txt" ], "PublishedDate": "2024-11-13T11:15:04.48Z", "LastModifiedDate": "2025-11-04T18:16:42.5Z" }, { "VulnerabilityID": "CVE-2024-5535", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.17", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-5535", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6b8612e79ab1b596c57c18645dc09ea7d86f98323adf211c660818d5472966bb", "Title": "openssl: SSL_select_next_proto buffer overread", "Description": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\nempty supported client protocols buffer may cause a crash or memory contents to\nbe sent to the peer.\n\nImpact summary: A buffer overread can have a range of potential consequences\nsuch as unexpected application beahviour or a crash. In particular this issue\ncould result in up to 255 bytes of arbitrary private data from memory being sent\nto the peer leading to a loss of confidentiality. However, only applications\nthat directly call the SSL_select_next_proto function with a 0 length list of\nsupported client protocols are affected by this issue. This would normally never\nbe a valid scenario and is typically not under attacker control but may occur by\naccident in the case of a configuration or programming error in the calling\napplication.\n\nThe OpenSSL API function SSL_select_next_proto is typically used by TLS\napplications that support ALPN (Application Layer Protocol Negotiation) or NPN\n(Next Protocol Negotiation). NPN is older, was never standardised and\nis deprecated in favour of ALPN. We believe that ALPN is significantly more\nwidely deployed than NPN. The SSL_select_next_proto function accepts a list of\nprotocols from the server and a list of protocols from the client and returns\nthe first protocol that appears in the server list that also appears in the\nclient list. In the case of no overlap between the two lists it returns the\nfirst item in the client list. In either case it will signal whether an overlap\nbetween the two lists was found. In the case where SSL_select_next_proto is\ncalled with a zero length client list it fails to notice this condition and\nreturns the memory immediately following the client list pointer (and reports\nthat there was no overlap in the lists).\n\nThis function is typically called from a server side application callback for\nALPN or a client side application callback for NPN. In the case of ALPN the list\nof protocols supplied by the client is guaranteed by libssl to never be zero in\nlength. The list of server protocols comes from the application and should never\nnormally be expected to be of zero length. In this case if the\nSSL_select_next_proto function has been called as expected (with the list\nsupplied by the client passed in the client/client_len parameters), then the\napplication will not be vulnerable to this issue. If the application has\naccidentally been configured with a zero length server list, and has\naccidentally passed that zero length server list in the client/client_len\nparameters, and has additionally failed to correctly handle a \"no overlap\"\nresponse (which would normally result in a handshake failure in ALPN) then it\nwill be vulnerable to this problem.\n\nIn the case of NPN, the protocol permits the client to opportunistically select\na protocol when there is no overlap. OpenSSL returns the first client protocol\nin the no overlap case in support of this. The list of client protocols comes\nfrom the application and should never normally be expected to be of zero length.\nHowever if the SSL_select_next_proto function is accidentally called with a\nclient_len of 0 then an invalid memory pointer will be returned instead. If the\napplication uses this output as the opportunistic protocol then the loss of\nconfidentiality will occur.\n\nThis issue has been assessed as Low severity because applications are most\nlikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\nwidely used. It also requires an application configuration or programming error.\nFinally, this issue would not typically be under attacker control making active\nexploitation unlikely.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\n\nDue to the low severity of this issue we are not issuing new releases of\nOpenSSL at this time. The fix will be included in the next releases when they\nbecome available.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 2, "azure": 4, "cbl-mariner": 4, "oracle-oval": 3, "photon": 4, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/06/27/1", "http://www.openwall.com/lists/oss-security/2024/06/28/4", "http://www.openwall.com/lists/oss-security/2024/08/15/1", "https://access.redhat.com/errata/RHSA-2025:1671", "https://access.redhat.com/security/cve/CVE-2024-5535", "https://bugzilla.redhat.com/2294581", "https://bugzilla.redhat.com/2294676", "https://bugzilla.redhat.com/2301888", "https://bugzilla.redhat.com/2318857", "https://bugzilla.redhat.com/2318858", "https://bugzilla.redhat.com/2318870", "https://bugzilla.redhat.com/2318873", "https://bugzilla.redhat.com/2318874", "https://bugzilla.redhat.com/2318876", "https://bugzilla.redhat.com/2318882", "https://bugzilla.redhat.com/2318883", "https://bugzilla.redhat.com/2318884", "https://bugzilla.redhat.com/2318885", "https://bugzilla.redhat.com/2318886", "https://bugzilla.redhat.com/2318897", "https://bugzilla.redhat.com/2318900", "https://bugzilla.redhat.com/2318905", "https://bugzilla.redhat.com/2318914", "https://bugzilla.redhat.com/2318922", "https://bugzilla.redhat.com/2318923", "https://bugzilla.redhat.com/2318925", "https://bugzilla.redhat.com/2318926", "https://bugzilla.redhat.com/2318927", "https://bugzilla.redhat.com/2331191", "https://bugzilla.redhat.com/2339218", "https://bugzilla.redhat.com/2339220", "https://bugzilla.redhat.com/2339221", "https://bugzilla.redhat.com/2339226", "https://bugzilla.redhat.com/2339231", "https://bugzilla.redhat.com/2339236", "https://bugzilla.redhat.com/2339238", "https://bugzilla.redhat.com/2339243", "https://bugzilla.redhat.com/2339247", "https://bugzilla.redhat.com/2339252", "https://bugzilla.redhat.com/2339259", "https://bugzilla.redhat.com/2339266", "https://bugzilla.redhat.com/2339270", "https://bugzilla.redhat.com/2339271", "https://bugzilla.redhat.com/2339275", "https://bugzilla.redhat.com/2339277", "https://bugzilla.redhat.com/2339281", "https://bugzilla.redhat.com/2339284", "https://bugzilla.redhat.com/2339291", "https://bugzilla.redhat.com/2339293", "https://bugzilla.redhat.com/2339295", "https://bugzilla.redhat.com/2339299", "https://bugzilla.redhat.com/2339300", "https://bugzilla.redhat.com/2339304", "https://bugzilla.redhat.com/2339305", "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4603", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5535", "https://errata.almalinux.org/9/ALSA-2025-1671.html", "https://errata.rockylinux.org/RLSA-2024:9333", "https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37", "https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e", "https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c", "https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c", "https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c", "https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87", "https://linux.oracle.com/cve/CVE-2024-5535.html", "https://linux.oracle.com/errata/ELSA-2025-1673.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-5535", "https://openssl.org/news/secadv/20240627.txt", "https://security.netapp.com/advisory/ntap-20240712-0005/", "https://security.netapp.com/advisory/ntap-20241025-0006/", "https://security.netapp.com/advisory/ntap-20241025-0010/", "https://ubuntu.com/security/notices/USN-6937-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-5535", "https://www.openssl.org/news/secadv/20240627.txt", "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL" ], "PublishedDate": "2024-06-27T11:15:24.447Z", "LastModifiedDate": "2025-11-03T23:17:30.51Z" }, { "VulnerabilityID": "CVE-2024-9143", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.19", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-9143", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:fcd78916cedb90b5d0be72bc174a67a82f49108e09dd17e414d5e5966cc18b49", "Title": "openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access", "Description": "Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted\nexplicit values for the field polynomial can lead to out-of-bounds memory reads\nor writes.\n\nImpact summary: Out of bound memory writes can lead to an application crash or\neven a possibility of a remote code execution, however, in all the protocols\ninvolving Elliptic Curve Cryptography that we're aware of, either only \"named\ncurves\" are supported, or, if explicit curve parameters are supported, they\nspecify an X9.62 encoding of binary (GF(2^m)) curves that can't represent\nproblematic input values. Thus the likelihood of existence of a vulnerable\napplication is low.\n\nIn particular, the X9.62 encoding is used for ECC keys in X.509 certificates,\nso problematic inputs cannot occur in the context of processing X.509\ncertificates. Any problematic use-cases would have to be using an \"exotic\"\ncurve encoding.\n\nThe affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(),\nand various supporting BN_GF2m_*() functions.\n\nApplications working with \"exotic\" explicit binary (GF(2^m)) curve parameters,\nthat make it possible to represent invalid field polynomials with a zero\nconstant term, via the above or similar APIs, may terminate abruptly as a\nresult of reading or writing outside of array bounds. Remote code execution\ncannot easily be ruled out.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-125", "CWE-787" ], "VendorSeverity": { "amazon": 3, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/10/16/1", "http://www.openwall.com/lists/oss-security/2024/10/23/1", "http://www.openwall.com/lists/oss-security/2024/10/24/1", "https://access.redhat.com/security/cve/CVE-2024-9143", "https://github.com/openssl/openssl/commit/72ae83ad214d2eef262461365a1975707f862712", "https://github.com/openssl/openssl/commit/bc7e04d7c8d509fb78fc0e285aa948fb0da04700", "https://github.com/openssl/openssl/commit/c0d3e4d32d2805f49bec30547f225bc4d092e1f4", "https://github.com/openssl/openssl/commit/fdf6723362ca51bd883295efe206cb5b1cfa5154", "https://github.openssl.org/openssl/extended-releases/commit/8efc0cbaa8ebba8e116f7b81a876a4123594d86a", "https://github.openssl.org/openssl/extended-releases/commit/9d576994cec2b7aa37a91740ea7e680810957e41", "https://lists.debian.org/debian-lts-announce/2024/10/msg00033.html", "https://lists.debian.org/debian-lts-announce/2024/11/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-9143", "https://openssl-library.org/news/secadv/20241016.txt", "https://security.netapp.com/advisory/ntap-20241101-0001/", "https://ubuntu.com/security/notices/USN-7264-1", "https://ubuntu.com/security/notices/USN-7278-1", "https://ubuntu.com/security/notices/USN-7894-1", "https://www.cve.org/CVERecord?id=CVE-2024-9143" ], "PublishedDate": "2024-10-16T17:15:18.13Z", "LastModifiedDate": "2025-11-03T23:17:33.46Z" }, { "VulnerabilityID": "CVE-2025-68160", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-68160", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:08fe6092434371480175b42984fe7de74daa0ee5008443ab05a0e4d9a95f2901", "Title": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter", "Description": "Issue summary: Writing large, newline-free data into a BIO chain using the\nline-buffering filter where the next BIO performs short writes can trigger\na heap-based out-of-bounds write.\n\nImpact summary: This out-of-bounds write can cause memory corruption which\ntypically results in a crash, leading to Denial of Service for an application.\n\nThe line-buffering BIO filter (BIO_f_linebuffer) is not used by default in\nTLS/SSL data paths. In OpenSSL command-line applications, it is typically\nonly pushed onto stdout/stderr on VMS systems. Third-party applications that\nexplicitly use this filter with a BIO chain that can short-write and that\nwrite large, newline-free data influenced by an attacker would be affected.\nHowever, the circumstances where this could happen are unlikely to be under\nattacker control, and BIO_f_linebuffer is unlikely to be handling non-curated\ndata controlled by an attacker. For that reason the issue was assessed as\nLow severity.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the BIO implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 4.7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-68160", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/384011202af92605d926fafe4a0bcd6b65d162ad", "https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6", "https://github.com/openssl/openssl/commit/4c96fbba618e1940f038012506ee9e21d32ee12c", "https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0", "https://github.com/openssl/openssl/commit/68a7cd2e2816c3a02f4d45a2ce43fc04fac97096", "https://linux.oracle.com/cve/CVE-2025-68160.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-68160", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-68160" ], "PublishedDate": "2026-01-27T16:16:15.9Z", "LastModifiedDate": "2026-02-02T18:36:57.727Z" }, { "VulnerabilityID": "CVE-2025-69418", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69418", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:56add76effd386af63a2b17f781780be709411506b3ceb3b24a591ae053e496d", "Title": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls", "Description": "Issue summary: When using the low-level OCB API directly with AES-NI or\u003cbr\u003eother hardware-accelerated code paths, inputs whose length is not a multiple\u003cbr\u003eof 16 bytes can leave the final partial block unencrypted and unauthenticated.\u003cbr\u003e\u003cbr\u003eImpact summary: The trailing 1-15 bytes of a message may be exposed in\u003cbr\u003ecleartext on encryption and are not covered by the authentication tag,\u003cbr\u003eallowing an attacker to read or tamper with those bytes without detection.\u003cbr\u003e\u003cbr\u003eThe low-level OCB encrypt and decrypt routines in the hardware-accelerated\u003cbr\u003estream path process full 16-byte blocks but do not advance the input/output\u003cbr\u003epointers. The subsequent tail-handling code then operates on the original\u003cbr\u003ebase pointers, effectively reprocessing the beginning of the buffer while\u003cbr\u003eleaving the actual trailing bytes unprocessed. The authentication checksum\u003cbr\u003ealso excludes the true tail bytes.\u003cbr\u003e\u003cbr\u003eHowever, typical OpenSSL consumers using EVP are not affected because the\u003cbr\u003ehigher-level EVP and provider OCB implementations split inputs so that full\u003cbr\u003eblocks and trailing partial blocks are processed in separate calls, avoiding\u003cbr\u003ethe problematic code path. Additionally, TLS does not use OCB ciphersuites.\u003cbr\u003eThe vulnerability only affects applications that call the low-level\u003cbr\u003eCRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with\u003cbr\u003enon-block-aligned lengths in a single call on hardware-accelerated builds.\u003cbr\u003eFor these reasons the issue was assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected\u003cbr\u003eby this issue, as OCB mode is not a FIPS-approved algorithm.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-325" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69418", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/372fc5c77529695b05b4f5b5187691a57ef5dffc", "https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8", "https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347", "https://github.com/openssl/openssl/commit/a7589230356d908c0eca4b969ec4f62106f4f5ae", "https://github.com/openssl/openssl/commit/ed40856d7d4ba6cb42779b6770666a65f19cb977", "https://linux.oracle.com/cve/CVE-2025-69418.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69418", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69418" ], "PublishedDate": "2026-01-27T16:16:33.253Z", "LastModifiedDate": "2026-02-02T18:36:03.557Z" }, { "VulnerabilityID": "CVE-2025-69419", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69419", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:83ff80a1e8035ccc9e7d92e7bfa773ef59307906ce9948340354b51d3d9ee4ae", "Title": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing", "Description": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously\ncrafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing\nnon-ASCII BMP code point can trigger a one byte write before the allocated\nbuffer.\n\nImpact summary: The out-of-bounds write can cause a memory corruption\nwhich can have various consequences including a Denial of Service.\n\nThe OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12\nBMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes,\nthe helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16\nsource byte count as the destination buffer capacity to UTF8_putc(). For BMP\ncode points above U+07FF, UTF-8 requires three bytes, but the forwarded\ncapacity can be just two bytes. UTF8_putc() then returns -1, and this negative\nvalue is added to the output length without validation, causing the\nlength to become negative. The subsequent trailing NUL byte is then written\nat a negative offset, causing write outside of heap allocated buffer.\n\nThe vulnerability is reachable via the public PKCS12_get_friendlyname() API\nwhen parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a\ndifferent code path that avoids this issue, PKCS12_get_friendlyname() directly\ninvokes the vulnerable function. Exploitation requires an attacker to provide\na malicious PKCS#12 file to be parsed by the application and the attacker\ncan just trigger a one zero byte write before the allocated buffer.\nFor that reason the issue was assessed as Low severity according to our\nSecurity Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4472", "https://access.redhat.com/security/cve/CVE-2025-69419", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-4472.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296", "https://github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecb", "https://github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2", "https://github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015", "https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535", "https://linux.oracle.com/cve/CVE-2025-69419.html", "https://linux.oracle.com/errata/ELSA-2026-50131.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69419", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69419" ], "PublishedDate": "2026-01-27T16:16:34.113Z", "LastModifiedDate": "2026-02-02T18:35:02.177Z" }, { "VulnerabilityID": "CVE-2025-69420", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69420", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8b1041128c8984e869626b205e93d1a253bcb58df11fec34918ba9b0ade6ed38", "Title": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response", "Description": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response\nverification code where an ASN1_TYPE union member is accessed without first\nvalidating the type, causing an invalid or NULL pointer dereference when\nprocessing a malformed TimeStamp Response file.\n\nImpact summary: An application calling TS_RESP_verify_response() with a\nmalformed TimeStamp Response can be caused to dereference an invalid or\nNULL pointer when reading, resulting in a Denial of Service.\n\nThe functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2()\naccess the signing cert attribute value without validating its type.\nWhen the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory\nthrough the ASN1_TYPE union, causing a crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nTimeStamp Response to an application that verifies timestamp responses. The\nTimeStamp protocol (RFC 3161) is not widely used and the impact of the\nexploit is just a Denial of Service. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the TimeStamp Response implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69420", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/27c7012c91cc986a598d7540f3079dfde2416eb9", "https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a", "https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e", "https://github.com/openssl/openssl/commit/5eb0770ffcf11b785cf374ff3c19196245e54f1b", "https://github.com/openssl/openssl/commit/a99349ebfc519999edc50620abe24d599b9eb085", "https://linux.oracle.com/cve/CVE-2025-69420.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69420", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69420" ], "PublishedDate": "2026-01-27T16:16:34.317Z", "LastModifiedDate": "2026-02-02T18:33:30.557Z" }, { "VulnerabilityID": "CVE-2025-69421", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69421", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8178f0d2bc335a206d04074826223f44c1ee38a0cbb3901909052792a7f5554a", "Title": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing", "Description": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer\ndereference in the PKCS12_item_decrypt_d2i_ex() function.\n\nImpact summary: A NULL pointer dereference can trigger a crash which leads to\nDenial of Service for an application processing PKCS#12 files.\n\nThe PKCS12_item_decrypt_d2i_ex() function does not check whether the oct\nparameter is NULL before dereferencing it. When called from\nPKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can\nbe NULL, causing a crash. The vulnerability is limited to Denial of Service\nand cannot be escalated to achieve code execution or memory disclosure.\n\nExploiting this issue requires an attacker to provide a malformed PKCS#12 file\nto an application that processes it. For that reason the issue was assessed as\nLow severity according to our Security Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69421", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b", "https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7", "https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd", "https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3", "https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c", "https://linux.oracle.com/cve/CVE-2025-69421.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69421", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69421" ], "PublishedDate": "2026-01-27T16:16:34.437Z", "LastModifiedDate": "2026-02-28T04:16:17.457Z" }, { "VulnerabilityID": "CVE-2026-22795", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22795", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1f722ff484722dba1f5b05cd00270d3f77e1d9d1607af5bc2756d7cc81123b17", "Title": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing", "Description": "Issue summary: An invalid or NULL pointer dereference can happen in\nan application processing a malformed PKCS#12 file.\n\nImpact summary: An application processing a malformed PKCS#12 file can be\ncaused to dereference an invalid or NULL pointer on memory read, resulting\nin a Denial of Service.\n\nA type confusion vulnerability exists in PKCS#12 parsing code where\nan ASN1_TYPE union member is accessed without first validating the type,\ncausing an invalid pointer read.\n\nThe location is constrained to a 1-byte address space, meaning any\nattempted pointer manipulation can only target addresses between 0x00 and 0xFF.\nThis range corresponds to the zero page, which is unmapped on most modern\noperating systems and will reliably result in a crash, leading only to a\nDenial of Service. Exploiting this issue also requires a user or application\nto process a maliciously crafted PKCS#12 file. It is uncommon to accept\nuntrusted PKCS#12 files in applications as they are usually used to store\nprivate keys which are trusted by definition. For these reasons, the issue\nwas assessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2026-22795", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49", "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12", "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e", "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "https://linux.oracle.com/cve/CVE-2026-22795.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-22795", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2026-22795" ], "PublishedDate": "2026-01-27T16:16:35.43Z", "LastModifiedDate": "2026-02-02T18:41:14.917Z" }, { "VulnerabilityID": "CVE-2026-22796", "PkgID": "libssl3@3.0.2-0ubuntu1.9", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "ccce9ad5fe6e474d", "BOMRef": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.9", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22796", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9250a52e5b0be7b7668a7d2c426749289bf1012233d5736624cc30e32cff5602", "Title": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification", "Description": "Issue summary: A type confusion vulnerability exists in the signature\nverification of signed PKCS#7 data where an ASN1_TYPE union member is\naccessed without first validating the type, causing an invalid or NULL\npointer dereference when processing malformed PKCS#7 data.\n\nImpact summary: An application performing signature verification of PKCS#7\ndata or calling directly the PKCS7_digest_from_attributes() function can be\ncaused to dereference an invalid or NULL pointer when reading, resulting in\na Denial of Service.\n\nThe function PKCS7_digest_from_attributes() accesses the message digest attribute\nvalue without validating its type. When the type is not V_ASN1_OCTET_STRING,\nthis results in accessing invalid memory through the ASN1_TYPE union, causing\na crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nsigned PKCS#7 to an application that verifies it. The impact of the\nexploit is just a Denial of Service, the PKCS7 API is legacy and applications\nshould be using the CMS API instead. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#7 parsing implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2026-22796", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49", "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12", "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e", "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "https://linux.oracle.com/cve/CVE-2026-22796.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-22796", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2026-22796" ], "PublishedDate": "2026-01-27T16:16:35.543Z", "LastModifiedDate": "2026-02-02T18:40:27.467Z" }, { "VulnerabilityID": "CVE-2022-27943", "PkgID": "libstdc++6@12.1.0-2ubuntu1~22.04", "PkgName": "libstdc++6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0e795624f7a9e39", "BOMRef": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-27943", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7d726bbef13a7729b07076bebe05d03ddb42d3ad45d5e7ecd5aa9628b68d4b44", "Title": "binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const", "Description": "libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.", "Severity": "LOW", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 1, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V2Score": 4.3, "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-27943", "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79", "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead", "https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/", "https://nvd.nist.gov/vuln/detail/CVE-2022-27943", "https://sourceware.org/bugzilla/show_bug.cgi?id=28995", "https://www.cve.org/CVERecord?id=CVE-2022-27943" ], "PublishedDate": "2022-03-26T13:15:07.9Z", "LastModifiedDate": "2024-11-21T06:56:31.04Z" }, { "VulnerabilityID": "CVE-2023-4039", "PkgID": "libstdc++6@12.1.0-2ubuntu1~22.04", "PkgName": "libstdc++6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04", "UID": "a0e795624f7a9e39", "BOMRef": "pkg:deb/ubuntu/libstdc%2B%2B6@12.1.0-2ubuntu1~22.04?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "12.1.0-2ubuntu1~22.04", "FixedVersion": "12.3.0-1ubuntu1~22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4039", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f741688658aa0a75d6b68c2d2146365373820f5f4cb58c5b566b66de6f45a0e2", "Title": "gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64", "Description": "**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.", "Severity": "LOW", "CweIDs": [ "CWE-693" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-4039", "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64", "https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=SECURITY.txt", "https://gcc.gnu.org/pipermail/gcc-patches/2023-October/634066.html", "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf", "https://inbox.sourceware.org/gcc-patches/46cfa37b-56eb-344d-0745-e0d35393392d@gotplt.org", "https://linux.oracle.com/cve/CVE-2023-4039.html", "https://linux.oracle.com/errata/ELSA-2023-28766.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4039", "https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html", "https://ubuntu.com/security/notices/USN-7700-1", "https://www.cve.org/CVERecord?id=CVE-2023-4039" ], "PublishedDate": "2023-09-13T09:15:15.69Z", "LastModifiedDate": "2025-02-13T17:17:14.717Z" }, { "VulnerabilityID": "CVE-2025-4598", "PkgID": "libsystemd0@249.11-0ubuntu3.9", "PkgName": "libsystemd0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8fc50e9d6218a3c5", "BOMRef": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "FixedVersion": "249.11-0ubuntu3.16", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-4598", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b7c709065e56089a4e93006b20dcc40d87d7f41586d998ed848ab68943921a73", "Title": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump", "Description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "Severity": "MEDIUM", "CweIDs": [ "CWE-364" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.7 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Jun/9", "http://www.openwall.com/lists/oss-security/2025/06/05/1", "http://www.openwall.com/lists/oss-security/2025/06/05/3", "http://www.openwall.com/lists/oss-security/2025/08/18/3", "https://access.redhat.com/errata/RHSA-2025:22660", "https://access.redhat.com/errata/RHSA-2025:22868", "https://access.redhat.com/errata/RHSA-2025:23227", "https://access.redhat.com/errata/RHSA-2025:23234", "https://access.redhat.com/errata/RHSA-2026:0414", "https://access.redhat.com/errata/RHSA-2026:1652", "https://access.redhat.com/security/cve/CVE-2025-4598", "https://blogs.oracle.com/linux/post/analysis-of-cve-2025-4598", "https://bugzilla.redhat.com/2369242", "https://bugzilla.redhat.com/show_bug.cgi?id=2369242", "https://ciq.com/blog/the-real-danger-of-systemd-coredump-cve-2025-4598/", "https://errata.almalinux.org/9/ALSA-2025-22660.html", "https://git.kernel.org/linus/b5325b2a270fcaf7b2a9a0f23d422ca8a5a8bdea", "https://github.com/systemd/systemd/commit/0c49e0049b7665bb7769a13ef346fef92e1ad4d6 (main)", "https://github.com/systemd/systemd/commit/13902e025321242b1d95c6d8b4e482b37f58cdef (main)", "https://github.com/systemd/systemd/commit/49f1f2d4a7612bbed5211a73d11d6a94fbe3bb69 (main)", "https://github.com/systemd/systemd/commit/76e0ab49c47965877c19772a2b3bf55f6417ca39 (main)", "https://github.com/systemd/systemd/commit/868d95577ec9f862580ad365726515459be582fc (main)", "https://github.com/systemd/systemd/commit/8fc7b2a211eb13ef1a94250b28e1c79cab8bdcb9 (main)", "https://github.com/systemd/systemd/commit/9ce8e3e449def92c75ada41b7d10c5bc3946be77 (main)", "https://github.com/systemd/systemd/commit/e6a8687b939ab21854f12f59a3cce703e32768cf (main)", "https://linux.oracle.com/cve/CVE-2025-4598.html", "https://linux.oracle.com/errata/ELSA-2025-22660.html", "https://lists.debian.org/debian-lts-announce/2025/07/msg00022.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-4598", "https://ubuntu.com/security/notices/USN-7559-1", "https://www.cve.org/CVERecord?id=CVE-2025-4598", "https://www.openwall.com/lists/oss-security/2025/05/29/3", "https://www.openwall.com/lists/oss-security/2025/08/18/3", "https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt" ], "PublishedDate": "2025-05-30T14:15:23.557Z", "LastModifiedDate": "2026-02-02T10:16:05.983Z" }, { "VulnerabilityID": "CVE-2026-29111", "PkgID": "libsystemd0@249.11-0ubuntu3.9", "PkgName": "libsystemd0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8fc50e9d6218a3c5", "BOMRef": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "FixedVersion": "249.11-0ubuntu3.19", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29111", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3cc670f072a7052d37389c575ebf9d04ccff25da0af7fe56b10ef8211b62198d", "Title": "systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data", "Description": "systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.", "Severity": "MEDIUM", "CweIDs": [ "CWE-269" ], "VendorSeverity": { "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29111", "https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a", "https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6", "https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412", "https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd", "https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f", "https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f", "https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69", "https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6", "https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c", "https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8", "https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764", "https://nvd.nist.gov/vuln/detail/CVE-2026-29111", "https://ubuntu.com/security/notices/USN-8119-1", "https://ubuntu.com/security/notices/USN-8119-2", "https://www.cve.org/CVERecord?id=CVE-2026-29111" ], "PublishedDate": "2026-03-23T22:16:26.267Z", "LastModifiedDate": "2026-03-24T15:53:48.067Z" }, { "VulnerabilityID": "CVE-2023-7008", "PkgID": "libsystemd0@249.11-0ubuntu3.9", "PkgName": "libsystemd0", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "8fc50e9d6218a3c5", "BOMRef": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-7008", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b0d1b6a501718688d921a03484a44997f2d44313550d4a0bd4631e82a116904a", "Title": "systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes", "Description": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", "Severity": "LOW", "CweIDs": [ "CWE-300" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2463", "https://access.redhat.com/errata/RHSA-2024:3203", "https://access.redhat.com/security/cve/CVE-2023-7008", "https://bugzilla.redhat.com/2222672", "https://bugzilla.redhat.com/show_bug.cgi?id=2222261", "https://bugzilla.redhat.com/show_bug.cgi?id=2222672", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7008", "https://errata.almalinux.org/9/ALSA-2024-2463.html", "https://errata.rockylinux.org/RLSA-2024:2463", "https://github.com/systemd/systemd/issues/25676", "https://linux.oracle.com/cve/CVE-2023-7008.html", "https://linux.oracle.com/errata/ELSA-2024-3203.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMDEG5PKONWNHOEYSUDRT6JEOISRMN2/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHNBXGKJWISJETTTDTZKTBFIBJUOSLKL/", "https://nvd.nist.gov/vuln/detail/CVE-2023-7008", "https://security.netapp.com/advisory/ntap-20241122-0004/", "https://www.cve.org/CVERecord?id=CVE-2023-7008" ], "PublishedDate": "2023-12-23T13:15:07.573Z", "LastModifiedDate": "2025-11-04T17:15:43.4Z" }, { "VulnerabilityID": "CVE-2024-12133", "PkgID": "libtasn1-6@4.18.0-4build1", "PkgName": "libtasn1-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "293e71af62e5b4c1", "BOMRef": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "4.18.0-4build1", "FixedVersion": "4.18.0-4ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-12133", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3bf1fb2e942e633600ad1f298bdf1a9bb05dbd7d3e5277df15481ffddb79faad", "Title": "libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS", "Description": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/02/06/6", "https://access.redhat.com/errata/RHSA-2025:17347", "https://access.redhat.com/errata/RHSA-2025:4049", "https://access.redhat.com/errata/RHSA-2025:7077", "https://access.redhat.com/errata/RHSA-2025:8021", "https://access.redhat.com/errata/RHSA-2025:8385", "https://access.redhat.com/security/cve/CVE-2024-12133", "https://bugzilla.redhat.com/2344611", "https://bugzilla.redhat.com/show_bug.cgi?id=2344611", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12133", "https://errata.almalinux.org/9/ALSA-2025-7077.html", "https://errata.rockylinux.org/RLSA-2025:7077", "https://gitlab.com/gnutls/libtasn1/-/blob/master/doc/security/CVE-2024-12133.md", "https://gitlab.com/gnutls/libtasn1/-/blob/master/doc/security/CVE-2024-12133.md?ref_type=heads", "https://gitlab.com/gnutls/libtasn1/-/issues/52", "https://linux.oracle.com/cve/CVE-2024-12133.html", "https://linux.oracle.com/errata/ELSA-2025-7077.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-12133", "https://security.netapp.com/advisory/ntap-20250523-0003/", "https://ubuntu.com/security/notices/USN-7275-1", "https://ubuntu.com/security/notices/USN-7275-2", "https://www.cve.org/CVERecord?id=CVE-2024-12133" ], "PublishedDate": "2025-02-10T16:15:37.26Z", "LastModifiedDate": "2026-03-24T23:17:06.61Z" }, { "VulnerabilityID": "CVE-2025-13151", "PkgID": "libtasn1-6@4.18.0-4build1", "PkgName": "libtasn1-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "293e71af62e5b4c1", "BOMRef": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "4.18.0-4build1", "FixedVersion": "4.18.0-4ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13151", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7bc2d483338bb8237096ab8948a9f4a96783f6fc7bf8a30d8f016333f8224353", "Title": "libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string", "Description": "Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "amazon": 3, "azure": 1, "cbl-mariner": 1, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/08/5", "https://access.redhat.com/security/cve/CVE-2025-13151", "https://gitlab.com/gnutls/libtasn1", "https://gitlab.com/gnutls/libtasn1/-/merge_requests/121", "https://nvd.nist.gov/vuln/detail/CVE-2025-13151", "https://ubuntu.com/security/notices/USN-7954-1", "https://ubuntu.com/security/notices/USN-7954-2", "https://www.cve.org/CVERecord?id=CVE-2025-13151", "https://www.kb.cert.org/vuls/id/271649" ], "PublishedDate": "2026-01-07T22:15:43.2Z", "LastModifiedDate": "2026-02-02T19:27:23.07Z" }, { "VulnerabilityID": "CVE-2021-46848", "PkgID": "libtasn1-6@4.18.0-4build1", "PkgName": "libtasn1-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "293e71af62e5b4c1", "BOMRef": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "4.18.0-4build1", "FixedVersion": "4.18.0-4ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2021-46848", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0922355e98ee69b799a01d609e97beac68bff11990feab0207bd5a463a33bdd9", "Title": "libtasn1: Out-of-bound access in ETYPE_OK", "Description": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.", "Severity": "LOW", "CweIDs": [ "CWE-193" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 4, "nvd": 4, "oracle-oval": 2, "photon": 4, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:0343", "https://access.redhat.com/security/cve/CVE-2021-46848", "https://bugs.gentoo.org/866237", "https://bugzilla.redhat.com/2140058", "https://bugzilla.redhat.com/show_bug.cgi?id=2140058", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848", "https://errata.almalinux.org/9/ALSA-2023-0343.html", "https://errata.rockylinux.org/RLSA-2023:0343", "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5", "https://gitlab.com/gnutls/libtasn1/-/issues/32", "https://linux.oracle.com/cve/CVE-2021-46848.html", "https://linux.oracle.com/errata/ELSA-2023-0343.html", "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/", "https://nvd.nist.gov/vuln/detail/CVE-2021-46848", "https://security.netapp.com/advisory/ntap-20221118-0006/", "https://ubuntu.com/security/notices/USN-5707-1", "https://ubuntu.com/security/notices/USN-7954-1", "https://ubuntu.com/security/notices/USN-7954-2", "https://www.cve.org/CVERecord?id=CVE-2021-46848" ], "PublishedDate": "2022-10-24T14:15:49.973Z", "LastModifiedDate": "2025-05-07T15:15:52.307Z" }, { "VulnerabilityID": "CVE-2023-29491", "PkgID": "libtinfo6@6.3-2", "PkgName": "libtinfo6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "fa7375b15eaca5cc", "BOMRef": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:fc6bc9814811575e02b620d8627701a034058c44d3fb8129ad772236be26d235", "Title": "ncurses: Local users can trigger security-relevant memory corruption via malformed data", "Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", "http://www.openwall.com/lists/oss-security/2023/04/19/11", "https://access.redhat.com/errata/RHSA-2023:6698", "https://access.redhat.com/security/cve/CVE-2023-29491", "https://bugzilla.redhat.com/2191704", "https://errata.almalinux.org/9/ALSA-2023-6698.html", "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", "https://linux.oracle.com/cve/CVE-2023-29491.html", "https://linux.oracle.com/errata/ELSA-2023-6698.html", "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", "https://security.netapp.com/advisory/ntap-20230517-0009/", "https://support.apple.com/kb/HT213843", "https://support.apple.com/kb/HT213844", "https://support.apple.com/kb/HT213845", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2023-29491", "https://www.openwall.com/lists/oss-security/2023/04/12/5", "https://www.openwall.com/lists/oss-security/2023/04/13/4" ], "PublishedDate": "2023-04-14T01:15:08.57Z", "LastModifiedDate": "2025-11-04T19:15:42.307Z" }, { "VulnerabilityID": "CVE-2022-29458", "PkgID": "libtinfo6@6.3-2", "PkgName": "libtinfo6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "fa7375b15eaca5cc", "BOMRef": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-29458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:755b8701c7a95996ecdfe46fbc5a6116b07eca8ecfa3b15405013802b1c27f39", "Title": "ncurses: segfaulting OOB read", "Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "V2Score": 5.8, "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "V3Score": 6.1 } }, "References": [ "http://seclists.org/fulldisclosure/2022/Oct/28", "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", "https://bugzilla.redhat.com/show_bug.cgi?id=2076483", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", "https://errata.rockylinux.org/RLSA-2025:12876", "https://invisible-island.net/ncurses/NEWS.html#t20220416", "https://linux.oracle.com/cve/CVE-2022-29458.html", "https://linux.oracle.com/errata/ELSA-2025-12876.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "https://support.apple.com/kb/HT213488", "https://ubuntu.com/security/notices/USN-5477-1", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2022-29458" ], "PublishedDate": "2022-04-18T21:15:07.6Z", "LastModifiedDate": "2025-06-09T15:15:27.43Z" }, { "VulnerabilityID": "CVE-2023-50495", "PkgID": "libtinfo6@6.3-2", "PkgName": "libtinfo6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04", "UID": "fa7375b15eaca5cc", "BOMRef": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50495", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:230b8461550db9eda3073e1b5cbb81d6d8d6f095e9d047a255d6217832d11332", "Title": "ncurses: segmentation fault via _nc_wrap_entry()", "Description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "Severity": "LOW", "VendorSeverity": { "amazon": 2, "cbl-mariner": 2, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-50495", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-50495", "https://security.netapp.com/advisory/ntap-20240119-0008/", "https://ubuntu.com/security/notices/USN-6684-1", "https://www.cve.org/CVERecord?id=CVE-2023-50495" ], "PublishedDate": "2023-12-12T15:15:07.867Z", "LastModifiedDate": "2025-11-04T19:16:14.45Z" }, { "VulnerabilityID": "CVE-2025-4598", "PkgID": "libudev1@249.11-0ubuntu3.9", "PkgName": "libudev1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "31f61eb9b05df0f1", "BOMRef": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "FixedVersion": "249.11-0ubuntu3.16", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-4598", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5947b0dfbcdbb9c926aa7177b8b0b556542efec3fbb1a6e2176c36ad655a72c7", "Title": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump", "Description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "Severity": "MEDIUM", "CweIDs": [ "CWE-364" ], "VendorSeverity": { "alma": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.7 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Jun/9", "http://www.openwall.com/lists/oss-security/2025/06/05/1", "http://www.openwall.com/lists/oss-security/2025/06/05/3", "http://www.openwall.com/lists/oss-security/2025/08/18/3", "https://access.redhat.com/errata/RHSA-2025:22660", "https://access.redhat.com/errata/RHSA-2025:22868", "https://access.redhat.com/errata/RHSA-2025:23227", "https://access.redhat.com/errata/RHSA-2025:23234", "https://access.redhat.com/errata/RHSA-2026:0414", "https://access.redhat.com/errata/RHSA-2026:1652", "https://access.redhat.com/security/cve/CVE-2025-4598", "https://blogs.oracle.com/linux/post/analysis-of-cve-2025-4598", "https://bugzilla.redhat.com/2369242", "https://bugzilla.redhat.com/show_bug.cgi?id=2369242", "https://ciq.com/blog/the-real-danger-of-systemd-coredump-cve-2025-4598/", "https://errata.almalinux.org/9/ALSA-2025-22660.html", "https://git.kernel.org/linus/b5325b2a270fcaf7b2a9a0f23d422ca8a5a8bdea", "https://github.com/systemd/systemd/commit/0c49e0049b7665bb7769a13ef346fef92e1ad4d6 (main)", "https://github.com/systemd/systemd/commit/13902e025321242b1d95c6d8b4e482b37f58cdef (main)", "https://github.com/systemd/systemd/commit/49f1f2d4a7612bbed5211a73d11d6a94fbe3bb69 (main)", "https://github.com/systemd/systemd/commit/76e0ab49c47965877c19772a2b3bf55f6417ca39 (main)", "https://github.com/systemd/systemd/commit/868d95577ec9f862580ad365726515459be582fc (main)", "https://github.com/systemd/systemd/commit/8fc7b2a211eb13ef1a94250b28e1c79cab8bdcb9 (main)", "https://github.com/systemd/systemd/commit/9ce8e3e449def92c75ada41b7d10c5bc3946be77 (main)", "https://github.com/systemd/systemd/commit/e6a8687b939ab21854f12f59a3cce703e32768cf (main)", "https://linux.oracle.com/cve/CVE-2025-4598.html", "https://linux.oracle.com/errata/ELSA-2025-22660.html", "https://lists.debian.org/debian-lts-announce/2025/07/msg00022.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-4598", "https://ubuntu.com/security/notices/USN-7559-1", "https://www.cve.org/CVERecord?id=CVE-2025-4598", "https://www.openwall.com/lists/oss-security/2025/05/29/3", "https://www.openwall.com/lists/oss-security/2025/08/18/3", "https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt" ], "PublishedDate": "2025-05-30T14:15:23.557Z", "LastModifiedDate": "2026-02-02T10:16:05.983Z" }, { "VulnerabilityID": "CVE-2026-29111", "PkgID": "libudev1@249.11-0ubuntu3.9", "PkgName": "libudev1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "31f61eb9b05df0f1", "BOMRef": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "FixedVersion": "249.11-0ubuntu3.19", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29111", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b986e14c58da78ff0abd5bb47970aae423987f29f9e7892a9dcf37a90d5a4135", "Title": "systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data", "Description": "systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.", "Severity": "MEDIUM", "CweIDs": [ "CWE-269" ], "VendorSeverity": { "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29111", "https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a", "https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6", "https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412", "https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd", "https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f", "https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f", "https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69", "https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6", "https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c", "https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8", "https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764", "https://nvd.nist.gov/vuln/detail/CVE-2026-29111", "https://ubuntu.com/security/notices/USN-8119-1", "https://ubuntu.com/security/notices/USN-8119-2", "https://www.cve.org/CVERecord?id=CVE-2026-29111" ], "PublishedDate": "2026-03-23T22:16:26.267Z", "LastModifiedDate": "2026-03-24T15:53:48.067Z" }, { "VulnerabilityID": "CVE-2023-7008", "PkgID": "libudev1@249.11-0ubuntu3.9", "PkgName": "libudev1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04", "UID": "31f61eb9b05df0f1", "BOMRef": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.9?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "249.11-0ubuntu3.9", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-7008", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:814f13ad72a129d5a11f5c40328ba0807fc22320f1fffc85a73da18cbd37b58b", "Title": "systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes", "Description": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.", "Severity": "LOW", "CweIDs": [ "CWE-300" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2463", "https://access.redhat.com/errata/RHSA-2024:3203", "https://access.redhat.com/security/cve/CVE-2023-7008", "https://bugzilla.redhat.com/2222672", "https://bugzilla.redhat.com/show_bug.cgi?id=2222261", "https://bugzilla.redhat.com/show_bug.cgi?id=2222672", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7008", "https://errata.almalinux.org/9/ALSA-2024-2463.html", "https://errata.rockylinux.org/RLSA-2024:2463", "https://github.com/systemd/systemd/issues/25676", "https://linux.oracle.com/cve/CVE-2023-7008.html", "https://linux.oracle.com/errata/ELSA-2024-3203.html", "https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMDEG5PKONWNHOEYSUDRT6JEOISRMN2/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHNBXGKJWISJETTTDTZKTBFIBJUOSLKL/", "https://nvd.nist.gov/vuln/detail/CVE-2023-7008", "https://security.netapp.com/advisory/ntap-20241122-0004/", "https://www.cve.org/CVERecord?id=CVE-2023-7008" ], "PublishedDate": "2023-12-23T13:15:07.573Z", "LastModifiedDate": "2025-11-04T17:15:43.4Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "libuuid1@2.37.2-4ubuntu3", "PkgName": "libuuid1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libuuid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "189fc01c7ee1cffd", "BOMRef": "pkg:deb/ubuntu/libuuid1@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:54e2b7e419c5467d4cf05a18d2b76934cae04edc16e9917a413857a805b86bbc", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2023-3138", "PkgID": "libx11-6@2:1.7.5-1", "PkgName": "libx11-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a327a803ee8e21f7", "BOMRef": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3138", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b0f3426207c0c0fb51af53692684b8af411784a19185aff01a004c7c319934d2", "Title": "libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow", "Description": "A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", "V3Score": 7.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6497", "https://access.redhat.com/security/cve/CVE-2023-3138", "https://bugzilla.redhat.com/2213748", "https://errata.almalinux.org/9/ALSA-2023-6497.html", "https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c", "https://linux.oracle.com/cve/CVE-2023-3138.html", "https://linux.oracle.com/errata/ELSA-2023-7029.html", "https://lists.x.org/archives/xorg-announce/2023-June/003406.html", "https://lists.x.org/archives/xorg-announce/2023-June/003407.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3138", "https://security.netapp.com/advisory/ntap-20231208-0008/", "https://ubuntu.com/security/notices/USN-6168-1", "https://ubuntu.com/security/notices/USN-6168-2", "https://www.cve.org/CVERecord?id=CVE-2023-3138" ], "PublishedDate": "2023-06-28T21:15:10.247Z", "LastModifiedDate": "2024-11-21T08:16:32.423Z" }, { "VulnerabilityID": "CVE-2023-43785", "PkgID": "libx11-6@2:1.7.5-1", "PkgName": "libx11-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a327a803ee8e21f7", "BOMRef": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43785", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:95024b1fb9bbeec07067e8a5c5d31f56a630ab529e3a5b02e66ba0becba0a8ac", "Title": "libX11: out-of-bounds memory access in _XkbReadKeySyms()", "Description": "A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787", "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43785", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43785.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00004.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43785", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://www.cve.org/CVERecord?id=CVE-2023-43785" ], "PublishedDate": "2023-10-10T13:15:21.877Z", "LastModifiedDate": "2025-11-04T20:17:07.24Z" }, { "VulnerabilityID": "CVE-2023-43786", "PkgID": "libx11-6@2:1.7.5-1", "PkgName": "libx11-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a327a803ee8e21f7", "BOMRef": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43786", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c26973e69dbb97fbcf6ba2d3af9de84cf27967cd223be553ed630b1b8ca9f7b3", "Title": "libX11: stack exhaustion from infinite recursion in PutSubImage()", "Description": "A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-835" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43786", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43786.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/", "https://nvd.nist.gov/vuln/detail/CVE-2023-43786", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43786" ], "PublishedDate": "2023-10-10T13:15:22.023Z", "LastModifiedDate": "2025-11-04T20:17:07.39Z" }, { "VulnerabilityID": "CVE-2023-43787", "PkgID": "libx11-6@2:1.7.5-1", "PkgName": "libx11-6", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "a327a803ee8e21f7", "BOMRef": "pkg:deb/ubuntu/libx11-6@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43787", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5d409f102819e44fd06dc270c6d4c3a6b778613283c9e4bb360dfe5eaef18bfb", "Title": "libX11: integer overflow in XCreateImage() leading to a heap overflow", "Description": "A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43787", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/", "https://linux.oracle.com/cve/CVE-2023-43787.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43787", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43787" ], "PublishedDate": "2023-10-10T13:15:22.083Z", "LastModifiedDate": "2025-11-04T20:17:07.523Z" }, { "VulnerabilityID": "CVE-2023-3138", "PkgID": "libx11-data@2:1.7.5-1", "PkgName": "libx11-data", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f83eeb7f13e45a5", "BOMRef": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3138", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:eed61503e5122bb8a14708c2fc80ea7f0e772016f6a1d7531411e562c5bbfe61", "Title": "libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow", "Description": "A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", "V3Score": 7.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6497", "https://access.redhat.com/security/cve/CVE-2023-3138", "https://bugzilla.redhat.com/2213748", "https://errata.almalinux.org/9/ALSA-2023-6497.html", "https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c", "https://linux.oracle.com/cve/CVE-2023-3138.html", "https://linux.oracle.com/errata/ELSA-2023-7029.html", "https://lists.x.org/archives/xorg-announce/2023-June/003406.html", "https://lists.x.org/archives/xorg-announce/2023-June/003407.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3138", "https://security.netapp.com/advisory/ntap-20231208-0008/", "https://ubuntu.com/security/notices/USN-6168-1", "https://ubuntu.com/security/notices/USN-6168-2", "https://www.cve.org/CVERecord?id=CVE-2023-3138" ], "PublishedDate": "2023-06-28T21:15:10.247Z", "LastModifiedDate": "2024-11-21T08:16:32.423Z" }, { "VulnerabilityID": "CVE-2023-43785", "PkgID": "libx11-data@2:1.7.5-1", "PkgName": "libx11-data", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f83eeb7f13e45a5", "BOMRef": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43785", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2967c44056aaa6d760b88580fa97b2da54ceb58671609cffd188118c032f5ecf", "Title": "libX11: out-of-bounds memory access in _XkbReadKeySyms()", "Description": "A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787", "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43785", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43785.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00004.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43785", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://www.cve.org/CVERecord?id=CVE-2023-43785" ], "PublishedDate": "2023-10-10T13:15:21.877Z", "LastModifiedDate": "2025-11-04T20:17:07.24Z" }, { "VulnerabilityID": "CVE-2023-43786", "PkgID": "libx11-data@2:1.7.5-1", "PkgName": "libx11-data", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f83eeb7f13e45a5", "BOMRef": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43786", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b936bd623de4dfa92190c5ec5a92dbd4a9c3310c7a8ff79db86a28f65d6218e6", "Title": "libX11: stack exhaustion from infinite recursion in PutSubImage()", "Description": "A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-835" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43786", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43786.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/", "https://nvd.nist.gov/vuln/detail/CVE-2023-43786", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43786" ], "PublishedDate": "2023-10-10T13:15:22.023Z", "LastModifiedDate": "2025-11-04T20:17:07.39Z" }, { "VulnerabilityID": "CVE-2023-43787", "PkgID": "libx11-data@2:1.7.5-1", "PkgName": "libx11-data", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f83eeb7f13e45a5", "BOMRef": "pkg:deb/ubuntu/libx11-data@1.7.5-1?arch=all\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:004619d771963a6538b82e9a6f657b6a5286a9ef59a7e88eddc268aeecfc6106", "DiffID": "sha256:30d9d2121566f41a210732c5741d942c2d2137adb69d652897f5bb4522f13506" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43787", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c9155469657bd04ef019192b26de409188525944ed331137925bad86279e92a3", "Title": "libX11: integer overflow in XCreateImage() leading to a heap overflow", "Description": "A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43787", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/", "https://linux.oracle.com/cve/CVE-2023-43787.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43787", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43787" ], "PublishedDate": "2023-10-10T13:15:22.083Z", "LastModifiedDate": "2025-11-04T20:17:07.523Z" }, { "VulnerabilityID": "CVE-2023-3138", "PkgID": "libx11-dev@2:1.7.5-1", "PkgName": "libx11-dev", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "67b6ce2121379529", "BOMRef": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3138", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3a7412d410870857974114ea5b12a45ef0c426492dd3374137c29f6a5d8876bf", "Title": "libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow", "Description": "A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", "V3Score": 7.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6497", "https://access.redhat.com/security/cve/CVE-2023-3138", "https://bugzilla.redhat.com/2213748", "https://errata.almalinux.org/9/ALSA-2023-6497.html", "https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c", "https://linux.oracle.com/cve/CVE-2023-3138.html", "https://linux.oracle.com/errata/ELSA-2023-7029.html", "https://lists.x.org/archives/xorg-announce/2023-June/003406.html", "https://lists.x.org/archives/xorg-announce/2023-June/003407.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3138", "https://security.netapp.com/advisory/ntap-20231208-0008/", "https://ubuntu.com/security/notices/USN-6168-1", "https://ubuntu.com/security/notices/USN-6168-2", "https://www.cve.org/CVERecord?id=CVE-2023-3138" ], "PublishedDate": "2023-06-28T21:15:10.247Z", "LastModifiedDate": "2024-11-21T08:16:32.423Z" }, { "VulnerabilityID": "CVE-2023-43785", "PkgID": "libx11-dev@2:1.7.5-1", "PkgName": "libx11-dev", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "67b6ce2121379529", "BOMRef": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43785", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0e8e6efcd5f20c35bda8682b52f336bab953dd42bb7e2e43f3457634159f9c5a", "Title": "libX11: out-of-bounds memory access in _XkbReadKeySyms()", "Description": "A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787", "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43785", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43785.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00004.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43785", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://www.cve.org/CVERecord?id=CVE-2023-43785" ], "PublishedDate": "2023-10-10T13:15:21.877Z", "LastModifiedDate": "2025-11-04T20:17:07.24Z" }, { "VulnerabilityID": "CVE-2023-43786", "PkgID": "libx11-dev@2:1.7.5-1", "PkgName": "libx11-dev", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "67b6ce2121379529", "BOMRef": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43786", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f2b792e5c21ac37cef3246af2103acffc227b50565047a65f195b77335ff9d9f", "Title": "libX11: stack exhaustion from infinite recursion in PutSubImage()", "Description": "A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-835" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43786", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43786.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/", "https://nvd.nist.gov/vuln/detail/CVE-2023-43786", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43786" ], "PublishedDate": "2023-10-10T13:15:22.023Z", "LastModifiedDate": "2025-11-04T20:17:07.39Z" }, { "VulnerabilityID": "CVE-2023-43787", "PkgID": "libx11-dev@2:1.7.5-1", "PkgName": "libx11-dev", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "67b6ce2121379529", "BOMRef": "pkg:deb/ubuntu/libx11-dev@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43787", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:b1a7561893fc3a2e3e383d05ba983de066ee29f1d449098ef7d3d36aeb9befd4", "Title": "libX11: integer overflow in XCreateImage() leading to a heap overflow", "Description": "A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43787", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/", "https://linux.oracle.com/cve/CVE-2023-43787.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43787", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43787" ], "PublishedDate": "2023-10-10T13:15:22.083Z", "LastModifiedDate": "2025-11-04T20:17:07.523Z" }, { "VulnerabilityID": "CVE-2023-3138", "PkgID": "libx11-xcb1@2:1.7.5-1", "PkgName": "libx11-xcb1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "ea45f5e41b8d25a5", "BOMRef": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.2", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-3138", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ea3635ab4898484b2ab998dbe5542bd149e78193a8338ad53122943c5091791e", "Title": "libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow", "Description": "A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.", "Severity": "MEDIUM", "CweIDs": [ "CWE-119", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", "V3Score": 7.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6497", "https://access.redhat.com/security/cve/CVE-2023-3138", "https://bugzilla.redhat.com/2213748", "https://errata.almalinux.org/9/ALSA-2023-6497.html", "https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c", "https://linux.oracle.com/cve/CVE-2023-3138.html", "https://linux.oracle.com/errata/ELSA-2023-7029.html", "https://lists.x.org/archives/xorg-announce/2023-June/003406.html", "https://lists.x.org/archives/xorg-announce/2023-June/003407.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-3138", "https://security.netapp.com/advisory/ntap-20231208-0008/", "https://ubuntu.com/security/notices/USN-6168-1", "https://ubuntu.com/security/notices/USN-6168-2", "https://www.cve.org/CVERecord?id=CVE-2023-3138" ], "PublishedDate": "2023-06-28T21:15:10.247Z", "LastModifiedDate": "2024-11-21T08:16:32.423Z" }, { "VulnerabilityID": "CVE-2023-43785", "PkgID": "libx11-xcb1@2:1.7.5-1", "PkgName": "libx11-xcb1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "ea45f5e41b8d25a5", "BOMRef": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43785", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:13d830e768e066e1d46acb3962b640d77ac067e70321eeb135416d4ddbf0d2bb", "Title": "libX11: out-of-bounds memory access in _XkbReadKeySyms()", "Description": "A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787", "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43785", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43785.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00004.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43785", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://www.cve.org/CVERecord?id=CVE-2023-43785" ], "PublishedDate": "2023-10-10T13:15:21.877Z", "LastModifiedDate": "2025-11-04T20:17:07.24Z" }, { "VulnerabilityID": "CVE-2023-43786", "PkgID": "libx11-xcb1@2:1.7.5-1", "PkgName": "libx11-xcb1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "ea45f5e41b8d25a5", "BOMRef": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43786", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:09de88c76b30d4797efb51a4660dd7570c3907dc2bdc85eb1f91ac723e7b1753", "Title": "libX11: stack exhaustion from infinite recursion in PutSubImage()", "Description": "A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-835" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43786", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://linux.oracle.com/cve/CVE-2023-43786.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/", "https://nvd.nist.gov/vuln/detail/CVE-2023-43786", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43786" ], "PublishedDate": "2023-10-10T13:15:22.023Z", "LastModifiedDate": "2025-11-04T20:17:07.39Z" }, { "VulnerabilityID": "CVE-2023-43787", "PkgID": "libx11-xcb1@2:1.7.5-1", "PkgName": "libx11-xcb1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "ea45f5e41b8d25a5", "BOMRef": "pkg:deb/ubuntu/libx11-xcb1@1.7.5-1?arch=i386\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:1.7.5-1", "FixedVersion": "2:1.7.5-1ubuntu0.3", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-43787", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4342652e9e2273be2c453b53d3badf279d5af135c67ea08384478a56182b5701", "Title": "libX11: integer overflow in XCreateImage() leading to a heap overflow", "Description": "A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-190" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2024/01/24/9", "https://access.redhat.com/errata/RHSA-2024:2145", "https://access.redhat.com/errata/RHSA-2024:2973", "https://access.redhat.com/security/cve/CVE-2023-43787", "https://bugzilla.redhat.com/2242252", "https://bugzilla.redhat.com/2242253", "https://bugzilla.redhat.com/2242254", "https://bugzilla.redhat.com/show_bug.cgi?id=2242252", "https://bugzilla.redhat.com/show_bug.cgi?id=2242253", "https://bugzilla.redhat.com/show_bug.cgi?id=2242254", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43785", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43786", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43787", "https://errata.almalinux.org/9/ALSA-2024-2145.html", "https://errata.rockylinux.org/RLSA-2024:2145", "https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/", "https://linux.oracle.com/cve/CVE-2023-43787.html", "https://linux.oracle.com/errata/ELSA-2024-2973.html", "https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-43787", "https://security.netapp.com/advisory/ntap-20231103-0006/", "https://ubuntu.com/security/notices/USN-6407-1", "https://ubuntu.com/security/notices/USN-6407-2", "https://ubuntu.com/security/notices/USN-6408-1", "https://ubuntu.com/security/notices/USN-6408-2", "https://www.cve.org/CVERecord?id=CVE-2023-43787" ], "PublishedDate": "2023-10-10T13:15:22.083Z", "LastModifiedDate": "2025-11-04T20:17:07.523Z" }, { "VulnerabilityID": "CVE-2022-49043", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-49043", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8f1d6c6123340e1189dd4ba488ae4f6153505e470b13bcc00a5bc87700dc3c95", "Title": "libxml: use-after-free in xmlXIncludeAddNode", "Description": "xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.", "Severity": "MEDIUM", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "cbl-mariner": 4, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:1350", "https://access.redhat.com/security/cve/CVE-2022-49043", "https://bugzilla.redhat.com/2342118", "https://bugzilla.redhat.com/show_bug.cgi?id=2342118", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043", "https://errata.almalinux.org/9/ALSA-2025-1350.html", "https://errata.rockylinux.org/RLSA-2025:1517", "https://github.com/php/php-src/issues/17467", "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b", "https://linux.oracle.com/cve/CVE-2022-49043.html", "https://linux.oracle.com/errata/ELSA-2025-1517.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-49043", "https://ubuntu.com/security/notices/USN-7240-1", "https://ubuntu.com/security/notices/USN-7302-1", "https://www.cve.org/CVERecord?id=CVE-2022-49043" ], "PublishedDate": "2025-01-26T06:15:21Z", "LastModifiedDate": "2025-11-03T21:15:55.003Z" }, { "VulnerabilityID": "CVE-2024-25062", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.4", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-25062", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:eab5719164ec1c863328d059240eeb3ba320de988fb3cf100b40bd020ade3cbf", "Title": "libxml2: use-after-free in XMLReader", "Description": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", "Severity": "MEDIUM", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 2, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2679", "https://access.redhat.com/security/cve/CVE-2024-25062", "https://bugzilla.redhat.com/2262726", "https://bugzilla.redhat.com/show_bug.cgi?id=2262726", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062", "https://errata.almalinux.org/9/ALSA-2024-2679.html", "https://errata.rockylinux.org/RLSA-2024:2679", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/604", "https://gitlab.gnome.org/GNOME/libxml2/-/tags", "https://linux.oracle.com/cve/CVE-2024-25062.html", "https://linux.oracle.com/errata/ELSA-2024-3626.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-25062", "https://security.netapp.com/advisory/ntap-20241018-0009/", "https://ubuntu.com/security/notices/USN-6658-1", "https://ubuntu.com/security/notices/USN-6658-2", "https://www.cve.org/CVERecord?id=CVE-2024-25062" ], "PublishedDate": "2024-02-04T16:15:45.12Z", "LastModifiedDate": "2025-11-03T22:16:47.667Z" }, { "VulnerabilityID": "CVE-2024-56171", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56171", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:cb335385ae7fbef5dc2216b51ef39f09939461ec57e4abafca86d5f164c307c9", "Title": "libxml2: Use-After-Free in libxml2", "Description": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "V3Score": 8.1 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Apr/10", "http://seclists.org/fulldisclosure/2025/Apr/11", "http://seclists.org/fulldisclosure/2025/Apr/12", "http://seclists.org/fulldisclosure/2025/Apr/13", "http://seclists.org/fulldisclosure/2025/Apr/4", "http://seclists.org/fulldisclosure/2025/Apr/5", "http://seclists.org/fulldisclosure/2025/Apr/8", "http://seclists.org/fulldisclosure/2025/Apr/9", "https://access.redhat.com/errata/RHSA-2025:2679", "https://access.redhat.com/security/cve/CVE-2024-56171", "https://bugzilla.redhat.com/2346416", "https://bugzilla.redhat.com/2346421", "https://bugzilla.redhat.com/show_bug.cgi?id=2346416", "https://bugzilla.redhat.com/show_bug.cgi?id=2346421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928", "https://errata.almalinux.org/9/ALSA-2025-2679.html", "https://errata.rockylinux.org/RLSA-2025:2679", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828", "https://linux.oracle.com/cve/CVE-2024-56171.html", "https://linux.oracle.com/errata/ELSA-2025-2686.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-56171", "https://security.netapp.com/advisory/ntap-20250328-0010/", "https://ubuntu.com/security/notices/USN-7302-1", "https://www.cve.org/CVERecord?id=CVE-2024-56171", "https://www.openwall.com/lists/oss-security/2025/02/18/2" ], "PublishedDate": "2025-02-18T22:15:12.797Z", "LastModifiedDate": "2025-11-03T21:17:50.75Z" }, { "VulnerabilityID": "CVE-2025-24928", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-24928", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f448271e0794135d0abe3f7374e2085cc8daa20186becfbad7d4bcf5ba5736f7", "Title": "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2", "Description": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047.", "Severity": "MEDIUM", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "V3Score": 7.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:2679", "https://access.redhat.com/security/cve/CVE-2025-24928", "https://bugzilla.redhat.com/2346416", "https://bugzilla.redhat.com/2346421", "https://bugzilla.redhat.com/show_bug.cgi?id=2346416", "https://bugzilla.redhat.com/show_bug.cgi?id=2346421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928", "https://errata.almalinux.org/9/ALSA-2025-2679.html", "https://errata.rockylinux.org/RLSA-2025:2679", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847", "https://issues.oss-fuzz.com/issues/392687022", "https://linux.oracle.com/cve/CVE-2025-24928.html", "https://linux.oracle.com/errata/ELSA-2025-2686.html", "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-24928", "https://security.netapp.com/advisory/ntap-20250321-0006/", "https://ubuntu.com/security/notices/USN-7302-1", "https://www.cve.org/CVERecord?id=CVE-2025-24928", "https://www.openwall.com/lists/oss-security/2025/02/18/2" ], "PublishedDate": "2025-02-18T23:15:10.25Z", "LastModifiedDate": "2025-11-03T22:18:40.877Z" }, { "VulnerabilityID": "CVE-2025-27113", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.6", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-27113", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8e6b52cbc160e191449d0ba1712dc5c747fda731711b688f89574b6905c794c2", "Title": "libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch", "Description": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.", "Severity": "MEDIUM", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "amazon": 3, "azure": 1, "cbl-mariner": 1, "nvd": 3, "photon": 3, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 3.1 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Apr/10", "http://seclists.org/fulldisclosure/2025/Apr/11", "http://seclists.org/fulldisclosure/2025/Apr/12", "http://seclists.org/fulldisclosure/2025/Apr/13", "http://seclists.org/fulldisclosure/2025/Apr/4", "http://seclists.org/fulldisclosure/2025/Apr/5", "http://seclists.org/fulldisclosure/2025/Apr/8", "http://seclists.org/fulldisclosure/2025/Apr/9", "https://access.redhat.com/security/cve/CVE-2025-27113", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/861", "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-27113", "https://security.netapp.com/advisory/ntap-20250306-0004/", "https://ubuntu.com/security/notices/USN-7302-1", "https://www.cve.org/CVERecord?id=CVE-2025-27113", "https://www.openwall.com/lists/oss-security/2025/02/18/2" ], "PublishedDate": "2025-02-18T23:15:10.96Z", "LastModifiedDate": "2025-11-03T22:18:43.34Z" }, { "VulnerabilityID": "CVE-2025-32414", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32414", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:fa490f73a4b291aae9aae5601ce1cd31add1197eb508df37b4af2c1100a3c4ef", "Title": "libxml2: Out-of-Bounds Read in libxml2", "Description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.", "Severity": "MEDIUM", "CweIDs": [ "CWE-393", "CWE-252" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "V3Score": 5.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:13428", "https://access.redhat.com/security/cve/CVE-2025-32414", "https://bugzilla.redhat.com/2358121", "https://bugzilla.redhat.com/2360768", "https://bugzilla.redhat.com/show_bug.cgi?id=2358121", "https://bugzilla.redhat.com/show_bug.cgi?id=2360768", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415", "https://errata.almalinux.org/9/ALSA-2025-13428.html", "https://errata.rockylinux.org/RLSA-2025:13428", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889", "https://linux.oracle.com/cve/CVE-2025-32414.html", "https://linux.oracle.com/errata/ELSA-2025-8958.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-32414", "https://ubuntu.com/security/notices/USN-7467-1", "https://ubuntu.com/security/notices/USN-7467-2", "https://ubuntu.com/security/notices/USN-7896-1", "https://www.cve.org/CVERecord?id=CVE-2025-32414" ], "PublishedDate": "2025-04-08T03:15:15.94Z", "LastModifiedDate": "2025-11-03T20:18:27.087Z" }, { "VulnerabilityID": "CVE-2025-32415", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.7", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32415", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:df6d8efdc1f1fa75653af99f35f868418e7e6832e0d343218895bf72bf1dd0ac", "Title": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables", "Description": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1284", "CWE-125" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 1, "cbl-mariner": 1, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:13428", "https://access.redhat.com/security/cve/CVE-2025-32415", "https://bugzilla.redhat.com/2358121", "https://bugzilla.redhat.com/2360768", "https://bugzilla.redhat.com/show_bug.cgi?id=2358121", "https://bugzilla.redhat.com/show_bug.cgi?id=2360768", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415", "https://errata.almalinux.org/9/ALSA-2025-13428.html", "https://errata.rockylinux.org/RLSA-2025:13428", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/890", "https://linux.oracle.com/cve/CVE-2025-32415.html", "https://linux.oracle.com/errata/ELSA-2025-13789.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00041.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-32415", "https://ubuntu.com/security/notices/USN-7467-1", "https://ubuntu.com/security/notices/USN-7467-2", "https://ubuntu.com/security/notices/USN-7896-1", "https://www.cve.org/CVERecord?id=CVE-2025-32415" ], "PublishedDate": "2025-04-17T17:15:33.733Z", "LastModifiedDate": "2025-11-03T20:18:27.213Z" }, { "VulnerabilityID": "CVE-2025-49794", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.8", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-49794", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:64529b51d5ad196f0ffc31eded242c5bd2e0626dbd257f1bfee5343871761f23", "Title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)", "Description": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.", "Severity": "MEDIUM", "CweIDs": [ "CWE-825" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 4, "cbl-mariner": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "V3Score": 9.1 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:10630", "https://access.redhat.com/errata/RHSA-2025:10698", "https://access.redhat.com/errata/RHSA-2025:10699", "https://access.redhat.com/errata/RHSA-2025:11580", "https://access.redhat.com/errata/RHSA-2025:12098", "https://access.redhat.com/errata/RHSA-2025:12099", "https://access.redhat.com/errata/RHSA-2025:12199", "https://access.redhat.com/errata/RHSA-2025:12237", "https://access.redhat.com/errata/RHSA-2025:12239", "https://access.redhat.com/errata/RHSA-2025:12240", "https://access.redhat.com/errata/RHSA-2025:12241", "https://access.redhat.com/errata/RHSA-2025:13335", "https://access.redhat.com/errata/RHSA-2025:15397", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:18217", "https://access.redhat.com/errata/RHSA-2025:18218", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:18240", "https://access.redhat.com/errata/RHSA-2025:19020", "https://access.redhat.com/errata/RHSA-2025:19041", "https://access.redhat.com/errata/RHSA-2025:19046", "https://access.redhat.com/errata/RHSA-2025:19894", "https://access.redhat.com/errata/RHSA-2025:21913", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-49794", "https://bugzilla.redhat.com/2372373", "https://bugzilla.redhat.com/2372385", "https://bugzilla.redhat.com/2372406", "https://bugzilla.redhat.com/show_bug.cgi?id=2372373", "https://bugzilla.redhat.com/show_bug.cgi?id=2372385", "https://bugzilla.redhat.com/show_bug.cgi?id=2372406", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021", "https://errata.almalinux.org/9/ALSA-2025-10699.html", "https://errata.rockylinux.org/RLSA-2025:10699", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931", "https://linux.oracle.com/cve/CVE-2025-49794.html", "https://linux.oracle.com/errata/ELSA-2025-12240.html", "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-49794", "https://ubuntu.com/security/notices/USN-7694-1", "https://www.cve.org/CVERecord?id=CVE-2025-49794" ], "PublishedDate": "2025-06-16T16:15:18.997Z", "LastModifiedDate": "2026-03-20T20:16:45.907Z" }, { "VulnerabilityID": "CVE-2025-49796", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.8", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-49796", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1e3b214dba8937f213bc7878d771ba97071ca2a8d113be5359c4d48d9018408f", "Title": "libxml: Type confusion leads to Denial of service (DoS)", "Description": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 4, "cbl-mariner": 4, "oracle-oval": 3, "photon": 4, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "V3Score": 9.1 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:10630", "https://access.redhat.com/errata/RHSA-2025:10698", "https://access.redhat.com/errata/RHSA-2025:10699", "https://access.redhat.com/errata/RHSA-2025:11580", "https://access.redhat.com/errata/RHSA-2025:12098", "https://access.redhat.com/errata/RHSA-2025:12099", "https://access.redhat.com/errata/RHSA-2025:12199", "https://access.redhat.com/errata/RHSA-2025:12237", "https://access.redhat.com/errata/RHSA-2025:12239", "https://access.redhat.com/errata/RHSA-2025:12240", "https://access.redhat.com/errata/RHSA-2025:12241", "https://access.redhat.com/errata/RHSA-2025:13267", "https://access.redhat.com/errata/RHSA-2025:13335", "https://access.redhat.com/errata/RHSA-2025:15397", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:18217", "https://access.redhat.com/errata/RHSA-2025:18218", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:18240", "https://access.redhat.com/errata/RHSA-2025:19020", "https://access.redhat.com/errata/RHSA-2025:19041", "https://access.redhat.com/errata/RHSA-2025:19046", "https://access.redhat.com/errata/RHSA-2025:19894", "https://access.redhat.com/errata/RHSA-2025:21913", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-49796", "https://bugzilla.redhat.com/2372373", "https://bugzilla.redhat.com/2372385", "https://bugzilla.redhat.com/2372406", "https://bugzilla.redhat.com/show_bug.cgi?id=2372373", "https://bugzilla.redhat.com/show_bug.cgi?id=2372385", "https://bugzilla.redhat.com/show_bug.cgi?id=2372406", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021", "https://errata.almalinux.org/9/ALSA-2025-10699.html", "https://errata.rockylinux.org/RLSA-2025:10699", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933", "https://linux.oracle.com/cve/CVE-2025-49796.html", "https://linux.oracle.com/errata/ELSA-2025-12240.html", "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-49796", "https://ubuntu.com/security/notices/USN-7694-1", "https://www.cve.org/CVERecord?id=CVE-2025-49796" ], "PublishedDate": "2025-06-16T16:15:19.37Z", "LastModifiedDate": "2026-03-20T20:16:46.507Z" }, { "VulnerabilityID": "CVE-2025-6021", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.8", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6021", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5431be80e68ace58267098687df5244bf26cf2f5a7484ce5ea254e7cd8afc61f", "Title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2", "Description": "A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 3, "redhat": 2, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:10630", "https://access.redhat.com/errata/RHSA-2025:10698", "https://access.redhat.com/errata/RHSA-2025:10699", "https://access.redhat.com/errata/RHSA-2025:11580", "https://access.redhat.com/errata/RHSA-2025:11673", "https://access.redhat.com/errata/RHSA-2025:12098", "https://access.redhat.com/errata/RHSA-2025:12099", "https://access.redhat.com/errata/RHSA-2025:12199", "https://access.redhat.com/errata/RHSA-2025:12237", "https://access.redhat.com/errata/RHSA-2025:12239", "https://access.redhat.com/errata/RHSA-2025:12240", "https://access.redhat.com/errata/RHSA-2025:12241", "https://access.redhat.com/errata/RHSA-2025:13267", "https://access.redhat.com/errata/RHSA-2025:13289", "https://access.redhat.com/errata/RHSA-2025:13325", "https://access.redhat.com/errata/RHSA-2025:13335", "https://access.redhat.com/errata/RHSA-2025:13336", "https://access.redhat.com/errata/RHSA-2025:14059", "https://access.redhat.com/errata/RHSA-2025:14396", "https://access.redhat.com/errata/RHSA-2025:15308", "https://access.redhat.com/errata/RHSA-2025:15672", "https://access.redhat.com/errata/RHSA-2025:19020", "https://access.redhat.com/security/cve/CVE-2025-6021", "https://bugzilla.redhat.com/2372373", "https://bugzilla.redhat.com/2372385", "https://bugzilla.redhat.com/2372406", "https://bugzilla.redhat.com/show_bug.cgi?id=2372373", "https://bugzilla.redhat.com/show_bug.cgi?id=2372385", "https://bugzilla.redhat.com/show_bug.cgi?id=2372406", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021", "https://errata.almalinux.org/9/ALSA-2025-10699.html", "https://errata.rockylinux.org/RLSA-2025:10699", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926", "https://linux.oracle.com/cve/CVE-2025-6021.html", "https://linux.oracle.com/errata/ELSA-2025-12240.html", "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6021", "https://ubuntu.com/security/notices/USN-7694-1", "https://www.cve.org/CVERecord?id=CVE-2025-6021" ], "PublishedDate": "2025-06-12T13:15:25.59Z", "LastModifiedDate": "2026-03-24T12:16:12.097Z" }, { "VulnerabilityID": "CVE-2025-6170", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.8", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-6170", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a09292d09a6ff9d0b8dbd294ca8428e3ee1d83817d98a6b2b5d6d35962f633ce", "Title": "libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling", "Description": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.", "Severity": "MEDIUM", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "nvd": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 2.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 2.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-6170", "https://bugzilla.redhat.com/show_bug.cgi?id=2372952", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/941", "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-6170", "https://ubuntu.com/security/notices/USN-7694-1", "https://www.cve.org/CVERecord?id=CVE-2025-6170" ], "PublishedDate": "2025-06-16T16:15:20.43Z", "LastModifiedDate": "2026-03-24T05:16:23.043Z" }, { "VulnerabilityID": "CVE-2025-7425", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.10", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-7425", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f9db723784aefb1c71a8a7ee851a7ea049d0ff121fb13540a7c7b3175c7f24dc", "Title": "libxslt: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr", "Description": "A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.", "Severity": "MEDIUM", "CweIDs": [ "CWE-416" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Aug/0", "http://seclists.org/fulldisclosure/2025/Jul/30", "http://seclists.org/fulldisclosure/2025/Jul/32", "http://seclists.org/fulldisclosure/2025/Jul/35", "http://seclists.org/fulldisclosure/2025/Jul/37", "http://www.openwall.com/lists/oss-security/2025/07/11/2", "https://access.redhat.com/errata/RHSA-2025:12447", "https://access.redhat.com/errata/RHSA-2025:12450", "https://access.redhat.com/errata/RHSA-2025:13267", "https://access.redhat.com/errata/RHSA-2025:13308", "https://access.redhat.com/errata/RHSA-2025:13309", "https://access.redhat.com/errata/RHSA-2025:13310", "https://access.redhat.com/errata/RHSA-2025:13311", "https://access.redhat.com/errata/RHSA-2025:13312", "https://access.redhat.com/errata/RHSA-2025:13313", "https://access.redhat.com/errata/RHSA-2025:13314", "https://access.redhat.com/errata/RHSA-2025:13335", "https://access.redhat.com/errata/RHSA-2025:13464", "https://access.redhat.com/errata/RHSA-2025:13622", "https://access.redhat.com/errata/RHSA-2025:14059", "https://access.redhat.com/errata/RHSA-2025:14396", "https://access.redhat.com/errata/RHSA-2025:14818", "https://access.redhat.com/errata/RHSA-2025:14819", "https://access.redhat.com/errata/RHSA-2025:14853", "https://access.redhat.com/errata/RHSA-2025:14858", "https://access.redhat.com/errata/RHSA-2025:15308", "https://access.redhat.com/errata/RHSA-2025:15672", "https://access.redhat.com/errata/RHSA-2025:15827", "https://access.redhat.com/errata/RHSA-2025:15828", "https://access.redhat.com/errata/RHSA-2025:18219", "https://access.redhat.com/errata/RHSA-2025:21885", "https://access.redhat.com/errata/RHSA-2025:21913", "https://access.redhat.com/errata/RHSA-2026:0934", "https://access.redhat.com/security/cve/CVE-2025-7425", "https://bugzilla.redhat.com/2379274", "https://bugzilla.redhat.com/show_bug.cgi?id=2379274", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7425", "https://errata.almalinux.org/9/ALSA-2025-12447.html", "https://errata.rockylinux.org/RLSA-2025:12447", "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140", "https://linux.oracle.com/cve/CVE-2025-7425.html", "https://linux.oracle.com/errata/ELSA-2025-13464.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00035.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-7425", "https://ubuntu.com/security/notices/USN-7852-1", "https://ubuntu.com/security/notices/USN-7852-2", "https://ubuntu.com/security/notices/USN-7896-1", "https://www.cve.org/CVERecord?id=CVE-2025-7425" ], "PublishedDate": "2025-07-10T14:15:27.877Z", "LastModifiedDate": "2026-01-22T05:16:19.96Z" }, { "VulnerabilityID": "CVE-2025-9714", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.9", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-9714", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:1a316fb0f4b77f4e535321dfc69d083b655c1c7782b0b829a24ea7d0ac3cda16", "Title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c", "Description": "Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "alma": 2, "nvd": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:22376", "https://access.redhat.com/security/cve/CVE-2025-9714", "https://bugzilla.redhat.com/2392605", "https://bugzilla.redhat.com/show_bug.cgi?id=2392605", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714", "https://errata.almalinux.org/9/ALSA-2025-22376.html", "https://errata.rockylinux.org/RLSA-2025:22376", "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21", "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148", "https://linux.oracle.com/cve/CVE-2025-9714.html", "https://linux.oracle.com/errata/ELSA-2025-22376.html", "https://lists.debian.org/debian-lts-announce/2025/09/msg00035.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-9714", "https://ubuntu.com/security/notices/USN-7743-1", "https://www.cve.org/CVERecord?id=CVE-2025-9714" ], "PublishedDate": "2025-09-10T19:15:42.707Z", "LastModifiedDate": "2025-11-03T19:16:17.563Z" }, { "VulnerabilityID": "CVE-2026-0989", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.11", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0989", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d054e247c56633562bae946af1d60b338074fecee1d5644bd39f66bf8974a032", "Title": "libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow", "Description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested \u003cinclude\u003e directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0989", "https://bugzilla.redhat.com/show_bug.cgi?id=2429933", "https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/374", "https://nvd.nist.gov/vuln/detail/CVE-2026-0989", "https://ubuntu.com/security/notices/USN-7974-1", "https://www.cve.org/CVERecord?id=CVE-2026-0989" ], "PublishedDate": "2026-01-15T15:15:52.35Z", "LastModifiedDate": "2026-01-16T15:55:33.063Z" }, { "VulnerabilityID": "CVE-2026-0990", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.11", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0990", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a0b6c059f3ba138819e2a557d3a466e5d522bc4dd2721988e27101abb8a0ad5b", "Title": "libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing", "Description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0990", "https://bugzilla.redhat.com/show_bug.cgi?id=2429959", "https://nvd.nist.gov/vuln/detail/CVE-2026-0990", "https://ubuntu.com/security/notices/USN-7974-1", "https://www.cve.org/CVERecord?id=CVE-2026-0990" ], "PublishedDate": "2026-01-15T15:15:52.503Z", "LastModifiedDate": "2026-01-16T15:55:33.063Z" }, { "VulnerabilityID": "CVE-2026-0992", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.11", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0992", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4e28f74880bbed51a8d11b3f1b3c59751d64b507b825c5f173ba338fe9918f27", "Title": "libxml2: libxml2: Denial of Service via crafted XML catalogs", "Description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated \u003cnextCatalog\u003e elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 2, "azure": 1, "cbl-mariner": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 2.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0992", "https://bugzilla.redhat.com/show_bug.cgi?id=2429975", "https://nvd.nist.gov/vuln/detail/CVE-2026-0992", "https://ubuntu.com/security/notices/USN-7974-1", "https://www.cve.org/CVERecord?id=CVE-2026-0992" ], "PublishedDate": "2026-01-15T15:15:52.657Z", "LastModifiedDate": "2026-01-16T15:55:33.063Z" }, { "VulnerabilityID": "CVE-2024-34459", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.5", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-34459", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3b32d27d37f57f47b2e675b547714c3db4978cf7e1ac0d664f6ad8320c14c436", "Title": "libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c", "Description": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "Severity": "LOW", "CweIDs": [ "CWE-122" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 3, "photon": 3, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2024-34459", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/720", "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", "https://nvd.nist.gov/vuln/detail/CVE-2024-34459", "https://ubuntu.com/security/notices/USN-7240-1", "https://ubuntu.com/security/notices/USN-7302-1", "https://www.cve.org/CVERecord?id=CVE-2024-34459" ], "PublishedDate": "2024-05-14T15:39:11.917Z", "LastModifiedDate": "2025-11-04T22:16:01.42Z" }, { "VulnerabilityID": "CVE-2025-8732", "PkgID": "libxml2@2.9.13+dfsg-1ubuntu0.3", "PkgName": "libxml2", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04", "UID": "a486f93bd4b44fb5", "BOMRef": "pkg:deb/ubuntu/libxml2@2.9.13%2Bdfsg-1ubuntu0.3?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.9.13+dfsg-1ubuntu0.3", "FixedVersion": "2.9.13+dfsg-1ubuntu0.11", "Status": "fixed", "Layer": { "Digest": "sha256:0304682b62bc4f472af25e5e3be7b845d33a889ed17300eb41cae79cc345bec2", "DiffID": "sha256:7ce757f016a940d087ed41170c0e544b8d7f1fa5811ecd8a0b65d48096056d76" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-8732", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:53ea375835c676d08316ec3ad49aeec72b74278ce955da9b6452b986401e5284", "Title": "libxml2: libxml2: Uncontrolled Recursion Vulnerability", "Description": "A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that \"[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all.\"", "Severity": "LOW", "CweIDs": [ "CWE-404", "CWE-674" ], "VendorSeverity": { "amazon": 1, "azure": 1, "cbl-mariner": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-8732", "https://drive.google.com/file/d/1woIeYVcSQB_NwfEhaVnX6MedpWJ_nqWl/view?usp=drive_link", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/958", "https://gitlab.gnome.org/GNOME/libxml2/-/issues/958#note_2505853", "https://nvd.nist.gov/vuln/detail/CVE-2025-8732", "https://ubuntu.com/security/notices/USN-7974-1", "https://vuldb.com/?ctiid.319228", "https://vuldb.com/?id.319228", "https://vuldb.com/?submit.622285", "https://www.cve.org/CVERecord?id=CVE-2025-8732" ], "PublishedDate": "2025-08-08T17:15:30.583Z", "LastModifiedDate": "2025-08-08T20:30:18.18Z" }, { "VulnerabilityID": "CVE-2022-4899", "PkgID": "libzstd1@1.4.8+dfsg-3build1", "PkgName": "libzstd1", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/libzstd1@1.4.8%2Bdfsg-3build1?arch=i386\u0026distro=ubuntu-22.04", "UID": "efbf7875f9285a06", "BOMRef": "pkg:deb/ubuntu/libzstd1@1.4.8%2Bdfsg-3build1?arch=i386\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.4.8+dfsg-3build1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-4899", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:adac18b3b245f3f855e15e8d77d2efb84094dfe6cc9e8d54deaa16c00facc92e", "Title": "zstd: mysql: buffer overrun in util.c", "Description": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", "Severity": "LOW", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 2, "cbl-mariner": 3, "ghsa": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 1 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:1141", "https://access.redhat.com/security/cve/CVE-2022-4899", "https://bugzilla.redhat.com/2179864", "https://bugzilla.redhat.com/2188109", "https://bugzilla.redhat.com/2188113", "https://bugzilla.redhat.com/2188115", "https://bugzilla.redhat.com/2188116", "https://bugzilla.redhat.com/2188117", "https://bugzilla.redhat.com/2188118", "https://bugzilla.redhat.com/2188119", "https://bugzilla.redhat.com/2188120", "https://bugzilla.redhat.com/2188121", "https://bugzilla.redhat.com/2188122", "https://bugzilla.redhat.com/2188123", "https://bugzilla.redhat.com/2188124", "https://bugzilla.redhat.com/2188125", "https://bugzilla.redhat.com/2188127", "https://bugzilla.redhat.com/2188128", "https://bugzilla.redhat.com/2188129", "https://bugzilla.redhat.com/2188130", "https://bugzilla.redhat.com/2188131", "https://bugzilla.redhat.com/2188132", "https://bugzilla.redhat.com/2224211", "https://bugzilla.redhat.com/2224212", "https://bugzilla.redhat.com/2224213", "https://bugzilla.redhat.com/2224214", "https://bugzilla.redhat.com/2224215", "https://bugzilla.redhat.com/2224216", "https://bugzilla.redhat.com/2224217", "https://bugzilla.redhat.com/2224218", "https://bugzilla.redhat.com/2224219", "https://bugzilla.redhat.com/2224220", "https://bugzilla.redhat.com/2224221", "https://bugzilla.redhat.com/2224222", "https://bugzilla.redhat.com/2245014", "https://bugzilla.redhat.com/2245015", "https://bugzilla.redhat.com/2245016", "https://bugzilla.redhat.com/2245017", "https://bugzilla.redhat.com/2245018", "https://bugzilla.redhat.com/2245019", "https://bugzilla.redhat.com/2245020", "https://bugzilla.redhat.com/2245021", "https://bugzilla.redhat.com/2245022", "https://bugzilla.redhat.com/2245023", "https://bugzilla.redhat.com/2245024", "https://bugzilla.redhat.com/2245026", "https://bugzilla.redhat.com/2245027", "https://bugzilla.redhat.com/2245028", "https://bugzilla.redhat.com/2245029", "https://bugzilla.redhat.com/2245030", "https://bugzilla.redhat.com/2245031", "https://bugzilla.redhat.com/2245032", "https://bugzilla.redhat.com/2245033", "https://bugzilla.redhat.com/2245034", "https://bugzilla.redhat.com/2258771", "https://bugzilla.redhat.com/2258772", "https://bugzilla.redhat.com/2258773", "https://bugzilla.redhat.com/2258774", "https://bugzilla.redhat.com/2258775", "https://bugzilla.redhat.com/2258776", "https://bugzilla.redhat.com/2258777", "https://bugzilla.redhat.com/2258778", "https://bugzilla.redhat.com/2258779", "https://bugzilla.redhat.com/2258780", "https://bugzilla.redhat.com/2258781", "https://bugzilla.redhat.com/2258782", "https://bugzilla.redhat.com/2258783", "https://bugzilla.redhat.com/2258784", "https://bugzilla.redhat.com/2258785", "https://bugzilla.redhat.com/2258787", "https://bugzilla.redhat.com/2258788", "https://bugzilla.redhat.com/2258789", "https://bugzilla.redhat.com/2258790", "https://bugzilla.redhat.com/2258791", "https://bugzilla.redhat.com/2258792", "https://bugzilla.redhat.com/2258793", "https://bugzilla.redhat.com/2258794", "https://bugzilla.redhat.com/show_bug.cgi?id=2179864", "https://bugzilla.redhat.com/show_bug.cgi?id=2188109", "https://bugzilla.redhat.com/show_bug.cgi?id=2188113", "https://bugzilla.redhat.com/show_bug.cgi?id=2188115", "https://bugzilla.redhat.com/show_bug.cgi?id=2188116", "https://bugzilla.redhat.com/show_bug.cgi?id=2188117", "https://bugzilla.redhat.com/show_bug.cgi?id=2188118", "https://bugzilla.redhat.com/show_bug.cgi?id=2188119", "https://bugzilla.redhat.com/show_bug.cgi?id=2188120", "https://bugzilla.redhat.com/show_bug.cgi?id=2188121", "https://bugzilla.redhat.com/show_bug.cgi?id=2188122", "https://bugzilla.redhat.com/show_bug.cgi?id=2188123", "https://bugzilla.redhat.com/show_bug.cgi?id=2188124", "https://bugzilla.redhat.com/show_bug.cgi?id=2188125", "https://bugzilla.redhat.com/show_bug.cgi?id=2188127", "https://bugzilla.redhat.com/show_bug.cgi?id=2188128", "https://bugzilla.redhat.com/show_bug.cgi?id=2188129", "https://bugzilla.redhat.com/show_bug.cgi?id=2188130", "https://bugzilla.redhat.com/show_bug.cgi?id=2188131", "https://bugzilla.redhat.com/show_bug.cgi?id=2188132", "https://bugzilla.redhat.com/show_bug.cgi?id=2224211", "https://bugzilla.redhat.com/show_bug.cgi?id=2224212", "https://bugzilla.redhat.com/show_bug.cgi?id=2224213", "https://bugzilla.redhat.com/show_bug.cgi?id=2224214", "https://bugzilla.redhat.com/show_bug.cgi?id=2224215", "https://bugzilla.redhat.com/show_bug.cgi?id=2224216", "https://bugzilla.redhat.com/show_bug.cgi?id=2224217", "https://bugzilla.redhat.com/show_bug.cgi?id=2224218", "https://bugzilla.redhat.com/show_bug.cgi?id=2224219", "https://bugzilla.redhat.com/show_bug.cgi?id=2224220", "https://bugzilla.redhat.com/show_bug.cgi?id=2224221", "https://bugzilla.redhat.com/show_bug.cgi?id=2224222", "https://bugzilla.redhat.com/show_bug.cgi?id=2245014", "https://bugzilla.redhat.com/show_bug.cgi?id=2245015", "https://bugzilla.redhat.com/show_bug.cgi?id=2245016", "https://bugzilla.redhat.com/show_bug.cgi?id=2245017", "https://bugzilla.redhat.com/show_bug.cgi?id=2245018", "https://bugzilla.redhat.com/show_bug.cgi?id=2245019", "https://bugzilla.redhat.com/show_bug.cgi?id=2245020", "https://bugzilla.redhat.com/show_bug.cgi?id=2245021", "https://bugzilla.redhat.com/show_bug.cgi?id=2245022", "https://bugzilla.redhat.com/show_bug.cgi?id=2245023", "https://bugzilla.redhat.com/show_bug.cgi?id=2245024", "https://bugzilla.redhat.com/show_bug.cgi?id=2245026", "https://bugzilla.redhat.com/show_bug.cgi?id=2245027", "https://bugzilla.redhat.com/show_bug.cgi?id=2245028", "https://bugzilla.redhat.com/show_bug.cgi?id=2245029", "https://bugzilla.redhat.com/show_bug.cgi?id=2245030", "https://bugzilla.redhat.com/show_bug.cgi?id=2245031", "https://bugzilla.redhat.com/show_bug.cgi?id=2245032", "https://bugzilla.redhat.com/show_bug.cgi?id=2245033", "https://bugzilla.redhat.com/show_bug.cgi?id=2245034", "https://bugzilla.redhat.com/show_bug.cgi?id=2258771", "https://bugzilla.redhat.com/show_bug.cgi?id=2258772", "https://bugzilla.redhat.com/show_bug.cgi?id=2258773", "https://bugzilla.redhat.com/show_bug.cgi?id=2258774", "https://bugzilla.redhat.com/show_bug.cgi?id=2258775", "https://bugzilla.redhat.com/show_bug.cgi?id=2258776", "https://bugzilla.redhat.com/show_bug.cgi?id=2258777", "https://bugzilla.redhat.com/show_bug.cgi?id=2258778", "https://bugzilla.redhat.com/show_bug.cgi?id=2258779", "https://bugzilla.redhat.com/show_bug.cgi?id=2258780", "https://bugzilla.redhat.com/show_bug.cgi?id=2258781", "https://bugzilla.redhat.com/show_bug.cgi?id=2258782", "https://bugzilla.redhat.com/show_bug.cgi?id=2258783", "https://bugzilla.redhat.com/show_bug.cgi?id=2258784", "https://bugzilla.redhat.com/show_bug.cgi?id=2258785", "https://bugzilla.redhat.com/show_bug.cgi?id=2258787", "https://bugzilla.redhat.com/show_bug.cgi?id=2258788", "https://bugzilla.redhat.com/show_bug.cgi?id=2258789", "https://bugzilla.redhat.com/show_bug.cgi?id=2258790", "https://bugzilla.redhat.com/show_bug.cgi?id=2258791", "https://bugzilla.redhat.com/show_bug.cgi?id=2258792", "https://bugzilla.redhat.com/show_bug.cgi?id=2258793", "https://bugzilla.redhat.com/show_bug.cgi?id=2258794", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4899", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21911", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21919", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21920", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21929", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21933", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21935", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21940", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21945", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21946", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21947", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21953", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21955", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21962", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21966", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21972", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21976", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21977", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21980", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21982", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22005", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22007", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22008", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22032", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22033", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22038", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22046", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22048", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22054", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22056", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22057", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22058", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22059", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22064", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22065", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22066", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22068", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22070", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22078", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22079", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22092", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22097", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22103", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22104", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22110", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22111", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22112", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22113", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22114", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22115", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20960", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20961", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20962", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20963", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20964", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20965", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20966", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20967", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20968", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20969", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20970", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20971", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20972", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20973", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20974", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20976", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20977", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20978", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20981", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20982", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20983", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20984", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20985", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20993", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21049", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21050", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21051", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21052", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21053", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21055", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21056", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21057", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21061", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21137", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21200", "https://errata.almalinux.org/9/ALSA-2024-1141.html", "https://errata.rockylinux.org/RLSA-2024:0894", "https://github.com/facebook/zstd", "https://github.com/facebook/zstd/issues/3200", "https://github.com/facebook/zstd/pull/3220", "https://github.com/pypa/advisory-database/tree/main/vulns/zstd/PYSEC-2023-121.yaml", "https://github.com/sergey-dryabzhinsky/python-zstd/commit/c8a619aebdbd6b838fbfef6e19325a70f631a4c6", "https://linux.oracle.com/cve/CVE-2022-4899.html", "https://linux.oracle.com/errata/ELSA-2024-1141.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN", "https://nvd.nist.gov/vuln/detail/CVE-2022-4899", "https://security.netapp.com/advisory/ntap-20230725-0005", "https://security.netapp.com/advisory/ntap-20230725-0005/", "https://www.cve.org/CVERecord?id=CVE-2022-4899" ], "PublishedDate": "2023-03-31T20:15:07.213Z", "LastModifiedDate": "2025-02-18T18:15:14.023Z" }, { "VulnerabilityID": "CVE-2023-29383", "PkgID": "login@1:4.8.1-2ubuntu2.1", "PkgName": "login", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "f6b18d3c8eaf4120", "BOMRef": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29383", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ca21c470b7894f805b35b2c1f3b2ae95fd72f5a57802df0d120c977d4b0f9119", "Title": "shadow: Improper input validation in shadow-utils package utility chfn", "Description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.", "Severity": "LOW", "CweIDs": [ "CWE-74", "CWE-125" ], "VendorSeverity": { "cbl-mariner": 1, "nvd": 1, "photon": 1, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-29383", "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", "https://github.com/shadow-maint/shadow/pull/687", "https://lists.debian.org/debian-lts-announce/2025/04/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", "https://www.cve.org/CVERecord?id=CVE-2023-29383", "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797" ], "PublishedDate": "2023-04-14T22:15:07.68Z", "LastModifiedDate": "2025-11-03T20:16:01.283Z" }, { "VulnerabilityID": "CVE-2023-4641", "PkgID": "login@1:4.8.1-2ubuntu2.1", "PkgName": "login", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "f6b18d3c8eaf4120", "BOMRef": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "FixedVersion": "1:4.8.1-2ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4641", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6f3f09c45c2214937085985e1b4a805aa63a488ea46caf1f4104276410330a80", "Title": "shadow-utils: possible password leak during passwd(1) change", "Description": "A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.", "Severity": "LOW", "CweIDs": [ "CWE-303", "CWE-287" ], "VendorSeverity": { "alma": 1, "amazon": 1, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6632", "https://access.redhat.com/errata/RHSA-2023:7112", "https://access.redhat.com/errata/RHSA-2024:0417", "https://access.redhat.com/errata/RHSA-2024:2577", "https://access.redhat.com/security/cve/CVE-2023-4641", "https://bugzilla.redhat.com/2215945", "https://bugzilla.redhat.com/show_bug.cgi?id=2215945", "https://errata.almalinux.org/9/ALSA-2023-6632.html", "https://linux.oracle.com/cve/CVE-2023-4641.html", "https://linux.oracle.com/errata/ELSA-2023-7112.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4641", "https://ubuntu.com/security/notices/USN-6640-1", "https://www.cve.org/CVERecord?id=CVE-2023-4641" ], "PublishedDate": "2023-12-27T16:15:13.363Z", "LastModifiedDate": "2025-11-03T20:16:05.017Z" }, { "VulnerabilityID": "CVE-2024-56433", "PkgID": "login@1:4.8.1-2ubuntu2.1", "PkgName": "login", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "f6b18d3c8eaf4120", "BOMRef": "pkg:deb/ubuntu/login@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56433", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:e9df2c25560e954792f5daa6712d3e2db1729cc3c8c9e0efbd539705b03f70dd", "Title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise", "Description": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "Severity": "LOW", "CweIDs": [ "CWE-1188" ], "VendorSeverity": { "alma": 1, "azure": 1, "oracle-oval": 1, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 3.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:20559", "https://access.redhat.com/security/cve/CVE-2024-56433", "https://bugzilla.redhat.com/2334165", "https://bugzilla.redhat.com/show_bug.cgi?id=2334165", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433", "https://errata.almalinux.org/9/ALSA-2025-20559.html", "https://errata.rockylinux.org/RLSA-2025:20559", "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241", "https://github.com/shadow-maint/shadow/issues/1157", "https://github.com/shadow-maint/shadow/releases/tag/4.4", "https://linux.oracle.com/cve/CVE-2024-56433.html", "https://linux.oracle.com/errata/ELSA-2025-20559-0.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-56433", "https://www.cve.org/CVERecord?id=CVE-2024-56433" ], "PublishedDate": "2024-12-26T09:15:07.267Z", "LastModifiedDate": "2024-12-26T09:15:07.267Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "mount@2.37.2-4ubuntu3", "PkgName": "mount", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/mount@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f67614957785e847", "BOMRef": "pkg:deb/ubuntu/mount@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:cb36a9830a986b8b5620dae4c7108d5490e0dd71d9b072c28a8f6c657f982bd1", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" }, { "VulnerabilityID": "CVE-2023-29491", "PkgID": "ncurses-base@6.3-2", "PkgName": "ncurses-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04", "UID": "3a589d901234074a", "BOMRef": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:23117050f60d706ee9b15c28d805402123f782e0698a4f5690393eae3a4340f4", "Title": "ncurses: Local users can trigger security-relevant memory corruption via malformed data", "Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", "http://www.openwall.com/lists/oss-security/2023/04/19/11", "https://access.redhat.com/errata/RHSA-2023:6698", "https://access.redhat.com/security/cve/CVE-2023-29491", "https://bugzilla.redhat.com/2191704", "https://errata.almalinux.org/9/ALSA-2023-6698.html", "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", "https://linux.oracle.com/cve/CVE-2023-29491.html", "https://linux.oracle.com/errata/ELSA-2023-6698.html", "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", "https://security.netapp.com/advisory/ntap-20230517-0009/", "https://support.apple.com/kb/HT213843", "https://support.apple.com/kb/HT213844", "https://support.apple.com/kb/HT213845", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2023-29491", "https://www.openwall.com/lists/oss-security/2023/04/12/5", "https://www.openwall.com/lists/oss-security/2023/04/13/4" ], "PublishedDate": "2023-04-14T01:15:08.57Z", "LastModifiedDate": "2025-11-04T19:15:42.307Z" }, { "VulnerabilityID": "CVE-2022-29458", "PkgID": "ncurses-base@6.3-2", "PkgName": "ncurses-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04", "UID": "3a589d901234074a", "BOMRef": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-29458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:02535498abd06d2d3ea4350fbc9b61177c9b054d7b0fb9bdf253b3db636c2dc1", "Title": "ncurses: segfaulting OOB read", "Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "V2Score": 5.8, "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "V3Score": 6.1 } }, "References": [ "http://seclists.org/fulldisclosure/2022/Oct/28", "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", "https://bugzilla.redhat.com/show_bug.cgi?id=2076483", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", "https://errata.rockylinux.org/RLSA-2025:12876", "https://invisible-island.net/ncurses/NEWS.html#t20220416", "https://linux.oracle.com/cve/CVE-2022-29458.html", "https://linux.oracle.com/errata/ELSA-2025-12876.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "https://support.apple.com/kb/HT213488", "https://ubuntu.com/security/notices/USN-5477-1", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2022-29458" ], "PublishedDate": "2022-04-18T21:15:07.6Z", "LastModifiedDate": "2025-06-09T15:15:27.43Z" }, { "VulnerabilityID": "CVE-2023-50495", "PkgID": "ncurses-base@6.3-2", "PkgName": "ncurses-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04", "UID": "3a589d901234074a", "BOMRef": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50495", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:5f4017ed870fd91ddf228db1fdb6ba7e8a7c934ab4f2076ddb87f180974b8495", "Title": "ncurses: segmentation fault via _nc_wrap_entry()", "Description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "Severity": "LOW", "VendorSeverity": { "amazon": 2, "cbl-mariner": 2, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-50495", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-50495", "https://security.netapp.com/advisory/ntap-20240119-0008/", "https://ubuntu.com/security/notices/USN-6684-1", "https://www.cve.org/CVERecord?id=CVE-2023-50495" ], "PublishedDate": "2023-12-12T15:15:07.867Z", "LastModifiedDate": "2025-11-04T19:16:14.45Z" }, { "VulnerabilityID": "CVE-2023-29491", "PkgID": "ncurses-bin@6.3-2", "PkgName": "ncurses-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e68a54a2be1b49a3", "BOMRef": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29491", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7912a4f28d0a675df949a72f0b0f976d6f9a63d0f506f13768b8b348064c1118", "Title": "ncurses: Local users can trigger security-relevant memory corruption via malformed data", "Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 } }, "References": [ "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56", "http://www.openwall.com/lists/oss-security/2023/04/19/10", "http://www.openwall.com/lists/oss-security/2023/04/19/11", "https://access.redhat.com/errata/RHSA-2023:6698", "https://access.redhat.com/security/cve/CVE-2023-29491", "https://bugzilla.redhat.com/2191704", "https://errata.almalinux.org/9/ALSA-2023-6698.html", "https://invisible-island.net/ncurses/NEWS.html#index-t20230408", "https://linux.oracle.com/cve/CVE-2023-29491.html", "https://linux.oracle.com/errata/ELSA-2023-6698.html", "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://nvd.nist.gov/vuln/detail/CVE-2023-29491", "https://security.netapp.com/advisory/ntap-20230517-0009/", "https://support.apple.com/kb/HT213843", "https://support.apple.com/kb/HT213844", "https://support.apple.com/kb/HT213845", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2023-29491", "https://www.openwall.com/lists/oss-security/2023/04/12/5", "https://www.openwall.com/lists/oss-security/2023/04/13/4" ], "PublishedDate": "2023-04-14T01:15:08.57Z", "LastModifiedDate": "2025-11-04T19:15:42.307Z" }, { "VulnerabilityID": "CVE-2022-29458", "PkgID": "ncurses-bin@6.3-2", "PkgName": "ncurses-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e68a54a2be1b49a3", "BOMRef": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "FixedVersion": "6.3-2ubuntu0.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-29458", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:290b830a019653614e335400ecddae19007fc0c70ac27a02129b6022fdcf6ee2", "Title": "ncurses: segfaulting OOB read", "Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.", "Severity": "LOW", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 1, "photon": 3, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V2Vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "V2Score": 5.8, "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "V3Score": 6.1 } }, "References": [ "http://seclists.org/fulldisclosure/2022/Oct/28", "http://seclists.org/fulldisclosure/2022/Oct/41", "https://access.redhat.com/security/cve/CVE-2022-29458", "https://bugzilla.redhat.com/show_bug.cgi?id=2076483", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458", "https://errata.rockylinux.org/RLSA-2025:12876", "https://invisible-island.net/ncurses/NEWS.html#t20220416", "https://linux.oracle.com/cve/CVE-2022-29458.html", "https://linux.oracle.com/errata/ELSA-2025-12876.html", "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html", "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html", "https://nvd.nist.gov/vuln/detail/CVE-2022-29458", "https://support.apple.com/kb/HT213488", "https://ubuntu.com/security/notices/USN-5477-1", "https://ubuntu.com/security/notices/USN-6099-1", "https://www.cve.org/CVERecord?id=CVE-2022-29458" ], "PublishedDate": "2022-04-18T21:15:07.6Z", "LastModifiedDate": "2025-06-09T15:15:27.43Z" }, { "VulnerabilityID": "CVE-2023-50495", "PkgID": "ncurses-bin@6.3-2", "PkgName": "ncurses-bin", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04", "UID": "e68a54a2be1b49a3", "BOMRef": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "6.3-2", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-50495", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:79928be1aa738242c2f38bbe3e5c13be6aebe09bc1aa81f61bf049e7197f8334", "Title": "ncurses: segmentation fault via _nc_wrap_entry()", "Description": "NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().", "Severity": "LOW", "VendorSeverity": { "amazon": 2, "cbl-mariner": 2, "nvd": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-50495", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html", "https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-50495", "https://security.netapp.com/advisory/ntap-20240119-0008/", "https://ubuntu.com/security/notices/USN-6684-1", "https://www.cve.org/CVERecord?id=CVE-2023-50495" ], "PublishedDate": "2023-12-12T15:15:07.867Z", "LastModifiedDate": "2025-11-04T19:16:14.45Z" }, { "VulnerabilityID": "CVE-2025-15467", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f892c3d07497c738", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15467", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:6ed463f1d3729ccd264855835b4c5d9ad1c1c4e5614fc1becebeda7ee275948a", "Title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing", "Description": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 4, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/01/27/10", "http://www.openwall.com/lists/oss-security/2026/02/25/6", "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-15467", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/guiimoraes/CVE-2025-15467", "https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703", "https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9", "https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3", "https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e", "https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc", "https://linux.oracle.com/cve/CVE-2025-15467.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-15467", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://www.cve.org/CVERecord?id=CVE-2025-15467" ], "PublishedDate": "2026-01-27T16:16:14.257Z", "LastModifiedDate": "2026-03-19T19:16:19.23Z" }, { "VulnerabilityID": "CVE-2025-68160", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f892c3d07497c738", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-68160", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:d7015257f5df857d7a3d3b90a4c052ba78b1cad805ade7577abbcda478f46ad1", "Title": "openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter", "Description": "Issue summary: Writing large, newline-free data into a BIO chain using the\nline-buffering filter where the next BIO performs short writes can trigger\na heap-based out-of-bounds write.\n\nImpact summary: This out-of-bounds write can cause memory corruption which\ntypically results in a crash, leading to Denial of Service for an application.\n\nThe line-buffering BIO filter (BIO_f_linebuffer) is not used by default in\nTLS/SSL data paths. In OpenSSL command-line applications, it is typically\nonly pushed onto stdout/stderr on VMS systems. Third-party applications that\nexplicitly use this filter with a BIO chain that can short-write and that\nwrite large, newline-free data influenced by an attacker would be affected.\nHowever, the circumstances where this could happen are unlikely to be under\nattacker control, and BIO_f_linebuffer is unlikely to be handling non-curated\ndata controlled by an attacker. For that reason the issue was assessed as\nLow severity.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the BIO implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 4.7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-68160", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/384011202af92605d926fafe4a0bcd6b65d162ad", "https://github.com/openssl/openssl/commit/475c466ef2fbd8fc1df6fae1c3eed9c813fc8ff6", "https://github.com/openssl/openssl/commit/4c96fbba618e1940f038012506ee9e21d32ee12c", "https://github.com/openssl/openssl/commit/6845c3b6460a98b1ec4e463baa2ea1a63a32d7c0", "https://github.com/openssl/openssl/commit/68a7cd2e2816c3a02f4d45a2ce43fc04fac97096", "https://linux.oracle.com/cve/CVE-2025-68160.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-68160", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-68160" ], "PublishedDate": "2026-01-27T16:16:15.9Z", "LastModifiedDate": "2026-02-02T18:36:57.727Z" }, { "VulnerabilityID": "CVE-2025-69418", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f892c3d07497c738", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69418", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c7323319a2cffd4a946e9099e1268ecb17d1142731c1ea81ed316c4cd9f5cb7a", "Title": "openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls", "Description": "Issue summary: When using the low-level OCB API directly with AES-NI or\u003cbr\u003eother hardware-accelerated code paths, inputs whose length is not a multiple\u003cbr\u003eof 16 bytes can leave the final partial block unencrypted and unauthenticated.\u003cbr\u003e\u003cbr\u003eImpact summary: The trailing 1-15 bytes of a message may be exposed in\u003cbr\u003ecleartext on encryption and are not covered by the authentication tag,\u003cbr\u003eallowing an attacker to read or tamper with those bytes without detection.\u003cbr\u003e\u003cbr\u003eThe low-level OCB encrypt and decrypt routines in the hardware-accelerated\u003cbr\u003estream path process full 16-byte blocks but do not advance the input/output\u003cbr\u003epointers. The subsequent tail-handling code then operates on the original\u003cbr\u003ebase pointers, effectively reprocessing the beginning of the buffer while\u003cbr\u003eleaving the actual trailing bytes unprocessed. The authentication checksum\u003cbr\u003ealso excludes the true tail bytes.\u003cbr\u003e\u003cbr\u003eHowever, typical OpenSSL consumers using EVP are not affected because the\u003cbr\u003ehigher-level EVP and provider OCB implementations split inputs so that full\u003cbr\u003eblocks and trailing partial blocks are processed in separate calls, avoiding\u003cbr\u003ethe problematic code path. Additionally, TLS does not use OCB ciphersuites.\u003cbr\u003eThe vulnerability only affects applications that call the low-level\u003cbr\u003eCRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with\u003cbr\u003enon-block-aligned lengths in a single call on hardware-accelerated builds.\u003cbr\u003eFor these reasons the issue was assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected\u003cbr\u003eby this issue, as OCB mode is not a FIPS-approved algorithm.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-325" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69418", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/372fc5c77529695b05b4f5b5187691a57ef5dffc", "https://github.com/openssl/openssl/commit/4016975d4469cd6b94927c607f7c511385f928d8", "https://github.com/openssl/openssl/commit/52d23c86a54adab5ee9f80e48b242b52c4cc2347", "https://github.com/openssl/openssl/commit/a7589230356d908c0eca4b969ec4f62106f4f5ae", "https://github.com/openssl/openssl/commit/ed40856d7d4ba6cb42779b6770666a65f19cb977", "https://linux.oracle.com/cve/CVE-2025-69418.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69418", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69418" ], "PublishedDate": "2026-01-27T16:16:33.253Z", "LastModifiedDate": "2026-02-02T18:36:03.557Z" }, { "VulnerabilityID": "CVE-2025-69419", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f892c3d07497c738", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69419", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:cc56607bbaff9eeae8fcef65a7966174ed1a30e4bb59871c8fcd6d8315179592", "Title": "openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing", "Description": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously\ncrafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing\nnon-ASCII BMP code point can trigger a one byte write before the allocated\nbuffer.\n\nImpact summary: The out-of-bounds write can cause a memory corruption\nwhich can have various consequences including a Denial of Service.\n\nThe OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12\nBMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes,\nthe helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16\nsource byte count as the destination buffer capacity to UTF8_putc(). For BMP\ncode points above U+07FF, UTF-8 requires three bytes, but the forwarded\ncapacity can be just two bytes. UTF8_putc() then returns -1, and this negative\nvalue is added to the output length without validation, causing the\nlength to become negative. The subsequent trailing NUL byte is then written\nat a negative offset, causing write outside of heap allocated buffer.\n\nThe vulnerability is reachable via the public PKCS12_get_friendlyname() API\nwhen parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a\ndifferent code path that avoids this issue, PKCS12_get_friendlyname() directly\ninvokes the vulnerable function. Exploitation requires an attacker to provide\na malicious PKCS#12 file to be parsed by the application and the attacker\ncan just trigger a one zero byte write before the allocated buffer.\nFor that reason the issue was assessed as Low severity according to our\nSecurity Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4472", "https://access.redhat.com/security/cve/CVE-2025-69419", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-4472.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296", "https://github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecb", "https://github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2", "https://github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015", "https://github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535", "https://linux.oracle.com/cve/CVE-2025-69419.html", "https://linux.oracle.com/errata/ELSA-2026-50131.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69419", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69419" ], "PublishedDate": "2026-01-27T16:16:34.113Z", "LastModifiedDate": "2026-02-02T18:35:02.177Z" }, { "VulnerabilityID": "CVE-2025-69420", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f892c3d07497c738", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69420", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:adb64774d8ed32213cb0fa00685372c97597a298aed370b4541e3a5203a38d4e", "Title": "openssl: OpenSSL: Denial of Service via malformed TimeStamp Response", "Description": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response\nverification code where an ASN1_TYPE union member is accessed without first\nvalidating the type, causing an invalid or NULL pointer dereference when\nprocessing a malformed TimeStamp Response file.\n\nImpact summary: An application calling TS_RESP_verify_response() with a\nmalformed TimeStamp Response can be caused to dereference an invalid or\nNULL pointer when reading, resulting in a Denial of Service.\n\nThe functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2()\naccess the signing cert attribute value without validating its type.\nWhen the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory\nthrough the ASN1_TYPE union, causing a crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nTimeStamp Response to an application that verifies timestamp responses. The\nTimeStamp protocol (RFC 3161) is not widely used and the impact of the\nexploit is just a Denial of Service. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the TimeStamp Response implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69420", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/27c7012c91cc986a598d7540f3079dfde2416eb9", "https://github.com/openssl/openssl/commit/4e254b48ad93cc092be3dd62d97015f33f73133a", "https://github.com/openssl/openssl/commit/564fd9c73787f25693bf9e75faf7bf6bb1305d4e", "https://github.com/openssl/openssl/commit/5eb0770ffcf11b785cf374ff3c19196245e54f1b", "https://github.com/openssl/openssl/commit/a99349ebfc519999edc50620abe24d599b9eb085", "https://linux.oracle.com/cve/CVE-2025-69420.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69420", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69420" ], "PublishedDate": "2026-01-27T16:16:34.317Z", "LastModifiedDate": "2026-02-02T18:33:30.557Z" }, { "VulnerabilityID": "CVE-2025-69421", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f892c3d07497c738", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69421", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:944ffcf00791f0e77927eadf50bb008fb5c293d8c22b1dfe41b36cd997e412ad", "Title": "openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing", "Description": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer\ndereference in the PKCS12_item_decrypt_d2i_ex() function.\n\nImpact summary: A NULL pointer dereference can trigger a crash which leads to\nDenial of Service for an application processing PKCS#12 files.\n\nThe PKCS12_item_decrypt_d2i_ex() function does not check whether the oct\nparameter is NULL before dereferencing it. When called from\nPKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can\nbe NULL, causing a crash. The vulnerability is limited to Denial of Service\nand cannot be escalated to achieve code execution or memory disclosure.\n\nExploiting this issue requires an attacker to provide a malformed PKCS#12 file\nto an application that processes it. For that reason the issue was assessed as\nLow severity according to our Security Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-476" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "nvd": 3, "oracle-oval": 3, "photon": 3, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2025-69421", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b", "https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7", "https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd", "https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3", "https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c", "https://linux.oracle.com/cve/CVE-2025-69421.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-69421", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2025-69421" ], "PublishedDate": "2026-01-27T16:16:34.437Z", "LastModifiedDate": "2026-02-28T04:16:17.457Z" }, { "VulnerabilityID": "CVE-2026-22795", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f892c3d07497c738", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22795", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c43c9721a008bdfb1b727ed6664a28b0d2a4779ccbbeab4fc7ea42c69c2eb869", "Title": "openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing", "Description": "Issue summary: An invalid or NULL pointer dereference can happen in\nan application processing a malformed PKCS#12 file.\n\nImpact summary: An application processing a malformed PKCS#12 file can be\ncaused to dereference an invalid or NULL pointer on memory read, resulting\nin a Denial of Service.\n\nA type confusion vulnerability exists in PKCS#12 parsing code where\nan ASN1_TYPE union member is accessed without first validating the type,\ncausing an invalid pointer read.\n\nThe location is constrained to a 1-byte address space, meaning any\nattempted pointer manipulation can only target addresses between 0x00 and 0xFF.\nThis range corresponds to the zero page, which is unmapped on most modern\noperating systems and will reliably result in a crash, leading only to a\nDenial of Service. Exploiting this issue also requires a user or application\nto process a maliciously crafted PKCS#12 file. It is uncommon to accept\nuntrusted PKCS#12 files in applications as they are usually used to store\nprivate keys which are trusted by definition. For these reasons, the issue\nwas assessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2026-22795", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49", "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12", "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e", "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "https://linux.oracle.com/cve/CVE-2026-22795.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-22795", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2026-22795" ], "PublishedDate": "2026-01-27T16:16:35.43Z", "LastModifiedDate": "2026-02-02T18:41:14.917Z" }, { "VulnerabilityID": "CVE-2026-22796", "PkgID": "openssl@3.0.2-0ubuntu1.20", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04", "UID": "f892c3d07497c738", "BOMRef": "pkg:deb/ubuntu/openssl@3.0.2-0ubuntu1.20?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.0.2-0ubuntu1.20", "FixedVersion": "3.0.2-0ubuntu1.21", "Status": "fixed", "Layer": { "Digest": "sha256:525d95855eb17a2c28736a64f32a6ae16a6090f0ea2684a42b6e01c892389cf4", "DiffID": "sha256:72421e5dfbb161c5ee6ca5f874be3ff18cbe048f2ec473642431317cd9a3bf9d" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22796", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:2b33ce142199136556003d0a831958e280fbd0486222e010d0a17d0ddc617108", "Title": "openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification", "Description": "Issue summary: A type confusion vulnerability exists in the signature\nverification of signed PKCS#7 data where an ASN1_TYPE union member is\naccessed without first validating the type, causing an invalid or NULL\npointer dereference when processing malformed PKCS#7 data.\n\nImpact summary: An application performing signature verification of PKCS#7\ndata or calling directly the PKCS7_digest_from_attributes() function can be\ncaused to dereference an invalid or NULL pointer when reading, resulting in\na Denial of Service.\n\nThe function PKCS7_digest_from_attributes() accesses the message digest attribute\nvalue without validating its type. When the type is not V_ASN1_OCTET_STRING,\nthis results in accessing invalid memory through the ASN1_TYPE union, causing\na crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nsigned PKCS#7 to an application that verifies it. The impact of the\nexploit is just a Denial of Service, the PKCS7 API is legacy and applications\nshould be using the CMS API instead. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#7 parsing implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "Severity": "LOW", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "alma": 3, "amazon": 3, "azure": 2, "cbl-mariner": 2, "oracle-oval": 3, "photon": 2, "redhat": 1, "rocky": 3, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1473", "https://access.redhat.com/security/cve/CVE-2026-22796", "https://bugzilla.redhat.com/2430375", "https://bugzilla.redhat.com/2430376", "https://bugzilla.redhat.com/2430377", "https://bugzilla.redhat.com/2430378", "https://bugzilla.redhat.com/2430379", "https://bugzilla.redhat.com/2430380", "https://bugzilla.redhat.com/2430381", "https://bugzilla.redhat.com/2430386", "https://bugzilla.redhat.com/2430387", "https://bugzilla.redhat.com/2430388", "https://bugzilla.redhat.com/2430389", "https://bugzilla.redhat.com/2430390", "https://bugzilla.redhat.com/show_bug.cgi?id=2430375", "https://bugzilla.redhat.com/show_bug.cgi?id=2430376", "https://bugzilla.redhat.com/show_bug.cgi?id=2430377", "https://bugzilla.redhat.com/show_bug.cgi?id=2430378", "https://bugzilla.redhat.com/show_bug.cgi?id=2430379", "https://bugzilla.redhat.com/show_bug.cgi?id=2430380", "https://bugzilla.redhat.com/show_bug.cgi?id=2430381", "https://bugzilla.redhat.com/show_bug.cgi?id=2430386", "https://bugzilla.redhat.com/show_bug.cgi?id=2430387", "https://bugzilla.redhat.com/show_bug.cgi?id=2430388", "https://bugzilla.redhat.com/show_bug.cgi?id=2430389", "https://bugzilla.redhat.com/show_bug.cgi?id=2430390", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11187", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15467", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15468", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15469", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66199", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68160", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69418", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69419", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69420", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69421", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22795", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22796", "https://errata.almalinux.org/9/ALSA-2026-1473.html", "https://errata.rockylinux.org/RLSA-2026:1473", "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4", "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49", "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12", "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e", "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2", "https://linux.oracle.com/cve/CVE-2026-22796.html", "https://linux.oracle.com/errata/ELSA-2026-50081.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-22796", "https://openssl-library.org/news/secadv/20260127.txt", "https://ubuntu.com/security/notices/USN-7980-1", "https://ubuntu.com/security/notices/USN-7980-2", "https://www.cve.org/CVERecord?id=CVE-2026-22796" ], "PublishedDate": "2026-01-27T16:16:35.543Z", "LastModifiedDate": "2026-02-02T18:40:27.467Z" }, { "VulnerabilityID": "CVE-2023-29383", "PkgID": "passwd@1:4.8.1-2ubuntu2.1", "PkgName": "passwd", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "4b89c00035057c2", "BOMRef": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-29383", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:3527a01dc90422bfb7e311fffe45920bcbe1bedeb8ffba806feadb63a9bd2ab8", "Title": "shadow: Improper input validation in shadow-utils package utility chfn", "Description": "In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.", "Severity": "LOW", "CweIDs": [ "CWE-74", "CWE-125" ], "VendorSeverity": { "cbl-mariner": 1, "nvd": 1, "photon": 1, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-29383", "https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d", "https://github.com/shadow-maint/shadow/pull/687", "https://lists.debian.org/debian-lts-announce/2025/04/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-29383", "https://www.cve.org/CVERecord?id=CVE-2023-29383", "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/", "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797" ], "PublishedDate": "2023-04-14T22:15:07.68Z", "LastModifiedDate": "2025-11-03T20:16:01.283Z" }, { "VulnerabilityID": "CVE-2023-4641", "PkgID": "passwd@1:4.8.1-2ubuntu2.1", "PkgName": "passwd", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "4b89c00035057c2", "BOMRef": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "FixedVersion": "1:4.8.1-2ubuntu2.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4641", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8b110167b47b7a818a8684af37650b1e8360441c43aee707b14aed0aa271fa61", "Title": "shadow-utils: possible password leak during passwd(1) change", "Description": "A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.", "Severity": "LOW", "CweIDs": [ "CWE-303", "CWE-287" ], "VendorSeverity": { "alma": 1, "amazon": 1, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 1, "photon": 2, "redhat": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6632", "https://access.redhat.com/errata/RHSA-2023:7112", "https://access.redhat.com/errata/RHSA-2024:0417", "https://access.redhat.com/errata/RHSA-2024:2577", "https://access.redhat.com/security/cve/CVE-2023-4641", "https://bugzilla.redhat.com/2215945", "https://bugzilla.redhat.com/show_bug.cgi?id=2215945", "https://errata.almalinux.org/9/ALSA-2023-6632.html", "https://linux.oracle.com/cve/CVE-2023-4641.html", "https://linux.oracle.com/errata/ELSA-2023-7112.html", "https://lists.debian.org/debian-lts-announce/2025/04/msg00026.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-4641", "https://ubuntu.com/security/notices/USN-6640-1", "https://www.cve.org/CVERecord?id=CVE-2023-4641" ], "PublishedDate": "2023-12-27T16:15:13.363Z", "LastModifiedDate": "2025-11-03T20:16:05.017Z" }, { "VulnerabilityID": "CVE-2024-56433", "PkgID": "passwd@1:4.8.1-2ubuntu2.1", "PkgName": "passwd", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1", "UID": "4b89c00035057c2", "BOMRef": "pkg:deb/ubuntu/passwd@4.8.1-2ubuntu2.1?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=1" }, "InstalledVersion": "1:4.8.1-2ubuntu2.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56433", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:464d61ff4cc08b0f980e8385b50ff2d3e8b9bbdc535c625bc1f4bb7327aab5a7", "Title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise", "Description": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.", "Severity": "LOW", "CweIDs": [ "CWE-1188" ], "VendorSeverity": { "alma": 1, "azure": 1, "oracle-oval": 1, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 3.6 } }, "References": [ "https://access.redhat.com/errata/RHSA-2025:20559", "https://access.redhat.com/security/cve/CVE-2024-56433", "https://bugzilla.redhat.com/2334165", "https://bugzilla.redhat.com/show_bug.cgi?id=2334165", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433", "https://errata.almalinux.org/9/ALSA-2025-20559.html", "https://errata.rockylinux.org/RLSA-2025:20559", "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241", "https://github.com/shadow-maint/shadow/issues/1157", "https://github.com/shadow-maint/shadow/releases/tag/4.4", "https://linux.oracle.com/cve/CVE-2024-56433.html", "https://linux.oracle.com/errata/ELSA-2025-20559-0.html", "https://nvd.nist.gov/vuln/detail/CVE-2024-56433", "https://www.cve.org/CVERecord?id=CVE-2024-56433" ], "PublishedDate": "2024-12-26T09:15:07.267Z", "LastModifiedDate": "2024-12-26T09:15:07.267Z" }, { "VulnerabilityID": "CVE-2023-31484", "PkgID": "perl@5.34.0-3ubuntu1.1", "PkgName": "perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-31484", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:198e634aa76ac17afa84d4cfaacae9d130f789aa438c5e32646f5ca41156b60d", "Title": "perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS", "Description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/04/29/1", "http://www.openwall.com/lists/oss-security/2023/05/03/3", "http://www.openwall.com/lists/oss-security/2023/05/03/5", "http://www.openwall.com/lists/oss-security/2023/05/07/2", "https://access.redhat.com/errata/RHSA-2023:6539", "https://access.redhat.com/security/cve/CVE-2023-31484", "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "https://bugzilla.redhat.com/2218667", "https://bugzilla.redhat.com/show_bug.cgi?id=2218667", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", "https://errata.almalinux.org/9/ALSA-2023-6539.html", "https://errata.rockylinux.org/RLSA-2023:6539", "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", "https://github.com/andk/cpanpm/pull/175", "https://linux.oracle.com/cve/CVE-2023-31484.html", "https://linux.oracle.com/errata/ELSA-2026-0079.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00017.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/", "https://metacpan.org/dist/CPAN/changes", "https://nvd.nist.gov/vuln/detail/CVE-2023-31484", "https://security.netapp.com/advisory/ntap-20240621-0007/", "https://ubuntu.com/security/notices/USN-6112-1", "https://ubuntu.com/security/notices/USN-6112-2", "https://www.cve.org/CVERecord?id=CVE-2023-31484", "https://www.openwall.com/lists/oss-security/2023/04/18/14" ], "PublishedDate": "2023-04-29T00:15:09Z", "LastModifiedDate": "2025-11-03T22:16:19.47Z" }, { "VulnerabilityID": "CVE-2023-47038", "PkgID": "perl@5.34.0-3ubuntu1.1", "PkgName": "perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-47038", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bfacf016553b2a98809abf80ac9c0ae40f4ed61372a9aeea9b2667b6e30b136d", "Title": "perl: Write past buffer end via illegal user-defined Unicode property", "Description": "A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2228", "https://access.redhat.com/errata/RHSA-2024:3128", "https://access.redhat.com/security/cve/CVE-2023-47038", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746", "https://bugzilla.redhat.com/2249523", "https://bugzilla.redhat.com/show_bug.cgi?id=2249523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47038", "https://errata.almalinux.org/9/ALSA-2024-2228.html", "https://errata.rockylinux.org/RLSA-2024:2228", "https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010", "https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6", "https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3", "https://github.com/aquasecurity/trivy/discussions/8400", "https://linux.oracle.com/cve/CVE-2023-47038.html", "https://linux.oracle.com/errata/ELSA-2024-3128.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMDZZ4SCEW6FRWZDMXGAKZ35THTAWFG6/", "https://nvd.nist.gov/vuln/detail/CVE-2023-47038", "https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property", "https://ubuntu.com/security/CVE-2023-47100", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2023-47038", "https://www.suse.com/security/cve/CVE-2023-47100.html" ], "PublishedDate": "2023-12-18T14:15:08.933Z", "LastModifiedDate": "2025-11-04T19:16:05.573Z" }, { "VulnerabilityID": "CVE-2024-56406", "PkgID": "perl@5.34.0-3ubuntu1.1", "PkgName": "perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56406", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:c7883e664f65a100b2556d66c3ff2edf9ed91bcd9b39c3f50206c5d8f5ecb28b", "Title": "perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes", "Description": "A heap buffer overflow vulnerability was discovered in Perl. \n\nRelease branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.\n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n   $ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n   Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/04/13/3", "http://www.openwall.com/lists/oss-security/2025/04/13/4", "http://www.openwall.com/lists/oss-security/2025/04/13/5", "https://access.redhat.com/security/cve/CVE-2024-56406", "https://bugzilla.redhat.com/show_bug.cgi?id=2359290", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56406", "https://errata.rockylinux.org/RLSA-2025:7500", "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch", "https://linux.oracle.com/cve/CVE-2024-56406.html", "https://linux.oracle.com/errata/ELSA-2025-7500.html", "https://metacpan.org/release/SHAY/perl-5.38.4/changes", "https://metacpan.org/release/SHAY/perl-5.40.2/changes", "https://nvd.nist.gov/vuln/detail/CVE-2024-56406", "https://ubuntu.com/security/notices/USN-7434-1", "https://ubuntu.com/security/notices/USN-7434-2", "https://www.cve.org/CVERecord?id=CVE-2024-56406" ], "PublishedDate": "2025-04-13T14:15:14.527Z", "LastModifiedDate": "2025-10-16T14:15:34.083Z" }, { "VulnerabilityID": "CVE-2025-40909", "PkgID": "perl@5.34.0-3ubuntu1.1", "PkgName": "perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-40909", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:ae10351b95531c90f5c31e1b0373c4cfe79ccb412fcbedb0907955dd28077d99", "Title": "perl: Perl threads have a working directory race condition where file operations may target unintended paths", "Description": "Perl threads have a working directory race condition where file operations may target unintended paths.\n\nIf a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. \n\nThis may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit.\n\nThe bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6", "Severity": "MEDIUM", "CweIDs": [ "CWE-426", "CWE-689" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.9 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Sep/53", "http://seclists.org/fulldisclosure/2025/Sep/54", "http://seclists.org/fulldisclosure/2025/Sep/55", "http://www.openwall.com/lists/oss-security/2025/05/23/1", "http://www.openwall.com/lists/oss-security/2025/05/30/4", "http://www.openwall.com/lists/oss-security/2025/06/02/2", "http://www.openwall.com/lists/oss-security/2025/06/02/5", "http://www.openwall.com/lists/oss-security/2025/06/02/6", "http://www.openwall.com/lists/oss-security/2025/06/02/7", "http://www.openwall.com/lists/oss-security/2025/06/03/1", "https://access.redhat.com/errata/RHSA-2025:11805", "https://access.redhat.com/security/cve/CVE-2025-40909", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226", "https://bugzilla.redhat.com/2369407", "https://bugzilla.redhat.com/show_bug.cgi?id=2369407", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40909", "https://errata.almalinux.org/8/ALSA-2025-11805.html", "https://errata.rockylinux.org/RLSA-2025:11804", "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e", "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch", "https://github.com/Perl/perl5/issues/10387", "https://github.com/Perl/perl5/issues/23010", "https://linux.oracle.com/cve/CVE-2025-40909.html", "https://linux.oracle.com/errata/ELSA-2025-12056.html", "https://lists.security.metacpan.org/cve-announce/msg/30017499/", "https://nvd.nist.gov/vuln/detail/CVE-2025-40909", "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads", "https://ubuntu.com/security/notices/USN-7678-1", "https://www.cve.org/CVERecord?id=CVE-2025-40909", "https://www.openwall.com/lists/oss-security/2025/05/22/2" ], "PublishedDate": "2025-05-30T13:15:22.35Z", "LastModifiedDate": "2025-11-03T19:15:52.563Z" }, { "VulnerabilityID": "CVE-2022-48522", "PkgID": "perl@5.34.0-3ubuntu1.1", "PkgName": "perl", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "be839e3d80d0b91c", "BOMRef": "pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-48522", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4b8dab27a01187626f271f4bb1ba6fd9a9e058725cb2b77b829218162591f381", "Title": "perl: stack-based crash in S_find_uninit_var()", "Description": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "nvd": 4, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-48522", "https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345", "https://github.com/Perl/perl5/commit/23cca2d1f4544cb47f1124d98c308ce1f31f09a6", "https://github.com/Perl/perl5/issues/19147", "https://nvd.nist.gov/vuln/detail/CVE-2022-48522", "https://security.netapp.com/advisory/ntap-20230915-0008/", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2022-48522" ], "PublishedDate": "2023-08-22T19:16:31.153Z", "LastModifiedDate": "2024-11-21T07:33:29.637Z" }, { "VulnerabilityID": "CVE-2023-31484", "PkgID": "perl-base@5.34.0-3ubuntu1.1", "PkgName": "perl-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-31484", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f6b28598b7721ca6b402c14e7758ca42172a6305398b49d0b6287e6e8c063b8f", "Title": "perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS", "Description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/04/29/1", "http://www.openwall.com/lists/oss-security/2023/05/03/3", "http://www.openwall.com/lists/oss-security/2023/05/03/5", "http://www.openwall.com/lists/oss-security/2023/05/07/2", "https://access.redhat.com/errata/RHSA-2023:6539", "https://access.redhat.com/security/cve/CVE-2023-31484", "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "https://bugzilla.redhat.com/2218667", "https://bugzilla.redhat.com/show_bug.cgi?id=2218667", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", "https://errata.almalinux.org/9/ALSA-2023-6539.html", "https://errata.rockylinux.org/RLSA-2023:6539", "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", "https://github.com/andk/cpanpm/pull/175", "https://linux.oracle.com/cve/CVE-2023-31484.html", "https://linux.oracle.com/errata/ELSA-2026-0079.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00017.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/", "https://metacpan.org/dist/CPAN/changes", "https://nvd.nist.gov/vuln/detail/CVE-2023-31484", "https://security.netapp.com/advisory/ntap-20240621-0007/", "https://ubuntu.com/security/notices/USN-6112-1", "https://ubuntu.com/security/notices/USN-6112-2", "https://www.cve.org/CVERecord?id=CVE-2023-31484", "https://www.openwall.com/lists/oss-security/2023/04/18/14" ], "PublishedDate": "2023-04-29T00:15:09Z", "LastModifiedDate": "2025-11-03T22:16:19.47Z" }, { "VulnerabilityID": "CVE-2023-47038", "PkgID": "perl-base@5.34.0-3ubuntu1.1", "PkgName": "perl-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-47038", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0b08b11e2c32e96f2957cecc3b5422ee65175b5a2b4653a7f02343dd7b153868", "Title": "perl: Write past buffer end via illegal user-defined Unicode property", "Description": "A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2228", "https://access.redhat.com/errata/RHSA-2024:3128", "https://access.redhat.com/security/cve/CVE-2023-47038", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746", "https://bugzilla.redhat.com/2249523", "https://bugzilla.redhat.com/show_bug.cgi?id=2249523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47038", "https://errata.almalinux.org/9/ALSA-2024-2228.html", "https://errata.rockylinux.org/RLSA-2024:2228", "https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010", "https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6", "https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3", "https://github.com/aquasecurity/trivy/discussions/8400", "https://linux.oracle.com/cve/CVE-2023-47038.html", "https://linux.oracle.com/errata/ELSA-2024-3128.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMDZZ4SCEW6FRWZDMXGAKZ35THTAWFG6/", "https://nvd.nist.gov/vuln/detail/CVE-2023-47038", "https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property", "https://ubuntu.com/security/CVE-2023-47100", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2023-47038", "https://www.suse.com/security/cve/CVE-2023-47100.html" ], "PublishedDate": "2023-12-18T14:15:08.933Z", "LastModifiedDate": "2025-11-04T19:16:05.573Z" }, { "VulnerabilityID": "CVE-2024-56406", "PkgID": "perl-base@5.34.0-3ubuntu1.1", "PkgName": "perl-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56406", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:80f001a007f65f1e7ac648a74c428dffa262893e8dacb615634b7d13e99c73c4", "Title": "perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes", "Description": "A heap buffer overflow vulnerability was discovered in Perl. \n\nRelease branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.\n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n   $ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n   Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/04/13/3", "http://www.openwall.com/lists/oss-security/2025/04/13/4", "http://www.openwall.com/lists/oss-security/2025/04/13/5", "https://access.redhat.com/security/cve/CVE-2024-56406", "https://bugzilla.redhat.com/show_bug.cgi?id=2359290", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56406", "https://errata.rockylinux.org/RLSA-2025:7500", "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch", "https://linux.oracle.com/cve/CVE-2024-56406.html", "https://linux.oracle.com/errata/ELSA-2025-7500.html", "https://metacpan.org/release/SHAY/perl-5.38.4/changes", "https://metacpan.org/release/SHAY/perl-5.40.2/changes", "https://nvd.nist.gov/vuln/detail/CVE-2024-56406", "https://ubuntu.com/security/notices/USN-7434-1", "https://ubuntu.com/security/notices/USN-7434-2", "https://www.cve.org/CVERecord?id=CVE-2024-56406" ], "PublishedDate": "2025-04-13T14:15:14.527Z", "LastModifiedDate": "2025-10-16T14:15:34.083Z" }, { "VulnerabilityID": "CVE-2025-40909", "PkgID": "perl-base@5.34.0-3ubuntu1.1", "PkgName": "perl-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-40909", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f1518d4e207b9b95193d0159cba035d93de07a48bc9f3c26a3cec84be307b9d9", "Title": "perl: Perl threads have a working directory race condition where file operations may target unintended paths", "Description": "Perl threads have a working directory race condition where file operations may target unintended paths.\n\nIf a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. \n\nThis may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit.\n\nThe bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6", "Severity": "MEDIUM", "CweIDs": [ "CWE-426", "CWE-689" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.9 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Sep/53", "http://seclists.org/fulldisclosure/2025/Sep/54", "http://seclists.org/fulldisclosure/2025/Sep/55", "http://www.openwall.com/lists/oss-security/2025/05/23/1", "http://www.openwall.com/lists/oss-security/2025/05/30/4", "http://www.openwall.com/lists/oss-security/2025/06/02/2", "http://www.openwall.com/lists/oss-security/2025/06/02/5", "http://www.openwall.com/lists/oss-security/2025/06/02/6", "http://www.openwall.com/lists/oss-security/2025/06/02/7", "http://www.openwall.com/lists/oss-security/2025/06/03/1", "https://access.redhat.com/errata/RHSA-2025:11805", "https://access.redhat.com/security/cve/CVE-2025-40909", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226", "https://bugzilla.redhat.com/2369407", "https://bugzilla.redhat.com/show_bug.cgi?id=2369407", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40909", "https://errata.almalinux.org/8/ALSA-2025-11805.html", "https://errata.rockylinux.org/RLSA-2025:11804", "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e", "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch", "https://github.com/Perl/perl5/issues/10387", "https://github.com/Perl/perl5/issues/23010", "https://linux.oracle.com/cve/CVE-2025-40909.html", "https://linux.oracle.com/errata/ELSA-2025-12056.html", "https://lists.security.metacpan.org/cve-announce/msg/30017499/", "https://nvd.nist.gov/vuln/detail/CVE-2025-40909", "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads", "https://ubuntu.com/security/notices/USN-7678-1", "https://www.cve.org/CVERecord?id=CVE-2025-40909", "https://www.openwall.com/lists/oss-security/2025/05/22/2" ], "PublishedDate": "2025-05-30T13:15:22.35Z", "LastModifiedDate": "2025-11-03T19:15:52.563Z" }, { "VulnerabilityID": "CVE-2022-48522", "PkgID": "perl-base@5.34.0-3ubuntu1.1", "PkgName": "perl-base", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "c0823c1b0820197b", "BOMRef": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-48522", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:8d4e1b9651741a76a3ccfcab4402f375140382b64d91e559630b17523f29d003", "Title": "perl: stack-based crash in S_find_uninit_var()", "Description": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "nvd": 4, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-48522", "https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345", "https://github.com/Perl/perl5/commit/23cca2d1f4544cb47f1124d98c308ce1f31f09a6", "https://github.com/Perl/perl5/issues/19147", "https://nvd.nist.gov/vuln/detail/CVE-2022-48522", "https://security.netapp.com/advisory/ntap-20230915-0008/", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2022-48522" ], "PublishedDate": "2023-08-22T19:16:31.153Z", "LastModifiedDate": "2024-11-21T07:33:29.637Z" }, { "VulnerabilityID": "CVE-2023-31484", "PkgID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "PkgName": "perl-modules-5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.2", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-31484", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:686a68b216cee951fa71f93d994d9f8da81780d6a0d9cb228860c43403264f07", "Title": "perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS", "Description": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "alma": 2, "amazon": 3, "cbl-mariner": 3, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 7.4 } }, "References": [ "http://www.openwall.com/lists/oss-security/2023/04/29/1", "http://www.openwall.com/lists/oss-security/2023/05/03/3", "http://www.openwall.com/lists/oss-security/2023/05/03/5", "http://www.openwall.com/lists/oss-security/2023/05/07/2", "https://access.redhat.com/errata/RHSA-2023:6539", "https://access.redhat.com/security/cve/CVE-2023-31484", "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "https://bugzilla.redhat.com/2218667", "https://bugzilla.redhat.com/show_bug.cgi?id=2218667", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484", "https://errata.almalinux.org/9/ALSA-2023-6539.html", "https://errata.rockylinux.org/RLSA-2023:6539", "https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL)", "https://github.com/andk/cpanpm/pull/175", "https://linux.oracle.com/cve/CVE-2023-31484.html", "https://linux.oracle.com/errata/ELSA-2026-0079.html", "https://lists.debian.org/debian-lts-announce/2024/10/msg00017.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/", "https://metacpan.org/dist/CPAN/changes", "https://nvd.nist.gov/vuln/detail/CVE-2023-31484", "https://security.netapp.com/advisory/ntap-20240621-0007/", "https://ubuntu.com/security/notices/USN-6112-1", "https://ubuntu.com/security/notices/USN-6112-2", "https://www.cve.org/CVERecord?id=CVE-2023-31484", "https://www.openwall.com/lists/oss-security/2023/04/18/14" ], "PublishedDate": "2023-04-29T00:15:09Z", "LastModifiedDate": "2025-11-03T22:16:19.47Z" }, { "VulnerabilityID": "CVE-2023-47038", "PkgID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "PkgName": "perl-modules-5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-47038", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:070384aba77fb5405ec906724a4f19aebe7d8eafe452dd2b2037f60cc2c48314", "Title": "perl: Write past buffer end via illegal user-defined Unicode property", "Description": "A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 2, "amazon": 2, "nvd": 3, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "V3Score": 7 } }, "References": [ "https://access.redhat.com/errata/RHSA-2024:2228", "https://access.redhat.com/errata/RHSA-2024:3128", "https://access.redhat.com/security/cve/CVE-2023-47038", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746", "https://bugzilla.redhat.com/2249523", "https://bugzilla.redhat.com/show_bug.cgi?id=2249523", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47038", "https://errata.almalinux.org/9/ALSA-2024-2228.html", "https://errata.rockylinux.org/RLSA-2024:2228", "https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010", "https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6", "https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3", "https://github.com/aquasecurity/trivy/discussions/8400", "https://linux.oracle.com/cve/CVE-2023-47038.html", "https://linux.oracle.com/errata/ELSA-2024-3128.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMDZZ4SCEW6FRWZDMXGAKZ35THTAWFG6/", "https://nvd.nist.gov/vuln/detail/CVE-2023-47038", "https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property", "https://ubuntu.com/security/CVE-2023-47100", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2023-47038", "https://www.suse.com/security/cve/CVE-2023-47100.html" ], "PublishedDate": "2023-12-18T14:15:08.933Z", "LastModifiedDate": "2025-11-04T19:16:05.573Z" }, { "VulnerabilityID": "CVE-2024-56406", "PkgID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "PkgName": "perl-modules-5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.4", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56406", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:9e7dc51e06413c6b055a1b7d442e103459dfba1547d0fecc9d86c06aff6c2af7", "Title": "perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes", "Description": "A heap buffer overflow vulnerability was discovered in Perl. \n\nRelease branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.\n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n   $ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n   Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.", "Severity": "MEDIUM", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3, "rocky": 3, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "V3Score": 7.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/04/13/3", "http://www.openwall.com/lists/oss-security/2025/04/13/4", "http://www.openwall.com/lists/oss-security/2025/04/13/5", "https://access.redhat.com/security/cve/CVE-2024-56406", "https://bugzilla.redhat.com/show_bug.cgi?id=2359290", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56406", "https://errata.rockylinux.org/RLSA-2025:7500", "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch", "https://linux.oracle.com/cve/CVE-2024-56406.html", "https://linux.oracle.com/errata/ELSA-2025-7500.html", "https://metacpan.org/release/SHAY/perl-5.38.4/changes", "https://metacpan.org/release/SHAY/perl-5.40.2/changes", "https://nvd.nist.gov/vuln/detail/CVE-2024-56406", "https://ubuntu.com/security/notices/USN-7434-1", "https://ubuntu.com/security/notices/USN-7434-2", "https://www.cve.org/CVERecord?id=CVE-2024-56406" ], "PublishedDate": "2025-04-13T14:15:14.527Z", "LastModifiedDate": "2025-10-16T14:15:34.083Z" }, { "VulnerabilityID": "CVE-2025-40909", "PkgID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "PkgName": "perl-modules-5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.5", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-40909", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:df055061fcf64ec752e4f25f154679623c36570b8883879959bac2091c46895f", "Title": "perl: Perl threads have a working directory race condition where file operations may target unintended paths", "Description": "Perl threads have a working directory race condition where file operations may target unintended paths.\n\nIf a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. \n\nThis may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit.\n\nThe bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6", "Severity": "MEDIUM", "CweIDs": [ "CWE-426", "CWE-689" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "cbl-mariner": 2, "oracle-oval": 2, "photon": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.9 } }, "References": [ "http://seclists.org/fulldisclosure/2025/Sep/53", "http://seclists.org/fulldisclosure/2025/Sep/54", "http://seclists.org/fulldisclosure/2025/Sep/55", "http://www.openwall.com/lists/oss-security/2025/05/23/1", "http://www.openwall.com/lists/oss-security/2025/05/30/4", "http://www.openwall.com/lists/oss-security/2025/06/02/2", "http://www.openwall.com/lists/oss-security/2025/06/02/5", "http://www.openwall.com/lists/oss-security/2025/06/02/6", "http://www.openwall.com/lists/oss-security/2025/06/02/7", "http://www.openwall.com/lists/oss-security/2025/06/03/1", "https://access.redhat.com/errata/RHSA-2025:11805", "https://access.redhat.com/security/cve/CVE-2025-40909", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226", "https://bugzilla.redhat.com/2369407", "https://bugzilla.redhat.com/show_bug.cgi?id=2369407", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40909", "https://errata.almalinux.org/8/ALSA-2025-11805.html", "https://errata.rockylinux.org/RLSA-2025:11804", "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e", "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch", "https://github.com/Perl/perl5/issues/10387", "https://github.com/Perl/perl5/issues/23010", "https://linux.oracle.com/cve/CVE-2025-40909.html", "https://linux.oracle.com/errata/ELSA-2025-12056.html", "https://lists.security.metacpan.org/cve-announce/msg/30017499/", "https://nvd.nist.gov/vuln/detail/CVE-2025-40909", "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads", "https://ubuntu.com/security/notices/USN-7678-1", "https://www.cve.org/CVERecord?id=CVE-2025-40909", "https://www.openwall.com/lists/oss-security/2025/05/22/2" ], "PublishedDate": "2025-05-30T13:15:22.35Z", "LastModifiedDate": "2025-11-03T19:15:52.563Z" }, { "VulnerabilityID": "CVE-2022-48522", "PkgID": "perl-modules-5.34@5.34.0-3ubuntu1.1", "PkgName": "perl-modules-5.34", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04", "UID": "283833fa56903779", "BOMRef": "pkg:deb/ubuntu/perl-modules-5.34@5.34.0-3ubuntu1.1?arch=all\u0026distro=ubuntu-22.04" }, "InstalledVersion": "5.34.0-3ubuntu1.1", "FixedVersion": "5.34.0-3ubuntu1.3", "Status": "fixed", "Layer": { "Digest": "sha256:5ace3e86e3122c2418e1f757c0e4525181a28b9ad3b8cdca9d1a10091fc62248", "DiffID": "sha256:883f7dcf7d1253e1bee6878beb213cc3cfced17cc240ac4a8932bb57704a8fa1" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-48522", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:56c19fb6eccf9d542825ba67fbb8e2d52c1740fed5a345dc5247acb83c468b75", "Title": "perl: stack-based crash in S_find_uninit_var()", "Description": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.", "Severity": "LOW", "CweIDs": [ "CWE-787" ], "VendorSeverity": { "nvd": 4, "redhat": 2, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2022-48522", "https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345", "https://github.com/Perl/perl5/commit/23cca2d1f4544cb47f1124d98c308ce1f31f09a6", "https://github.com/Perl/perl5/issues/19147", "https://nvd.nist.gov/vuln/detail/CVE-2022-48522", "https://security.netapp.com/advisory/ntap-20230915-0008/", "https://ubuntu.com/security/notices/USN-6517-1", "https://www.cve.org/CVERecord?id=CVE-2022-48522" ], "PublishedDate": "2023-08-22T19:16:31.153Z", "LastModifiedDate": "2024-11-21T07:33:29.637Z" }, { "VulnerabilityID": "CVE-2023-4016", "PkgID": "procps@2:3.3.17-6ubuntu2", "PkgName": "procps", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/procps@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2", "UID": "f7508553e0c13459", "BOMRef": "pkg:deb/ubuntu/procps@3.3.17-6ubuntu2?arch=amd64\u0026distro=ubuntu-22.04\u0026epoch=2" }, "InstalledVersion": "2:3.3.17-6ubuntu2", "FixedVersion": "2:3.3.17-6ubuntu2.1", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-4016", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:4de3bf6a50b36834d6ac018a0b596ad44025fc7f1adc3873bdaa98f49cba3d37", "Title": "procps: ps buffer overflow", "Description": "Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.", "Severity": "LOW", "CweIDs": [ "CWE-122", "CWE-787" ], "VendorSeverity": { "alma": 1, "nvd": 1, "oracle-oval": 1, "photon": 1, "redhat": 1, "rocky": 1, "ubuntu": 1 }, "CVSS": { "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/errata/RHSA-2023:6705", "https://access.redhat.com/security/cve/CVE-2023-4016", "https://bugzilla.redhat.com/2228494", "https://bugzilla.redhat.com/show_bug.cgi?id=2228494", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4016", "https://errata.almalinux.org/9/ALSA-2023-6705.html", "https://errata.rockylinux.org/RLSA-2023:7187", "https://gitlab.com/procps-ng/procps", "https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413", "https://gitlab.com/procps-ng/procps/-/issues/297", "https://linux.oracle.com/cve/CVE-2023-4016.html", "https://linux.oracle.com/errata/ELSA-2023-7187.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/", "https://nvd.nist.gov/vuln/detail/CVE-2023-4016", "https://ubuntu.com/security/notices/USN-6477-1", "https://www.cve.org/CVERecord?id=CVE-2023-4016", "https://www.freelists.org/post/procps/ps-buffer-overflow-CVE-20234016" ], "PublishedDate": "2023-08-02T05:15:09.85Z", "LastModifiedDate": "2024-11-21T08:34:14.073Z" }, { "VulnerabilityID": "CVE-2025-11468", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5dfc3f54b61ed9d6", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-11468", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f1df6af2dfbf7e2032d95c94ea860ede6547473f1789ef3dd416b540230f62e1", "Title": "cpython: Missing character filtering in Python", "Description": "When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-11468", "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "https://github.com/python/cpython/issues/143935", "https://github.com/python/cpython/pull/143936", "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "https://nvd.nist.gov/vuln/detail/CVE-2025-11468", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-11468" ], "PublishedDate": "2026-01-20T22:15:50.69Z", "LastModifiedDate": "2026-03-03T15:16:13.803Z" }, { "VulnerabilityID": "CVE-2025-12084", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5dfc3f54b61ed9d6", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-12084", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:43ba39bdfcbbcfc54624d92962caa87a376c069bbe0ae831fcab4e88b118b301", "Title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service", "Description": "When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1478", "https://access.redhat.com/security/cve/CVE-2025-12084", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://errata.almalinux.org/9/ALSA-2026-1478.html", "https://errata.rockylinux.org/RLSA-2026:1478", "https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0", "https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4", "https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437", "https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af", "https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273", "https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907", "https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d", "https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8", "https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8", "https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0", "https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964", "https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53", "https://github.com/python/cpython/issues/142145", "https://github.com/python/cpython/pull/142146", "https://linux.oracle.com/cve/CVE-2025-12084.html", "https://linux.oracle.com/errata/ELSA-2026-2713.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-12084", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-12084" ], "PublishedDate": "2025-12-03T19:15:55.05Z", "LastModifiedDate": "2026-01-26T15:16:05.95Z" }, { "VulnerabilityID": "CVE-2025-13836", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5dfc3f54b61ed9d6", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.13", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13836", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:da9ec0d8a9d3b0ca64dbe90efe2610a9afe653e6a56b1a1d72f301ece1c06afe", "Title": "cpython: Excessive read buffering DoS in http.client", "Description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 6.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1410", "https://access.redhat.com/security/cve/CVE-2025-13836", "https://bugzilla.redhat.com/2418078", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418078", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836", "https://errata.almalinux.org/9/ALSA-2026-1410.html", "https://errata.rockylinux.org/RLSA-2026:1410", "https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628", "https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155 (3.14 branch)", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5 (main)", "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0", "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c", "https://github.com/python/cpython/issues/119451", "https://github.com/python/cpython/pull/119454", "https://linux.oracle.com/cve/CVE-2025-13836.html", "https://linux.oracle.com/errata/ELSA-2026-2419.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13836", "https://ubuntu.com/security/notices/USN-7951-1", "https://www.cve.org/CVERecord?id=CVE-2025-13836" ], "PublishedDate": "2025-12-01T18:16:04.2Z", "LastModifiedDate": "2026-02-10T19:58:12.13Z" }, { "VulnerabilityID": "CVE-2025-13837", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5dfc3f54b61ed9d6", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13837", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:cc80a59e944cdc3aad28630a63c2566177d37b8ae2bc3314f243b9736178e53d", "Title": "cpython: Out-of-memory when loading Plist", "Description": "When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 2, "azure": 1, "bitnami": 1, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N", "V40Score": 2.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-13837", "https://github.com/python/cpython/commit/568342cfc8f002d9a15f30238f26b9d2e0e79036", "https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b", "https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70", "https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba", "https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb", "https://github.com/python/cpython/commit/cefee7d118a26ef6cd43db59bb9d98ca9a331111", "https://github.com/python/cpython/issues/119342", "https://github.com/python/cpython/pull/119343", "https://mail.python.org/archives/list/security-announce@python.org/thread/2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13837", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-13837" ], "PublishedDate": "2025-12-01T18:16:04.38Z", "LastModifiedDate": "2026-03-03T15:16:14.483Z" }, { "VulnerabilityID": "CVE-2025-15282", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5dfc3f54b61ed9d6", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15282", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0c4c4f3eafe02df3b0852233c1aec3feea93352a1941fbe614adb0c680b623ca", "Title": "cpython: Header injection via newlines in data URL mediatype in Python", "Description": "User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-15282", "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0", "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38", "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47", "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a", "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f", "https://github.com/python/cpython/issues/143925", "https://github.com/python/cpython/pull/143926", "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/", "https://nvd.nist.gov/vuln/detail/CVE-2025-15282", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-15282" ], "PublishedDate": "2026-01-20T22:15:50.883Z", "LastModifiedDate": "2026-01-26T15:16:06.62Z" }, { "VulnerabilityID": "CVE-2026-0672", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5dfc3f54b61ed9d6", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0672", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f91c1159028e2d1f76c5220b21e9059b58692868c6661611e2eca2381bd96a77", "Title": "cpython: Header injection in http.cookies.Morsel in Python", "Description": "When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0672", "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172", "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440", "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d", "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca", "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70", "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85", "https://github.com/python/cpython/issues/143919", "https://github.com/python/cpython/pull/143920", "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0672", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0672" ], "PublishedDate": "2026-01-20T22:15:52.68Z", "LastModifiedDate": "2026-01-26T15:16:07.033Z" }, { "VulnerabilityID": "CVE-2026-0865", "PkgID": "python3.10@3.10.12-1~22.04.12", "PkgName": "python3.10", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "5dfc3f54b61ed9d6", "BOMRef": "pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0865", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:0ad08e5f2345fc91579f06e83e03b60510b2e148f0f725edea0aaac71177eb24", "Title": "cpython: wsgiref.headers.Headers allows header newline injection in Python", "Description": "User-controlled header names and values containing newlines can allow injecting HTTP headers.", "Severity": "MEDIUM", "CweIDs": [ "CWE-74" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4168", "https://access.redhat.com/security/cve/CVE-2026-0865", "https://bugzilla.redhat.com/2431368", "https://bugzilla.redhat.com/2431373", "https://bugzilla.redhat.com/2432437", "https://bugzilla.redhat.com/show_bug.cgi?id=2431367", "https://bugzilla.redhat.com/show_bug.cgi?id=2431368", "https://bugzilla.redhat.com/show_bug.cgi?id=2431373", "https://bugzilla.redhat.com/show_bug.cgi?id=2432437", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299", "https://errata.almalinux.org/9/ALSA-2026-4168.html", "https://errata.rockylinux.org/RLSA-2026:4168", "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58", "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510", "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f", "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2", "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5", "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6", "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff", "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97", "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf", "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219", "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995", "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211", "https://github.com/python/cpython/issues/143916", "https://github.com/python/cpython/pull/143917", "https://linux.oracle.com/cve/CVE-2026-0865.html", "https://linux.oracle.com/errata/ELSA-2026-4713.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0865", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0865" ], "PublishedDate": "2026-01-20T22:15:52.8Z", "LastModifiedDate": "2026-03-03T15:16:17.59Z" }, { "VulnerabilityID": "CVE-2025-11468", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "68d1ad876ae0e39e", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-11468", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:f200076aa51372eab11c97ed903c7f14ec7e503b94cdb3e387169204b2b1328c", "Title": "cpython: Missing character filtering in Python", "Description": "When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-11468", "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "https://github.com/python/cpython/issues/143935", "https://github.com/python/cpython/pull/143936", "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "https://nvd.nist.gov/vuln/detail/CVE-2025-11468", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-11468" ], "PublishedDate": "2026-01-20T22:15:50.69Z", "LastModifiedDate": "2026-03-03T15:16:13.803Z" }, { "VulnerabilityID": "CVE-2025-12084", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "68d1ad876ae0e39e", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-12084", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:a2286c58a5be5434852a2a53e4ee5dce47e6e7ae56f68006caae0e473bba71c6", "Title": "cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service", "Description": "When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "nvd": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1478", "https://access.redhat.com/security/cve/CVE-2025-12084", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://errata.almalinux.org/9/ALSA-2026-1478.html", "https://errata.rockylinux.org/RLSA-2026:1478", "https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0", "https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4", "https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437", "https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af", "https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273", "https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907", "https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d", "https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8", "https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8", "https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0", "https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964", "https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53", "https://github.com/python/cpython/issues/142145", "https://github.com/python/cpython/pull/142146", "https://linux.oracle.com/cve/CVE-2025-12084.html", "https://linux.oracle.com/errata/ELSA-2026-2713.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-12084", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-12084" ], "PublishedDate": "2025-12-03T19:15:55.05Z", "LastModifiedDate": "2026-01-26T15:16:05.95Z" }, { "VulnerabilityID": "CVE-2025-13836", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "68d1ad876ae0e39e", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.13", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13836", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:08ae2577992e556722ca0895e6914507c61c4737f15038d2d700f2e55e533686", "Title": "cpython: Excessive read buffering DoS in http.client", "Description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "nvd": 3, "oracle-oval": 2, "photon": 3, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 6.8 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:1410", "https://access.redhat.com/security/cve/CVE-2025-13836", "https://bugzilla.redhat.com/2418078", "https://bugzilla.redhat.com/2418655", "https://bugzilla.redhat.com/show_bug.cgi?id=2418078", "https://bugzilla.redhat.com/show_bug.cgi?id=2418655", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836", "https://errata.almalinux.org/9/ALSA-2026-1410.html", "https://errata.rockylinux.org/RLSA-2026:1410", "https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628", "https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155", "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155 (3.14 branch)", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5", "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5 (main)", "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0", "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c", "https://github.com/python/cpython/issues/119451", "https://github.com/python/cpython/pull/119454", "https://linux.oracle.com/cve/CVE-2025-13836.html", "https://linux.oracle.com/errata/ELSA-2026-2419.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13836", "https://ubuntu.com/security/notices/USN-7951-1", "https://www.cve.org/CVERecord?id=CVE-2025-13836" ], "PublishedDate": "2025-12-01T18:16:04.2Z", "LastModifiedDate": "2026-02-10T19:58:12.13Z" }, { "VulnerabilityID": "CVE-2025-13837", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "68d1ad876ae0e39e", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13837", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:065b00f7af89bfbee2670b50a89bd2a038fce864f687e81ceefca0f5f935247f", "Title": "cpython: Out-of-memory when loading Plist", "Description": "When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 2, "azure": 1, "bitnami": 1, "nvd": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N", "V40Score": 2.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-13837", "https://github.com/python/cpython/commit/568342cfc8f002d9a15f30238f26b9d2e0e79036", "https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b", "https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70", "https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba", "https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb", "https://github.com/python/cpython/commit/cefee7d118a26ef6cd43db59bb9d98ca9a331111", "https://github.com/python/cpython/issues/119342", "https://github.com/python/cpython/pull/119343", "https://mail.python.org/archives/list/security-announce@python.org/thread/2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C/", "https://nvd.nist.gov/vuln/detail/CVE-2025-13837", "https://ubuntu.com/security/notices/USN-8018-1", "https://www.cve.org/CVERecord?id=CVE-2025-13837" ], "PublishedDate": "2025-12-01T18:16:04.38Z", "LastModifiedDate": "2026-03-03T15:16:14.483Z" }, { "VulnerabilityID": "CVE-2025-15282", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "68d1ad876ae0e39e", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-15282", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:bde922ff401a38ccc09e9a00a09117ffd7656930c2f91b0170467f01baded49f", "Title": "cpython: Header injection via newlines in data URL mediatype in Python", "Description": "User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "bitnami": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-15282", "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0", "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38", "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47", "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a", "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f", "https://github.com/python/cpython/issues/143925", "https://github.com/python/cpython/pull/143926", "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/", "https://nvd.nist.gov/vuln/detail/CVE-2025-15282", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2025-15282" ], "PublishedDate": "2026-01-20T22:15:50.883Z", "LastModifiedDate": "2026-01-26T15:16:06.62Z" }, { "VulnerabilityID": "CVE-2026-0672", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "68d1ad876ae0e39e", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0672", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:7db293f999b9098608a6c2f2af1970f1ce1ddeef095ce893594995720f00328d", "Title": "cpython: Header injection in http.cookies.Morsel in Python", "Description": "When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "redhat": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-0672", "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172", "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440", "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d", "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca", "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70", "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85", "https://github.com/python/cpython/issues/143919", "https://github.com/python/cpython/pull/143920", "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0672", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0672" ], "PublishedDate": "2026-01-20T22:15:52.68Z", "LastModifiedDate": "2026-01-26T15:16:07.033Z" }, { "VulnerabilityID": "CVE-2026-0865", "PkgID": "python3.10-minimal@3.10.12-1~22.04.12", "PkgName": "python3.10-minimal", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04", "UID": "68d1ad876ae0e39e", "BOMRef": "pkg:deb/ubuntu/python3.10-minimal@3.10.12-1~22.04.12?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "3.10.12-1~22.04.12", "FixedVersion": "3.10.12-1~22.04.14", "Status": "fixed", "Layer": { "Digest": "sha256:31c1397922f163da1c906c51acebcae332e4494026a6bb578f489799e6552ccb", "DiffID": "sha256:692d316f2275e4944aa7eda41b6d722eb1db7156e867f4f052a37f3e2bf9c945" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-0865", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:df00b606ea891e148af0382a94157bab9701b70aaf6f83fe4e8fd00f2766a53e", "Title": "cpython: wsgiref.headers.Headers allows header newline injection in Python", "Description": "User-controlled header names and values containing newlines can allow injecting HTTP headers.", "Severity": "MEDIUM", "CweIDs": [ "CWE-74" ], "VendorSeverity": { "alma": 2, "amazon": 2, "azure": 2, "bitnami": 2, "cbl-mariner": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "bitnami": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V40Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:4168", "https://access.redhat.com/security/cve/CVE-2026-0865", "https://bugzilla.redhat.com/2431368", "https://bugzilla.redhat.com/2431373", "https://bugzilla.redhat.com/2432437", "https://bugzilla.redhat.com/show_bug.cgi?id=2431367", "https://bugzilla.redhat.com/show_bug.cgi?id=2431368", "https://bugzilla.redhat.com/show_bug.cgi?id=2431373", "https://bugzilla.redhat.com/show_bug.cgi?id=2432437", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299", "https://errata.almalinux.org/9/ALSA-2026-4168.html", "https://errata.rockylinux.org/RLSA-2026:4168", "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58", "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510", "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f", "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2", "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5", "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6", "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff", "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97", "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf", "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219", "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995", "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211", "https://github.com/python/cpython/issues/143916", "https://github.com/python/cpython/pull/143917", "https://linux.oracle.com/cve/CVE-2026-0865.html", "https://linux.oracle.com/errata/ELSA-2026-4713.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/", "https://nvd.nist.gov/vuln/detail/CVE-2026-0865", "https://ubuntu.com/security/notices/USN-8018-1", "https://ubuntu.com/security/notices/USN-8018-3", "https://www.cve.org/CVERecord?id=CVE-2026-0865" ], "PublishedDate": "2026-01-20T22:15:52.8Z", "LastModifiedDate": "2026-03-03T15:16:17.59Z" }, { "VulnerabilityID": "CVE-2023-39804", "PkgID": "tar@1.34+dfsg-1ubuntu0.1.22.04.1", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9b61a5f18e49d407", "BOMRef": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.34+dfsg-1ubuntu0.1.22.04.1", "FixedVersion": "1.34+dfsg-1ubuntu0.1.22.04.2", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2023-39804", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:fc02e6cd49ca0e15641b34707573cab4d077372333093a12f760ff06f237e90f", "Title": "tar: Incorrectly handled extension attributes in PAX archives can lead to a crash", "Description": "In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.", "Severity": "MEDIUM", "VendorSeverity": { "amazon": 1, "cbl-mariner": 2, "photon": 2, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2023-39804", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058079", "https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4", "https://git.savannah.gnu.org/cgit/tar.git/tree/src/xheader.c?h=release_1_34#n1723", "https://lists.debian.org/debian-lts-announce/2024/03/msg00008.html", "https://nvd.nist.gov/vuln/detail/CVE-2023-39804", "https://ubuntu.com/security/notices/USN-6543-1", "https://www.cve.org/CVERecord?id=CVE-2023-39804" ], "PublishedDate": "2024-03-27T04:15:08.897Z", "LastModifiedDate": "2025-11-04T19:15:55.43Z" }, { "VulnerabilityID": "CVE-2025-45582", "PkgID": "tar@1.34+dfsg-1ubuntu0.1.22.04.1", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04", "UID": "9b61a5f18e49d407", "BOMRef": "pkg:deb/ubuntu/tar@1.34%2Bdfsg-1ubuntu0.1.22.04.1?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "1.34+dfsg-1ubuntu0.1.22.04.1", "Status": "affected", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-45582", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:03240df7255ecd6cde7e465a9e6b7530d22f4c573a780ac8781bf27caaa0deea", "Title": "tar: Tar path traversal", "Description": "GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of \"Member name contains '..'\" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain \"x -\u003e ../../../../../home/victim/.ssh\" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which \"tar xf\" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each \"tar xf\" in its Security Rules of Thumb; however, third-party advice leads users to run \"tar xf\" more than once into the same directory.", "Severity": "MEDIUM", "CweIDs": [ "CWE-24" ], "VendorSeverity": { "alma": 2, "oracle-oval": 2, "redhat": 2, "rocky": 2, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 5.6 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/11/01/6", "https://access.redhat.com/errata/RHSA-2026:0067", "https://access.redhat.com/security/cve/CVE-2025-45582", "https://bugzilla.redhat.com/2379592", "https://bugzilla.redhat.com/show_bug.cgi?id=2379592", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-45582", "https://errata.almalinux.org/9/ALSA-2026-0067.html", "https://errata.rockylinux.org/RLSA-2026:0067", "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md", "https://linux.oracle.com/cve/CVE-2025-45582.html", "https://linux.oracle.com/errata/ELSA-2026-0067.html", "https://lists.gnu.org/archive/html/bug-tar/2025-08/msg00012.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-45582", "https://www.cve.org/CVERecord?id=CVE-2025-45582", "https://www.gnu.org/software/tar/", "https://www.gnu.org/software/tar/manual/html_node/Integrity.html", "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity", "https://www.gnu.org/software/tar/manual/html_node/Security-rules-of-thumb.html" ], "PublishedDate": "2025-07-11T17:15:37.183Z", "LastModifiedDate": "2025-11-02T01:15:32.307Z" }, { "VulnerabilityID": "CVE-2024-28085", "PkgID": "util-linux@2.37.2-4ubuntu3", "PkgName": "util-linux", "PkgIdentifier": { "PURL": "pkg:deb/ubuntu/util-linux@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04", "UID": "87365d9d2616f051", "BOMRef": "pkg:deb/ubuntu/util-linux@2.37.2-4ubuntu3?arch=amd64\u0026distro=ubuntu-22.04" }, "InstalledVersion": "2.37.2-4ubuntu3", "FixedVersion": "2.37.2-4ubuntu3.4", "Status": "fixed", "Layer": { "Digest": "sha256:1bc677758ad7fa4503417ae5be18809c5a8679b5b36fcd1464d5a8e41cb13305", "DiffID": "sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157" }, "SeveritySource": "ubuntu", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-28085", "DataSource": { "ID": "ubuntu", "Name": "Ubuntu CVE Tracker", "URL": "https://git.launchpad.net/ubuntu-cve-tracker" }, "Fingerprint": "sha256:da1243f6cfefe55ca98ce0502d3336f0f25959440b6e536383e4fdf1f2f35353", "Title": "util-linux: CVE-2024-28085: wall: escape sequence injection", "Description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "Severity": "MEDIUM", "CweIDs": [ "CWE-150" ], "VendorSeverity": { "azure": 1, "cbl-mariner": 1, "photon": 1, "redhat": 1, "ubuntu": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 4.4 } }, "References": [ "http://seclists.org/fulldisclosure/2024/Mar/35", "http://www.openwall.com/lists/oss-security/2024/03/27/5", "http://www.openwall.com/lists/oss-security/2024/03/27/6", "http://www.openwall.com/lists/oss-security/2024/03/27/7", "http://www.openwall.com/lists/oss-security/2024/03/27/8", "http://www.openwall.com/lists/oss-security/2024/03/27/9", "http://www.openwall.com/lists/oss-security/2024/03/28/1", "http://www.openwall.com/lists/oss-security/2024/03/28/2", "http://www.openwall.com/lists/oss-security/2024/03/28/3", "https://access.redhat.com/security/cve/CVE-2024-28085", "https://github.com/skyler-ferrante/CVE-2024-28085", "https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq", "https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html", "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/", "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt", "https://security.netapp.com/advisory/ntap-20240531-0003/", "https://ubuntu.com/security/notices/USN-6719-1", "https://ubuntu.com/security/notices/USN-6719-2", "https://www.cve.org/CVERecord?id=CVE-2024-28085", "https://www.openwall.com/lists/oss-security/2024/03/27/5" ], "PublishedDate": "2024-03-27T19:15:48.367Z", "LastModifiedDate": "2025-11-04T19:17:04.917Z" } ] }, { "Target": "Node.js", "Class": "lang-pkgs", "Type": "node-pkg", "Packages": [ { "ID": "@adobe/css-tools@4.4.3", "Name": "@adobe/css-tools", "Identifier": { "PURL": "pkg:npm/%40adobe/css-tools@4.4.3", "UID": "678f5c9cd9a028c7", "BOMRef": "pkg:npm/%40adobe/css-tools@4.4.3" }, "Version": "4.4.3", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@ampproject/remapping@2.3.0", "Name": "@ampproject/remapping", "Identifier": { "PURL": "pkg:npm/%40ampproject/remapping@2.3.0", "UID": "ae4cea36523cdba4", "BOMRef": "pkg:npm/%40ampproject/remapping@2.3.0" }, "Version": "2.3.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@babel/core@7.28.0", "@tailwindcss/node@4.1.11" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/code-frame@7.27.1", "Name": "@babel/code-frame", "Identifier": { "PURL": "pkg:npm/%40babel/code-frame@7.27.1", "UID": "45364f310684f53d", "BOMRef": "pkg:npm/%40babel/code-frame@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/template@7.27.2", "@babel/traverse@7.28.0", "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1", "jest-message-util@30.0.2", "parse-json@5.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/compat-data@7.28.0", "Name": "@babel/compat-data", "Identifier": { "PURL": "pkg:npm/%40babel/compat-data@7.28.0", "UID": "a2f7f0452b873b35", "BOMRef": "pkg:npm/%40babel/compat-data@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/helper-compilation-targets@7.27.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/core@7.28.0", "Name": "@babel/core", "Identifier": { "PURL": "pkg:npm/%40babel/core@7.28.0", "UID": "25c0e6ea4a2605f9", "BOMRef": "pkg:npm/%40babel/core@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/helper-module-transforms@7.27.3", "@babel/plugin-transform-react-jsx-self@7.27.1", "@babel/plugin-transform-react-jsx-source@7.27.1", "@svgr/babel-plugin-add-jsx-attribute@8.0.0", "@svgr/babel-plugin-remove-jsx-attribute@8.0.0", "@svgr/babel-plugin-remove-jsx-empty-expression@8.0.0", "@svgr/babel-plugin-replace-jsx-attribute-value@8.0.0", "@svgr/babel-plugin-svg-dynamic-title@8.0.0", "@svgr/babel-plugin-svg-em-dimensions@8.0.0", "@svgr/babel-plugin-transform-react-native-svg@8.1.0", "@svgr/babel-plugin-transform-svg-component@8.0.0", "@svgr/babel-preset@8.1.0", "@svgr/core@8.1.0", "@svgr/plugin-jsx@8.1.0", "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/generator@7.28.0", "Name": "@babel/generator", "Identifier": { "PURL": "pkg:npm/%40babel/generator@7.28.0", "UID": "9bc8a0f0df88a42c", "BOMRef": "pkg:npm/%40babel/generator@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/traverse@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/helper-compilation-targets@7.27.2", "Name": "@babel/helper-compilation-targets", "Identifier": { "PURL": "pkg:npm/%40babel/helper-compilation-targets@7.27.2", "UID": "de70b41111c165f1", "BOMRef": "pkg:npm/%40babel/helper-compilation-targets@7.27.2" }, "Version": "7.27.2", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/helper-globals@7.28.0", "Name": "@babel/helper-globals", "Identifier": { "PURL": "pkg:npm/%40babel/helper-globals@7.28.0", "UID": "969fc6c863ff9956", "BOMRef": "pkg:npm/%40babel/helper-globals@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/traverse@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/helper-module-imports@7.27.1", "Name": "@babel/helper-module-imports", "Identifier": { "PURL": "pkg:npm/%40babel/helper-module-imports@7.27.1", "UID": "cf8ee844ef38a554", "BOMRef": "pkg:npm/%40babel/helper-module-imports@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/helper-module-transforms@7.27.3", "@emotion/babel-plugin@11.13.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/helper-module-transforms@7.27.3", "Name": "@babel/helper-module-transforms", "Identifier": { "PURL": "pkg:npm/%40babel/helper-module-transforms@7.27.3", "UID": "3c0ae0000a2c8f7e", "BOMRef": "pkg:npm/%40babel/helper-module-transforms@7.27.3" }, "Version": "7.27.3", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/helper-plugin-utils@7.27.1", "Name": "@babel/helper-plugin-utils", "Identifier": { "PURL": "pkg:npm/%40babel/helper-plugin-utils@7.27.1", "UID": "8dcc831a8599e44", "BOMRef": "pkg:npm/%40babel/helper-plugin-utils@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/plugin-transform-react-jsx-self@7.27.1", "@babel/plugin-transform-react-jsx-source@7.27.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/helper-string-parser@7.27.1", "Name": "@babel/helper-string-parser", "Identifier": { "PURL": "pkg:npm/%40babel/helper-string-parser@7.27.1", "UID": "b1328d44b45d6f6e", "BOMRef": "pkg:npm/%40babel/helper-string-parser@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/types@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/helper-validator-identifier@7.27.1", "Name": "@babel/helper-validator-identifier", "Identifier": { "PURL": "pkg:npm/%40babel/helper-validator-identifier@7.27.1", "UID": "cc68f1c3cd4f2f59", "BOMRef": "pkg:npm/%40babel/helper-validator-identifier@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/code-frame@7.27.1", "@babel/helper-module-transforms@7.27.3", "@babel/types@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/helper-validator-option@7.27.1", "Name": "@babel/helper-validator-option", "Identifier": { "PURL": "pkg:npm/%40babel/helper-validator-option@7.27.1", "UID": "a0ddd1af99a194b8", "BOMRef": "pkg:npm/%40babel/helper-validator-option@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/helper-compilation-targets@7.27.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/helpers@7.27.6", "Name": "@babel/helpers", "Identifier": { "PURL": "pkg:npm/%40babel/helpers@7.27.6", "UID": "6538c7edc57f631d", "BOMRef": "pkg:npm/%40babel/helpers@7.27.6" }, "Version": "7.27.6", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/parser@7.28.0", "Name": "@babel/parser", "Identifier": { "PURL": "pkg:npm/%40babel/parser@7.28.0", "UID": "9bb4dd9ebd8dc090", "BOMRef": "pkg:npm/%40babel/parser@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/generator@7.28.0", "@babel/template@7.27.2", "@babel/traverse@7.28.0", "@types/babel__core@7.20.5", "@types/babel__template@7.4.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/plugin-transform-react-jsx-self@7.27.1", "Name": "@babel/plugin-transform-react-jsx-self", "Identifier": { "PURL": "pkg:npm/%40babel/plugin-transform-react-jsx-self@7.27.1", "UID": "43bd154321adcd30", "BOMRef": "pkg:npm/%40babel/plugin-transform-react-jsx-self@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/plugin-transform-react-jsx-source@7.27.1", "Name": "@babel/plugin-transform-react-jsx-source", "Identifier": { "PURL": "pkg:npm/%40babel/plugin-transform-react-jsx-source@7.27.1", "UID": "8719a7031bfd2c8a", "BOMRef": "pkg:npm/%40babel/plugin-transform-react-jsx-source@7.27.1" }, "Version": "7.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/runtime@7.27.6", "Name": "@babel/runtime", "Identifier": { "PURL": "pkg:npm/%40babel/runtime@7.27.6", "UID": "659a2cb8a387c82c", "BOMRef": "pkg:npm/%40babel/runtime@7.27.6" }, "Version": "7.27.6", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "@emotion/react@11.14.0", "@emotion/styled@11.14.1", "@mui/icons-material@7.2.0", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/private-theming@5.17.1", "@mui/private-theming@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/types@7.4.4", "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@mui/x-data-grid@7.29.8", "@mui/x-internals@7.29.0", "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1", "@testing-library/jest-dom@5.17.0", "@testing-library/react@13.4.0", "@testing-library/user-event@13.5.0", "babel-plugin-macros@3.1.0", "dom-helpers@5.2.1", "react-transition-group@4.4.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/template@7.27.2", "Name": "@babel/template", "Identifier": { "PURL": "pkg:npm/%40babel/template@7.27.2", "UID": "34746c9ac77943c8", "BOMRef": "pkg:npm/%40babel/template@7.27.2" }, "Version": "7.27.2", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/helpers@7.27.6", "@babel/traverse@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/traverse@7.28.0", "Name": "@babel/traverse", "Identifier": { "PURL": "pkg:npm/%40babel/traverse@7.28.0", "UID": "c1cbc9f167731d1e", "BOMRef": "pkg:npm/%40babel/traverse@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/helper-module-imports@7.27.1", "@babel/helper-module-transforms@7.27.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@babel/types@7.28.0", "Name": "@babel/types", "Identifier": { "PURL": "pkg:npm/%40babel/types@7.28.0", "UID": "e5574ff336b47e9", "BOMRef": "pkg:npm/%40babel/types@7.28.0" }, "Version": "7.28.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/generator@7.28.0", "@babel/helper-module-imports@7.27.1", "@babel/helpers@7.27.6", "@babel/parser@7.28.0", "@babel/template@7.27.2", "@babel/traverse@7.28.0", "@svgr/hast-util-to-babel-ast@8.0.0", "@types/babel__core@7.20.5", "@types/babel__generator@7.27.0", "@types/babel__template@7.4.4", "@types/babel__traverse@7.20.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/babel-plugin@11.13.5", "Name": "@emotion/babel-plugin", "Identifier": { "PURL": "pkg:npm/%40emotion/babel-plugin@11.13.5", "UID": "9934d306a11b16a3", "BOMRef": "pkg:npm/%40emotion/babel-plugin@11.13.5" }, "Version": "11.13.5", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/css@11.13.5", "@emotion/react@11.14.0", "@emotion/styled@11.14.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/cache@11.14.0", "Name": "@emotion/cache", "Identifier": { "PURL": "pkg:npm/%40emotion/cache@11.14.0", "UID": "565ff8379a060760", "BOMRef": "pkg:npm/%40emotion/cache@11.14.0" }, "Version": "11.14.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/css@11.13.5", "@emotion/react@11.14.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/css@11.13.5", "Name": "@emotion/css", "Identifier": { "PURL": "pkg:npm/%40emotion/css@11.13.5", "UID": "7c1140460540d8a", "BOMRef": "pkg:npm/%40emotion/css@11.13.5" }, "Version": "11.13.5", "Licenses": [ "MIT" ], "DependsOn": [ "react-diff-viewer-continued@3.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/hash@0.9.2", "Name": "@emotion/hash", "Identifier": { "PURL": "pkg:npm/%40emotion/hash@0.9.2", "UID": "b8a15e9a69179759", "BOMRef": "pkg:npm/%40emotion/hash@0.9.2" }, "Version": "0.9.2", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "@emotion/serialize@1.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/is-prop-valid@1.3.1", "Name": "@emotion/is-prop-valid", "Identifier": { "PURL": "pkg:npm/%40emotion/is-prop-valid@1.3.1", "UID": "e2110cf1253497f3", "BOMRef": "pkg:npm/%40emotion/is-prop-valid@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/styled@11.14.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/memoize@0.9.0", "Name": "@emotion/memoize", "Identifier": { "PURL": "pkg:npm/%40emotion/memoize@0.9.0", "UID": "71d3065c44022c4c", "BOMRef": "pkg:npm/%40emotion/memoize@0.9.0" }, "Version": "0.9.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "@emotion/cache@11.14.0", "@emotion/is-prop-valid@1.3.1", "@emotion/serialize@1.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/react@11.14.0", "Name": "@emotion/react", "Identifier": { "PURL": "pkg:npm/%40emotion/react@11.14.0", "UID": "4f8ad24c764cc284", "BOMRef": "pkg:npm/%40emotion/react@11.14.0" }, "Version": "11.14.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/styled@11.14.1", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/x-data-grid@7.29.8", "@textea/json-viewer@2.17.2", "create-collection-form@0.0.0", "mui-chips-input@7.0.1", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/serialize@1.3.3", "Name": "@emotion/serialize", "Identifier": { "PURL": "pkg:npm/%40emotion/serialize@1.3.3", "UID": "66f9a2a8105313cd", "BOMRef": "pkg:npm/%40emotion/serialize@1.3.3" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "@emotion/css@11.13.5", "@emotion/react@11.14.0", "@emotion/styled@11.14.1", "@mui/styled-engine@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/sheet@1.4.0", "Name": "@emotion/sheet", "Identifier": { "PURL": "pkg:npm/%40emotion/sheet@1.4.0", "UID": "82a5743de86cf985", "BOMRef": "pkg:npm/%40emotion/sheet@1.4.0" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/cache@11.14.0", "@emotion/css@11.13.5", "@mui/styled-engine@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/styled@11.14.1", "Name": "@emotion/styled", "Identifier": { "PURL": "pkg:npm/%40emotion/styled@11.14.1", "UID": "29a369eaa0cb5094", "BOMRef": "pkg:npm/%40emotion/styled@11.14.1" }, "Version": "11.14.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/x-data-grid@7.29.8", "@textea/json-viewer@2.17.2", "create-collection-form@0.0.0", "mui-chips-input@7.0.1", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/unitless@0.10.0", "Name": "@emotion/unitless", "Identifier": { "PURL": "pkg:npm/%40emotion/unitless@0.10.0", "UID": "a531f4b9b17a2297", "BOMRef": "pkg:npm/%40emotion/unitless@0.10.0" }, "Version": "0.10.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/serialize@1.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/use-insertion-effect-with-fallbacks@1.2.0", "Name": "@emotion/use-insertion-effect-with-fallbacks", "Identifier": { "PURL": "pkg:npm/%40emotion/use-insertion-effect-with-fallbacks@1.2.0", "UID": "5aabc89443241cc", "BOMRef": "pkg:npm/%40emotion/use-insertion-effect-with-fallbacks@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/react@11.14.0", "@emotion/styled@11.14.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/utils@1.4.2", "Name": "@emotion/utils", "Identifier": { "PURL": "pkg:npm/%40emotion/utils@1.4.2", "UID": "25acc80c0fb8eedc", "BOMRef": "pkg:npm/%40emotion/utils@1.4.2" }, "Version": "1.4.2", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/cache@11.14.0", "@emotion/css@11.13.5", "@emotion/react@11.14.0", "@emotion/serialize@1.3.3", "@emotion/styled@11.14.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@emotion/weak-memoize@0.4.0", "Name": "@emotion/weak-memoize", "Identifier": { "PURL": "pkg:npm/%40emotion/weak-memoize@0.4.0", "UID": "4a1557232b2275c2", "BOMRef": "pkg:npm/%40emotion/weak-memoize@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/cache@11.14.0", "@emotion/react@11.14.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@eslint-community/eslint-utils@4.7.0", "Name": "@eslint-community/eslint-utils", "Identifier": { "PURL": "pkg:npm/%40eslint-community/eslint-utils@4.7.0", "UID": "af467e6574de5b4c", "BOMRef": "pkg:npm/%40eslint-community/eslint-utils@4.7.0" }, "Version": "4.7.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@eslint-community/regexpp@4.12.1", "Name": "@eslint-community/regexpp", "Identifier": { "PURL": "pkg:npm/%40eslint-community/regexpp@4.12.1", "UID": "d074f0ef151cc17", "BOMRef": "pkg:npm/%40eslint-community/regexpp@4.12.1" }, "Version": "4.12.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@eslint/eslintrc@2.1.4", "Name": "@eslint/eslintrc", "Identifier": { "PURL": "pkg:npm/%40eslint/eslintrc@2.1.4", "UID": "3392306e4d1068c3", "BOMRef": "pkg:npm/%40eslint/eslintrc@2.1.4" }, "Version": "2.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@eslint/js@8.57.1", "Name": "@eslint/js", "Identifier": { "PURL": "pkg:npm/%40eslint/js@8.57.1", "UID": "8d756f75c8fd0379", "BOMRef": "pkg:npm/%40eslint/js@8.57.1" }, "Version": "8.57.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@humanwhocodes/config-array@0.13.0", "Name": "@humanwhocodes/config-array", "Identifier": { "PURL": "pkg:npm/%40humanwhocodes/config-array@0.13.0", "UID": "8e45d38f91419941", "BOMRef": "pkg:npm/%40humanwhocodes/config-array@0.13.0" }, "Version": "0.13.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@humanwhocodes/module-importer@1.0.1", "Name": "@humanwhocodes/module-importer", "Identifier": { "PURL": "pkg:npm/%40humanwhocodes/module-importer@1.0.1", "UID": "4b75609e532b3f08", "BOMRef": "pkg:npm/%40humanwhocodes/module-importer@1.0.1" }, "Version": "1.0.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@humanwhocodes/object-schema@2.0.3", "Name": "@humanwhocodes/object-schema", "Identifier": { "PURL": "pkg:npm/%40humanwhocodes/object-schema@2.0.3", "UID": "82d04f27a706b533", "BOMRef": "pkg:npm/%40humanwhocodes/object-schema@2.0.3" }, "Version": "2.0.3", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@humanwhocodes/config-array@0.13.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "a042969182b7240a", "BOMRef": "pkg:npm/%40isaacs/fs-minipass@4.0.1" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "tar@7.4.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@jest/diff-sequences@30.0.1", "Name": "@jest/diff-sequences", "Identifier": { "PURL": "pkg:npm/%40jest/diff-sequences@30.0.1", "UID": "fadefd2110f9c6ff", "BOMRef": "pkg:npm/%40jest/diff-sequences@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "jest-diff@30.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@jest/expect-utils@30.0.4", "Name": "@jest/expect-utils", "Identifier": { "PURL": "pkg:npm/%40jest/expect-utils@30.0.4", "UID": "559740821653b1a7", "BOMRef": "pkg:npm/%40jest/expect-utils@30.0.4" }, "Version": "30.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "expect@30.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@jest/get-type@30.0.1", "Name": "@jest/get-type", "Identifier": { "PURL": "pkg:npm/%40jest/get-type@30.0.1", "UID": "f242a7d868c0a24e", "BOMRef": "pkg:npm/%40jest/get-type@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/expect-utils@30.0.4", "expect@30.0.4", "jest-diff@30.0.4", "jest-matcher-utils@30.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@jest/pattern@30.0.1", "Name": "@jest/pattern", "Identifier": { "PURL": "pkg:npm/%40jest/pattern@30.0.1", "UID": "fb321919b46218da", "BOMRef": "pkg:npm/%40jest/pattern@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/types@30.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@jest/schemas@30.0.1", "Name": "@jest/schemas", "Identifier": { "PURL": "pkg:npm/%40jest/schemas@30.0.1", "UID": "fa8b91333db9ca85", "BOMRef": "pkg:npm/%40jest/schemas@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2", "@jest/types@30.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@jest/types@30.0.1", "Name": "@jest/types", "Identifier": { "PURL": "pkg:npm/%40jest/types@30.0.1", "UID": "93e4e9fe58d5d35", "BOMRef": "pkg:npm/%40jest/types@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "jest-message-util@30.0.2", "jest-mock@30.0.2", "jest-util@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@jridgewell/gen-mapping@0.3.12", "Name": "@jridgewell/gen-mapping", "Identifier": { "PURL": "pkg:npm/%40jridgewell/gen-mapping@0.3.12", "UID": "c2619a9e55e3237f", "BOMRef": "pkg:npm/%40jridgewell/gen-mapping@0.3.12" }, "Version": "0.3.12", "Licenses": [ "MIT" ], "DependsOn": [ "@ampproject/remapping@2.3.0", "@babel/generator@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@jridgewell/resolve-uri@3.1.2", "Name": "@jridgewell/resolve-uri", "Identifier": { "PURL": "pkg:npm/%40jridgewell/resolve-uri@3.1.2", "UID": "676f58217d945ccb", "BOMRef": "pkg:npm/%40jridgewell/resolve-uri@3.1.2" }, "Version": "3.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "@jridgewell/trace-mapping@0.3.29" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@jridgewell/sourcemap-codec@1.5.4", "Name": "@jridgewell/sourcemap-codec", "Identifier": { "PURL": "pkg:npm/%40jridgewell/sourcemap-codec@1.5.4", "UID": "7a353d63add5ea69", "BOMRef": "pkg:npm/%40jridgewell/sourcemap-codec@1.5.4" }, "Version": "1.5.4", "Licenses": [ "MIT" ], "DependsOn": [ "@jridgewell/gen-mapping@0.3.12", "@jridgewell/trace-mapping@0.3.29", "magic-string@0.30.17" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@jridgewell/trace-mapping@0.3.29", "Name": "@jridgewell/trace-mapping", "Identifier": { "PURL": "pkg:npm/%40jridgewell/trace-mapping@0.3.29", "UID": "c52ce5fab8e1613c", "BOMRef": "pkg:npm/%40jridgewell/trace-mapping@0.3.29" }, "Version": "0.3.29", "Licenses": [ "MIT" ], "DependsOn": [ "@ampproject/remapping@2.3.0", "@babel/generator@7.28.0", "@jridgewell/gen-mapping@0.3.12" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@kurkle/color@0.3.4", "Name": "@kurkle/color", "Identifier": { "PURL": "pkg:npm/%40kurkle/color@0.3.4", "UID": "4b1cd09a94557b55", "BOMRef": "pkg:npm/%40kurkle/color@0.3.4" }, "Version": "0.3.4", "Licenses": [ "MIT" ], "DependsOn": [ "chart.js@4.5.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mdx-js/mdx@2.3.0", "Name": "@mdx-js/mdx", "Identifier": { "PURL": "pkg:npm/%40mdx-js/mdx@2.3.0", "UID": "832e75316d105fcd", "BOMRef": "pkg:npm/%40mdx-js/mdx@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/rollup@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mdx-js/react@2.3.0", "Name": "@mdx-js/react", "Identifier": { "PURL": "pkg:npm/%40mdx-js/react@2.3.0", "UID": "6a3474cfbbe0fb17", "BOMRef": "pkg:npm/%40mdx-js/react@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mdx-js/rollup@2.3.0", "Name": "@mdx-js/rollup", "Identifier": { "PURL": "pkg:npm/%40mdx-js/rollup@2.3.0", "UID": "61aaedaf90d34c12", "BOMRef": "pkg:npm/%40mdx-js/rollup@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@monaco-editor/loader@1.5.0", "Name": "@monaco-editor/loader", "Identifier": { "PURL": "pkg:npm/%40monaco-editor/loader@1.5.0", "UID": "205a96b543586bce", "BOMRef": "pkg:npm/%40monaco-editor/loader@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "@monaco-editor/react@4.7.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@monaco-editor/react@4.7.0", "Name": "@monaco-editor/react", "Identifier": { "PURL": "pkg:npm/%40monaco-editor/react@4.7.0", "UID": "bcf0a8b5955eebaa", "BOMRef": "pkg:npm/%40monaco-editor/react@4.7.0" }, "Version": "4.7.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/core-downloads-tracker@5.17.1", "Name": "@mui/core-downloads-tracker", "Identifier": { "PURL": "pkg:npm/%40mui/core-downloads-tracker@5.17.1", "UID": "b0cfa0a294a6a067", "BOMRef": "pkg:npm/%40mui/core-downloads-tracker@5.17.1" }, "Version": "5.17.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/core-downloads-tracker@7.2.0", "Name": "@mui/core-downloads-tracker", "Identifier": { "PURL": "pkg:npm/%40mui/core-downloads-tracker@7.2.0", "UID": "f16e70e14f8af9f3", "BOMRef": "pkg:npm/%40mui/core-downloads-tracker@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/icons-material@7.2.0", "Name": "@mui/icons-material", "Identifier": { "PURL": "pkg:npm/%40mui/icons-material@7.2.0", "UID": "1f0d0d5b4a22f008", "BOMRef": "pkg:npm/%40mui/icons-material@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "create-collection-form@0.0.0", "mui-chips-input@7.0.1", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/material@5.17.1", "Name": "@mui/material", "Identifier": { "PURL": "pkg:npm/%40mui/material@5.17.1", "UID": "6828390f484328ef", "BOMRef": "pkg:npm/%40mui/material@5.17.1" }, "Version": "5.17.1", "Licenses": [ "MIT" ], "DependsOn": [ "@textea/json-viewer@2.17.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/material@7.2.0", "Name": "@mui/material", "Identifier": { "PURL": "pkg:npm/%40mui/material@7.2.0", "UID": "e543df92b9cadc1", "BOMRef": "pkg:npm/%40mui/material@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/icons-material@7.2.0", "@mui/x-data-grid@7.29.8", "create-collection-form@0.0.0", "mui-chips-input@7.0.1", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/private-theming@5.17.1", "Name": "@mui/private-theming", "Identifier": { "PURL": "pkg:npm/%40mui/private-theming@5.17.1", "UID": "d788c5b32cdad87f", "BOMRef": "pkg:npm/%40mui/private-theming@5.17.1" }, "Version": "5.17.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/system@5.17.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/private-theming@7.2.0", "Name": "@mui/private-theming", "Identifier": { "PURL": "pkg:npm/%40mui/private-theming@7.2.0", "UID": "c3c81efa18fa107b", "BOMRef": "pkg:npm/%40mui/private-theming@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/system@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/styled-engine@5.16.14", "Name": "@mui/styled-engine", "Identifier": { "PURL": "pkg:npm/%40mui/styled-engine@5.16.14", "UID": "5974522f87d104d", "BOMRef": "pkg:npm/%40mui/styled-engine@5.16.14" }, "Version": "5.16.14", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/system@5.17.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/styled-engine@7.2.0", "Name": "@mui/styled-engine", "Identifier": { "PURL": "pkg:npm/%40mui/styled-engine@7.2.0", "UID": "beca326918726f21", "BOMRef": "pkg:npm/%40mui/styled-engine@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/system@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/system@5.17.1", "Name": "@mui/system", "Identifier": { "PURL": "pkg:npm/%40mui/system@5.17.1", "UID": "ba3c846e1affa6fc", "BOMRef": "pkg:npm/%40mui/system@5.17.1" }, "Version": "5.17.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/system@7.2.0", "Name": "@mui/system", "Identifier": { "PURL": "pkg:npm/%40mui/system@7.2.0", "UID": "e010fdf2766d2bf1", "BOMRef": "pkg:npm/%40mui/system@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@7.2.0", "@mui/x-data-grid@7.29.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/types@7.2.24", "Name": "@mui/types", "Identifier": { "PURL": "pkg:npm/%40mui/types@7.2.24", "UID": "2a252f64e89cc2e9", "BOMRef": "pkg:npm/%40mui/types@7.2.24" }, "Version": "7.2.24", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/system@5.17.1", "@mui/utils@5.17.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/types@7.4.4", "Name": "@mui/types", "Identifier": { "PURL": "pkg:npm/%40mui/types@7.4.4", "UID": "4e26c5508e9db60b", "BOMRef": "pkg:npm/%40mui/types@7.4.4" }, "Version": "7.4.4", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@7.2.0", "@mui/system@7.2.0", "@mui/utils@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/utils@5.17.1", "Name": "@mui/utils", "Identifier": { "PURL": "pkg:npm/%40mui/utils@5.17.1", "UID": "da9150b41cf4ccea", "BOMRef": "pkg:npm/%40mui/utils@5.17.1" }, "Version": "5.17.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/private-theming@5.17.1", "@mui/system@5.17.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/utils@7.2.0", "Name": "@mui/utils", "Identifier": { "PURL": "pkg:npm/%40mui/utils@7.2.0", "UID": "a41c166b8deebd78", "BOMRef": "pkg:npm/%40mui/utils@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@7.2.0", "@mui/private-theming@7.2.0", "@mui/system@7.2.0", "@mui/x-data-grid@7.29.8", "@mui/x-internals@7.29.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/x-data-grid@7.29.8", "Name": "@mui/x-data-grid", "Identifier": { "PURL": "pkg:npm/%40mui/x-data-grid@7.29.8", "UID": "9c5a772e0814f223", "BOMRef": "pkg:npm/%40mui/x-data-grid@7.29.8" }, "Version": "7.29.8", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@mui/x-internals@7.29.0", "Name": "@mui/x-internals", "Identifier": { "PURL": "pkg:npm/%40mui/x-internals@7.29.0", "UID": "11f74483961967e4", "BOMRef": "pkg:npm/%40mui/x-internals@7.29.0" }, "Version": "7.29.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/x-data-grid@7.29.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@nodelib/fs.scandir@2.1.5", "Name": "@nodelib/fs.scandir", "Identifier": { "PURL": "pkg:npm/%40nodelib/fs.scandir@2.1.5", "UID": "3583537d94c2de0a", "BOMRef": "pkg:npm/%40nodelib/fs.scandir@2.1.5" }, "Version": "2.1.5", "Licenses": [ "MIT" ], "DependsOn": [ "@nodelib/fs.walk@1.2.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@nodelib/fs.stat@2.0.5", "Name": "@nodelib/fs.stat", "Identifier": { "PURL": "pkg:npm/%40nodelib/fs.stat@2.0.5", "UID": "85d200f0b0bc0d3d", "BOMRef": "pkg:npm/%40nodelib/fs.stat@2.0.5" }, "Version": "2.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "@nodelib/fs.scandir@2.1.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@nodelib/fs.walk@1.2.8", "Name": "@nodelib/fs.walk", "Identifier": { "PURL": "pkg:npm/%40nodelib/fs.walk@1.2.8", "UID": "ef814e1cb32ef554", "BOMRef": "pkg:npm/%40nodelib/fs.walk@1.2.8" }, "Version": "1.2.8", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@parcel/watcher@2.5.1", "Name": "@parcel/watcher", "Identifier": { "PURL": "pkg:npm/%40parcel/watcher@2.5.1", "UID": "a8b2109c78b12ec1", "BOMRef": "pkg:npm/%40parcel/watcher@2.5.1" }, "Version": "2.5.1", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@popperjs/core@2.11.8", "Name": "@popperjs/core", "Identifier": { "PURL": "pkg:npm/%40popperjs/core@2.11.8", "UID": "a15fb7b9689ae616", "BOMRef": "pkg:npm/%40popperjs/core@2.11.8" }, "Version": "2.11.8", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@qdrant/js-client-rest@1.15.1", "Name": "@qdrant/js-client-rest", "Identifier": { "PURL": "pkg:npm/%40qdrant/js-client-rest@1.15.1", "UID": "27e46714aae4f6ec", "BOMRef": "pkg:npm/%40qdrant/js-client-rest@1.15.1" }, "Version": "1.15.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@qdrant/openapi-typescript-fetch@1.2.6", "Name": "@qdrant/openapi-typescript-fetch", "Identifier": { "PURL": "pkg:npm/%40qdrant/openapi-typescript-fetch@1.2.6", "UID": "855b1d86dec07a8", "BOMRef": "pkg:npm/%40qdrant/openapi-typescript-fetch@1.2.6" }, "Version": "1.2.6", "Licenses": [ "MIT" ], "DependsOn": [ "@qdrant/js-client-rest@1.15.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@remix-run/router@1.23.0", "Name": "@remix-run/router", "Identifier": { "PURL": "pkg:npm/%40remix-run/router@1.23.0", "UID": "5ac20fc3c50c356a", "BOMRef": "pkg:npm/%40remix-run/router@1.23.0" }, "Version": "1.23.0", "Licenses": [ "MIT" ], "DependsOn": [ "react-router-dom@6.30.1", "react-router@6.30.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@rolldown/pluginutils@1.0.0-beta.19", "Name": "@rolldown/pluginutils", "Identifier": { "PURL": "pkg:npm/%40rolldown/pluginutils@1.0.0-beta.19", "UID": "f80e0d479e612292", "BOMRef": "pkg:npm/%40rolldown/pluginutils@1.0.0-beta.19" }, "Version": "1.0.0-beta.19", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@rollup/pluginutils@4.2.1", "Name": "@rollup/pluginutils", "Identifier": { "PURL": "pkg:npm/%40rollup/pluginutils@4.2.1", "UID": "c96838d4e5247c20", "BOMRef": "pkg:npm/%40rollup/pluginutils@4.2.1" }, "Version": "4.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "vite-plugin-eslint@1.8.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@rollup/pluginutils@5.2.0", "Name": "@rollup/pluginutils", "Identifier": { "PURL": "pkg:npm/%40rollup/pluginutils@5.2.0", "UID": "20bdc3a5f8446c6d", "BOMRef": "pkg:npm/%40rollup/pluginutils@5.2.0" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/rollup@2.3.0", "vite-plugin-svgr@4.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@rollup/rollup-linux-x64-gnu@4.44.2", "Name": "@rollup/rollup-linux-x64-gnu", "Identifier": { "PURL": "pkg:npm/%40rollup/rollup-linux-x64-gnu@4.44.2", "UID": "bbbdbbbc86913278", "BOMRef": "pkg:npm/%40rollup/rollup-linux-x64-gnu@4.44.2" }, "Version": "4.44.2", "Licenses": [ "MIT" ], "DependsOn": [ "rollup@4.44.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@rollup/rollup-linux-x64-gnu@4.52.4", "Name": "@rollup/rollup-linux-x64-gnu", "Identifier": { "PURL": "pkg:npm/%40rollup/rollup-linux-x64-gnu@4.52.4", "UID": "7fafb77283f639a8", "BOMRef": "pkg:npm/%40rollup/rollup-linux-x64-gnu@4.52.4" }, "Version": "4.52.4", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@rollup/rollup-linux-x64-musl@4.44.2", "Name": "@rollup/rollup-linux-x64-musl", "Identifier": { "PURL": "pkg:npm/%40rollup/rollup-linux-x64-musl@4.44.2", "UID": "61c3058030ec0379", "BOMRef": "pkg:npm/%40rollup/rollup-linux-x64-musl@4.44.2" }, "Version": "4.44.2", "Licenses": [ "MIT" ], "DependsOn": [ "rollup@4.44.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@saehrimnir/druidjs@0.6.3", "Name": "@saehrimnir/druidjs", "Identifier": { "PURL": "pkg:npm/%40saehrimnir/druidjs@0.6.3", "UID": "cb126f060562e413", "BOMRef": "pkg:npm/%40saehrimnir/druidjs@0.6.3" }, "Version": "0.6.3", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@sevinf/maybe@0.5.0", "Name": "@sevinf/maybe", "Identifier": { "PURL": "pkg:npm/%40sevinf/maybe@0.5.0", "UID": "2ee7bdec69cc9bce", "BOMRef": "pkg:npm/%40sevinf/maybe@0.5.0" }, "Version": "0.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "@qdrant/js-client-rest@1.15.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@sinclair/typebox@0.34.37", "Name": "@sinclair/typebox", "Identifier": { "PURL": "pkg:npm/%40sinclair/typebox@0.34.37", "UID": "1a75869aa8804437", "BOMRef": "pkg:npm/%40sinclair/typebox@0.34.37" }, "Version": "0.34.37", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/schemas@30.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/babel-plugin-add-jsx-attribute@8.0.0", "Name": "@svgr/babel-plugin-add-jsx-attribute", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-add-jsx-attribute@8.0.0", "UID": "b42c4e9ce52ad173", "BOMRef": "pkg:npm/%40svgr/babel-plugin-add-jsx-attribute@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/babel-plugin-remove-jsx-attribute@8.0.0", "Name": "@svgr/babel-plugin-remove-jsx-attribute", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-remove-jsx-attribute@8.0.0", "UID": "b54e7b0abad40bf6", "BOMRef": "pkg:npm/%40svgr/babel-plugin-remove-jsx-attribute@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/babel-plugin-remove-jsx-empty-expression@8.0.0", "Name": "@svgr/babel-plugin-remove-jsx-empty-expression", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-remove-jsx-empty-expression@8.0.0", "UID": "22579e91383fa041", "BOMRef": "pkg:npm/%40svgr/babel-plugin-remove-jsx-empty-expression@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/babel-plugin-replace-jsx-attribute-value@8.0.0", "Name": "@svgr/babel-plugin-replace-jsx-attribute-value", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-replace-jsx-attribute-value@8.0.0", "UID": "47919e34e70798ac", "BOMRef": "pkg:npm/%40svgr/babel-plugin-replace-jsx-attribute-value@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/babel-plugin-svg-dynamic-title@8.0.0", "Name": "@svgr/babel-plugin-svg-dynamic-title", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-svg-dynamic-title@8.0.0", "UID": "5b013267bd16bf0c", "BOMRef": "pkg:npm/%40svgr/babel-plugin-svg-dynamic-title@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/babel-plugin-svg-em-dimensions@8.0.0", "Name": "@svgr/babel-plugin-svg-em-dimensions", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-svg-em-dimensions@8.0.0", "UID": "2d5eac19491876d0", "BOMRef": "pkg:npm/%40svgr/babel-plugin-svg-em-dimensions@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/babel-plugin-transform-react-native-svg@8.1.0", "Name": "@svgr/babel-plugin-transform-react-native-svg", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-transform-react-native-svg@8.1.0", "UID": "f9c5e10d326f67f6", "BOMRef": "pkg:npm/%40svgr/babel-plugin-transform-react-native-svg@8.1.0" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/babel-plugin-transform-svg-component@8.0.0", "Name": "@svgr/babel-plugin-transform-svg-component", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-plugin-transform-svg-component@8.0.0", "UID": "204ad9130d26e15b", "BOMRef": "pkg:npm/%40svgr/babel-plugin-transform-svg-component@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/babel-preset@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/babel-preset@8.1.0", "Name": "@svgr/babel-preset", "Identifier": { "PURL": "pkg:npm/%40svgr/babel-preset@8.1.0", "UID": "9bc285f796515991", "BOMRef": "pkg:npm/%40svgr/babel-preset@8.1.0" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/core@8.1.0", "@svgr/plugin-jsx@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/core@8.1.0", "Name": "@svgr/core", "Identifier": { "PURL": "pkg:npm/%40svgr/core@8.1.0", "UID": "1f737d0c160a64f8", "BOMRef": "pkg:npm/%40svgr/core@8.1.0" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/plugin-jsx@8.1.0", "vite-plugin-svgr@4.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/hast-util-to-babel-ast@8.0.0", "Name": "@svgr/hast-util-to-babel-ast", "Identifier": { "PURL": "pkg:npm/%40svgr/hast-util-to-babel-ast@8.0.0", "UID": "a5237070dfdf4a2d", "BOMRef": "pkg:npm/%40svgr/hast-util-to-babel-ast@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/plugin-jsx@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@svgr/plugin-jsx@8.1.0", "Name": "@svgr/plugin-jsx", "Identifier": { "PURL": "pkg:npm/%40svgr/plugin-jsx@8.1.0", "UID": "49dc5b58b36ed2ad", "BOMRef": "pkg:npm/%40svgr/plugin-jsx@8.1.0" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "vite-plugin-svgr@4.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@tailwindcss/cli@4.1.11", "Name": "@tailwindcss/cli", "Identifier": { "PURL": "pkg:npm/%40tailwindcss/cli@4.1.11", "UID": "6b008a94a6c04138", "BOMRef": "pkg:npm/%40tailwindcss/cli@4.1.11" }, "Version": "4.1.11", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/components@0.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@tailwindcss/node@4.1.11", "Name": "@tailwindcss/node", "Identifier": { "PURL": "pkg:npm/%40tailwindcss/node@4.1.11", "UID": "dabaf4daa3201920", "BOMRef": "pkg:npm/%40tailwindcss/node@4.1.11" }, "Version": "4.1.11", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@tailwindcss/oxide@4.1.11", "Name": "@tailwindcss/oxide", "Identifier": { "PURL": "pkg:npm/%40tailwindcss/oxide@4.1.11", "UID": "84f161c678e2bad0", "BOMRef": "pkg:npm/%40tailwindcss/oxide@4.1.11" }, "Version": "4.1.11", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@tailwindcss/oxide-linux-x64-gnu@4.1.11", "Name": "@tailwindcss/oxide-linux-x64-gnu", "Identifier": { "PURL": "pkg:npm/%40tailwindcss/oxide-linux-x64-gnu@4.1.11", "UID": "e9b1b0bfeea0dbb2", "BOMRef": "pkg:npm/%40tailwindcss/oxide-linux-x64-gnu@4.1.11" }, "Version": "4.1.11", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/oxide@4.1.11" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@testing-library/dom@10.4.0", "Name": "@testing-library/dom", "Identifier": { "PURL": "pkg:npm/%40testing-library/dom@10.4.0", "UID": "2633119b6dd18a3a", "BOMRef": "pkg:npm/%40testing-library/dom@10.4.0" }, "Version": "10.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/user-event@13.5.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@testing-library/dom@8.20.1", "Name": "@testing-library/dom", "Identifier": { "PURL": "pkg:npm/%40testing-library/dom@8.20.1", "UID": "dce83fe121a2f5b9", "BOMRef": "pkg:npm/%40testing-library/dom@8.20.1" }, "Version": "8.20.1", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/react@13.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@testing-library/jest-dom@5.17.0", "Name": "@testing-library/jest-dom", "Identifier": { "PURL": "pkg:npm/%40testing-library/jest-dom@5.17.0", "UID": "92f7088502e65633", "BOMRef": "pkg:npm/%40testing-library/jest-dom@5.17.0" }, "Version": "5.17.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@testing-library/react@13.4.0", "Name": "@testing-library/react", "Identifier": { "PURL": "pkg:npm/%40testing-library/react@13.4.0", "UID": "2b6f1c18ad1f6b3b", "BOMRef": "pkg:npm/%40testing-library/react@13.4.0" }, "Version": "13.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@testing-library/user-event@13.5.0", "Name": "@testing-library/user-event", "Identifier": { "PURL": "pkg:npm/%40testing-library/user-event@13.5.0", "UID": "32b3fb64cc869f54", "BOMRef": "pkg:npm/%40testing-library/user-event@13.5.0" }, "Version": "13.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@textea/json-viewer@2.17.2", "Name": "@textea/json-viewer", "Identifier": { "PURL": "pkg:npm/%40textea/json-viewer@2.17.2", "UID": "3f471000d92375a0", "BOMRef": "pkg:npm/%40textea/json-viewer@2.17.2" }, "Version": "2.17.2", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@tootallnate/once@2.0.0", "Name": "@tootallnate/once", "Identifier": { "PURL": "pkg:npm/%40tootallnate/once@2.0.0", "UID": "5cfc71c06b07f0ea", "BOMRef": "pkg:npm/%40tootallnate/once@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "http-proxy-agent@5.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@transloadit/prettier-bytes@0.3.5", "Name": "@transloadit/prettier-bytes", "Identifier": { "PURL": "pkg:npm/%40transloadit/prettier-bytes@0.3.5", "UID": "f2af7d4faace874b", "BOMRef": "pkg:npm/%40transloadit/prettier-bytes@0.3.5" }, "Version": "0.3.5", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/core@4.4.7", "@uppy/dashboard@4.3.4", "@uppy/status-bar@4.1.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@tweenjs/tween.js@25.0.0", "Name": "@tweenjs/tween.js", "Identifier": { "PURL": "pkg:npm/%40tweenjs/tween.js@25.0.0", "UID": "2662d74c2195e680", "BOMRef": "pkg:npm/%40tweenjs/tween.js@25.0.0" }, "Version": "25.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/acorn@4.0.6", "Name": "@types/acorn", "Identifier": { "PURL": "pkg:npm/%40types/acorn@4.0.6", "UID": "8b10d8ea26babfac", "BOMRef": "pkg:npm/%40types/acorn@4.0.6" }, "Version": "4.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdx-jsx@1.0.5", "micromark-util-events-to-acorn@1.2.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/aria-query@5.0.4", "Name": "@types/aria-query", "Identifier": { "PURL": "pkg:npm/%40types/aria-query@5.0.4", "UID": "53374c07f51a8b09", "BOMRef": "pkg:npm/%40types/aria-query@5.0.4" }, "Version": "5.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/babel__core@7.20.5", "Name": "@types/babel__core", "Identifier": { "PURL": "pkg:npm/%40types/babel__core@7.20.5", "UID": "3a87df7d8c4cb3f5", "BOMRef": "pkg:npm/%40types/babel__core@7.20.5" }, "Version": "7.20.5", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/babel__generator@7.27.0", "Name": "@types/babel__generator", "Identifier": { "PURL": "pkg:npm/%40types/babel__generator@7.27.0", "UID": "ad6712a3472bc3ba", "BOMRef": "pkg:npm/%40types/babel__generator@7.27.0" }, "Version": "7.27.0", "Licenses": [ "MIT" ], "DependsOn": [ "@types/babel__core@7.20.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/babel__template@7.4.4", "Name": "@types/babel__template", "Identifier": { "PURL": "pkg:npm/%40types/babel__template@7.4.4", "UID": "2ce3fcb17ea5c8c7", "BOMRef": "pkg:npm/%40types/babel__template@7.4.4" }, "Version": "7.4.4", "Licenses": [ "MIT" ], "DependsOn": [ "@types/babel__core@7.20.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/babel__traverse@7.20.7", "Name": "@types/babel__traverse", "Identifier": { "PURL": "pkg:npm/%40types/babel__traverse@7.20.7", "UID": "247d45158d7f6c9a", "BOMRef": "pkg:npm/%40types/babel__traverse@7.20.7" }, "Version": "7.20.7", "Licenses": [ "MIT" ], "DependsOn": [ "@types/babel__core@7.20.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/chai@5.2.2", "Name": "@types/chai", "Identifier": { "PURL": "pkg:npm/%40types/chai@5.2.2", "UID": "dcc2a1ca5fb3d649", "BOMRef": "pkg:npm/%40types/chai@5.2.2" }, "Version": "5.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/expect@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/debug@4.1.12", "Name": "@types/debug", "Identifier": { "PURL": "pkg:npm/%40types/debug@4.1.12", "UID": "a8382e3377d5dbd3", "BOMRef": "pkg:npm/%40types/debug@4.1.12" }, "Version": "4.1.12", "Licenses": [ "MIT" ], "DependsOn": [ "micromark@3.2.0", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/deep-eql@4.0.2", "Name": "@types/deep-eql", "Identifier": { "PURL": "pkg:npm/%40types/deep-eql@4.0.2", "UID": "86ef4224c070897a", "BOMRef": "pkg:npm/%40types/deep-eql@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "@types/chai@5.2.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/eslint@8.56.12", "Name": "@types/eslint", "Identifier": { "PURL": "pkg:npm/%40types/eslint@8.56.12", "UID": "c12280ef0d525000", "BOMRef": "pkg:npm/%40types/eslint@8.56.12" }, "Version": "8.56.12", "Licenses": [ "MIT" ], "DependsOn": [ "vite-plugin-eslint@1.8.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/estree@1.0.8", "Name": "@types/estree", "Identifier": { "PURL": "pkg:npm/%40types/estree@1.0.8", "UID": "1e284131b2ee4db2", "BOMRef": "pkg:npm/%40types/estree@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "@rollup/pluginutils@5.2.0", "@types/acorn@4.0.6", "@types/eslint@8.56.12", "@types/estree-jsx@1.0.5", "estree-util-attach-comments@2.1.1", "estree-walker@3.0.3", "hast-util-to-estree@2.3.3", "is-reference@3.0.3", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-mdx-expression@1.0.9", "micromark-util-events-to-acorn@1.2.3", "periscopic@3.1.0", "rollup@4.44.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/estree-jsx@1.0.5", "Name": "@types/estree-jsx", "Identifier": { "PURL": "pkg:npm/%40types/estree-jsx@1.0.5", "UID": "5659d06a6c01e3cf", "BOMRef": "pkg:npm/%40types/estree-jsx@1.0.5" }, "Version": "1.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "estree-util-build-jsx@2.2.2", "estree-util-to-js@1.2.0", "estree-util-visit@1.2.1", "hast-util-to-estree@2.3.3", "mdast-util-mdx-expression@1.3.2", "mdast-util-mdx-jsx@2.1.4", "mdast-util-mdxjs-esm@1.3.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/hast@2.3.10", "Name": "@types/hast", "Identifier": { "PURL": "pkg:npm/%40types/hast@2.3.10", "UID": "73ea50438d1dbd21", "BOMRef": "pkg:npm/%40types/hast@2.3.10" }, "Version": "2.3.10", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3", "mdast-util-mdx-expression@1.3.2", "mdast-util-mdx-jsx@2.1.4", "mdast-util-mdxjs-esm@1.3.1", "mdast-util-to-hast@12.3.0", "remark-rehype@10.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/istanbul-lib-coverage@2.0.6", "Name": "@types/istanbul-lib-coverage", "Identifier": { "PURL": "pkg:npm/%40types/istanbul-lib-coverage@2.0.6", "UID": "ca23f498114619e9", "BOMRef": "pkg:npm/%40types/istanbul-lib-coverage@2.0.6" }, "Version": "2.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/types@30.0.1", "@types/istanbul-lib-report@3.0.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/istanbul-lib-report@3.0.3", "Name": "@types/istanbul-lib-report", "Identifier": { "PURL": "pkg:npm/%40types/istanbul-lib-report@3.0.3", "UID": "cdbec0d02125b4", "BOMRef": "pkg:npm/%40types/istanbul-lib-report@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@types/istanbul-reports@3.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/istanbul-reports@3.0.4", "Name": "@types/istanbul-reports", "Identifier": { "PURL": "pkg:npm/%40types/istanbul-reports@3.0.4", "UID": "fed50bc3c1f36eb7", "BOMRef": "pkg:npm/%40types/istanbul-reports@3.0.4" }, "Version": "3.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/types@30.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/jest@30.0.0", "Name": "@types/jest", "Identifier": { "PURL": "pkg:npm/%40types/jest@30.0.0", "UID": "c621ddb024c4d729", "BOMRef": "pkg:npm/%40types/jest@30.0.0" }, "Version": "30.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@types/testing-library__jest-dom@5.14.9" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/json-schema@7.0.15", "Name": "@types/json-schema", "Identifier": { "PURL": "pkg:npm/%40types/json-schema@7.0.15", "UID": "9c5099ae83cb518c", "BOMRef": "pkg:npm/%40types/json-schema@7.0.15" }, "Version": "7.0.15", "Licenses": [ "MIT" ], "DependsOn": [ "@types/eslint@8.56.12" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/mdast@3.0.15", "Name": "@types/mdast", "Identifier": { "PURL": "pkg:npm/%40types/mdast@3.0.15", "UID": "ff9345b147311285", "BOMRef": "pkg:npm/%40types/mdast@3.0.15" }, "Version": "3.0.15", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-definitions@5.1.2", "mdast-util-from-markdown@1.3.1", "mdast-util-mdx-expression@1.3.2", "mdast-util-mdx-jsx@2.1.4", "mdast-util-mdxjs-esm@1.3.1", "mdast-util-phrasing@3.0.1", "mdast-util-to-hast@12.3.0", "mdast-util-to-markdown@1.5.0", "mdast-util-to-string@3.2.0", "remark-parse@10.0.2", "remark-rehype@10.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/mdx@2.0.13", "Name": "@types/mdx", "Identifier": { "PURL": "pkg:npm/%40types/mdx@2.0.13", "UID": "b9f16cde916e634c", "BOMRef": "pkg:npm/%40types/mdx@2.0.13" }, "Version": "2.0.13", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "@mdx-js/react@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/ms@2.1.0", "Name": "@types/ms", "Identifier": { "PURL": "pkg:npm/%40types/ms@2.1.0", "UID": "a40403be38c57f22", "BOMRef": "pkg:npm/%40types/ms@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@types/debug@4.1.12" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/node@24.0.10", "Name": "@types/node", "Identifier": { "PURL": "pkg:npm/%40types/node@24.0.10", "UID": "748ddc5fb707537b", "BOMRef": "pkg:npm/%40types/node@24.0.10" }, "Version": "24.0.10", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/pattern@30.0.1", "@jest/types@30.0.1", "jest-mock@30.0.2", "jest-util@30.0.2", "vite@6.4.1", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/parse-json@4.0.2", "Name": "@types/parse-json", "Identifier": { "PURL": "pkg:npm/%40types/parse-json@4.0.2", "UID": "dadd3d8fcd198b39", "BOMRef": "pkg:npm/%40types/parse-json@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "cosmiconfig@7.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/prismjs@1.26.5", "Name": "@types/prismjs", "Identifier": { "PURL": "pkg:npm/%40types/prismjs@1.26.5", "UID": "f9bf5b642cc5e488", "BOMRef": "pkg:npm/%40types/prismjs@1.26.5" }, "Version": "1.26.5", "Licenses": [ "MIT" ], "DependsOn": [ "prism-react-renderer@2.4.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/prop-types@15.7.15", "Name": "@types/prop-types", "Identifier": { "PURL": "pkg:npm/%40types/prop-types@15.7.15", "UID": "548e05c889f53c67", "BOMRef": "pkg:npm/%40types/prop-types@15.7.15" }, "Version": "15.7.15", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@types/react@18.3.23" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/react@18.3.23", "Name": "@types/react", "Identifier": { "PURL": "pkg:npm/%40types/react@18.3.23", "UID": "e027647c337732f", "BOMRef": "pkg:npm/%40types/react@18.3.23" }, "Version": "18.3.23", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/react@2.3.0", "@mui/icons-material@7.2.0", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/private-theming@5.17.1", "@mui/private-theming@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/types@7.2.24", "@mui/types@7.4.4", "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@types/react-dom@18.3.7", "@types/react-transition-group@4.4.12", "mui-chips-input@7.0.1", "react-archer@4.4.0", "zustand@4.5.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/react-dom@18.3.7", "Name": "@types/react-dom", "Identifier": { "PURL": "pkg:npm/%40types/react-dom@18.3.7", "UID": "e3caa851f892e7d9", "BOMRef": "pkg:npm/%40types/react-dom@18.3.7" }, "Version": "18.3.7", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/react@13.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/react-transition-group@4.4.12", "Name": "@types/react-transition-group", "Identifier": { "PURL": "pkg:npm/%40types/react-transition-group@4.4.12", "UID": "c309afac5c9abf94", "BOMRef": "pkg:npm/%40types/react-transition-group@4.4.12" }, "Version": "4.4.12", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/retry@0.12.2", "Name": "@types/retry", "Identifier": { "PURL": "pkg:npm/%40types/retry@0.12.2", "UID": "de21255849c92b0c", "BOMRef": "pkg:npm/%40types/retry@0.12.2" }, "Version": "0.12.2", "Licenses": [ "MIT" ], "DependsOn": [ "p-retry@6.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/stack-utils@2.0.3", "Name": "@types/stack-utils", "Identifier": { "PURL": "pkg:npm/%40types/stack-utils@2.0.3", "UID": "7c954a2f8c376d14", "BOMRef": "pkg:npm/%40types/stack-utils@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "jest-message-util@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/testing-library__jest-dom@5.14.9", "Name": "@types/testing-library__jest-dom", "Identifier": { "PURL": "pkg:npm/%40types/testing-library__jest-dom@5.14.9", "UID": "6c657b66e0911697", "BOMRef": "pkg:npm/%40types/testing-library__jest-dom@5.14.9" }, "Version": "5.14.9", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/unist@2.0.11", "Name": "@types/unist", "Identifier": { "PURL": "pkg:npm/%40types/unist@2.0.11", "UID": "2d7d1101632f4649", "BOMRef": "pkg:npm/%40types/unist@2.0.11" }, "Version": "2.0.11", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "@types/hast@2.3.10", "@types/mdast@3.0.15", "estree-util-visit@1.2.1", "hast-util-to-estree@2.3.3", "mdast-util-definitions@5.1.2", "mdast-util-from-markdown@1.3.1", "mdast-util-mdx-jsx@2.1.4", "mdast-util-to-markdown@1.5.0", "micromark-util-events-to-acorn@1.2.3", "parse-entities@4.0.2", "unified@10.1.2", "unist-util-is@5.2.1", "unist-util-position-from-estree@1.1.2", "unist-util-position@4.0.4", "unist-util-remove-position@4.0.2", "unist-util-stringify-position@3.0.3", "vfile-message@3.1.4", "vfile@5.3.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/unist@3.0.3", "Name": "@types/unist", "Identifier": { "PURL": "pkg:npm/%40types/unist@3.0.3", "UID": "756e4dc7b688a300", "BOMRef": "b8004bda-f3c8-457d-b7ec-405d03815930" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-is@6.0.0", "unist-util-is@6.0.0", "unist-util-visit-parents@6.0.1", "unist-util-visit@5.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/unist@3.0.3", "Name": "@types/unist", "Identifier": { "PURL": "pkg:npm/%40types/unist@3.0.3", "UID": "cf4c1cc8d50f5add", "BOMRef": "53082114-a9bb-4f06-baf2-654237a69668" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/yargs@17.0.33", "Name": "@types/yargs", "Identifier": { "PURL": "pkg:npm/%40types/yargs@17.0.33", "UID": "38d08ac221289fa5", "BOMRef": "pkg:npm/%40types/yargs@17.0.33" }, "Version": "17.0.33", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/types@30.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@types/yargs-parser@21.0.3", "Name": "@types/yargs-parser", "Identifier": { "PURL": "pkg:npm/%40types/yargs-parser@21.0.3", "UID": "50844447b323d780", "BOMRef": "pkg:npm/%40types/yargs-parser@21.0.3" }, "Version": "21.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@types/yargs@17.0.33" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@ungap/structured-clone@1.3.0", "Name": "@ungap/structured-clone", "Identifier": { "PURL": "pkg:npm/%40ungap/structured-clone@1.3.0", "UID": "8ee6ee9e90aa66bc", "BOMRef": "pkg:npm/%40ungap/structured-clone@1.3.0" }, "Version": "1.3.0", "Licenses": [ "ISC" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/companion-client@4.4.2", "Name": "@uppy/companion-client", "Identifier": { "PURL": "pkg:npm/%40uppy/companion-client@4.4.2", "UID": "3878cd009f01ec8f", "BOMRef": "pkg:npm/%40uppy/companion-client@4.4.2" }, "Version": "4.4.2", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/xhr-upload@4.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/components@0.2.0", "Name": "@uppy/components", "Identifier": { "PURL": "pkg:npm/%40uppy/components@0.2.0", "UID": "cdb04ba5d9e104d3", "BOMRef": "pkg:npm/%40uppy/components@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/react@4.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/core@4.4.7", "Name": "@uppy/core", "Identifier": { "PURL": "pkg:npm/%40uppy/core@4.4.7", "UID": "e52c955cf97da0b2", "BOMRef": "pkg:npm/%40uppy/core@4.4.7" }, "Version": "4.4.7", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/companion-client@4.4.2", "@uppy/components@0.2.0", "@uppy/dashboard@4.3.4", "@uppy/drag-drop@4.1.3", "@uppy/informer@4.2.1", "@uppy/progress-bar@4.2.1", "@uppy/provider-views@4.4.5", "@uppy/react@4.4.0", "@uppy/status-bar@4.1.3", "@uppy/thumbnail-generator@4.1.1", "@uppy/xhr-upload@4.3.3", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/dashboard@4.3.4", "Name": "@uppy/dashboard", "Identifier": { "PURL": "pkg:npm/%40uppy/dashboard@4.3.4", "UID": "bf00ce82f061f1e0", "BOMRef": "pkg:npm/%40uppy/dashboard@4.3.4" }, "Version": "4.3.4", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/react@4.4.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/drag-drop@4.1.3", "Name": "@uppy/drag-drop", "Identifier": { "PURL": "pkg:npm/%40uppy/drag-drop@4.1.3", "UID": "314c4087e50ce311", "BOMRef": "pkg:npm/%40uppy/drag-drop@4.1.3" }, "Version": "4.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/react@4.4.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/informer@4.2.1", "Name": "@uppy/informer", "Identifier": { "PURL": "pkg:npm/%40uppy/informer@4.2.1", "UID": "4e2248e9cff96a91", "BOMRef": "pkg:npm/%40uppy/informer@4.2.1" }, "Version": "4.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/progress-bar@4.2.1", "Name": "@uppy/progress-bar", "Identifier": { "PURL": "pkg:npm/%40uppy/progress-bar@4.2.1", "UID": "94627e3b08eba825", "BOMRef": "pkg:npm/%40uppy/progress-bar@4.2.1" }, "Version": "4.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/react@4.4.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/provider-views@4.4.5", "Name": "@uppy/provider-views", "Identifier": { "PURL": "pkg:npm/%40uppy/provider-views@4.4.5", "UID": "2248a104d63b4b2a", "BOMRef": "pkg:npm/%40uppy/provider-views@4.4.5" }, "Version": "4.4.5", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/react@4.4.0", "Name": "@uppy/react", "Identifier": { "PURL": "pkg:npm/%40uppy/react@4.4.0", "UID": "568096a42116116c", "BOMRef": "pkg:npm/%40uppy/react@4.4.0" }, "Version": "4.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/status-bar@4.1.3", "Name": "@uppy/status-bar", "Identifier": { "PURL": "pkg:npm/%40uppy/status-bar@4.1.3", "UID": "310233ccdc909777", "BOMRef": "pkg:npm/%40uppy/status-bar@4.1.3" }, "Version": "4.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4", "@uppy/react@4.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/store-default@4.2.0", "Name": "@uppy/store-default", "Identifier": { "PURL": "pkg:npm/%40uppy/store-default@4.2.0", "UID": "a6fa80d1acb4b03b", "BOMRef": "pkg:npm/%40uppy/store-default@4.2.0" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/core@4.4.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/thumbnail-generator@4.1.1", "Name": "@uppy/thumbnail-generator", "Identifier": { "PURL": "pkg:npm/%40uppy/thumbnail-generator@4.1.1", "UID": "c87780a915c9c1e4", "BOMRef": "pkg:npm/%40uppy/thumbnail-generator@4.1.1" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/utils@6.1.5", "Name": "@uppy/utils", "Identifier": { "PURL": "pkg:npm/%40uppy/utils@6.1.5", "UID": "6bfeb3455bc39e60", "BOMRef": "pkg:npm/%40uppy/utils@6.1.5" }, "Version": "6.1.5", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/companion-client@4.4.2", "@uppy/core@4.4.7", "@uppy/dashboard@4.3.4", "@uppy/drag-drop@4.1.3", "@uppy/informer@4.2.1", "@uppy/progress-bar@4.2.1", "@uppy/provider-views@4.4.5", "@uppy/react@4.4.0", "@uppy/status-bar@4.1.3", "@uppy/thumbnail-generator@4.1.1", "@uppy/xhr-upload@4.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@uppy/xhr-upload@4.3.3", "Name": "@uppy/xhr-upload", "Identifier": { "PURL": "pkg:npm/%40uppy/xhr-upload@4.3.3", "UID": "46e45264c79d4c4b", "BOMRef": "pkg:npm/%40uppy/xhr-upload@4.3.3" }, "Version": "4.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@vitejs/plugin-react@4.6.0", "Name": "@vitejs/plugin-react", "Identifier": { "PURL": "pkg:npm/%40vitejs/plugin-react@4.6.0", "UID": "6757ce35abc11c2a", "BOMRef": "pkg:npm/%40vitejs/plugin-react@4.6.0" }, "Version": "4.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@vitest/expect@3.2.4", "Name": "@vitest/expect", "Identifier": { "PURL": "pkg:npm/%40vitest/expect@3.2.4", "UID": "95004f4e4d480564", "BOMRef": "pkg:npm/%40vitest/expect@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@vitest/mocker@3.2.4", "Name": "@vitest/mocker", "Identifier": { "PURL": "pkg:npm/%40vitest/mocker@3.2.4", "UID": "d64f2448a7ee4e5f", "BOMRef": "pkg:npm/%40vitest/mocker@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@vitest/pretty-format@3.2.4", "Name": "@vitest/pretty-format", "Identifier": { "PURL": "pkg:npm/%40vitest/pretty-format@3.2.4", "UID": "b105442381f9bb7", "BOMRef": "pkg:npm/%40vitest/pretty-format@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/snapshot@3.2.4", "@vitest/utils@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@vitest/runner@3.2.4", "Name": "@vitest/runner", "Identifier": { "PURL": "pkg:npm/%40vitest/runner@3.2.4", "UID": "a850d6160e698729", "BOMRef": "pkg:npm/%40vitest/runner@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@vitest/snapshot@3.2.4", "Name": "@vitest/snapshot", "Identifier": { "PURL": "pkg:npm/%40vitest/snapshot@3.2.4", "UID": "17b491f6ea730939", "BOMRef": "pkg:npm/%40vitest/snapshot@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@vitest/spy@3.2.4", "Name": "@vitest/spy", "Identifier": { "PURL": "pkg:npm/%40vitest/spy@3.2.4", "UID": "8f3073c9cf9fbe18", "BOMRef": "pkg:npm/%40vitest/spy@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/expect@3.2.4", "@vitest/mocker@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@vitest/utils@3.2.4", "Name": "@vitest/utils", "Identifier": { "PURL": "pkg:npm/%40vitest/utils@3.2.4", "UID": "8ee1e5d8c549af7e", "BOMRef": "pkg:npm/%40vitest/utils@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/expect@3.2.4", "@vitest/runner@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "@webcam/core@1.0.1", "Name": "@webcam/core", "Identifier": { "PURL": "pkg:npm/%40webcam/core@1.0.1", "UID": "9d3d2f4ed19ad37e", "BOMRef": "pkg:npm/%40webcam/core@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/components@0.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "abab@2.0.6", "Name": "abab", "Identifier": { "PURL": "pkg:npm/abab@2.0.6", "UID": "5f51f7c0ede9e404", "BOMRef": "pkg:npm/abab@2.0.6" }, "Version": "2.0.6", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "data-urls@4.0.0", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "accessor-fn@1.5.3", "Name": "accessor-fn", "Identifier": { "PURL": "pkg:npm/accessor-fn@1.5.3", "UID": "c90e1e4c025ab090", "BOMRef": "pkg:npm/accessor-fn@1.5.3" }, "Version": "1.5.3", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "acorn@8.15.0", "Name": "acorn", "Identifier": { "PURL": "pkg:npm/acorn@8.15.0", "UID": "e302af11a87f9639", "BOMRef": "pkg:npm/acorn@8.15.0" }, "Version": "8.15.0", "Licenses": [ "MIT" ], "DependsOn": [ "acorn-jsx@5.3.2", "espree@9.6.1", "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "acorn-jsx@5.3.2", "Name": "acorn-jsx", "Identifier": { "PURL": "pkg:npm/acorn-jsx@5.3.2", "UID": "86e7f304ae5cab43", "BOMRef": "pkg:npm/acorn-jsx@5.3.2" }, "Version": "5.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "espree@9.6.1", "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "agent-base@6.0.2", "Name": "agent-base", "Identifier": { "PURL": "pkg:npm/agent-base@6.0.2", "UID": "97b60eb8de8e83d5", "BOMRef": "pkg:npm/agent-base@6.0.2" }, "Version": "6.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "http-proxy-agent@5.0.0", "https-proxy-agent@5.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ajv@6.12.6", "Name": "ajv", "Identifier": { "PURL": "pkg:npm/ajv@6.12.6", "UID": "ed8f7750a11df86f", "BOMRef": "pkg:npm/ajv@6.12.6" }, "Version": "6.12.6", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ansi-regex@5.0.1", "Name": "ansi-regex", "Identifier": { "PURL": "pkg:npm/ansi-regex@5.0.1", "UID": "affe136f557e4baf", "BOMRef": "pkg:npm/ansi-regex@5.0.1" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "pretty-format@27.5.1", "strip-ansi@6.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ansi-styles@4.3.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@4.3.0", "UID": "135d58898726aca9", "BOMRef": "pkg:npm/ansi-styles@4.3.0" }, "Version": "4.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "chalk@3.0.0", "chalk@4.1.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ansi-styles@5.2.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@5.2.0", "UID": "a891ae5688b74d48", "BOMRef": "acd520b7-463d-4938-a07c-33453ba233b5" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ansi-styles@5.2.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@5.2.0", "UID": "f558c789dc1faf77", "BOMRef": "772672a3-106c-4149-b87a-5a1bc32b151c" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ansi-styles@5.2.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@5.2.0", "UID": "7dc1c157a6675bfc", "BOMRef": "27f9b37d-e9d9-464a-909b-fd0b8c715916" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@27.5.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ansi-styles@5.2.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@5.2.0", "UID": "83bdc6cbda3919d3", "BOMRef": "32d11827-7a50-4bdd-80e1-15da5d5362cf" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ansi-styles@5.2.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@5.2.0", "UID": "6b661e04d89567e8", "BOMRef": "df16f359-855c-4e68-b2f0-563e333d02a6" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "argparse@2.0.1", "Name": "argparse", "Identifier": { "PURL": "pkg:npm/argparse@2.0.1", "UID": "547778ed2800a6f2", "BOMRef": "pkg:npm/argparse@2.0.1" }, "Version": "2.0.1", "Licenses": [ "Python-2.0" ], "DependsOn": [ "js-yaml@4.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "aria-query@5.1.3", "Name": "aria-query", "Identifier": { "PURL": "pkg:npm/aria-query@5.1.3", "UID": "fd6e68b5a505a226", "BOMRef": "pkg:npm/aria-query@5.1.3" }, "Version": "5.1.3", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@testing-library/dom@8.20.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "aria-query@5.3.0", "Name": "aria-query", "Identifier": { "PURL": "pkg:npm/aria-query@5.3.0", "UID": "f4097b4c8190ef4e", "BOMRef": "pkg:npm/aria-query@5.3.0" }, "Version": "5.3.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@testing-library/dom@10.4.0", "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "array-buffer-byte-length@1.0.2", "Name": "array-buffer-byte-length", "Identifier": { "PURL": "pkg:npm/array-buffer-byte-length@1.0.2", "UID": "9fdb7a473f4ed59c", "BOMRef": "pkg:npm/array-buffer-byte-length@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "arraybuffer.prototype.slice@1.0.4", "deep-equal@2.2.3", "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "array-includes@3.1.9", "Name": "array-includes", "Identifier": { "PURL": "pkg:npm/array-includes@3.1.9", "UID": "6f9b3919618d798d", "BOMRef": "pkg:npm/array-includes@3.1.9" }, "Version": "3.1.9", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5", "jsx-ast-utils@3.3.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "array.prototype.findlast@1.2.5", "Name": "array.prototype.findlast", "Identifier": { "PURL": "pkg:npm/array.prototype.findlast@1.2.5", "UID": "826a417c17ced113", "BOMRef": "pkg:npm/array.prototype.findlast@1.2.5" }, "Version": "1.2.5", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "array.prototype.flat@1.3.3", "Name": "array.prototype.flat", "Identifier": { "PURL": "pkg:npm/array.prototype.flat@1.3.3", "UID": "8e553ed4dfd04a99", "BOMRef": "pkg:npm/array.prototype.flat@1.3.3" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "jsx-ast-utils@3.3.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "array.prototype.flatmap@1.3.3", "Name": "array.prototype.flatmap", "Identifier": { "PURL": "pkg:npm/array.prototype.flatmap@1.3.3", "UID": "3eb6c5a784d6cd57", "BOMRef": "pkg:npm/array.prototype.flatmap@1.3.3" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "array.prototype.tosorted@1.1.4", "Name": "array.prototype.tosorted", "Identifier": { "PURL": "pkg:npm/array.prototype.tosorted@1.1.4", "UID": "5a36ef68038be980", "BOMRef": "pkg:npm/array.prototype.tosorted@1.1.4" }, "Version": "1.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "arraybuffer.prototype.slice@1.0.4", "Name": "arraybuffer.prototype.slice", "Identifier": { "PURL": "pkg:npm/arraybuffer.prototype.slice@1.0.4", "UID": "408da4d36a27cddc", "BOMRef": "pkg:npm/arraybuffer.prototype.slice@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "assertion-error@2.0.1", "Name": "assertion-error", "Identifier": { "PURL": "pkg:npm/assertion-error@2.0.1", "UID": "e61956cfe152743a", "BOMRef": "pkg:npm/assertion-error@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "chai@5.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "astring@1.9.0", "Name": "astring", "Identifier": { "PURL": "pkg:npm/astring@1.9.0", "UID": "cc4e6e69339ac774", "BOMRef": "pkg:npm/astring@1.9.0" }, "Version": "1.9.0", "Licenses": [ "MIT" ], "DependsOn": [ "estree-util-to-js@1.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "async-function@1.0.0", "Name": "async-function", "Identifier": { "PURL": "pkg:npm/async-function@1.0.0", "UID": "d5227fa9c7e216f2", "BOMRef": "pkg:npm/async-function@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "is-async-function@2.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "asynckit@0.4.0", "Name": "asynckit", "Identifier": { "PURL": "pkg:npm/asynckit@0.4.0", "UID": "b8dc8efcaf9be7f9", "BOMRef": "pkg:npm/asynckit@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "form-data@4.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "autocomplete-openapi@0.1.6", "Name": "autocomplete-openapi", "Identifier": { "PURL": "pkg:npm/autocomplete-openapi@0.1.6", "UID": "a595ed6eab0c610a", "BOMRef": "pkg:npm/autocomplete-openapi@0.1.6" }, "Version": "0.1.6", "Licenses": [ "ISC" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "available-typed-arrays@1.0.7", "Name": "available-typed-arrays", "Identifier": { "PURL": "pkg:npm/available-typed-arrays@1.0.7", "UID": "fb6df3b8b8ad6626", "BOMRef": "pkg:npm/available-typed-arrays@1.0.7" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "typed-array-byte-offset@1.0.4", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "axios@1.12.2", "Name": "axios", "Identifier": { "PURL": "pkg:npm/axios@1.12.2", "UID": "fc88be7b114d5ef8", "BOMRef": "pkg:npm/axios@1.12.2" }, "Version": "1.12.2", "Licenses": [ "MIT" ], "DependsOn": [ "openapi-client-axios@7.6.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "babel-plugin-macros@3.1.0", "Name": "babel-plugin-macros", "Identifier": { "PURL": "pkg:npm/babel-plugin-macros@3.1.0", "UID": "2fe85eee0be05745", "BOMRef": "pkg:npm/babel-plugin-macros@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "bail@2.0.2", "Name": "bail", "Identifier": { "PURL": "pkg:npm/bail@2.0.2", "UID": "44043148fb709de6", "BOMRef": "pkg:npm/bail@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "unified@10.1.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "balanced-match@1.0.2", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@1.0.2", "UID": "85c58ff2c1d4ce38", "BOMRef": "pkg:npm/balanced-match@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "brace-expansion@1.1.12" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "bath-es5@3.0.3", "Name": "bath-es5", "Identifier": { "PURL": "pkg:npm/bath-es5@3.0.3", "UID": "3a553b259e7d1280", "BOMRef": "pkg:npm/bath-es5@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "openapi-client-axios@7.6.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "bezier-js@6.1.4", "Name": "bezier-js", "Identifier": { "PURL": "pkg:npm/bezier-js@6.1.4", "UID": "7fd181fe33e181a5", "BOMRef": "pkg:npm/bezier-js@6.1.4" }, "Version": "6.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "brace-expansion@1.1.12", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@1.1.12", "UID": "ec9c7bb86c43f766", "BOMRef": "pkg:npm/brace-expansion@1.1.12" }, "Version": "1.1.12", "Licenses": [ "MIT" ], "DependsOn": [ "minimatch@3.1.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "braces@3.0.3", "Name": "braces", "Identifier": { "PURL": "pkg:npm/braces@3.0.3", "UID": "f11c80632266b684", "BOMRef": "pkg:npm/braces@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "micromatch@4.0.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "browserslist@4.25.1", "Name": "browserslist", "Identifier": { "PURL": "pkg:npm/browserslist@4.25.1", "UID": "1debbe93fc6aa08e", "BOMRef": "pkg:npm/browserslist@4.25.1" }, "Version": "4.25.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/helper-compilation-targets@7.27.2", "update-browserslist-db@1.1.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "cac@6.7.14", "Name": "cac", "Identifier": { "PURL": "pkg:npm/cac@6.7.14", "UID": "f301c2bcddb8bcb1", "BOMRef": "pkg:npm/cac@6.7.14" }, "Version": "6.7.14", "Licenses": [ "MIT" ], "DependsOn": [ "vite-node@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "call-bind@1.0.8", "Name": "call-bind", "Identifier": { "PURL": "pkg:npm/call-bind@1.0.8", "UID": "ca5efe7a4802792e", "BOMRef": "pkg:npm/call-bind@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "array.prototype.findlast@1.2.5", "array.prototype.flat@1.3.3", "array.prototype.flatmap@1.3.3", "array.prototype.tosorted@1.1.4", "arraybuffer.prototype.slice@1.0.4", "deep-equal@2.2.3", "es-abstract@1.24.0", "es-get-iterator@1.1.3", "es-iterator-helpers@1.2.1", "function.prototype.name@1.1.8", "is-array-buffer@3.0.5", "object-is@1.1.6", "object.assign@4.1.7", "object.entries@1.1.9", "object.fromentries@2.0.8", "object.values@1.2.1", "reflect.getprototypeof@1.0.10", "regexp.prototype.flags@1.5.4", "safe-array-concat@1.1.3", "string.prototype.matchall@4.0.12", "string.prototype.trim@1.2.10", "string.prototype.trimend@1.0.9", "string.prototype.trimstart@1.0.8", "typed-array-byte-length@1.0.3", "typed-array-byte-offset@1.0.4", "typed-array-length@1.0.7", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "call-bind-apply-helpers@1.0.2", "Name": "call-bind-apply-helpers", "Identifier": { "PURL": "pkg:npm/call-bind-apply-helpers@1.0.2", "UID": "3323e4aa5eb5811", "BOMRef": "pkg:npm/call-bind-apply-helpers@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "call-bind@1.0.8", "call-bound@1.0.4", "dunder-proto@1.0.1", "get-intrinsic@1.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "call-bound@1.0.4", "Name": "call-bound", "Identifier": { "PURL": "pkg:npm/call-bound@1.0.4", "UID": "52818f30e8ff1572", "BOMRef": "pkg:npm/call-bound@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "array-buffer-byte-length@1.0.2", "array-includes@3.1.9", "data-view-buffer@1.0.2", "data-view-byte-length@1.0.2", "data-view-byte-offset@1.0.1", "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "function.prototype.name@1.1.8", "get-symbol-description@1.1.0", "is-arguments@1.2.0", "is-array-buffer@3.0.5", "is-async-function@2.1.1", "is-boolean-object@1.2.2", "is-data-view@1.0.2", "is-date-object@1.1.0", "is-finalizationregistry@1.1.1", "is-generator-function@1.1.0", "is-number-object@1.1.1", "is-regex@1.2.1", "is-shared-array-buffer@1.0.4", "is-string@1.1.1", "is-symbol@1.1.1", "is-weakref@1.1.1", "is-weakset@2.0.4", "object.assign@4.1.7", "object.entries@1.1.9", "object.values@1.2.1", "safe-array-concat@1.1.3", "safe-regex-test@1.1.0", "side-channel-map@1.0.1", "side-channel-weakmap@1.0.2", "string.prototype.matchall@4.0.12", "string.prototype.trim@1.2.10", "string.prototype.trimend@1.0.9", "typed-array-buffer@1.0.3", "unbox-primitive@1.1.0", "which-builtin-type@1.2.1", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "callsites@3.1.0", "Name": "callsites", "Identifier": { "PURL": "pkg:npm/callsites@3.1.0", "UID": "f9bd5fb37f0a32c7", "BOMRef": "pkg:npm/callsites@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "parent-module@1.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "camelcase@6.3.0", "Name": "camelcase", "Identifier": { "PURL": "pkg:npm/camelcase@6.3.0", "UID": "5dfdcc30f17f1b6b", "BOMRef": "pkg:npm/camelcase@6.3.0" }, "Version": "6.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/core@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "caniuse-lite@1.0.30001726", "Name": "caniuse-lite", "Identifier": { "PURL": "pkg:npm/caniuse-lite@1.0.30001726", "UID": "faff3bae775e30ab", "BOMRef": "pkg:npm/caniuse-lite@1.0.30001726" }, "Version": "1.0.30001726", "Licenses": [ "CC-BY-4.0" ], "DependsOn": [ "browserslist@4.25.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "canvas-color-tracker@1.3.2", "Name": "canvas-color-tracker", "Identifier": { "PURL": "pkg:npm/canvas-color-tracker@1.3.2", "UID": "2547ccace2cbdfda", "BOMRef": "pkg:npm/canvas-color-tracker@1.3.2" }, "Version": "1.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ccount@2.0.1", "Name": "ccount", "Identifier": { "PURL": "pkg:npm/ccount@2.0.1", "UID": "10f474c3fe3c35b", "BOMRef": "pkg:npm/ccount@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-jsx@2.1.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "chai@5.2.0", "Name": "chai", "Identifier": { "PURL": "pkg:npm/chai@5.2.0", "UID": "2cf5dcfa5be4f1fd", "BOMRef": "pkg:npm/chai@5.2.0" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/expect@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "chalk@3.0.0", "Name": "chalk", "Identifier": { "PURL": "pkg:npm/chalk@3.0.0", "UID": "a32a1b83380929bd", "BOMRef": "pkg:npm/chalk@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "chalk@4.1.2", "Name": "chalk", "Identifier": { "PURL": "pkg:npm/chalk@4.1.2", "UID": "4223662cf1659586", "BOMRef": "pkg:npm/chalk@4.1.2" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/types@30.0.1", "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1", "eslint@8.57.1", "jest-diff@30.0.4", "jest-matcher-utils@30.0.4", "jest-message-util@30.0.2", "jest-util@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "character-entities@2.0.2", "Name": "character-entities", "Identifier": { "PURL": "pkg:npm/character-entities@2.0.2", "UID": "5f5d59c104091586", "BOMRef": "pkg:npm/character-entities@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "decode-named-character-reference@1.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "character-entities-html4@2.1.0", "Name": "character-entities-html4", "Identifier": { "PURL": "pkg:npm/character-entities-html4@2.1.0", "UID": "3387d02df870eeba", "BOMRef": "pkg:npm/character-entities-html4@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "stringify-entities@4.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "character-entities-legacy@3.0.0", "Name": "character-entities-legacy", "Identifier": { "PURL": "pkg:npm/character-entities-legacy@3.0.0", "UID": "36726f25f57de72d", "BOMRef": "pkg:npm/character-entities-legacy@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "parse-entities@4.0.2", "stringify-entities@4.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "character-reference-invalid@2.0.1", "Name": "character-reference-invalid", "Identifier": { "PURL": "pkg:npm/character-reference-invalid@2.0.1", "UID": "a51ef8a995f8af8", "BOMRef": "pkg:npm/character-reference-invalid@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "parse-entities@4.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "chart.js@4.5.0", "Name": "chart.js", "Identifier": { "PURL": "pkg:npm/chart.js@4.5.0", "UID": "ff7fb12a6215a2b2", "BOMRef": "pkg:npm/chart.js@4.5.0" }, "Version": "4.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "check-error@2.1.1", "Name": "check-error", "Identifier": { "PURL": "pkg:npm/check-error@2.1.1", "UID": "5c8531d730eb0b0c", "BOMRef": "pkg:npm/check-error@2.1.1" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "chai@5.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "91ee69266a29ad73", "BOMRef": "pkg:npm/chownr@3.0.0" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "DependsOn": [ "tar@7.4.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "chroma-js@2.6.0", "Name": "chroma-js", "Identifier": { "PURL": "pkg:npm/chroma-js@2.6.0", "UID": "91942a89f966e2c", "BOMRef": "pkg:npm/chroma-js@2.6.0" }, "Version": "2.6.0", "Licenses": [ "BSD-3-Clause AND Apache-2.0" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ci-info@4.2.0", "Name": "ci-info", "Identifier": { "PURL": "pkg:npm/ci-info@4.2.0", "UID": "637d16129f7b96b", "BOMRef": "pkg:npm/ci-info@4.2.0" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "jest-util@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "classnames@2.5.1", "Name": "classnames", "Identifier": { "PURL": "pkg:npm/classnames@2.5.1", "UID": "23b5a715b86a6c81", "BOMRef": "pkg:npm/classnames@2.5.1" }, "Version": "2.5.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4", "@uppy/provider-views@4.4.5", "@uppy/status-bar@4.1.3", "react-diff-viewer-continued@3.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "clsx@1.2.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@1.2.1", "UID": "5f7536a60fd87684", "BOMRef": "e1ec8caa-26c1-46a1-b196-490a17d7f81d" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "clsx@1.2.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@1.2.1", "UID": "447af647a32282d7", "BOMRef": "5200b87c-1fe8-47b5-811a-d8af0c69dd61" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "@textea/json-viewer@2.17.2", "notistack@3.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "clsx@2.1.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@2.1.1", "UID": "b67f9cf5a2b8541f", "BOMRef": "6844cdcf-a93e-43e9-9c34-4acae7e825af" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "clsx@2.1.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@2.1.1", "UID": "d1aad4628f370c62", "BOMRef": "3321b711-642e-437a-937a-4dd8112e1526" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "clsx@2.1.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@2.1.1", "UID": "d00a217f26df1be5", "BOMRef": "e6560e47-37a9-4fe2-94cd-844eeca53d00" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "clsx@2.1.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@2.1.1", "UID": "fce8e762db0f5ab0", "BOMRef": "c7635c2f-9b5b-45a9-94c7-0f2efa98adff" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@mui/x-data-grid@7.29.8", "@uppy/components@0.2.0", "prism-react-renderer@2.4.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "color-convert@2.0.1", "Name": "color-convert", "Identifier": { "PURL": "pkg:npm/color-convert@2.0.1", "UID": "a4aa9ac09d9a4c60", "BOMRef": "pkg:npm/color-convert@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "ansi-styles@4.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "color-name@1.1.4", "Name": "color-name", "Identifier": { "PURL": "pkg:npm/color-name@1.1.4", "UID": "f3f5598665f242a6", "BOMRef": "pkg:npm/color-name@1.1.4" }, "Version": "1.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "color-convert@2.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "combined-stream@1.0.8", "Name": "combined-stream", "Identifier": { "PURL": "pkg:npm/combined-stream@1.0.8", "UID": "bc008cac39c7c0b1", "BOMRef": "pkg:npm/combined-stream@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "form-data@4.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "comma-separated-tokens@2.0.3", "Name": "comma-separated-tokens", "Identifier": { "PURL": "pkg:npm/comma-separated-tokens@2.0.3", "UID": "f657ae3eac24064e", "BOMRef": "pkg:npm/comma-separated-tokens@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "concat-map@0.0.1", "Name": "concat-map", "Identifier": { "PURL": "pkg:npm/concat-map@0.0.1", "UID": "db8151de093a4743", "BOMRef": "pkg:npm/concat-map@0.0.1" }, "Version": "0.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "brace-expansion@1.1.12" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "convert-source-map@1.9.0", "Name": "convert-source-map", "Identifier": { "PURL": "pkg:npm/convert-source-map@1.9.0", "UID": "44e06147e3e59333", "BOMRef": "pkg:npm/convert-source-map@1.9.0" }, "Version": "1.9.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "convert-source-map@2.0.0", "Name": "convert-source-map", "Identifier": { "PURL": "pkg:npm/convert-source-map@2.0.0", "UID": "187ab9ac4e4e0fb8", "BOMRef": "pkg:npm/convert-source-map@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "copy-to-clipboard@3.3.3", "Name": "copy-to-clipboard", "Identifier": { "PURL": "pkg:npm/copy-to-clipboard@3.3.3", "UID": "d1a85eb0691fab96", "BOMRef": "pkg:npm/copy-to-clipboard@3.3.3" }, "Version": "3.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "@textea/json-viewer@2.17.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "cosmiconfig@7.1.0", "Name": "cosmiconfig", "Identifier": { "PURL": "pkg:npm/cosmiconfig@7.1.0", "UID": "e05ba8171f9a6ff1", "BOMRef": "pkg:npm/cosmiconfig@7.1.0" }, "Version": "7.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "babel-plugin-macros@3.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "cosmiconfig@8.3.6", "Name": "cosmiconfig", "Identifier": { "PURL": "pkg:npm/cosmiconfig@8.3.6", "UID": "51ed1b0335489de0", "BOMRef": "pkg:npm/cosmiconfig@8.3.6" }, "Version": "8.3.6", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/core@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "create-collection-form@0.0.0", "Name": "create-collection-form", "Identifier": { "PURL": "pkg:npm/create-collection-form@0.0.0?vcs_url=git+ssh%3A%2F%2Fgit%40github.com%2Fqdrant%2Fcreate-collection-form.git#a3f1e13059f334bf0c9eb2514fcd26bd01cfc59b", "UID": "1c278b336657aa4f", "BOMRef": "pkg:npm/create-collection-form@0.0.0?vcs_url=git+ssh%3A%2F%2Fgit%40github.com%2Fqdrant%2Fcreate-collection-form.git#a3f1e13059f334bf0c9eb2514fcd26bd01cfc59b" }, "Version": "0.0.0", "Licenses": [ "NOASSERTION" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "4dc0424b791a9cd0", "BOMRef": "pkg:npm/cross-spawn@7.0.6" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "css.escape@1.5.1", "Name": "css.escape", "Identifier": { "PURL": "pkg:npm/css.escape@1.5.1", "UID": "ca713f799fdc2ebc", "BOMRef": "pkg:npm/css.escape@1.5.1" }, "Version": "1.5.1", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "cssstyle@3.0.0", "Name": "cssstyle", "Identifier": { "PURL": "pkg:npm/cssstyle@3.0.0", "UID": "b9ff27adb9c783a6", "BOMRef": "pkg:npm/cssstyle@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "csstype@3.1.3", "Name": "csstype", "Identifier": { "PURL": "pkg:npm/csstype@3.1.3", "UID": "d328a0db32e541dd", "BOMRef": "pkg:npm/csstype@3.1.3" }, "Version": "3.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/serialize@1.3.3", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@types/react@18.3.23", "dom-helpers@5.2.1", "goober@2.1.16" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-array@3.2.4", "Name": "d3-array", "Identifier": { "PURL": "pkg:npm/d3-array@3.2.4", "UID": "3eb307e2e7ca44e2", "BOMRef": "pkg:npm/d3-array@3.2.4" }, "Version": "3.2.4", "Licenses": [ "ISC" ], "DependsOn": [ "d3-scale@4.0.2", "d3-time@3.1.0", "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-binarytree@1.0.2", "Name": "d3-binarytree", "Identifier": { "PURL": "pkg:npm/d3-binarytree@1.0.2", "UID": "9d3fe6e143cdb7d9", "BOMRef": "pkg:npm/d3-binarytree@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "d3-force-3d@3.0.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-color@3.1.0", "Name": "d3-color", "Identifier": { "PURL": "pkg:npm/d3-color@3.1.0", "UID": "99ab75ed660355d", "BOMRef": "pkg:npm/d3-color@3.1.0" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-interpolate@3.0.1", "d3-scale-chromatic@3.1.0", "d3-transition@3.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-dispatch@3.0.1", "Name": "d3-dispatch", "Identifier": { "PURL": "pkg:npm/d3-dispatch@3.0.1", "UID": "5afb4376fee0caac", "BOMRef": "pkg:npm/d3-dispatch@3.0.1" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "d3-drag@3.0.0", "d3-force-3d@3.0.6", "d3-transition@3.0.1", "d3-zoom@3.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-drag@3.0.0", "Name": "d3-drag", "Identifier": { "PURL": "pkg:npm/d3-drag@3.0.0", "UID": "22a0fee79e13b254", "BOMRef": "pkg:npm/d3-drag@3.0.0" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-zoom@3.0.0", "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-ease@3.0.1", "Name": "d3-ease", "Identifier": { "PURL": "pkg:npm/d3-ease@3.0.1", "UID": "563fd72f09cbd580", "BOMRef": "pkg:npm/d3-ease@3.0.1" }, "Version": "3.0.1", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "d3-transition@3.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-force-3d@3.0.6", "Name": "d3-force-3d", "Identifier": { "PURL": "pkg:npm/d3-force-3d@3.0.6", "UID": "4e38555eb2b27a35", "BOMRef": "pkg:npm/d3-force-3d@3.0.6" }, "Version": "3.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-format@3.1.0", "Name": "d3-format", "Identifier": { "PURL": "pkg:npm/d3-format@3.1.0", "UID": "5bff913cf014a607", "BOMRef": "pkg:npm/d3-format@3.1.0" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-scale@4.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-interpolate@3.0.1", "Name": "d3-interpolate", "Identifier": { "PURL": "pkg:npm/d3-interpolate@3.0.1", "UID": "5eeb02f123981764", "BOMRef": "pkg:npm/d3-interpolate@3.0.1" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "d3-scale-chromatic@3.1.0", "d3-scale@4.0.2", "d3-transition@3.0.1", "d3-zoom@3.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-octree@1.1.0", "Name": "d3-octree", "Identifier": { "PURL": "pkg:npm/d3-octree@1.1.0", "UID": "934622ce719fae4c", "BOMRef": "pkg:npm/d3-octree@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "d3-force-3d@3.0.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-quadtree@3.0.1", "Name": "d3-quadtree", "Identifier": { "PURL": "pkg:npm/d3-quadtree@3.0.1", "UID": "648d44530a5c3e2d", "BOMRef": "pkg:npm/d3-quadtree@3.0.1" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "d3-force-3d@3.0.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-scale@4.0.2", "Name": "d3-scale", "Identifier": { "PURL": "pkg:npm/d3-scale@4.0.2", "UID": "c73acf9f1eaa20de", "BOMRef": "pkg:npm/d3-scale@4.0.2" }, "Version": "4.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-scale-chromatic@3.1.0", "Name": "d3-scale-chromatic", "Identifier": { "PURL": "pkg:npm/d3-scale-chromatic@3.1.0", "UID": "282cb4e8bcd7d4d8", "BOMRef": "pkg:npm/d3-scale-chromatic@3.1.0" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-selection@3.0.0", "Name": "d3-selection", "Identifier": { "PURL": "pkg:npm/d3-selection@3.0.0", "UID": "dcabc11b79a1c375", "BOMRef": "pkg:npm/d3-selection@3.0.0" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-drag@3.0.0", "d3-transition@3.0.1", "d3-zoom@3.0.0", "float-tooltip@1.7.5", "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-time@3.1.0", "Name": "d3-time", "Identifier": { "PURL": "pkg:npm/d3-time@3.1.0", "UID": "99d48cd511e300d6", "BOMRef": "pkg:npm/d3-time@3.1.0" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-scale@4.0.2", "d3-time-format@4.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-time-format@4.1.0", "Name": "d3-time-format", "Identifier": { "PURL": "pkg:npm/d3-time-format@4.1.0", "UID": "9a752f379d549288", "BOMRef": "pkg:npm/d3-time-format@4.1.0" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "DependsOn": [ "d3-scale@4.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-timer@3.0.1", "Name": "d3-timer", "Identifier": { "PURL": "pkg:npm/d3-timer@3.0.1", "UID": "ebf9ce2812749251", "BOMRef": "pkg:npm/d3-timer@3.0.1" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "d3-force-3d@3.0.6", "d3-transition@3.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-transition@3.0.1", "Name": "d3-transition", "Identifier": { "PURL": "pkg:npm/d3-transition@3.0.1", "UID": "b56d2162c039d529", "BOMRef": "pkg:npm/d3-transition@3.0.1" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "DependsOn": [ "d3-zoom@3.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "d3-zoom@3.0.0", "Name": "d3-zoom", "Identifier": { "PURL": "pkg:npm/d3-zoom@3.0.0", "UID": "d78334538f10b317", "BOMRef": "pkg:npm/d3-zoom@3.0.0" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "data-urls@4.0.0", "Name": "data-urls", "Identifier": { "PURL": "pkg:npm/data-urls@4.0.0", "UID": "95aca8f8e3dbc001", "BOMRef": "pkg:npm/data-urls@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "data-view-buffer@1.0.2", "Name": "data-view-buffer", "Identifier": { "PURL": "pkg:npm/data-view-buffer@1.0.2", "UID": "f475f72c08986e3d", "BOMRef": "pkg:npm/data-view-buffer@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "data-view-byte-length@1.0.2", "Name": "data-view-byte-length", "Identifier": { "PURL": "pkg:npm/data-view-byte-length@1.0.2", "UID": "ee50cbba70f47cc5", "BOMRef": "pkg:npm/data-view-byte-length@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "data-view-byte-offset@1.0.1", "Name": "data-view-byte-offset", "Identifier": { "PURL": "pkg:npm/data-view-byte-offset@1.0.1", "UID": "62ab9d9c59ea43f", "BOMRef": "pkg:npm/data-view-byte-offset@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "debug@4.4.1", "Name": "debug", "Identifier": { "PURL": "pkg:npm/debug@4.4.1", "UID": "8e009f0c006158d3", "BOMRef": "pkg:npm/debug@4.4.1" }, "Version": "4.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/traverse@7.28.0", "@eslint/eslintrc@2.1.4", "@humanwhocodes/config-array@0.13.0", "agent-base@6.0.2", "eslint@8.57.1", "http-proxy-agent@5.0.0", "https-proxy-agent@5.0.1", "micromark@3.2.0", "vite-node@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "decimal.js@10.5.0", "Name": "decimal.js", "Identifier": { "PURL": "pkg:npm/decimal.js@10.5.0", "UID": "a30a3c324e68ed54", "BOMRef": "pkg:npm/decimal.js@10.5.0" }, "Version": "10.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "decode-named-character-reference@1.2.0", "Name": "decode-named-character-reference", "Identifier": { "PURL": "pkg:npm/decode-named-character-reference@1.2.0", "UID": "c718d544261c00e4", "BOMRef": "pkg:npm/decode-named-character-reference@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-core-commonmark@1.1.0", "micromark-util-decode-string@1.1.0", "micromark@3.2.0", "parse-entities@4.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "deep-eql@5.0.2", "Name": "deep-eql", "Identifier": { "PURL": "pkg:npm/deep-eql@5.0.2", "UID": "9e05461780b0d560", "BOMRef": "pkg:npm/deep-eql@5.0.2" }, "Version": "5.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "chai@5.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "deep-equal@2.2.3", "Name": "deep-equal", "Identifier": { "PURL": "pkg:npm/deep-equal@2.2.3", "UID": "e5ec5b0a274b27df", "BOMRef": "pkg:npm/deep-equal@2.2.3" }, "Version": "2.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "aria-query@5.1.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "deep-is@0.1.4", "Name": "deep-is", "Identifier": { "PURL": "pkg:npm/deep-is@0.1.4", "UID": "dc66bfe76ae3082e", "BOMRef": "pkg:npm/deep-is@0.1.4" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "optionator@0.9.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "define-data-property@1.1.4", "Name": "define-data-property", "Identifier": { "PURL": "pkg:npm/define-data-property@1.1.4", "UID": "135249f1df0f8e7d", "BOMRef": "pkg:npm/define-data-property@1.1.4" }, "Version": "1.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "define-properties@1.2.1", "iterator.prototype@1.1.5", "set-function-length@1.2.2", "set-function-name@2.0.2", "string.prototype.trim@1.2.10" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "define-properties@1.2.1", "Name": "define-properties", "Identifier": { "PURL": "pkg:npm/define-properties@1.2.1", "UID": "c78e61f62a44f2fc", "BOMRef": "pkg:npm/define-properties@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "array.prototype.findlast@1.2.5", "array.prototype.flat@1.3.3", "array.prototype.flatmap@1.3.3", "array.prototype.tosorted@1.1.4", "arraybuffer.prototype.slice@1.0.4", "es-iterator-helpers@1.2.1", "function.prototype.name@1.1.8", "globalthis@1.0.4", "object-is@1.1.6", "object.assign@4.1.7", "object.entries@1.1.9", "object.fromentries@2.0.8", "object.values@1.2.1", "reflect.getprototypeof@1.0.10", "regexp.prototype.flags@1.5.4", "string.prototype.matchall@4.0.12", "string.prototype.repeat@1.0.0", "string.prototype.trim@1.2.10", "string.prototype.trimend@1.0.9", "string.prototype.trimstart@1.0.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "delayed-stream@1.0.0", "Name": "delayed-stream", "Identifier": { "PURL": "pkg:npm/delayed-stream@1.0.0", "UID": "d708dd6b18eb7b6a", "BOMRef": "pkg:npm/delayed-stream@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "combined-stream@1.0.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "dequal@2.0.3", "Name": "dequal", "Identifier": { "PURL": "pkg:npm/dequal@2.0.3", "UID": "18faa6cba31c3b5b", "BOMRef": "pkg:npm/dequal@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/components@0.2.0", "aria-query@5.3.0", "uvu@0.5.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "dereference-json-schema@0.2.1", "Name": "dereference-json-schema", "Identifier": { "PURL": "pkg:npm/dereference-json-schema@0.2.1", "UID": "307438faae4b4150", "BOMRef": "pkg:npm/dereference-json-schema@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "openapi-client-axios@7.6.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "detect-libc@1.0.3", "Name": "detect-libc", "Identifier": { "PURL": "pkg:npm/detect-libc@1.0.3", "UID": "ee8c1211f274bb30", "BOMRef": "pkg:npm/detect-libc@1.0.3" }, "Version": "1.0.3", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@parcel/watcher@2.5.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "detect-libc@2.0.4", "Name": "detect-libc", "Identifier": { "PURL": "pkg:npm/detect-libc@2.0.4", "UID": "99b90c1290341473", "BOMRef": "fcd9f582-14f4-4313-b5c7-38257c6d5b5a" }, "Version": "2.0.4", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "detect-libc@2.0.4", "Name": "detect-libc", "Identifier": { "PURL": "pkg:npm/detect-libc@2.0.4", "UID": "2a8c7e5207ba7e21", "BOMRef": "95d2af8b-211e-46f4-ab99-229038ef84a2" }, "Version": "2.0.4", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@tailwindcss/oxide@4.1.11", "lightningcss@1.30.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "diff@5.2.0", "Name": "diff", "Identifier": { "PURL": "pkg:npm/diff@5.2.0", "UID": "53182b2059b6e667", "BOMRef": "pkg:npm/diff@5.2.0" }, "Version": "5.2.0", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "react-diff-viewer-continued@3.4.0", "uvu@0.5.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "doctrine@2.1.0", "Name": "doctrine", "Identifier": { "PURL": "pkg:npm/doctrine@2.1.0", "UID": "f58b42ec4e816eb", "BOMRef": "pkg:npm/doctrine@2.1.0" }, "Version": "2.1.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "doctrine@3.0.0", "Name": "doctrine", "Identifier": { "PURL": "pkg:npm/doctrine@3.0.0", "UID": "cad57f051cd6588", "BOMRef": "pkg:npm/doctrine@3.0.0" }, "Version": "3.0.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "dom-accessibility-api@0.5.16", "Name": "dom-accessibility-api", "Identifier": { "PURL": "pkg:npm/dom-accessibility-api@0.5.16", "UID": "920e4dc16be4c70e", "BOMRef": "pkg:npm/dom-accessibility-api@0.5.16" }, "Version": "0.5.16", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1", "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "dom-helpers@5.2.1", "Name": "dom-helpers", "Identifier": { "PURL": "pkg:npm/dom-helpers@5.2.1", "UID": "9e146c2fd8bc6f15", "BOMRef": "pkg:npm/dom-helpers@5.2.1" }, "Version": "5.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "react-transition-group@4.4.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "domexception@4.0.0", "Name": "domexception", "Identifier": { "PURL": "pkg:npm/domexception@4.0.0", "UID": "65b6aa5608088136", "BOMRef": "pkg:npm/domexception@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "dot-case@3.0.4", "Name": "dot-case", "Identifier": { "PURL": "pkg:npm/dot-case@3.0.4", "UID": "1f3a058908814e28", "BOMRef": "pkg:npm/dot-case@3.0.4" }, "Version": "3.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "snake-case@3.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "dunder-proto@1.0.1", "Name": "dunder-proto", "Identifier": { "PURL": "pkg:npm/dunder-proto@1.0.1", "UID": "2852320e22e626a7", "BOMRef": "pkg:npm/dunder-proto@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "get-proto@1.0.1", "has-proto@1.2.0", "set-proto@1.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "electron-to-chromium@1.5.179", "Name": "electron-to-chromium", "Identifier": { "PURL": "pkg:npm/electron-to-chromium@1.5.179", "UID": "c82e1e8d5c1f938c", "BOMRef": "pkg:npm/electron-to-chromium@1.5.179" }, "Version": "1.5.179", "Licenses": [ "ISC" ], "DependsOn": [ "browserslist@4.25.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "enhanced-resolve@5.18.2", "Name": "enhanced-resolve", "Identifier": { "PURL": "pkg:npm/enhanced-resolve@5.18.2", "UID": "2ec165ff14591077", "BOMRef": "pkg:npm/enhanced-resolve@5.18.2" }, "Version": "5.18.2", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11", "@tailwindcss/node@4.1.11" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "entities@4.5.0", "Name": "entities", "Identifier": { "PURL": "pkg:npm/entities@4.5.0", "UID": "f67f7a43ec9bf62d", "BOMRef": "pkg:npm/entities@4.5.0" }, "Version": "4.5.0", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "@svgr/hast-util-to-babel-ast@8.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "entities@6.0.1", "Name": "entities", "Identifier": { "PURL": "pkg:npm/entities@6.0.1", "UID": "35f01704a58b1c3f", "BOMRef": "pkg:npm/entities@6.0.1" }, "Version": "6.0.1", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "parse5@7.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "error-ex@1.3.2", "Name": "error-ex", "Identifier": { "PURL": "pkg:npm/error-ex@1.3.2", "UID": "4a109447bf8bd231", "BOMRef": "pkg:npm/error-ex@1.3.2" }, "Version": "1.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "parse-json@5.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "es-abstract@1.24.0", "Name": "es-abstract", "Identifier": { "PURL": "pkg:npm/es-abstract@1.24.0", "UID": "b19db6bf181fbe3", "BOMRef": "pkg:npm/es-abstract@1.24.0" }, "Version": "1.24.0", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "array.prototype.findlast@1.2.5", "array.prototype.flat@1.3.3", "array.prototype.flatmap@1.3.3", "array.prototype.tosorted@1.1.4", "arraybuffer.prototype.slice@1.0.4", "es-iterator-helpers@1.2.1", "object.fromentries@2.0.8", "reflect.getprototypeof@1.0.10", "string.prototype.matchall@4.0.12", "string.prototype.repeat@1.0.0", "string.prototype.trim@1.2.10" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "es-define-property@1.0.1", "Name": "es-define-property", "Identifier": { "PURL": "pkg:npm/es-define-property@1.0.1", "UID": "675909ba58498342", "BOMRef": "pkg:npm/es-define-property@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "call-bind@1.0.8", "define-data-property@1.1.4", "es-abstract@1.24.0", "get-intrinsic@1.3.0", "has-property-descriptors@1.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "es-errors@1.3.0", "Name": "es-errors", "Identifier": { "PURL": "pkg:npm/es-errors@1.3.0", "UID": "72fac5e722d19f94", "BOMRef": "pkg:npm/es-errors@1.3.0" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "array.prototype.findlast@1.2.5", "array.prototype.tosorted@1.1.4", "arraybuffer.prototype.slice@1.0.4", "call-bind-apply-helpers@1.0.2", "data-view-buffer@1.0.2", "data-view-byte-length@1.0.2", "data-view-byte-offset@1.0.1", "define-data-property@1.1.4", "dunder-proto@1.0.1", "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "es-object-atoms@1.1.1", "es-set-tostringtag@2.1.0", "get-intrinsic@1.3.0", "get-symbol-description@1.1.0", "internal-slot@1.1.0", "reflect.getprototypeof@1.0.10", "regexp.prototype.flags@1.5.4", "safe-push-apply@1.0.0", "safe-regex-test@1.1.0", "set-function-length@1.2.2", "set-function-name@2.0.2", "set-proto@1.0.0", "side-channel-list@1.0.0", "side-channel-map@1.0.1", "side-channel-weakmap@1.0.2", "side-channel@1.1.0", "stop-iteration-iterator@1.1.0", "string.prototype.matchall@4.0.12", "typed-array-buffer@1.0.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "es-get-iterator@1.1.3", "Name": "es-get-iterator", "Identifier": { "PURL": "pkg:npm/es-get-iterator@1.1.3", "UID": "4e8b565895752f2b", "BOMRef": "pkg:npm/es-get-iterator@1.1.3" }, "Version": "1.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "es-iterator-helpers@1.2.1", "Name": "es-iterator-helpers", "Identifier": { "PURL": "pkg:npm/es-iterator-helpers@1.2.1", "UID": "edefe0e769c8d995", "BOMRef": "pkg:npm/es-iterator-helpers@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "es-module-lexer@1.7.0", "Name": "es-module-lexer", "Identifier": { "PURL": "pkg:npm/es-module-lexer@1.7.0", "UID": "98d50eae9031d82", "BOMRef": "pkg:npm/es-module-lexer@1.7.0" }, "Version": "1.7.0", "Licenses": [ "MIT" ], "DependsOn": [ "vite-node@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "es-object-atoms@1.1.1", "Name": "es-object-atoms", "Identifier": { "PURL": "pkg:npm/es-object-atoms@1.1.1", "UID": "e960f817132dc5fd", "BOMRef": "pkg:npm/es-object-atoms@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "array.prototype.findlast@1.2.5", "es-abstract@1.24.0", "get-intrinsic@1.3.0", "get-proto@1.0.1", "iterator.prototype@1.1.5", "object.assign@4.1.7", "object.entries@1.1.9", "object.fromentries@2.0.8", "object.values@1.2.1", "reflect.getprototypeof@1.0.10", "set-proto@1.0.0", "string.prototype.matchall@4.0.12", "string.prototype.trim@1.2.10", "string.prototype.trimend@1.0.9", "string.prototype.trimstart@1.0.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "es-set-tostringtag@2.1.0", "Name": "es-set-tostringtag", "Identifier": { "PURL": "pkg:npm/es-set-tostringtag@2.1.0", "UID": "6b6b9d587d7f3b10", "BOMRef": "pkg:npm/es-set-tostringtag@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "form-data@4.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "es-shim-unscopables@1.1.0", "Name": "es-shim-unscopables", "Identifier": { "PURL": "pkg:npm/es-shim-unscopables@1.1.0", "UID": "a370340cf737288c", "BOMRef": "pkg:npm/es-shim-unscopables@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "array.prototype.findlast@1.2.5", "array.prototype.flat@1.3.3", "array.prototype.flatmap@1.3.3", "array.prototype.tosorted@1.1.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "es-to-primitive@1.3.0", "Name": "es-to-primitive", "Identifier": { "PURL": "pkg:npm/es-to-primitive@1.3.0", "UID": "7a6b945ce0ac266b", "BOMRef": "pkg:npm/es-to-primitive@1.3.0" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "esbuild@0.25.5", "Name": "esbuild", "Identifier": { "PURL": "pkg:npm/esbuild@0.25.5", "UID": "512557113375d4f6", "BOMRef": "pkg:npm/esbuild@0.25.5" }, "Version": "0.25.5", "Licenses": [ "MIT" ], "DependsOn": [ "vite@6.4.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "escalade@3.2.0", "Name": "escalade", "Identifier": { "PURL": "pkg:npm/escalade@3.2.0", "UID": "6083edeb04a29482", "BOMRef": "pkg:npm/escalade@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "update-browserslist-db@1.1.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "escape-string-regexp@2.0.0", "Name": "escape-string-regexp", "Identifier": { "PURL": "pkg:npm/escape-string-regexp@2.0.0", "UID": "4e542e7a08a0ad47", "BOMRef": "pkg:npm/escape-string-regexp@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "stack-utils@2.0.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "escape-string-regexp@4.0.0", "Name": "escape-string-regexp", "Identifier": { "PURL": "pkg:npm/escape-string-regexp@4.0.0", "UID": "60e6b325dc55ff46", "BOMRef": "pkg:npm/escape-string-regexp@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "eslint@8.57.1", "Name": "eslint", "Identifier": { "PURL": "pkg:npm/eslint@8.57.1", "UID": "a5223bd241f034f9", "BOMRef": "pkg:npm/eslint@8.57.1" }, "Version": "8.57.1", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint-community/eslint-utils@4.7.0", "eslint-config-google@0.14.0", "eslint-config-prettier@8.10.0", "eslint-plugin-react@7.37.5", "qdrant-web-ui@0.2.5", "vite-plugin-eslint@1.8.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "eslint-config-google@0.14.0", "Name": "eslint-config-google", "Identifier": { "PURL": "pkg:npm/eslint-config-google@0.14.0", "UID": "8e7d997270693386", "BOMRef": "pkg:npm/eslint-config-google@0.14.0" }, "Version": "0.14.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "eslint-config-prettier@8.10.0", "Name": "eslint-config-prettier", "Identifier": { "PURL": "pkg:npm/eslint-config-prettier@8.10.0", "UID": "7da41ee5a2393e66", "BOMRef": "pkg:npm/eslint-config-prettier@8.10.0" }, "Version": "8.10.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "eslint-plugin-react@7.37.5", "Name": "eslint-plugin-react", "Identifier": { "PURL": "pkg:npm/eslint-plugin-react@7.37.5", "UID": "b9bd5e5ea2a65d67", "BOMRef": "pkg:npm/eslint-plugin-react@7.37.5" }, "Version": "7.37.5", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "eslint-scope@7.2.2", "Name": "eslint-scope", "Identifier": { "PURL": "pkg:npm/eslint-scope@7.2.2", "UID": "742f50b05349a7dc", "BOMRef": "pkg:npm/eslint-scope@7.2.2" }, "Version": "7.2.2", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "eslint-visitor-keys@3.4.3", "Name": "eslint-visitor-keys", "Identifier": { "PURL": "pkg:npm/eslint-visitor-keys@3.4.3", "UID": "3c1308c0f2626f39", "BOMRef": "pkg:npm/eslint-visitor-keys@3.4.3" }, "Version": "3.4.3", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@eslint-community/eslint-utils@4.7.0", "eslint@8.57.1", "espree@9.6.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "espree@9.6.1", "Name": "espree", "Identifier": { "PURL": "pkg:npm/espree@9.6.1", "UID": "f354f3c9dda1af9e", "BOMRef": "pkg:npm/espree@9.6.1" }, "Version": "9.6.1", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "esquery@1.6.0", "Name": "esquery", "Identifier": { "PURL": "pkg:npm/esquery@1.6.0", "UID": "f63cdc244abbe3f9", "BOMRef": "pkg:npm/esquery@1.6.0" }, "Version": "1.6.0", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "esrecurse@4.3.0", "Name": "esrecurse", "Identifier": { "PURL": "pkg:npm/esrecurse@4.3.0", "UID": "f121a2e0978c767a", "BOMRef": "pkg:npm/esrecurse@4.3.0" }, "Version": "4.3.0", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "eslint-scope@7.2.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "estraverse@5.3.0", "Name": "estraverse", "Identifier": { "PURL": "pkg:npm/estraverse@5.3.0", "UID": "357e90f55ae8d70c", "BOMRef": "pkg:npm/estraverse@5.3.0" }, "Version": "5.3.0", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "eslint-plugin-react@7.37.5", "eslint-scope@7.2.2", "esquery@1.6.0", "esrecurse@4.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "estree-util-attach-comments@2.1.1", "Name": "estree-util-attach-comments", "Identifier": { "PURL": "pkg:npm/estree-util-attach-comments@2.1.1", "UID": "d117df3ee96b4af4", "BOMRef": "pkg:npm/estree-util-attach-comments@2.1.1" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "estree-util-build-jsx@2.2.2", "Name": "estree-util-build-jsx", "Identifier": { "PURL": "pkg:npm/estree-util-build-jsx@2.2.2", "UID": "ac742d5bbb88b2de", "BOMRef": "pkg:npm/estree-util-build-jsx@2.2.2" }, "Version": "2.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "estree-util-is-identifier-name@2.1.0", "Name": "estree-util-is-identifier-name", "Identifier": { "PURL": "pkg:npm/estree-util-is-identifier-name@2.1.0", "UID": "cda994832d73103a", "BOMRef": "pkg:npm/estree-util-is-identifier-name@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "estree-util-build-jsx@2.2.2", "hast-util-to-estree@2.3.3", "micromark-extension-mdx-jsx@1.0.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "estree-util-to-js@1.2.0", "Name": "estree-util-to-js", "Identifier": { "PURL": "pkg:npm/estree-util-to-js@1.2.0", "UID": "961cd5a92d43dd80", "BOMRef": "pkg:npm/estree-util-to-js@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "estree-util-visit@1.2.1", "Name": "estree-util-visit", "Identifier": { "PURL": "pkg:npm/estree-util-visit@1.2.1", "UID": "d0a5025e71aaa839", "BOMRef": "pkg:npm/estree-util-visit@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-util-events-to-acorn@1.2.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "estree-walker@2.0.2", "Name": "estree-walker", "Identifier": { "PURL": "pkg:npm/estree-walker@2.0.2", "UID": "e848c4cd0290f9e8", "BOMRef": "3a5dbb6e-7fde-4bd4-9e69-ea3d4491ca0e" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "estree-walker@2.0.2", "Name": "estree-walker", "Identifier": { "PURL": "pkg:npm/estree-walker@2.0.2", "UID": "1a70afb6c0675094", "BOMRef": "60c61776-d9a9-476e-b984-2fe121af15de" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "@rollup/pluginutils@4.2.1", "@rollup/pluginutils@5.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "estree-walker@3.0.3", "Name": "estree-walker", "Identifier": { "PURL": "pkg:npm/estree-walker@3.0.3", "UID": "698d19ac4433e66f", "BOMRef": "pkg:npm/estree-walker@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "@vitest/mocker@3.2.4", "estree-util-build-jsx@2.2.2", "periscopic@3.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "esutils@2.0.3", "Name": "esutils", "Identifier": { "PURL": "pkg:npm/esutils@2.0.3", "UID": "2f36a02c083b7463", "BOMRef": "pkg:npm/esutils@2.0.3" }, "Version": "2.0.3", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "doctrine@2.1.0", "doctrine@3.0.0", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "eventemitter3@5.0.1", "Name": "eventemitter3", "Identifier": { "PURL": "pkg:npm/eventemitter3@5.0.1", "UID": "160970322ee577ff", "BOMRef": "pkg:npm/eventemitter3@5.0.1" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "p-queue@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "exifr@7.1.3", "Name": "exifr", "Identifier": { "PURL": "pkg:npm/exifr@7.1.3", "UID": "67a9953ba5f8ed31", "BOMRef": "pkg:npm/exifr@7.1.3" }, "Version": "7.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/thumbnail-generator@4.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "expect@30.0.4", "Name": "expect", "Identifier": { "PURL": "pkg:npm/expect@30.0.4", "UID": "ff3837fe46196bc5", "BOMRef": "pkg:npm/expect@30.0.4" }, "Version": "30.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "@types/jest@30.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "expect-type@1.2.1", "Name": "expect-type", "Identifier": { "PURL": "pkg:npm/expect-type@1.2.1", "UID": "17ecfce9f97270d6", "BOMRef": "pkg:npm/expect-type@1.2.1" }, "Version": "1.2.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "extend@3.0.2", "Name": "extend", "Identifier": { "PURL": "pkg:npm/extend@3.0.2", "UID": "f3b2018c1be3619d", "BOMRef": "pkg:npm/extend@3.0.2" }, "Version": "3.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "unified@10.1.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "fast-deep-equal@3.1.3", "Name": "fast-deep-equal", "Identifier": { "PURL": "pkg:npm/fast-deep-equal@3.1.3", "UID": "fe165e272a804306", "BOMRef": "pkg:npm/fast-deep-equal@3.1.3" }, "Version": "3.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "ajv@6.12.6", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "fast-json-stable-stringify@2.1.0", "Name": "fast-json-stable-stringify", "Identifier": { "PURL": "pkg:npm/fast-json-stable-stringify@2.1.0", "UID": "f926cc366d4f57ca", "BOMRef": "pkg:npm/fast-json-stable-stringify@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "ajv@6.12.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "fast-levenshtein@2.0.6", "Name": "fast-levenshtein", "Identifier": { "PURL": "pkg:npm/fast-levenshtein@2.0.6", "UID": "d601541f3286b138", "BOMRef": "pkg:npm/fast-levenshtein@2.0.6" }, "Version": "2.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "optionator@0.9.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "fastq@1.19.1", "Name": "fastq", "Identifier": { "PURL": "pkg:npm/fastq@1.19.1", "UID": "c5dd852d92a29ebb", "BOMRef": "pkg:npm/fastq@1.19.1" }, "Version": "1.19.1", "Licenses": [ "ISC" ], "DependsOn": [ "@nodelib/fs.walk@1.2.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "fdir@6.4.6", "Name": "fdir", "Identifier": { "PURL": "pkg:npm/fdir@6.4.6", "UID": "55b797eaec4c6ee1", "BOMRef": "pkg:npm/fdir@6.4.6" }, "Version": "6.4.6", "Licenses": [ "MIT" ], "DependsOn": [ "tinyglobby@0.2.14", "vite@6.4.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "file-entry-cache@6.0.1", "Name": "file-entry-cache", "Identifier": { "PURL": "pkg:npm/file-entry-cache@6.0.1", "UID": "979368d8f0d6aaaa", "BOMRef": "pkg:npm/file-entry-cache@6.0.1" }, "Version": "6.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "fill-range@7.1.1", "Name": "fill-range", "Identifier": { "PURL": "pkg:npm/fill-range@7.1.1", "UID": "c3738965d43fbc2", "BOMRef": "pkg:npm/fill-range@7.1.1" }, "Version": "7.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "braces@3.0.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "find-root@1.1.0", "Name": "find-root", "Identifier": { "PURL": "pkg:npm/find-root@1.1.0", "UID": "2d3aa9fd867941f4", "BOMRef": "pkg:npm/find-root@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "find-up@5.0.0", "Name": "find-up", "Identifier": { "PURL": "pkg:npm/find-up@5.0.0", "UID": "250e564d6441fd63", "BOMRef": "pkg:npm/find-up@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "flat-cache@3.2.0", "Name": "flat-cache", "Identifier": { "PURL": "pkg:npm/flat-cache@3.2.0", "UID": "ace63918873a90e8", "BOMRef": "pkg:npm/flat-cache@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "file-entry-cache@6.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "flatted@3.3.3", "Name": "flatted", "Identifier": { "PURL": "pkg:npm/flatted@3.3.3", "UID": "9c3543c77d7050b9", "BOMRef": "pkg:npm/flatted@3.3.3" }, "Version": "3.3.3", "Licenses": [ "ISC" ], "DependsOn": [ "flat-cache@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "float-tooltip@1.7.5", "Name": "float-tooltip", "Identifier": { "PURL": "pkg:npm/float-tooltip@1.7.5", "UID": "8820c5a3ab4188ff", "BOMRef": "pkg:npm/float-tooltip@1.7.5" }, "Version": "1.7.5", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "follow-redirects@1.15.9", "Name": "follow-redirects", "Identifier": { "PURL": "pkg:npm/follow-redirects@1.15.9", "UID": "72f467966b403112", "BOMRef": "pkg:npm/follow-redirects@1.15.9" }, "Version": "1.15.9", "Licenses": [ "MIT" ], "DependsOn": [ "axios@1.12.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "for-each@0.3.5", "Name": "for-each", "Identifier": { "PURL": "pkg:npm/for-each@0.3.5", "UID": "e65d1b5ca294eac1", "BOMRef": "pkg:npm/for-each@0.3.5" }, "Version": "0.3.5", "Licenses": [ "MIT" ], "DependsOn": [ "typed-array-byte-length@1.0.3", "typed-array-byte-offset@1.0.4", "typed-array-length@1.0.7", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "force-graph@1.50.1", "Name": "force-graph", "Identifier": { "PURL": "pkg:npm/force-graph@1.50.1", "UID": "bd7247148b59d7bf", "BOMRef": "pkg:npm/force-graph@1.50.1" }, "Version": "1.50.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "form-data@4.0.4", "Name": "form-data", "Identifier": { "PURL": "pkg:npm/form-data@4.0.4", "UID": "e891ce17fb5deccf", "BOMRef": "pkg:npm/form-data@4.0.4" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "axios@1.12.2", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "fs.realpath@1.0.0", "Name": "fs.realpath", "Identifier": { "PURL": "pkg:npm/fs.realpath@1.0.0", "UID": "18a91d96753d08fc", "BOMRef": "pkg:npm/fs.realpath@1.0.0" }, "Version": "1.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "glob@7.2.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "function-bind@1.1.2", "Name": "function-bind", "Identifier": { "PURL": "pkg:npm/function-bind@1.1.2", "UID": "66b0eda6b8638794", "BOMRef": "pkg:npm/function-bind@1.1.2" }, "Version": "1.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "call-bind-apply-helpers@1.0.2", "es-iterator-helpers@1.2.1", "get-intrinsic@1.3.0", "hasown@2.0.2", "set-function-length@1.2.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "function.prototype.name@1.1.8", "Name": "function.prototype.name", "Identifier": { "PURL": "pkg:npm/function.prototype.name@1.1.8", "UID": "49308115ac2bb34c", "BOMRef": "pkg:npm/function.prototype.name@1.1.8" }, "Version": "1.1.8", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "functions-have-names@1.2.3", "Name": "functions-have-names", "Identifier": { "PURL": "pkg:npm/functions-have-names@1.2.3", "UID": "3d5b59f5d0aeed3b", "BOMRef": "pkg:npm/functions-have-names@1.2.3" }, "Version": "1.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "function.prototype.name@1.1.8", "set-function-name@2.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "gensync@1.0.0-beta.2", "Name": "gensync", "Identifier": { "PURL": "pkg:npm/gensync@1.0.0-beta.2", "UID": "17ee953015f8c26a", "BOMRef": "pkg:npm/gensync@1.0.0-beta.2" }, "Version": "1.0.0-beta.2", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "get-intrinsic@1.3.0", "Name": "get-intrinsic", "Identifier": { "PURL": "pkg:npm/get-intrinsic@1.3.0", "UID": "7fcde11e89c320b1", "BOMRef": "pkg:npm/get-intrinsic@1.3.0" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "arraybuffer.prototype.slice@1.0.4", "call-bind@1.0.8", "call-bound@1.0.4", "deep-equal@2.2.3", "es-abstract@1.24.0", "es-get-iterator@1.1.3", "es-iterator-helpers@1.2.1", "es-set-tostringtag@2.1.0", "get-symbol-description@1.1.0", "is-array-buffer@3.0.5", "is-data-view@1.0.2", "is-weakset@2.0.4", "iterator.prototype@1.1.5", "own-keys@1.0.1", "reflect.getprototypeof@1.0.10", "safe-array-concat@1.1.3", "set-function-length@1.2.2", "side-channel-map@1.0.1", "side-channel-weakmap@1.0.2", "string.prototype.matchall@4.0.12" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "get-proto@1.0.1", "Name": "get-proto", "Identifier": { "PURL": "pkg:npm/get-proto@1.0.1", "UID": "28aa5b2efa512f40", "BOMRef": "pkg:npm/get-proto@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "get-intrinsic@1.3.0", "is-async-function@2.1.1", "is-generator-function@1.1.0", "iterator.prototype@1.1.5", "reflect.getprototypeof@1.0.10", "regexp.prototype.flags@1.5.4", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "get-symbol-description@1.1.0", "Name": "get-symbol-description", "Identifier": { "PURL": "pkg:npm/get-symbol-description@1.1.0", "UID": "47c5ab993ec28495", "BOMRef": "pkg:npm/get-symbol-description@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "glob@7.2.3", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@7.2.3", "UID": "c7026b53c85daa45", "BOMRef": "pkg:npm/glob@7.2.3" }, "Version": "7.2.3", "Licenses": [ "ISC" ], "DependsOn": [ "rimraf@3.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "glob-parent@6.0.2", "Name": "glob-parent", "Identifier": { "PURL": "pkg:npm/glob-parent@6.0.2", "UID": "a545691c468a0335", "BOMRef": "pkg:npm/glob-parent@6.0.2" }, "Version": "6.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "globals@13.24.0", "Name": "globals", "Identifier": { "PURL": "pkg:npm/globals@13.24.0", "UID": "63625b2d52642fe8", "BOMRef": "pkg:npm/globals@13.24.0" }, "Version": "13.24.0", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "globalthis@1.0.4", "Name": "globalthis", "Identifier": { "PURL": "pkg:npm/globalthis@1.0.4", "UID": "f160b2f9c2d3ccc4", "BOMRef": "pkg:npm/globalthis@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-iterator-helpers@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "goober@2.1.16", "Name": "goober", "Identifier": { "PURL": "pkg:npm/goober@2.1.16", "UID": "7a4e3ed4bb176ebf", "BOMRef": "pkg:npm/goober@2.1.16" }, "Version": "2.1.16", "Licenses": [ "MIT" ], "DependsOn": [ "notistack@3.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "gopd@1.2.0", "Name": "gopd", "Identifier": { "PURL": "pkg:npm/gopd@1.2.0", "UID": "fccd8f1157ef05c8", "BOMRef": "pkg:npm/gopd@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "define-data-property@1.1.4", "dunder-proto@1.0.1", "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "get-intrinsic@1.3.0", "globalthis@1.0.4", "is-regex@1.2.1", "regexp.prototype.flags@1.5.4", "set-function-length@1.2.2", "string.prototype.matchall@4.0.12", "typed-array-byte-length@1.0.3", "typed-array-byte-offset@1.0.4", "typed-array-length@1.0.7", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "graceful-fs@4.2.11", "Name": "graceful-fs", "Identifier": { "PURL": "pkg:npm/graceful-fs@4.2.11", "UID": "a7048165a07f5a7f", "BOMRef": "pkg:npm/graceful-fs@4.2.11" }, "Version": "4.2.11", "Licenses": [ "ISC" ], "DependsOn": [ "enhanced-resolve@5.18.2", "jest-message-util@30.0.2", "jest-util@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "graphemer@1.4.0", "Name": "graphemer", "Identifier": { "PURL": "pkg:npm/graphemer@1.4.0", "UID": "28a05d1625098c67", "BOMRef": "pkg:npm/graphemer@1.4.0" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "has-bigints@1.1.0", "Name": "has-bigints", "Identifier": { "PURL": "pkg:npm/has-bigints@1.1.0", "UID": "c73c4f23525330b0", "BOMRef": "pkg:npm/has-bigints@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "is-bigint@1.1.0", "unbox-primitive@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "has-flag@4.0.0", "Name": "has-flag", "Identifier": { "PURL": "pkg:npm/has-flag@4.0.0", "UID": "9501d6b2ff0d7e9e", "BOMRef": "pkg:npm/has-flag@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "supports-color@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "has-property-descriptors@1.0.2", "Name": "has-property-descriptors", "Identifier": { "PURL": "pkg:npm/has-property-descriptors@1.0.2", "UID": "b14772b0e5a11036", "BOMRef": "pkg:npm/has-property-descriptors@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "define-properties@1.2.1", "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "set-function-length@1.2.2", "set-function-name@2.0.2", "string.prototype.trim@1.2.10" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "has-proto@1.2.0", "Name": "has-proto", "Identifier": { "PURL": "pkg:npm/has-proto@1.2.0", "UID": "4c538f3edaee0c18", "BOMRef": "pkg:npm/has-proto@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "typed-array-byte-length@1.0.3", "typed-array-byte-offset@1.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "has-symbols@1.1.0", "Name": "has-symbols", "Identifier": { "PURL": "pkg:npm/has-symbols@1.1.0", "UID": "2ac175c5e2988b73", "BOMRef": "pkg:npm/has-symbols@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-get-iterator@1.1.3", "es-iterator-helpers@1.2.1", "get-intrinsic@1.3.0", "has-tostringtag@1.0.2", "is-symbol@1.1.1", "iterator.prototype@1.1.5", "object.assign@4.1.7", "safe-array-concat@1.1.3", "string.prototype.matchall@4.0.12", "unbox-primitive@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "has-tostringtag@1.0.2", "Name": "has-tostringtag", "Identifier": { "PURL": "pkg:npm/has-tostringtag@1.0.2", "UID": "a86222617f9ee56b", "BOMRef": "pkg:npm/has-tostringtag@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "es-set-tostringtag@2.1.0", "is-arguments@1.2.0", "is-async-function@2.1.1", "is-boolean-object@1.2.2", "is-date-object@1.1.0", "is-generator-function@1.1.0", "is-number-object@1.1.1", "is-regex@1.2.1", "is-string@1.1.1", "which-builtin-type@1.2.1", "which-typed-array@1.1.19" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "hasown@2.0.2", "Name": "hasown", "Identifier": { "PURL": "pkg:npm/hasown@2.0.2", "UID": "9787458c61f716ae", "BOMRef": "pkg:npm/hasown@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-set-tostringtag@2.1.0", "es-shim-unscopables@1.1.0", "eslint-plugin-react@7.37.5", "form-data@4.0.4", "function.prototype.name@1.1.8", "get-intrinsic@1.3.0", "internal-slot@1.1.0", "is-core-module@2.16.1", "is-regex@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "hast-util-to-estree@2.3.3", "Name": "hast-util-to-estree", "Identifier": { "PURL": "pkg:npm/hast-util-to-estree@2.3.3", "UID": "4c57d8bc48596618", "BOMRef": "pkg:npm/hast-util-to-estree@2.3.3" }, "Version": "2.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "hast-util-whitespace@2.0.1", "Name": "hast-util-whitespace", "Identifier": { "PURL": "pkg:npm/hast-util-whitespace@2.0.1", "UID": "bf98d05f86ee7a86", "BOMRef": "pkg:npm/hast-util-whitespace@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "hoist-non-react-statics@3.3.2", "Name": "hoist-non-react-statics", "Identifier": { "PURL": "pkg:npm/hoist-non-react-statics@3.3.2", "UID": "55a43610b4bd1ee", "BOMRef": "pkg:npm/hoist-non-react-statics@3.3.2" }, "Version": "3.3.2", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@emotion/react@11.14.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "html-encoding-sniffer@3.0.0", "Name": "html-encoding-sniffer", "Identifier": { "PURL": "pkg:npm/html-encoding-sniffer@3.0.0", "UID": "a24f1cb4925e786b", "BOMRef": "pkg:npm/html-encoding-sniffer@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "http-proxy-agent@5.0.0", "Name": "http-proxy-agent", "Identifier": { "PURL": "pkg:npm/http-proxy-agent@5.0.0", "UID": "259ab2fe78d7271b", "BOMRef": "pkg:npm/http-proxy-agent@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "https-proxy-agent@5.0.1", "Name": "https-proxy-agent", "Identifier": { "PURL": "pkg:npm/https-proxy-agent@5.0.1", "UID": "557f1f8ba8b659d0", "BOMRef": "pkg:npm/https-proxy-agent@5.0.1" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "iconv-lite@0.6.3", "Name": "iconv-lite", "Identifier": { "PURL": "pkg:npm/iconv-lite@0.6.3", "UID": "a8a89ad556e03c36", "BOMRef": "pkg:npm/iconv-lite@0.6.3" }, "Version": "0.6.3", "Licenses": [ "MIT" ], "DependsOn": [ "whatwg-encoding@2.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ignore@5.3.2", "Name": "ignore", "Identifier": { "PURL": "pkg:npm/ignore@5.3.2", "UID": "dd155a12a4d9caa2", "BOMRef": "pkg:npm/ignore@5.3.2" }, "Version": "5.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "import-fresh@3.3.1", "Name": "import-fresh", "Identifier": { "PURL": "pkg:npm/import-fresh@3.3.1", "UID": "be378f68bece85da", "BOMRef": "pkg:npm/import-fresh@3.3.1" }, "Version": "3.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "cosmiconfig@7.1.0", "cosmiconfig@8.3.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "imurmurhash@0.1.4", "Name": "imurmurhash", "Identifier": { "PURL": "pkg:npm/imurmurhash@0.1.4", "UID": "64e8a41814da6d88", "BOMRef": "pkg:npm/imurmurhash@0.1.4" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "indent-string@4.0.0", "Name": "indent-string", "Identifier": { "PURL": "pkg:npm/indent-string@4.0.0", "UID": "30fd8f005bc0e9fa", "BOMRef": "pkg:npm/indent-string@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "redent@3.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "index-array-by@1.4.2", "Name": "index-array-by", "Identifier": { "PURL": "pkg:npm/index-array-by@1.4.2", "UID": "32328e34932b319a", "BOMRef": "pkg:npm/index-array-by@1.4.2" }, "Version": "1.4.2", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "inflight@1.0.6", "Name": "inflight", "Identifier": { "PURL": "pkg:npm/inflight@1.0.6", "UID": "5bfe4880887ffcbc", "BOMRef": "pkg:npm/inflight@1.0.6" }, "Version": "1.0.6", "Licenses": [ "ISC" ], "DependsOn": [ "glob@7.2.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "inherits@2.0.4", "Name": "inherits", "Identifier": { "PURL": "pkg:npm/inherits@2.0.4", "UID": "3a2e0907adad3860", "BOMRef": "pkg:npm/inherits@2.0.4" }, "Version": "2.0.4", "Licenses": [ "ISC" ], "DependsOn": [ "glob@7.2.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "inline-style-parser@0.1.1", "Name": "inline-style-parser", "Identifier": { "PURL": "pkg:npm/inline-style-parser@0.1.1", "UID": "2896fec46498b51f", "BOMRef": "pkg:npm/inline-style-parser@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "style-to-object@0.4.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "internal-slot@1.1.0", "Name": "internal-slot", "Identifier": { "PURL": "pkg:npm/internal-slot@1.1.0", "UID": "3d1ebd604cd4a504", "BOMRef": "pkg:npm/internal-slot@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-iterator-helpers@1.2.1", "stop-iteration-iterator@1.1.0", "string.prototype.matchall@4.0.12" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "internmap@2.0.3", "Name": "internmap", "Identifier": { "PURL": "pkg:npm/internmap@2.0.3", "UID": "637338fb036a3c2d", "BOMRef": "pkg:npm/internmap@2.0.3" }, "Version": "2.0.3", "Licenses": [ "ISC" ], "DependsOn": [ "d3-array@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-alphabetical@2.0.1", "Name": "is-alphabetical", "Identifier": { "PURL": "pkg:npm/is-alphabetical@2.0.1", "UID": "868c12a378b02582", "BOMRef": "pkg:npm/is-alphabetical@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "is-alphanumerical@2.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-alphanumerical@2.0.1", "Name": "is-alphanumerical", "Identifier": { "PURL": "pkg:npm/is-alphanumerical@2.0.1", "UID": "6a25d960476b3c8c", "BOMRef": "pkg:npm/is-alphanumerical@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "parse-entities@4.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-arguments@1.2.0", "Name": "is-arguments", "Identifier": { "PURL": "pkg:npm/is-arguments@1.2.0", "UID": "80d857d65240f74a", "BOMRef": "pkg:npm/is-arguments@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-get-iterator@1.1.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-array-buffer@3.0.5", "Name": "is-array-buffer", "Identifier": { "PURL": "pkg:npm/is-array-buffer@3.0.5", "UID": "5e2fd61710eb152d", "BOMRef": "pkg:npm/is-array-buffer@3.0.5" }, "Version": "3.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "array-buffer-byte-length@1.0.2", "arraybuffer.prototype.slice@1.0.4", "deep-equal@2.2.3", "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-arrayish@0.2.1", "Name": "is-arrayish", "Identifier": { "PURL": "pkg:npm/is-arrayish@0.2.1", "UID": "299aee336025f217", "BOMRef": "pkg:npm/is-arrayish@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "error-ex@1.3.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-async-function@2.1.1", "Name": "is-async-function", "Identifier": { "PURL": "pkg:npm/is-async-function@2.1.1", "UID": "40da99c5c29210a3", "BOMRef": "pkg:npm/is-async-function@2.1.1" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-bigint@1.1.0", "Name": "is-bigint", "Identifier": { "PURL": "pkg:npm/is-bigint@1.1.0", "UID": "35e5dc88c3a81e9b", "BOMRef": "pkg:npm/is-bigint@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "which-boxed-primitive@1.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-boolean-object@1.2.2", "Name": "is-boolean-object", "Identifier": { "PURL": "pkg:npm/is-boolean-object@1.2.2", "UID": "695c8e7d3d29e830", "BOMRef": "pkg:npm/is-boolean-object@1.2.2" }, "Version": "1.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "which-boxed-primitive@1.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-buffer@2.0.5", "Name": "is-buffer", "Identifier": { "PURL": "pkg:npm/is-buffer@2.0.5", "UID": "17507f4a09003ab5", "BOMRef": "pkg:npm/is-buffer@2.0.5" }, "Version": "2.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "unified@10.1.2", "vfile@5.3.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-callable@1.2.7", "Name": "is-callable", "Identifier": { "PURL": "pkg:npm/is-callable@1.2.7", "UID": "ad519d438ff3b1ae", "BOMRef": "pkg:npm/is-callable@1.2.7" }, "Version": "1.2.7", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-to-primitive@1.3.0", "for-each@0.3.5", "function.prototype.name@1.1.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-core-module@2.16.1", "Name": "is-core-module", "Identifier": { "PURL": "pkg:npm/is-core-module@2.16.1", "UID": "f49933e8659e161b", "BOMRef": "pkg:npm/is-core-module@2.16.1" }, "Version": "2.16.1", "Licenses": [ "MIT" ], "DependsOn": [ "resolve@1.22.10", "resolve@2.0.0-next.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-data-view@1.0.2", "Name": "is-data-view", "Identifier": { "PURL": "pkg:npm/is-data-view@1.0.2", "UID": "20e610c9d9cd3524", "BOMRef": "pkg:npm/is-data-view@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "data-view-buffer@1.0.2", "data-view-byte-length@1.0.2", "data-view-byte-offset@1.0.1", "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-date-object@1.1.0", "Name": "is-date-object", "Identifier": { "PURL": "pkg:npm/is-date-object@1.1.0", "UID": "c8a8300e33a9025a", "BOMRef": "pkg:npm/is-date-object@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-to-primitive@1.3.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-decimal@2.0.1", "Name": "is-decimal", "Identifier": { "PURL": "pkg:npm/is-decimal@2.0.1", "UID": "3b072ce006010157", "BOMRef": "pkg:npm/is-decimal@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "is-alphanumerical@2.0.1", "parse-entities@4.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-extglob@2.1.1", "Name": "is-extglob", "Identifier": { "PURL": "pkg:npm/is-extglob@2.1.1", "UID": "f521ad521efcb2fb", "BOMRef": "pkg:npm/is-extglob@2.1.1" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "is-glob@4.0.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-finalizationregistry@1.1.1", "Name": "is-finalizationregistry", "Identifier": { "PURL": "pkg:npm/is-finalizationregistry@1.1.1", "UID": "c8e42b3c796c3917", "BOMRef": "pkg:npm/is-finalizationregistry@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-generator-function@1.1.0", "Name": "is-generator-function", "Identifier": { "PURL": "pkg:npm/is-generator-function@1.1.0", "UID": "2cab0c371689cf", "BOMRef": "pkg:npm/is-generator-function@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-glob@4.0.3", "Name": "is-glob", "Identifier": { "PURL": "pkg:npm/is-glob@4.0.3", "UID": "1da0119c41ef848b", "BOMRef": "pkg:npm/is-glob@4.0.3" }, "Version": "4.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@parcel/watcher@2.5.1", "eslint@8.57.1", "glob-parent@6.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-hexadecimal@2.0.1", "Name": "is-hexadecimal", "Identifier": { "PURL": "pkg:npm/is-hexadecimal@2.0.1", "UID": "be3e2ca7df9bdab6", "BOMRef": "pkg:npm/is-hexadecimal@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "parse-entities@4.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-map@2.0.3", "Name": "is-map", "Identifier": { "PURL": "pkg:npm/is-map@2.0.3", "UID": "10da50b53abdc131", "BOMRef": "pkg:npm/is-map@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-get-iterator@1.1.3", "which-collection@1.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-negative-zero@2.0.3", "Name": "is-negative-zero", "Identifier": { "PURL": "pkg:npm/is-negative-zero@2.0.3", "UID": "a8ce7db185f70c4f", "BOMRef": "pkg:npm/is-negative-zero@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-network-error@1.1.0", "Name": "is-network-error", "Identifier": { "PURL": "pkg:npm/is-network-error@1.1.0", "UID": "8eb81ed7014fb085", "BOMRef": "pkg:npm/is-network-error@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "p-retry@6.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-number@7.0.0", "Name": "is-number", "Identifier": { "PURL": "pkg:npm/is-number@7.0.0", "UID": "8340127955c44ba8", "BOMRef": "pkg:npm/is-number@7.0.0" }, "Version": "7.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "to-regex-range@5.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-number-object@1.1.1", "Name": "is-number-object", "Identifier": { "PURL": "pkg:npm/is-number-object@1.1.1", "UID": "8399044782a151ee", "BOMRef": "pkg:npm/is-number-object@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "which-boxed-primitive@1.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-path-inside@3.0.3", "Name": "is-path-inside", "Identifier": { "PURL": "pkg:npm/is-path-inside@3.0.3", "UID": "d3450da89b51b246", "BOMRef": "pkg:npm/is-path-inside@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-plain-obj@4.1.0", "Name": "is-plain-obj", "Identifier": { "PURL": "pkg:npm/is-plain-obj@4.1.0", "UID": "44d7d0f22e7695fc", "BOMRef": "pkg:npm/is-plain-obj@4.1.0" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "unified@10.1.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-potential-custom-element-name@1.0.1", "Name": "is-potential-custom-element-name", "Identifier": { "PURL": "pkg:npm/is-potential-custom-element-name@1.0.1", "UID": "792371813f79259f", "BOMRef": "pkg:npm/is-potential-custom-element-name@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-reference@3.0.3", "Name": "is-reference", "Identifier": { "PURL": "pkg:npm/is-reference@3.0.3", "UID": "bbea598dbe762e40", "BOMRef": "pkg:npm/is-reference@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "periscopic@3.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-regex@1.2.1", "Name": "is-regex", "Identifier": { "PURL": "pkg:npm/is-regex@1.2.1", "UID": "cb96341134d488e7", "BOMRef": "pkg:npm/is-regex@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-abstract@1.24.0", "safe-regex-test@1.1.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-set@2.0.3", "Name": "is-set", "Identifier": { "PURL": "pkg:npm/is-set@2.0.3", "UID": "e6ca17ab8250e437", "BOMRef": "pkg:npm/is-set@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-get-iterator@1.1.3", "which-collection@1.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-shared-array-buffer@1.0.4", "Name": "is-shared-array-buffer", "Identifier": { "PURL": "pkg:npm/is-shared-array-buffer@1.0.4", "UID": "e7a3e8711e40b24", "BOMRef": "pkg:npm/is-shared-array-buffer@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-string@1.1.1", "Name": "is-string", "Identifier": { "PURL": "pkg:npm/is-string@1.1.1", "UID": "5a300952a1fbe205", "BOMRef": "pkg:npm/is-string@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "es-abstract@1.24.0", "es-get-iterator@1.1.3", "which-boxed-primitive@1.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-symbol@1.1.1", "Name": "is-symbol", "Identifier": { "PURL": "pkg:npm/is-symbol@1.1.1", "UID": "e24026764b662645", "BOMRef": "pkg:npm/is-symbol@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "es-to-primitive@1.3.0", "which-boxed-primitive@1.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-typed-array@1.1.15", "Name": "is-typed-array", "Identifier": { "PURL": "pkg:npm/is-typed-array@1.1.15", "UID": "cca92a0cd05447f6", "BOMRef": "pkg:npm/is-typed-array@1.1.15" }, "Version": "1.1.15", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "is-data-view@1.0.2", "typed-array-buffer@1.0.3", "typed-array-byte-length@1.0.3", "typed-array-byte-offset@1.0.4", "typed-array-length@1.0.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-weakmap@2.0.2", "Name": "is-weakmap", "Identifier": { "PURL": "pkg:npm/is-weakmap@2.0.2", "UID": "3c0e4e921da9e1af", "BOMRef": "pkg:npm/is-weakmap@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "which-collection@1.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-weakref@1.1.1", "Name": "is-weakref", "Identifier": { "PURL": "pkg:npm/is-weakref@1.1.1", "UID": "f51aa8a14d107ca4", "BOMRef": "pkg:npm/is-weakref@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "is-weakset@2.0.4", "Name": "is-weakset", "Identifier": { "PURL": "pkg:npm/is-weakset@2.0.4", "UID": "413083ff52c0e81b", "BOMRef": "pkg:npm/is-weakset@2.0.4" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "which-collection@1.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "isarray@2.0.5", "Name": "isarray", "Identifier": { "PURL": "pkg:npm/isarray@2.0.5", "UID": "24e79d1b57183fe5", "BOMRef": "pkg:npm/isarray@2.0.5" }, "Version": "2.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-get-iterator@1.1.3", "safe-array-concat@1.1.3", "safe-push-apply@1.0.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "4eb89a5c0a3570ce", "BOMRef": "pkg:npm/isexe@2.0.0" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "which@2.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "iterator.prototype@1.1.5", "Name": "iterator.prototype", "Identifier": { "PURL": "pkg:npm/iterator.prototype@1.1.5", "UID": "e48b83c9b573a9c1", "BOMRef": "pkg:npm/iterator.prototype@1.1.5" }, "Version": "1.1.5", "Licenses": [ "MIT" ], "DependsOn": [ "es-iterator-helpers@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jest-diff@30.0.4", "Name": "jest-diff", "Identifier": { "PURL": "pkg:npm/jest-diff@30.0.4", "UID": "e73a7c243a075f01", "BOMRef": "pkg:npm/jest-diff@30.0.4" }, "Version": "30.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "jest-matcher-utils@30.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jest-matcher-utils@30.0.4", "Name": "jest-matcher-utils", "Identifier": { "PURL": "pkg:npm/jest-matcher-utils@30.0.4", "UID": "f47225517b6334b3", "BOMRef": "pkg:npm/jest-matcher-utils@30.0.4" }, "Version": "30.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "expect@30.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jest-message-util@30.0.2", "Name": "jest-message-util", "Identifier": { "PURL": "pkg:npm/jest-message-util@30.0.2", "UID": "b70e80701d4d6fa0", "BOMRef": "pkg:npm/jest-message-util@30.0.2" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "expect@30.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jest-mock@30.0.2", "Name": "jest-mock", "Identifier": { "PURL": "pkg:npm/jest-mock@30.0.2", "UID": "80b8bc253afa4c35", "BOMRef": "pkg:npm/jest-mock@30.0.2" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "expect@30.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jest-regex-util@30.0.1", "Name": "jest-regex-util", "Identifier": { "PURL": "pkg:npm/jest-regex-util@30.0.1", "UID": "2c17d5d2078e9fb3", "BOMRef": "pkg:npm/jest-regex-util@30.0.1" }, "Version": "30.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "@jest/pattern@30.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jest-util@30.0.2", "Name": "jest-util", "Identifier": { "PURL": "pkg:npm/jest-util@30.0.2", "UID": "8fdc4548472a2b03", "BOMRef": "pkg:npm/jest-util@30.0.2" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "expect@30.0.4", "jest-mock@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jiti@2.4.2", "Name": "jiti", "Identifier": { "PURL": "pkg:npm/jiti@2.4.2", "UID": "f7888b1f6d0b3980", "BOMRef": "pkg:npm/jiti@2.4.2" }, "Version": "2.4.2", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/node@4.1.11", "vite@6.4.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jose@5.10.0", "Name": "jose", "Identifier": { "PURL": "pkg:npm/jose@5.10.0", "UID": "be010c9316ad65ac", "BOMRef": "pkg:npm/jose@5.10.0" }, "Version": "5.10.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "js-tokens@4.0.0", "Name": "js-tokens", "Identifier": { "PURL": "pkg:npm/js-tokens@4.0.0", "UID": "97f2f86ffedd4e78", "BOMRef": "pkg:npm/js-tokens@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/code-frame@7.27.1", "loose-envify@1.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "js-tokens@9.0.1", "Name": "js-tokens", "Identifier": { "PURL": "pkg:npm/js-tokens@9.0.1", "UID": "ab68f4ac008b1812", "BOMRef": "pkg:npm/js-tokens@9.0.1" }, "Version": "9.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "strip-literal@3.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "js-yaml@4.1.1", "Name": "js-yaml", "Identifier": { "PURL": "pkg:npm/js-yaml@4.1.1", "UID": "4fdb8c93cd969dbe", "BOMRef": "pkg:npm/js-yaml@4.1.1" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "cosmiconfig@8.3.6", "eslint@8.57.1", "openapi-client-axios@7.6.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jsdom@22.1.0", "Name": "jsdom", "Identifier": { "PURL": "pkg:npm/jsdom@22.1.0", "UID": "8aa87f1e30c46702", "BOMRef": "pkg:npm/jsdom@22.1.0" }, "Version": "22.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jsesc@3.1.0", "Name": "jsesc", "Identifier": { "PURL": "pkg:npm/jsesc@3.1.0", "UID": "61c0401c45db32fa", "BOMRef": "pkg:npm/jsesc@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/generator@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "json-buffer@3.0.1", "Name": "json-buffer", "Identifier": { "PURL": "pkg:npm/json-buffer@3.0.1", "UID": "992cb41de826bb4b", "BOMRef": "pkg:npm/json-buffer@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "keyv@4.5.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "json-parse-even-better-errors@2.3.1", "Name": "json-parse-even-better-errors", "Identifier": { "PURL": "pkg:npm/json-parse-even-better-errors@2.3.1", "UID": "171084ed9a9abe25", "BOMRef": "pkg:npm/json-parse-even-better-errors@2.3.1" }, "Version": "2.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "parse-json@5.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "json-schema-traverse@0.4.1", "Name": "json-schema-traverse", "Identifier": { "PURL": "pkg:npm/json-schema-traverse@0.4.1", "UID": "6d991e65e1011ae1", "BOMRef": "pkg:npm/json-schema-traverse@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "ajv@6.12.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "json-stable-stringify-without-jsonify@1.0.1", "Name": "json-stable-stringify-without-jsonify", "Identifier": { "PURL": "pkg:npm/json-stable-stringify-without-jsonify@1.0.1", "UID": "72e2b713acab1554", "BOMRef": "pkg:npm/json-stable-stringify-without-jsonify@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "json5@2.2.3", "Name": "json5", "Identifier": { "PURL": "pkg:npm/json5@2.2.3", "UID": "49e1a0237854d103", "BOMRef": "pkg:npm/json5@2.2.3" }, "Version": "2.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "@babel/core@7.28.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jsonc-parser@3.3.1", "Name": "jsonc-parser", "Identifier": { "PURL": "pkg:npm/jsonc-parser@3.3.1", "UID": "a736b18eb8fbd789", "BOMRef": "pkg:npm/jsonc-parser@3.3.1" }, "Version": "3.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jsx-ast-utils@3.3.5", "Name": "jsx-ast-utils", "Identifier": { "PURL": "pkg:npm/jsx-ast-utils@3.3.5", "UID": "d8cacd5c21b921db", "BOMRef": "pkg:npm/jsx-ast-utils@3.3.5" }, "Version": "3.3.5", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "jtd@0.1.1", "Name": "jtd", "Identifier": { "PURL": "pkg:npm/jtd@0.1.1", "UID": "823e0b42cde8a912", "BOMRef": "pkg:npm/jtd@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "create-collection-form@0.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "kapsule@1.16.3", "Name": "kapsule", "Identifier": { "PURL": "pkg:npm/kapsule@1.16.3", "UID": "ce13c671bb027d48", "BOMRef": "pkg:npm/kapsule@1.16.3" }, "Version": "1.16.3", "Licenses": [ "MIT" ], "DependsOn": [ "float-tooltip@1.7.5", "force-graph@1.50.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "keyv@4.5.4", "Name": "keyv", "Identifier": { "PURL": "pkg:npm/keyv@4.5.4", "UID": "8071111b5cd4a8ca", "BOMRef": "pkg:npm/keyv@4.5.4" }, "Version": "4.5.4", "Licenses": [ "MIT" ], "DependsOn": [ "flat-cache@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "kleur@4.1.5", "Name": "kleur", "Identifier": { "PURL": "pkg:npm/kleur@4.1.5", "UID": "8c232cb9a55995f5", "BOMRef": "pkg:npm/kleur@4.1.5" }, "Version": "4.1.5", "Licenses": [ "MIT" ], "DependsOn": [ "uvu@0.5.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "levn@0.4.1", "Name": "levn", "Identifier": { "PURL": "pkg:npm/levn@0.4.1", "UID": "848b12e8e013c1c8", "BOMRef": "pkg:npm/levn@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1", "optionator@0.9.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "lightningcss@1.30.1", "Name": "lightningcss", "Identifier": { "PURL": "pkg:npm/lightningcss@1.30.1", "UID": "308581450a9bffb", "BOMRef": "pkg:npm/lightningcss@1.30.1" }, "Version": "1.30.1", "Licenses": [ "MPL-2.0" ], "DependsOn": [ "@tailwindcss/node@4.1.11", "vite@6.4.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "lines-and-columns@1.2.4", "Name": "lines-and-columns", "Identifier": { "PURL": "pkg:npm/lines-and-columns@1.2.4", "UID": "97b168b4115d05bf", "BOMRef": "pkg:npm/lines-and-columns@1.2.4" }, "Version": "1.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "parse-json@5.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "locate-path@6.0.0", "Name": "locate-path", "Identifier": { "PURL": "pkg:npm/locate-path@6.0.0", "UID": "520e2772a4a991cf", "BOMRef": "pkg:npm/locate-path@6.0.0" }, "Version": "6.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "find-up@5.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "lodash@4.17.21", "Name": "lodash", "Identifier": { "PURL": "pkg:npm/lodash@4.17.21", "UID": "3e0306ace99098a", "BOMRef": "pkg:npm/lodash@4.17.21" }, "Version": "4.17.21", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0", "@uppy/core@4.4.7", "@uppy/dashboard@4.3.4", "@uppy/utils@6.1.5", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "lodash-es@4.17.21", "Name": "lodash-es", "Identifier": { "PURL": "pkg:npm/lodash-es@4.17.21", "UID": "692d1a5bcf7af295", "BOMRef": "pkg:npm/lodash-es@4.17.21" }, "Version": "4.17.21", "Licenses": [ "MIT" ], "DependsOn": [ "force-graph@1.50.1", "kapsule@1.16.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "lodash.merge@4.6.2", "Name": "lodash.merge", "Identifier": { "PURL": "pkg:npm/lodash.merge@4.6.2", "UID": "c76db71315745f5f", "BOMRef": "pkg:npm/lodash.merge@4.6.2" }, "Version": "4.6.2", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "longest-streak@3.1.0", "Name": "longest-streak", "Identifier": { "PURL": "pkg:npm/longest-streak@3.1.0", "UID": "f545b4dccdb536a0", "BOMRef": "pkg:npm/longest-streak@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-markdown@1.5.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "loose-envify@1.4.0", "Name": "loose-envify", "Identifier": { "PURL": "pkg:npm/loose-envify@1.4.0", "UID": "44f3b641f589cec5", "BOMRef": "pkg:npm/loose-envify@1.4.0" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "prop-types@15.8.1", "react-dom@18.3.1", "react-transition-group@4.4.5", "react@18.3.1", "scheduler@0.23.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "loupe@3.1.4", "Name": "loupe", "Identifier": { "PURL": "pkg:npm/loupe@3.1.4", "UID": "f999301dcb3d2057", "BOMRef": "pkg:npm/loupe@3.1.4" }, "Version": "3.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/utils@3.2.4", "chai@5.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "lower-case@2.0.2", "Name": "lower-case", "Identifier": { "PURL": "pkg:npm/lower-case@2.0.2", "UID": "20591fb3156ea293", "BOMRef": "pkg:npm/lower-case@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "no-case@3.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "lru-cache@5.1.1", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@5.1.1", "UID": "7fd1d0f321a4a849", "BOMRef": "pkg:npm/lru-cache@5.1.1" }, "Version": "5.1.1", "Licenses": [ "ISC" ], "DependsOn": [ "@babel/helper-compilation-targets@7.27.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "lucide-react@0.545.0", "Name": "lucide-react", "Identifier": { "PURL": "pkg:npm/lucide-react@0.545.0", "UID": "4f0796db7147154d", "BOMRef": "pkg:npm/lucide-react@0.545.0" }, "Version": "0.545.0", "Licenses": [ "ISC" ], "DependsOn": [ "create-collection-form@0.0.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "lz-string@1.5.0", "Name": "lz-string", "Identifier": { "PURL": "pkg:npm/lz-string@1.5.0", "UID": "c5effa5f2217902f", "BOMRef": "pkg:npm/lz-string@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "magic-string@0.30.17", "Name": "magic-string", "Identifier": { "PURL": "pkg:npm/magic-string@0.30.17", "UID": "df0d3a1c05628ee8", "BOMRef": "pkg:npm/magic-string@0.30.17" }, "Version": "0.30.17", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/node@4.1.11", "@vitest/mocker@3.2.4", "@vitest/snapshot@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "markdown-extensions@1.1.1", "Name": "markdown-extensions", "Identifier": { "PURL": "pkg:npm/markdown-extensions@1.1.1", "UID": "524c3d91fbd4ab7", "BOMRef": "pkg:npm/markdown-extensions@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "math-intrinsics@1.1.0", "Name": "math-intrinsics", "Identifier": { "PURL": "pkg:npm/math-intrinsics@1.1.0", "UID": "b5034874ed87c202", "BOMRef": "pkg:npm/math-intrinsics@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "array-includes@3.1.9", "es-abstract@1.24.0", "get-intrinsic@1.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mdast-util-definitions@5.1.2", "Name": "mdast-util-definitions", "Identifier": { "PURL": "pkg:npm/mdast-util-definitions@5.1.2", "UID": "1d4a9987be6a2e33", "BOMRef": "pkg:npm/mdast-util-definitions@5.1.2" }, "Version": "5.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-hast@12.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mdast-util-from-markdown@1.3.1", "Name": "mdast-util-from-markdown", "Identifier": { "PURL": "pkg:npm/mdast-util-from-markdown@1.3.1", "UID": "33f117f74e024f5a", "BOMRef": "pkg:npm/mdast-util-from-markdown@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-expression@1.3.2", "mdast-util-mdx-jsx@2.1.4", "mdast-util-mdx@2.0.1", "mdast-util-mdxjs-esm@1.3.1", "remark-parse@10.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mdast-util-mdx@2.0.1", "Name": "mdast-util-mdx", "Identifier": { "PURL": "pkg:npm/mdast-util-mdx@2.0.1", "UID": "c2563f15814c3823", "BOMRef": "pkg:npm/mdast-util-mdx@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "remark-mdx@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mdast-util-mdx-expression@1.3.2", "Name": "mdast-util-mdx-expression", "Identifier": { "PURL": "pkg:npm/mdast-util-mdx-expression@1.3.2", "UID": "79cad593fcf8ef82", "BOMRef": "pkg:npm/mdast-util-mdx-expression@1.3.2" }, "Version": "1.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3", "mdast-util-mdx@2.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mdast-util-mdx-jsx@2.1.4", "Name": "mdast-util-mdx-jsx", "Identifier": { "PURL": "pkg:npm/mdast-util-mdx-jsx@2.1.4", "UID": "26bd28d67440956", "BOMRef": "pkg:npm/mdast-util-mdx-jsx@2.1.4" }, "Version": "2.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx@2.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mdast-util-mdxjs-esm@1.3.1", "Name": "mdast-util-mdxjs-esm", "Identifier": { "PURL": "pkg:npm/mdast-util-mdxjs-esm@1.3.1", "UID": "193789d710b92544", "BOMRef": "pkg:npm/mdast-util-mdxjs-esm@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3", "mdast-util-mdx@2.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mdast-util-phrasing@3.0.1", "Name": "mdast-util-phrasing", "Identifier": { "PURL": "pkg:npm/mdast-util-phrasing@3.0.1", "UID": "652d026e093cb232", "BOMRef": "pkg:npm/mdast-util-phrasing@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-markdown@1.5.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mdast-util-to-hast@12.3.0", "Name": "mdast-util-to-hast", "Identifier": { "PURL": "pkg:npm/mdast-util-to-hast@12.3.0", "UID": "c72f0bd248a7d919", "BOMRef": "pkg:npm/mdast-util-to-hast@12.3.0" }, "Version": "12.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "remark-rehype@10.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mdast-util-to-markdown@1.5.0", "Name": "mdast-util-to-markdown", "Identifier": { "PURL": "pkg:npm/mdast-util-to-markdown@1.5.0", "UID": "22d26804fb2abad3", "BOMRef": "pkg:npm/mdast-util-to-markdown@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-expression@1.3.2", "mdast-util-mdx-jsx@2.1.4", "mdast-util-mdx@2.0.1", "mdast-util-mdxjs-esm@1.3.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mdast-util-to-string@3.2.0", "Name": "mdast-util-to-string", "Identifier": { "PURL": "pkg:npm/mdast-util-to-string@3.2.0", "UID": "b4bee740e2016082", "BOMRef": "pkg:npm/mdast-util-to-string@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "mdast-util-to-markdown@1.5.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "memoize-one@6.0.0", "Name": "memoize-one", "Identifier": { "PURL": "pkg:npm/memoize-one@6.0.0", "UID": "5d3d96ea39c79b83", "BOMRef": "pkg:npm/memoize-one@6.0.0" }, "Version": "6.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4", "react-diff-viewer-continued@3.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark@3.2.0", "Name": "micromark", "Identifier": { "PURL": "pkg:npm/micromark@3.2.0", "UID": "4db7f17f28da9ab", "BOMRef": "pkg:npm/micromark@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-core-commonmark@1.1.0", "Name": "micromark-core-commonmark", "Identifier": { "PURL": "pkg:npm/micromark-core-commonmark@1.1.0", "UID": "7b51b706ee2d5d56", "BOMRef": "pkg:npm/micromark-core-commonmark@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs-esm@1.0.5", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-extension-mdx-expression@1.0.8", "Name": "micromark-extension-mdx-expression", "Identifier": { "PURL": "pkg:npm/micromark-extension-mdx-expression@1.0.8", "UID": "bb24cd6cf5a1a3a3", "BOMRef": "pkg:npm/micromark-extension-mdx-expression@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-extension-mdx-jsx@1.0.5", "Name": "micromark-extension-mdx-jsx", "Identifier": { "PURL": "pkg:npm/micromark-extension-mdx-jsx@1.0.5", "UID": "80ed80aded1de372", "BOMRef": "pkg:npm/micromark-extension-mdx-jsx@1.0.5" }, "Version": "1.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-extension-mdx-md@1.0.1", "Name": "micromark-extension-mdx-md", "Identifier": { "PURL": "pkg:npm/micromark-extension-mdx-md@1.0.1", "UID": "952d10e77ea5d7c6", "BOMRef": "pkg:npm/micromark-extension-mdx-md@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-extension-mdxjs@1.0.1", "Name": "micromark-extension-mdxjs", "Identifier": { "PURL": "pkg:npm/micromark-extension-mdxjs@1.0.1", "UID": "a3ee5ef6e864cd14", "BOMRef": "pkg:npm/micromark-extension-mdxjs@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "remark-mdx@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-extension-mdxjs-esm@1.0.5", "Name": "micromark-extension-mdxjs-esm", "Identifier": { "PURL": "pkg:npm/micromark-extension-mdxjs-esm@1.0.5", "UID": "7e7de6ed85a21e3e", "BOMRef": "pkg:npm/micromark-extension-mdxjs-esm@1.0.5" }, "Version": "1.0.5", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs@1.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-factory-destination@1.1.0", "Name": "micromark-factory-destination", "Identifier": { "PURL": "pkg:npm/micromark-factory-destination@1.1.0", "UID": "8f079259db934075", "BOMRef": "pkg:npm/micromark-factory-destination@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-factory-label@1.1.0", "Name": "micromark-factory-label", "Identifier": { "PURL": "pkg:npm/micromark-factory-label@1.1.0", "UID": "e895fac9e3dba1e3", "BOMRef": "pkg:npm/micromark-factory-label@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-factory-mdx-expression@1.0.9", "Name": "micromark-factory-mdx-expression", "Identifier": { "PURL": "pkg:npm/micromark-factory-mdx-expression@1.0.9", "UID": "506c36414d618869", "BOMRef": "pkg:npm/micromark-factory-mdx-expression@1.0.9" }, "Version": "1.0.9", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-factory-space@1.1.0", "Name": "micromark-factory-space", "Identifier": { "PURL": "pkg:npm/micromark-factory-space@1.1.0", "UID": "85d90aafc78e18af", "BOMRef": "pkg:npm/micromark-factory-space@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-factory-title@1.1.0", "micromark-factory-whitespace@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-factory-title@1.1.0", "Name": "micromark-factory-title", "Identifier": { "PURL": "pkg:npm/micromark-factory-title@1.1.0", "UID": "c004a27cb8bf6a0c", "BOMRef": "pkg:npm/micromark-factory-title@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-factory-whitespace@1.1.0", "Name": "micromark-factory-whitespace", "Identifier": { "PURL": "pkg:npm/micromark-factory-whitespace@1.1.0", "UID": "fa06cf488b94fae", "BOMRef": "pkg:npm/micromark-factory-whitespace@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-character@1.2.0", "Name": "micromark-util-character", "Identifier": { "PURL": "pkg:npm/micromark-util-character@1.2.0", "UID": "efe9706f0f8ab058", "BOMRef": "pkg:npm/micromark-util-character@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-destination@1.1.0", "micromark-factory-label@1.1.0", "micromark-factory-mdx-expression@1.0.9", "micromark-factory-space@1.1.0", "micromark-factory-title@1.1.0", "micromark-factory-whitespace@1.1.0", "micromark-util-classify-character@1.1.0", "micromark-util-decode-string@1.1.0", "micromark-util-sanitize-uri@1.2.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-chunked@1.1.0", "Name": "micromark-util-chunked", "Identifier": { "PURL": "pkg:npm/micromark-util-chunked@1.1.0", "UID": "7fdc64b6a654a2c9", "BOMRef": "pkg:npm/micromark-util-chunked@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0", "micromark-util-combine-extensions@1.1.0", "micromark-util-subtokenize@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-classify-character@1.1.0", "Name": "micromark-util-classify-character", "Identifier": { "PURL": "pkg:npm/micromark-util-classify-character@1.1.0", "UID": "2d495007314775d1", "BOMRef": "pkg:npm/micromark-util-classify-character@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-combine-extensions@1.1.0", "Name": "micromark-util-combine-extensions", "Identifier": { "PURL": "pkg:npm/micromark-util-combine-extensions@1.1.0", "UID": "692f8d3102007ba", "BOMRef": "pkg:npm/micromark-util-combine-extensions@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdxjs@1.0.1", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-decode-numeric-character-reference@1.1.0", "Name": "micromark-util-decode-numeric-character-reference", "Identifier": { "PURL": "pkg:npm/micromark-util-decode-numeric-character-reference@1.1.0", "UID": "19c2175e4f6f60cb", "BOMRef": "pkg:npm/micromark-util-decode-numeric-character-reference@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-util-decode-string@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-decode-string@1.1.0", "Name": "micromark-util-decode-string", "Identifier": { "PURL": "pkg:npm/micromark-util-decode-string@1.1.0", "UID": "556577c64223858d", "BOMRef": "pkg:npm/micromark-util-decode-string@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "mdast-util-to-markdown@1.5.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-encode@1.1.0", "Name": "micromark-util-encode", "Identifier": { "PURL": "pkg:npm/micromark-util-encode@1.1.0", "UID": "d0d3a50477441b9a", "BOMRef": "pkg:npm/micromark-util-encode@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-util-sanitize-uri@1.2.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-events-to-acorn@1.2.3", "Name": "micromark-util-events-to-acorn", "Identifier": { "PURL": "pkg:npm/micromark-util-events-to-acorn@1.2.3", "UID": "7c569539b6455ebf", "BOMRef": "pkg:npm/micromark-util-events-to-acorn@1.2.3" }, "Version": "1.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-mdx-expression@1.0.9" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-html-tag-name@1.2.0", "Name": "micromark-util-html-tag-name", "Identifier": { "PURL": "pkg:npm/micromark-util-html-tag-name@1.2.0", "UID": "ae12c05a8e09e11d", "BOMRef": "pkg:npm/micromark-util-html-tag-name@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-normalize-identifier@1.1.0", "Name": "micromark-util-normalize-identifier", "Identifier": { "PURL": "pkg:npm/micromark-util-normalize-identifier@1.1.0", "UID": "2ab9c200a8d2f299", "BOMRef": "pkg:npm/micromark-util-normalize-identifier@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-core-commonmark@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-resolve-all@1.1.0", "Name": "micromark-util-resolve-all", "Identifier": { "PURL": "pkg:npm/micromark-util-resolve-all@1.1.0", "UID": "ec8a82418e68ec42", "BOMRef": "pkg:npm/micromark-util-resolve-all@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-sanitize-uri@1.2.0", "Name": "micromark-util-sanitize-uri", "Identifier": { "PURL": "pkg:npm/micromark-util-sanitize-uri@1.2.0", "UID": "ac4a4779a67fca7a", "BOMRef": "pkg:npm/micromark-util-sanitize-uri@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-hast@12.3.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-subtokenize@1.1.0", "Name": "micromark-util-subtokenize", "Identifier": { "PURL": "pkg:npm/micromark-util-subtokenize@1.1.0", "UID": "f50107704f693b7b", "BOMRef": "pkg:npm/micromark-util-subtokenize@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "micromark-core-commonmark@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-symbol@1.1.0", "Name": "micromark-util-symbol", "Identifier": { "PURL": "pkg:npm/micromark-util-symbol@1.1.0", "UID": "2a6523b0c055d460", "BOMRef": "pkg:npm/micromark-util-symbol@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-core-commonmark@1.1.0", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-destination@1.1.0", "micromark-factory-label@1.1.0", "micromark-factory-mdx-expression@1.0.9", "micromark-factory-title@1.1.0", "micromark-factory-whitespace@1.1.0", "micromark-util-character@1.2.0", "micromark-util-chunked@1.1.0", "micromark-util-classify-character@1.1.0", "micromark-util-decode-numeric-character-reference@1.1.0", "micromark-util-decode-string@1.1.0", "micromark-util-events-to-acorn@1.2.3", "micromark-util-normalize-identifier@1.1.0", "micromark-util-sanitize-uri@1.2.0", "micromark-util-subtokenize@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromark-util-types@1.1.0", "Name": "micromark-util-types", "Identifier": { "PURL": "pkg:npm/micromark-util-types@1.1.0", "UID": "7ea82c6632d1e0f", "BOMRef": "pkg:npm/micromark-util-types@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-core-commonmark@1.1.0", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdx-md@1.0.1", "micromark-extension-mdxjs-esm@1.0.5", "micromark-extension-mdxjs@1.0.1", "micromark-factory-destination@1.1.0", "micromark-factory-label@1.1.0", "micromark-factory-mdx-expression@1.0.9", "micromark-factory-space@1.1.0", "micromark-factory-title@1.1.0", "micromark-factory-whitespace@1.1.0", "micromark-util-character@1.2.0", "micromark-util-classify-character@1.1.0", "micromark-util-combine-extensions@1.1.0", "micromark-util-events-to-acorn@1.2.3", "micromark-util-resolve-all@1.1.0", "micromark-util-subtokenize@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "micromatch@4.0.8", "Name": "micromatch", "Identifier": { "PURL": "pkg:npm/micromatch@4.0.8", "UID": "7ee7f6db6366cb47", "BOMRef": "pkg:npm/micromatch@4.0.8" }, "Version": "4.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "@parcel/watcher@2.5.1", "jest-message-util@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mime-db@1.52.0", "Name": "mime-db", "Identifier": { "PURL": "pkg:npm/mime-db@1.52.0", "UID": "4376ab9e6ff79e74", "BOMRef": "pkg:npm/mime-db@1.52.0" }, "Version": "1.52.0", "Licenses": [ "MIT" ], "DependsOn": [ "mime-types@2.1.35" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mime-match@1.0.2", "Name": "mime-match", "Identifier": { "PURL": "pkg:npm/mime-match@1.0.2", "UID": "b78f11b9a44396d8", "BOMRef": "pkg:npm/mime-match@1.0.2" }, "Version": "1.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "@uppy/core@4.4.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mime-types@2.1.35", "Name": "mime-types", "Identifier": { "PURL": "pkg:npm/mime-types@2.1.35", "UID": "1692b1302c7f8afd", "BOMRef": "pkg:npm/mime-types@2.1.35" }, "Version": "2.1.35", "Licenses": [ "MIT" ], "DependsOn": [ "form-data@4.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "min-indent@1.0.1", "Name": "min-indent", "Identifier": { "PURL": "pkg:npm/min-indent@1.0.1", "UID": "87e90f272416378e", "BOMRef": "pkg:npm/min-indent@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "strip-indent@3.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "minimatch@3.1.2", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@3.1.2", "UID": "1dd855d58430b8ca", "BOMRef": "pkg:npm/minimatch@3.1.2" }, "Version": "3.1.2", "Licenses": [ "ISC" ], "DependsOn": [ "@eslint/eslintrc@2.1.4", "@humanwhocodes/config-array@0.13.0", "eslint-plugin-react@7.37.5", "eslint@8.57.1", "glob@7.2.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "minipass@7.1.2", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.2", "UID": "3dd8313f9eded54e", "BOMRef": "pkg:npm/minipass@7.1.2" }, "Version": "7.1.2", "Licenses": [ "ISC" ], "DependsOn": [ "@isaacs/fs-minipass@4.0.1", "minizlib@3.0.2", "tar@7.4.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "minizlib@3.0.2", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.0.2", "UID": "d8d747c47ec2cbcc", "BOMRef": "pkg:npm/minizlib@3.0.2" }, "Version": "3.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "tar@7.4.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mkdirp@3.0.1", "Name": "mkdirp", "Identifier": { "PURL": "pkg:npm/mkdirp@3.0.1", "UID": "57b5e64e71a87159", "BOMRef": "pkg:npm/mkdirp@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "tar@7.4.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "monaco-editor@0.44.0", "Name": "monaco-editor", "Identifier": { "PURL": "pkg:npm/monaco-editor@0.44.0", "UID": "c533350577ab77e8", "BOMRef": "pkg:npm/monaco-editor@0.44.0" }, "Version": "0.44.0", "Licenses": [ "MIT" ], "DependsOn": [ "@monaco-editor/react@4.7.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mri@1.2.0", "Name": "mri", "Identifier": { "PURL": "pkg:npm/mri@1.2.0", "UID": "a8fffbf1086a920d", "BOMRef": "pkg:npm/mri@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11", "sade@1.8.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ms@2.1.3", "Name": "ms", "Identifier": { "PURL": "pkg:npm/ms@2.1.3", "UID": "6ad14fc1c6e27ed2", "BOMRef": "pkg:npm/ms@2.1.3" }, "Version": "2.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "debug@4.4.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "mui-chips-input@7.0.1", "Name": "mui-chips-input", "Identifier": { "PURL": "pkg:npm/mui-chips-input@7.0.1", "UID": "2d4dc6f497c3bd76", "BOMRef": "pkg:npm/mui-chips-input@7.0.1" }, "Version": "7.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "namespace-emitter@2.0.1", "Name": "namespace-emitter", "Identifier": { "PURL": "pkg:npm/namespace-emitter@2.0.1", "UID": "d62186f442451d1e", "BOMRef": "pkg:npm/namespace-emitter@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/companion-client@4.4.2", "@uppy/core@4.4.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "nanoid@3.3.11", "Name": "nanoid", "Identifier": { "PURL": "pkg:npm/nanoid@3.3.11", "UID": "94c8d965da25d0df", "BOMRef": "pkg:npm/nanoid@3.3.11" }, "Version": "3.3.11", "Licenses": [ "MIT" ], "DependsOn": [ "postcss@8.5.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "nanoid@5.1.5", "Name": "nanoid", "Identifier": { "PURL": "pkg:npm/nanoid@5.1.5", "UID": "4b7b778651d2e580", "BOMRef": "pkg:npm/nanoid@5.1.5" }, "Version": "5.1.5", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/core@4.4.7", "@uppy/dashboard@4.3.4", "@uppy/provider-views@4.4.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "natural-compare@1.4.0", "Name": "natural-compare", "Identifier": { "PURL": "pkg:npm/natural-compare@1.4.0", "UID": "efffb6a4619cd6fb", "BOMRef": "pkg:npm/natural-compare@1.4.0" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "no-case@3.0.4", "Name": "no-case", "Identifier": { "PURL": "pkg:npm/no-case@3.0.4", "UID": "8404ae03f8d9f90d", "BOMRef": "pkg:npm/no-case@3.0.4" }, "Version": "3.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "dot-case@3.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "node-addon-api@7.1.1", "Name": "node-addon-api", "Identifier": { "PURL": "pkg:npm/node-addon-api@7.1.1", "UID": "3a6b37627c8c0bc0", "BOMRef": "pkg:npm/node-addon-api@7.1.1" }, "Version": "7.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@parcel/watcher@2.5.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "node-releases@2.0.19", "Name": "node-releases", "Identifier": { "PURL": "pkg:npm/node-releases@2.0.19", "UID": "be0f78d8d728eeed", "BOMRef": "pkg:npm/node-releases@2.0.19" }, "Version": "2.0.19", "Licenses": [ "MIT" ], "DependsOn": [ "browserslist@4.25.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "notistack@3.0.2", "Name": "notistack", "Identifier": { "PURL": "pkg:npm/notistack@3.0.2", "UID": "a0cf341834998787", "BOMRef": "pkg:npm/notistack@3.0.2" }, "Version": "3.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "nwsapi@2.2.20", "Name": "nwsapi", "Identifier": { "PURL": "pkg:npm/nwsapi@2.2.20", "UID": "3fad7c68748a71c5", "BOMRef": "pkg:npm/nwsapi@2.2.20" }, "Version": "2.2.20", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "object-assign@4.1.1", "Name": "object-assign", "Identifier": { "PURL": "pkg:npm/object-assign@4.1.1", "UID": "c63e1b50c36a548", "BOMRef": "pkg:npm/object-assign@4.1.1" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "prop-types@15.8.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "object-inspect@1.13.4", "Name": "object-inspect", "Identifier": { "PURL": "pkg:npm/object-inspect@1.13.4", "UID": "93affe911ab7efd6", "BOMRef": "pkg:npm/object-inspect@1.13.4" }, "Version": "1.13.4", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "side-channel-list@1.0.0", "side-channel-map@1.0.1", "side-channel-weakmap@1.0.2", "side-channel@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "object-is@1.1.6", "Name": "object-is", "Identifier": { "PURL": "pkg:npm/object-is@1.1.6", "UID": "ea4cd23ed678aaba", "BOMRef": "pkg:npm/object-is@1.1.6" }, "Version": "1.1.6", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "object-keys@1.1.1", "Name": "object-keys", "Identifier": { "PURL": "pkg:npm/object-keys@1.1.1", "UID": "f183ab34594203a6", "BOMRef": "pkg:npm/object-keys@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "define-properties@1.2.1", "es-abstract@1.24.0", "object.assign@4.1.7", "own-keys@1.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "object.assign@4.1.7", "Name": "object.assign", "Identifier": { "PURL": "pkg:npm/object.assign@4.1.7", "UID": "3baae19c2b1ed7f", "BOMRef": "pkg:npm/object.assign@4.1.7" }, "Version": "4.1.7", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-abstract@1.24.0", "jsx-ast-utils@3.3.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "object.entries@1.1.9", "Name": "object.entries", "Identifier": { "PURL": "pkg:npm/object.entries@1.1.9", "UID": "bfeeff217750927c", "BOMRef": "pkg:npm/object.entries@1.1.9" }, "Version": "1.1.9", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "object.fromentries@2.0.8", "Name": "object.fromentries", "Identifier": { "PURL": "pkg:npm/object.fromentries@2.0.8", "UID": "b6cbd7a8ce77658e", "BOMRef": "pkg:npm/object.fromentries@2.0.8" }, "Version": "2.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "object.values@1.2.1", "Name": "object.values", "Identifier": { "PURL": "pkg:npm/object.values@1.2.1", "UID": "e841f9b466e4d428", "BOMRef": "pkg:npm/object.values@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5", "jsx-ast-utils@3.3.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "once@1.4.0", "Name": "once", "Identifier": { "PURL": "pkg:npm/once@1.4.0", "UID": "84cfd770f72d45c5", "BOMRef": "pkg:npm/once@1.4.0" }, "Version": "1.4.0", "Licenses": [ "ISC" ], "DependsOn": [ "glob@7.2.3", "inflight@1.0.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "openapi-client-axios@7.6.0", "Name": "openapi-client-axios", "Identifier": { "PURL": "pkg:npm/openapi-client-axios@7.6.0", "UID": "afb25ab39f1ef485", "BOMRef": "pkg:npm/openapi-client-axios@7.6.0" }, "Version": "7.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "openapi-types@12.1.3", "Name": "openapi-types", "Identifier": { "PURL": "pkg:npm/openapi-types@12.1.3", "UID": "75f3bb311c629954", "BOMRef": "pkg:npm/openapi-types@12.1.3" }, "Version": "12.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "openapi-client-axios@7.6.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "optionator@0.9.4", "Name": "optionator", "Identifier": { "PURL": "pkg:npm/optionator@0.9.4", "UID": "8290e96b52badcb5", "BOMRef": "pkg:npm/optionator@0.9.4" }, "Version": "0.9.4", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "own-keys@1.0.1", "Name": "own-keys", "Identifier": { "PURL": "pkg:npm/own-keys@1.0.1", "UID": "f7838af51a0744c5", "BOMRef": "pkg:npm/own-keys@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "p-limit@3.1.0", "Name": "p-limit", "Identifier": { "PURL": "pkg:npm/p-limit@3.1.0", "UID": "7e9ac0dabc60dd81", "BOMRef": "pkg:npm/p-limit@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "p-locate@5.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "p-locate@5.0.0", "Name": "p-locate", "Identifier": { "PURL": "pkg:npm/p-locate@5.0.0", "UID": "9632d0a43402aa", "BOMRef": "pkg:npm/p-locate@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "locate-path@6.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "p-queue@8.1.0", "Name": "p-queue", "Identifier": { "PURL": "pkg:npm/p-queue@8.1.0", "UID": "7cf93ca63414b28c", "BOMRef": "pkg:npm/p-queue@8.1.0" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/provider-views@4.4.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "p-retry@6.2.1", "Name": "p-retry", "Identifier": { "PURL": "pkg:npm/p-retry@6.2.1", "UID": "b0d28324ecfd744e", "BOMRef": "pkg:npm/p-retry@6.2.1" }, "Version": "6.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/companion-client@4.4.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "p-timeout@6.1.4", "Name": "p-timeout", "Identifier": { "PURL": "pkg:npm/p-timeout@6.1.4", "UID": "bac55b52d76a0f7b", "BOMRef": "pkg:npm/p-timeout@6.1.4" }, "Version": "6.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "p-queue@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "parent-module@1.0.1", "Name": "parent-module", "Identifier": { "PURL": "pkg:npm/parent-module@1.0.1", "UID": "1eca09577c9e3841", "BOMRef": "pkg:npm/parent-module@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "import-fresh@3.3.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "parse-entities@4.0.2", "Name": "parse-entities", "Identifier": { "PURL": "pkg:npm/parse-entities@4.0.2", "UID": "9b40102ee7f97028", "BOMRef": "pkg:npm/parse-entities@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-jsx@2.1.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "parse-json@5.2.0", "Name": "parse-json", "Identifier": { "PURL": "pkg:npm/parse-json@5.2.0", "UID": "9d375b0f49510ac8", "BOMRef": "pkg:npm/parse-json@5.2.0" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "cosmiconfig@7.1.0", "cosmiconfig@8.3.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "parse5@7.3.0", "Name": "parse5", "Identifier": { "PURL": "pkg:npm/parse5@7.3.0", "UID": "fcb0624f74c35241", "BOMRef": "pkg:npm/parse5@7.3.0" }, "Version": "7.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "path-exists@4.0.0", "Name": "path-exists", "Identifier": { "PURL": "pkg:npm/path-exists@4.0.0", "UID": "abbac3f6789786d3", "BOMRef": "pkg:npm/path-exists@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "find-up@5.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "path-is-absolute@1.0.1", "Name": "path-is-absolute", "Identifier": { "PURL": "pkg:npm/path-is-absolute@1.0.1", "UID": "a8c4d74c90dfaad0", "BOMRef": "pkg:npm/path-is-absolute@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "glob@7.2.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "91a42249d19b6f79", "BOMRef": "pkg:npm/path-key@3.1.1" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "cross-spawn@7.0.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "path-parse@1.0.7", "Name": "path-parse", "Identifier": { "PURL": "pkg:npm/path-parse@1.0.7", "UID": "f4a8e466dd73e60e", "BOMRef": "pkg:npm/path-parse@1.0.7" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "DependsOn": [ "resolve@1.22.10", "resolve@2.0.0-next.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "path-type@4.0.0", "Name": "path-type", "Identifier": { "PURL": "pkg:npm/path-type@4.0.0", "UID": "7c97d2ee8dcd6333", "BOMRef": "pkg:npm/path-type@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "cosmiconfig@7.1.0", "cosmiconfig@8.3.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "pathe@2.0.3", "Name": "pathe", "Identifier": { "PURL": "pkg:npm/pathe@2.0.3", "UID": "b650a9fa024941d5", "BOMRef": "pkg:npm/pathe@2.0.3" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/runner@3.2.4", "@vitest/snapshot@3.2.4", "vite-node@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "pathval@2.0.1", "Name": "pathval", "Identifier": { "PURL": "pkg:npm/pathval@2.0.1", "UID": "bd5b88892d851e0e", "BOMRef": "pkg:npm/pathval@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "chai@5.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "periscopic@3.1.0", "Name": "periscopic", "Identifier": { "PURL": "pkg:npm/periscopic@3.1.0", "UID": "5cf44109ff30fa36", "BOMRef": "pkg:npm/periscopic@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "picocolors@1.1.1", "Name": "picocolors", "Identifier": { "PURL": "pkg:npm/picocolors@1.1.1", "UID": "f268ac9402b71a6", "BOMRef": "pkg:npm/picocolors@1.1.1" }, "Version": "1.1.1", "Licenses": [ "ISC" ], "DependsOn": [ "@babel/code-frame@7.27.1", "@tailwindcss/cli@4.1.11", "postcss@8.5.6", "update-browserslist-db@1.1.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "picomatch@2.3.1", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@2.3.1", "UID": "cc56fa443c484956", "BOMRef": "8352903c-e46d-4fb2-b656-f275f81947ff" }, "Version": "2.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "@rollup/pluginutils@4.2.1", "micromatch@4.0.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "picomatch@2.3.1", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@2.3.1", "UID": "e79ae1b5aa028870", "BOMRef": "a98376a0-472f-4860-885d-62d2ebb93a66" }, "Version": "2.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "picomatch@4.0.2", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@4.0.2", "UID": "3caf5f4afe683db7", "BOMRef": "pkg:npm/picomatch@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "@rollup/pluginutils@5.2.0", "fdir@6.4.6", "jest-util@30.0.2", "tinyglobby@0.2.14", "vite@6.4.1", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "possible-typed-array-names@1.1.0", "Name": "possible-typed-array-names", "Identifier": { "PURL": "pkg:npm/possible-typed-array-names@1.1.0", "UID": "8a0b83ccc7d7c35a", "BOMRef": "pkg:npm/possible-typed-array-names@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "available-typed-arrays@1.0.7", "typed-array-length@1.0.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "postcss@8.5.6", "Name": "postcss", "Identifier": { "PURL": "pkg:npm/postcss@8.5.6", "UID": "5191359a5becfa9c", "BOMRef": "pkg:npm/postcss@8.5.6" }, "Version": "8.5.6", "Licenses": [ "MIT" ], "DependsOn": [ "vite@6.4.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "preact@10.26.9", "Name": "preact", "Identifier": { "PURL": "pkg:npm/preact@10.26.9", "UID": "d24020d3945df8b6", "BOMRef": "pkg:npm/preact@10.26.9" }, "Version": "10.26.9", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/components@0.2.0", "@uppy/core@4.4.7", "@uppy/dashboard@4.3.4", "@uppy/drag-drop@4.1.3", "@uppy/informer@4.2.1", "@uppy/progress-bar@4.2.1", "@uppy/provider-views@4.4.5", "@uppy/react@4.4.0", "@uppy/status-bar@4.1.3", "@uppy/utils@6.1.5", "float-tooltip@1.7.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "prelude-ls@1.2.1", "Name": "prelude-ls", "Identifier": { "PURL": "pkg:npm/prelude-ls@1.2.1", "UID": "a66bacab27fe3b1d", "BOMRef": "pkg:npm/prelude-ls@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "levn@0.4.1", "optionator@0.9.4", "type-check@0.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "prettier@2.8.7", "Name": "prettier", "Identifier": { "PURL": "pkg:npm/prettier@2.8.7", "UID": "d69dd4b1dd78cc67", "BOMRef": "pkg:npm/prettier@2.8.7" }, "Version": "2.8.7", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "pretty-bytes@6.1.1", "Name": "pretty-bytes", "Identifier": { "PURL": "pkg:npm/pretty-bytes@6.1.1", "UID": "8846cf7539692d84", "BOMRef": "pkg:npm/pretty-bytes@6.1.1" }, "Version": "6.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/components@0.2.0", "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "pretty-format@27.5.1", "Name": "pretty-format", "Identifier": { "PURL": "pkg:npm/pretty-format@27.5.1", "UID": "69236dcb3425d376", "BOMRef": "pkg:npm/pretty-format@27.5.1" }, "Version": "27.5.1", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/dom@10.4.0", "@testing-library/dom@8.20.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "pretty-format@30.0.2", "Name": "pretty-format", "Identifier": { "PURL": "pkg:npm/pretty-format@30.0.2", "UID": "3d38ff55a5c18007", "BOMRef": "2ec226a3-3b05-416d-af53-f4a28b967809" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "@types/jest@30.0.0", "jest-diff@30.0.4", "jest-matcher-utils@30.0.4", "jest-message-util@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "pretty-format@30.0.2", "Name": "pretty-format", "Identifier": { "PURL": "pkg:npm/pretty-format@30.0.2", "UID": "885e4dd4e3184c55", "BOMRef": "ed153bc7-247d-48e2-98c8-38161eeffae4" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "pretty-format@30.0.2", "Name": "pretty-format", "Identifier": { "PURL": "pkg:npm/pretty-format@30.0.2", "UID": "20373b0e1699794b", "BOMRef": "1f11d8ba-f89d-4b48-8e02-a91cc8837da9" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "pretty-format@30.0.2", "Name": "pretty-format", "Identifier": { "PURL": "pkg:npm/pretty-format@30.0.2", "UID": "611f985258f6f19", "BOMRef": "2629a13b-2786-46fb-a0f0-f5db7bfe79ce" }, "Version": "30.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "prism-react-renderer@2.4.1", "Name": "prism-react-renderer", "Identifier": { "PURL": "pkg:npm/prism-react-renderer@2.4.1", "UID": "73364131a2df946f", "BOMRef": "pkg:npm/prism-react-renderer@2.4.1" }, "Version": "2.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "prismjs@1.30.0", "Name": "prismjs", "Identifier": { "PURL": "pkg:npm/prismjs@1.30.0", "UID": "789bc41208c8366f", "BOMRef": "pkg:npm/prismjs@1.30.0" }, "Version": "1.30.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "prop-types@15.8.1", "Name": "prop-types", "Identifier": { "PURL": "pkg:npm/prop-types@15.8.1", "UID": "a9064f3c27f07e9a", "BOMRef": "pkg:npm/prop-types@15.8.1" }, "Version": "15.8.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/private-theming@5.17.1", "@mui/private-theming@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@mui/x-data-grid@7.29.8", "create-collection-form@0.0.0", "eslint-plugin-react@7.37.5", "qdrant-web-ui@0.2.5", "react-archer@4.4.0", "react-diff-viewer-continued@3.4.0", "react-transition-group@4.4.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "property-information@6.5.0", "Name": "property-information", "Identifier": { "PURL": "pkg:npm/property-information@6.5.0", "UID": "d8d0fdce775ae6da", "BOMRef": "pkg:npm/property-information@6.5.0" }, "Version": "6.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "proxy-from-env@1.1.0", "Name": "proxy-from-env", "Identifier": { "PURL": "pkg:npm/proxy-from-env@1.1.0", "UID": "1ca79fd317034e72", "BOMRef": "pkg:npm/proxy-from-env@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "axios@1.12.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "psl@1.15.0", "Name": "psl", "Identifier": { "PURL": "pkg:npm/psl@1.15.0", "UID": "40748dd37872487", "BOMRef": "pkg:npm/psl@1.15.0" }, "Version": "1.15.0", "Licenses": [ "MIT" ], "DependsOn": [ "tough-cookie@4.1.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "punycode@2.3.1", "Name": "punycode", "Identifier": { "PURL": "pkg:npm/punycode@2.3.1", "UID": "30c3553bb4562463", "BOMRef": "pkg:npm/punycode@2.3.1" }, "Version": "2.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "psl@1.15.0", "tough-cookie@4.1.4", "tr46@4.1.1", "uri-js@4.4.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "qdrant-web-ui@0.2.5", "Name": "qdrant-web-ui", "Identifier": { "PURL": "pkg:npm/qdrant-web-ui@0.2.5", "UID": "977753ca07f3531a", "BOMRef": "pkg:npm/qdrant-web-ui@0.2.5" }, "Version": "0.2.5", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "querystringify@2.2.0", "Name": "querystringify", "Identifier": { "PURL": "pkg:npm/querystringify@2.2.0", "UID": "ea03dc19adcbb780", "BOMRef": "pkg:npm/querystringify@2.2.0" }, "Version": "2.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "url-parse@1.5.10" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "queue-microtask@1.2.3", "Name": "queue-microtask", "Identifier": { "PURL": "pkg:npm/queue-microtask@1.2.3", "UID": "8f7b300f3ac4f0e4", "BOMRef": "pkg:npm/queue-microtask@1.2.3" }, "Version": "1.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "run-parallel@1.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react@18.3.1", "Name": "react", "Identifier": { "PURL": "pkg:npm/react@18.3.1", "UID": "a24ecc1c563aae7c", "BOMRef": "pkg:npm/react@18.3.1" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/react@11.14.0", "@emotion/styled@11.14.1", "@emotion/use-insertion-effect-with-fallbacks@1.2.0", "@mdx-js/react@2.3.0", "@monaco-editor/react@4.7.0", "@mui/icons-material@7.2.0", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/private-theming@5.17.1", "@mui/private-theming@7.2.0", "@mui/styled-engine@5.16.14", "@mui/styled-engine@7.2.0", "@mui/system@5.17.1", "@mui/system@7.2.0", "@mui/utils@5.17.1", "@mui/utils@7.2.0", "@mui/x-data-grid@7.29.8", "@mui/x-internals@7.29.0", "@testing-library/react@13.4.0", "@textea/json-viewer@2.17.2", "@uppy/react@4.4.0", "lucide-react@0.545.0", "mui-chips-input@7.0.1", "notistack@3.0.2", "prism-react-renderer@2.4.1", "qdrant-web-ui@0.2.5", "react-archer@4.4.0", "react-diff-viewer-continued@3.4.0", "react-dom@18.3.1", "react-resizable-panels@0.0.51", "react-router-dom@6.30.1", "react-router@6.30.1", "react-simple-code-editor@0.13.1", "react-transition-group@4.4.5", "use-sync-external-store@1.5.0", "zustand@4.5.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-archer@4.4.0", "Name": "react-archer", "Identifier": { "PURL": "pkg:npm/react-archer@4.4.0", "UID": "d181d9574395e2a", "BOMRef": "pkg:npm/react-archer@4.4.0" }, "Version": "4.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-diff-viewer-continued@3.4.0", "Name": "react-diff-viewer-continued", "Identifier": { "PURL": "pkg:npm/react-diff-viewer-continued@3.4.0", "UID": "265d484be34fd454", "BOMRef": "pkg:npm/react-diff-viewer-continued@3.4.0" }, "Version": "3.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-dom@18.3.1", "Name": "react-dom", "Identifier": { "PURL": "pkg:npm/react-dom@18.3.1", "UID": "513ae08198aa411b", "BOMRef": "pkg:npm/react-dom@18.3.1" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "@monaco-editor/react@4.7.0", "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/x-data-grid@7.29.8", "@testing-library/react@13.4.0", "@textea/json-viewer@2.17.2", "@uppy/react@4.4.0", "mui-chips-input@7.0.1", "notistack@3.0.2", "qdrant-web-ui@0.2.5", "react-diff-viewer-continued@3.4.0", "react-resizable-panels@0.0.51", "react-router-dom@6.30.1", "react-simple-code-editor@0.13.1", "react-transition-group@4.4.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-fast-compare@2.0.4", "Name": "react-fast-compare", "Identifier": { "PURL": "pkg:npm/react-fast-compare@2.0.4", "UID": "f9399de44c4d9275", "BOMRef": "pkg:npm/react-fast-compare@2.0.4" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "react-archer@4.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-is@16.13.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@16.13.1", "UID": "8848ed7c799c01c5", "BOMRef": "4e3eaed5-6cc0-40ec-99ba-f4b3864a80e5" }, "Version": "16.13.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-is@16.13.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@16.13.1", "UID": "96a09f7c2c0cf9f7", "BOMRef": "85b1bffa-62ac-4d0c-8353-84910a45e5ce" }, "Version": "16.13.1", "Licenses": [ "MIT" ], "DependsOn": [ "hoist-non-react-statics@3.3.2", "prop-types@15.8.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-is@17.0.2", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@17.0.2", "UID": "a547e868420f6e17", "BOMRef": "pkg:npm/react-is@17.0.2" }, "Version": "17.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "pretty-format@27.5.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-is@18.3.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@18.3.1", "UID": "d886a4a2e2103913", "BOMRef": "18a2ee4b-ffb5-4bd4-968a-75b464a738e8" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-is@18.3.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@18.3.1", "UID": "236d24c574fa4b81", "BOMRef": "35b89791-d7f3-40db-a06c-6a6eb2c00873" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-is@18.3.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@18.3.1", "UID": "821eaccdf2ba9d29", "BOMRef": "9b0a4a29-2de5-4973-ba53-61f1cf3b5577" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-is@18.3.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@18.3.1", "UID": "c8a8ae4c594b4d62", "BOMRef": "acea46a9-6387-45a4-a9b1-1f6a94273ad7" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "DependsOn": [ "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2", "pretty-format@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-is@19.1.0", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@19.1.0", "UID": "5ca2e840fad87a9b", "BOMRef": "pkg:npm/react-is@19.1.0" }, "Version": "19.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0", "@mui/utils@5.17.1", "@mui/utils@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-refresh@0.17.0", "Name": "react-refresh", "Identifier": { "PURL": "pkg:npm/react-refresh@0.17.0", "UID": "95e134625e4774ee", "BOMRef": "pkg:npm/react-refresh@0.17.0" }, "Version": "0.17.0", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-resizable-panels@0.0.51", "Name": "react-resizable-panels", "Identifier": { "PURL": "pkg:npm/react-resizable-panels@0.0.51", "UID": "7dd51ee1e1435e9c", "BOMRef": "pkg:npm/react-resizable-panels@0.0.51" }, "Version": "0.0.51", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-router@6.30.1", "Name": "react-router", "Identifier": { "PURL": "pkg:npm/react-router@6.30.1", "UID": "357d5ed1312e84b2", "BOMRef": "pkg:npm/react-router@6.30.1" }, "Version": "6.30.1", "Licenses": [ "MIT" ], "DependsOn": [ "react-router-dom@6.30.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-router-dom@6.30.1", "Name": "react-router-dom", "Identifier": { "PURL": "pkg:npm/react-router-dom@6.30.1", "UID": "4884662cfaa91eab", "BOMRef": "pkg:npm/react-router-dom@6.30.1" }, "Version": "6.30.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-simple-code-editor@0.13.1", "Name": "react-simple-code-editor", "Identifier": { "PURL": "pkg:npm/react-simple-code-editor@0.13.1", "UID": "2a6563362c53a2d1", "BOMRef": "pkg:npm/react-simple-code-editor@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "react-transition-group@4.4.5", "Name": "react-transition-group", "Identifier": { "PURL": "pkg:npm/react-transition-group@4.4.5", "UID": "fa041d4806da374b", "BOMRef": "pkg:npm/react-transition-group@4.4.5" }, "Version": "4.4.5", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@mui/material@5.17.1", "@mui/material@7.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "redent@3.0.0", "Name": "redent", "Identifier": { "PURL": "pkg:npm/redent@3.0.0", "UID": "a298d36eab1c491f", "BOMRef": "pkg:npm/redent@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@testing-library/jest-dom@5.17.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "reflect.getprototypeof@1.0.10", "Name": "reflect.getprototypeof", "Identifier": { "PURL": "pkg:npm/reflect.getprototypeof@1.0.10", "UID": "bed331f71227aed6", "BOMRef": "pkg:npm/reflect.getprototypeof@1.0.10" }, "Version": "1.0.10", "Licenses": [ "MIT" ], "DependsOn": [ "typed-array-byte-offset@1.0.4", "typed-array-length@1.0.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "regexp.prototype.flags@1.5.4", "Name": "regexp.prototype.flags", "Identifier": { "PURL": "pkg:npm/regexp.prototype.flags@1.5.4", "UID": "d6284893414d2eb4", "BOMRef": "pkg:npm/regexp.prototype.flags@1.5.4" }, "Version": "1.5.4", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-abstract@1.24.0", "string.prototype.matchall@4.0.12" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "remark-mdx@2.3.0", "Name": "remark-mdx", "Identifier": { "PURL": "pkg:npm/remark-mdx@2.3.0", "UID": "b388c50fa6257aab", "BOMRef": "pkg:npm/remark-mdx@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "remark-parse@10.0.2", "Name": "remark-parse", "Identifier": { "PURL": "pkg:npm/remark-parse@10.0.2", "UID": "f2957b135f41d22b", "BOMRef": "pkg:npm/remark-parse@10.0.2" }, "Version": "10.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "remark-rehype@10.1.0", "Name": "remark-rehype", "Identifier": { "PURL": "pkg:npm/remark-rehype@10.1.0", "UID": "99fae285d2489f5", "BOMRef": "pkg:npm/remark-rehype@10.1.0" }, "Version": "10.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "requires-port@1.0.0", "Name": "requires-port", "Identifier": { "PURL": "pkg:npm/requires-port@1.0.0", "UID": "11ec0628944a8c69", "BOMRef": "pkg:npm/requires-port@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "url-parse@1.5.10" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "reselect@5.1.1", "Name": "reselect", "Identifier": { "PURL": "pkg:npm/reselect@5.1.1", "UID": "547a34f2c9184d66", "BOMRef": "pkg:npm/reselect@5.1.1" }, "Version": "5.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/x-data-grid@7.29.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "resize-observer-polyfill@1.5.0", "Name": "resize-observer-polyfill", "Identifier": { "PURL": "pkg:npm/resize-observer-polyfill@1.5.0", "UID": "97239e1375d6b527", "BOMRef": "pkg:npm/resize-observer-polyfill@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "react-archer@4.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "resolve@1.22.10", "Name": "resolve", "Identifier": { "PURL": "pkg:npm/resolve@1.22.10", "UID": "dca257eb0e732850", "BOMRef": "pkg:npm/resolve@1.22.10" }, "Version": "1.22.10", "Licenses": [ "MIT" ], "DependsOn": [ "babel-plugin-macros@3.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "resolve@2.0.0-next.5", "Name": "resolve", "Identifier": { "PURL": "pkg:npm/resolve@2.0.0-next.5", "UID": "19b0d33fbce6cf68", "BOMRef": "pkg:npm/resolve@2.0.0-next.5" }, "Version": "2.0.0-next.5", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "resolve-from@4.0.0", "Name": "resolve-from", "Identifier": { "PURL": "pkg:npm/resolve-from@4.0.0", "UID": "8579c5f4c596765a", "BOMRef": "pkg:npm/resolve-from@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "import-fresh@3.3.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "retry@0.13.1", "Name": "retry", "Identifier": { "PURL": "pkg:npm/retry@0.13.1", "UID": "4ea2ac1bcfcb2c38", "BOMRef": "pkg:npm/retry@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT" ], "DependsOn": [ "p-retry@6.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "reusify@1.1.0", "Name": "reusify", "Identifier": { "PURL": "pkg:npm/reusify@1.1.0", "UID": "960aaa47a1eac18", "BOMRef": "pkg:npm/reusify@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "fastq@1.19.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "rimraf@3.0.2", "Name": "rimraf", "Identifier": { "PURL": "pkg:npm/rimraf@3.0.2", "UID": "2f017bc550849d6c", "BOMRef": "pkg:npm/rimraf@3.0.2" }, "Version": "3.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "flat-cache@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "rollup@2.79.2", "Name": "rollup", "Identifier": { "PURL": "pkg:npm/rollup@2.79.2", "UID": "b816620694fb7b45", "BOMRef": "pkg:npm/rollup@2.79.2" }, "Version": "2.79.2", "Licenses": [ "MIT" ], "DependsOn": [ "vite-plugin-eslint@1.8.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "rollup@4.44.2", "Name": "rollup", "Identifier": { "PURL": "pkg:npm/rollup@4.44.2", "UID": "72df50630c982dc4", "BOMRef": "pkg:npm/rollup@4.44.2" }, "Version": "4.44.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/rollup@2.3.0", "@rollup/pluginutils@5.2.0", "vite@6.4.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "rrweb-cssom@0.6.0", "Name": "rrweb-cssom", "Identifier": { "PURL": "pkg:npm/rrweb-cssom@0.6.0", "UID": "3417e10214315e0b", "BOMRef": "pkg:npm/rrweb-cssom@0.6.0" }, "Version": "0.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "cssstyle@3.0.0", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "run-parallel@1.2.0", "Name": "run-parallel", "Identifier": { "PURL": "pkg:npm/run-parallel@1.2.0", "UID": "76aeceed72ad743c", "BOMRef": "pkg:npm/run-parallel@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@nodelib/fs.scandir@2.1.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "sade@1.8.1", "Name": "sade", "Identifier": { "PURL": "pkg:npm/sade@1.8.1", "UID": "c4631cec893a5ba1", "BOMRef": "pkg:npm/sade@1.8.1" }, "Version": "1.8.1", "Licenses": [ "MIT" ], "DependsOn": [ "uvu@0.5.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "safe-array-concat@1.1.3", "Name": "safe-array-concat", "Identifier": { "PURL": "pkg:npm/safe-array-concat@1.1.3", "UID": "583d07e5ea2de9a", "BOMRef": "pkg:npm/safe-array-concat@1.1.3" }, "Version": "1.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-iterator-helpers@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "safe-push-apply@1.0.0", "Name": "safe-push-apply", "Identifier": { "PURL": "pkg:npm/safe-push-apply@1.0.0", "UID": "b95ad2b5bdd01c46", "BOMRef": "pkg:npm/safe-push-apply@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "own-keys@1.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "safe-regex-test@1.1.0", "Name": "safe-regex-test", "Identifier": { "PURL": "pkg:npm/safe-regex-test@1.1.0", "UID": "ee46397162060f2e", "BOMRef": "pkg:npm/safe-regex-test@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "is-async-function@2.1.1", "is-generator-function@1.1.0", "is-symbol@1.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "safer-buffer@2.1.2", "Name": "safer-buffer", "Identifier": { "PURL": "pkg:npm/safer-buffer@2.1.2", "UID": "fb2e2121cbbd289", "BOMRef": "pkg:npm/safer-buffer@2.1.2" }, "Version": "2.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "iconv-lite@0.6.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "saxes@6.0.0", "Name": "saxes", "Identifier": { "PURL": "pkg:npm/saxes@6.0.0", "UID": "ba2966fb4209dcdc", "BOMRef": "pkg:npm/saxes@6.0.0" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "scheduler@0.23.2", "Name": "scheduler", "Identifier": { "PURL": "pkg:npm/scheduler@0.23.2", "UID": "6a8a5d9259911b55", "BOMRef": "pkg:npm/scheduler@0.23.2" }, "Version": "0.23.2", "Licenses": [ "MIT" ], "DependsOn": [ "react-dom@18.3.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "semver@6.3.1", "Name": "semver", "Identifier": { "PURL": "pkg:npm/semver@6.3.1", "UID": "100702e8981025d4", "BOMRef": "pkg:npm/semver@6.3.1" }, "Version": "6.3.1", "Licenses": [ "ISC" ], "DependsOn": [ "@babel/core@7.28.0", "@babel/helper-compilation-targets@7.27.2", "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "set-function-length@1.2.2", "Name": "set-function-length", "Identifier": { "PURL": "pkg:npm/set-function-length@1.2.2", "UID": "aed47b4d814b595d", "BOMRef": "pkg:npm/set-function-length@1.2.2" }, "Version": "1.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "call-bind@1.0.8" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "set-function-name@2.0.2", "Name": "set-function-name", "Identifier": { "PURL": "pkg:npm/set-function-name@2.0.2", "UID": "fe07022c999c23f4", "BOMRef": "pkg:npm/set-function-name@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "iterator.prototype@1.1.5", "regexp.prototype.flags@1.5.4", "string.prototype.matchall@4.0.12" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "set-proto@1.0.0", "Name": "set-proto", "Identifier": { "PURL": "pkg:npm/set-proto@1.0.0", "UID": "34fd6ae3ed0420c0", "BOMRef": "pkg:npm/set-proto@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "shallow-equal@3.1.0", "Name": "shallow-equal", "Identifier": { "PURL": "pkg:npm/shallow-equal@3.1.0", "UID": "a659ffafcd2530d", "BOMRef": "pkg:npm/shallow-equal@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "@uppy/dashboard@4.3.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "9473ba8e67411033", "BOMRef": "pkg:npm/shebang-command@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "cross-spawn@7.0.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "e867a721a29587cc", "BOMRef": "pkg:npm/shebang-regex@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "shebang-command@2.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "side-channel@1.1.0", "Name": "side-channel", "Identifier": { "PURL": "pkg:npm/side-channel@1.1.0", "UID": "82ce190d79d8d078", "BOMRef": "pkg:npm/side-channel@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "internal-slot@1.1.0", "string.prototype.matchall@4.0.12" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "side-channel-list@1.0.0", "Name": "side-channel-list", "Identifier": { "PURL": "pkg:npm/side-channel-list@1.0.0", "UID": "65c09edd7bc5b117", "BOMRef": "pkg:npm/side-channel-list@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "side-channel@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "side-channel-map@1.0.1", "Name": "side-channel-map", "Identifier": { "PURL": "pkg:npm/side-channel-map@1.0.1", "UID": "98b97f5cacff1680", "BOMRef": "pkg:npm/side-channel-map@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "side-channel-weakmap@1.0.2", "side-channel@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "side-channel-weakmap@1.0.2", "Name": "side-channel-weakmap", "Identifier": { "PURL": "pkg:npm/side-channel-weakmap@1.0.2", "UID": "2ee7828ff13a1eed", "BOMRef": "pkg:npm/side-channel-weakmap@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "side-channel@1.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "siginfo@2.0.0", "Name": "siginfo", "Identifier": { "PURL": "pkg:npm/siginfo@2.0.0", "UID": "392933418cee7324", "BOMRef": "pkg:npm/siginfo@2.0.0" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "DependsOn": [ "why-is-node-running@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "slash@3.0.0", "Name": "slash", "Identifier": { "PURL": "pkg:npm/slash@3.0.0", "UID": "309fd1643b78e648", "BOMRef": "pkg:npm/slash@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jest-message-util@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "snake-case@3.0.4", "Name": "snake-case", "Identifier": { "PURL": "pkg:npm/snake-case@3.0.4", "UID": "b6ff5a41a144736f", "BOMRef": "pkg:npm/snake-case@3.0.4" }, "Version": "3.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/core@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "source-map@0.5.7", "Name": "source-map", "Identifier": { "PURL": "pkg:npm/source-map@0.5.7", "UID": "5408da5b488dbed4", "BOMRef": "pkg:npm/source-map@0.5.7" }, "Version": "0.5.7", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "source-map@0.7.4", "Name": "source-map", "Identifier": { "PURL": "pkg:npm/source-map@0.7.4", "UID": "78518520f79a97e4", "BOMRef": "d1f8d421-2abd-4207-9b7b-c669503bf157" }, "Version": "0.7.4", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@mdx-js/rollup@2.3.0", "estree-util-to-js@1.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "source-map@0.7.4", "Name": "source-map", "Identifier": { "PURL": "pkg:npm/source-map@0.7.4", "UID": "52c09247c8e0d514", "BOMRef": "e30546ec-6e5f-40dd-b2c8-a45135ef3729" }, "Version": "0.7.4", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "source-map-js@1.2.1", "Name": "source-map-js", "Identifier": { "PURL": "pkg:npm/source-map-js@1.2.1", "UID": "834f8942383d8f73", "BOMRef": "pkg:npm/source-map-js@1.2.1" }, "Version": "1.2.1", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "@tailwindcss/node@4.1.11", "postcss@8.5.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "space-separated-tokens@2.0.2", "Name": "space-separated-tokens", "Identifier": { "PURL": "pkg:npm/space-separated-tokens@2.0.2", "UID": "4f36db7f5cb92bb1", "BOMRef": "pkg:npm/space-separated-tokens@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "stack-utils@2.0.6", "Name": "stack-utils", "Identifier": { "PURL": "pkg:npm/stack-utils@2.0.6", "UID": "8f2a79b1fddd943f", "BOMRef": "pkg:npm/stack-utils@2.0.6" }, "Version": "2.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "jest-message-util@30.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "stackback@0.0.2", "Name": "stackback", "Identifier": { "PURL": "pkg:npm/stackback@0.0.2", "UID": "aa7844b6c1037c2c", "BOMRef": "pkg:npm/stackback@0.0.2" }, "Version": "0.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "why-is-node-running@2.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "state-local@1.0.7", "Name": "state-local", "Identifier": { "PURL": "pkg:npm/state-local@1.0.7", "UID": "58b576d95a71870d", "BOMRef": "pkg:npm/state-local@1.0.7" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "DependsOn": [ "@monaco-editor/loader@1.5.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "std-env@3.9.0", "Name": "std-env", "Identifier": { "PURL": "pkg:npm/std-env@3.9.0", "UID": "13ec97f9d40426cf", "BOMRef": "pkg:npm/std-env@3.9.0" }, "Version": "3.9.0", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "stop-iteration-iterator@1.1.0", "Name": "stop-iteration-iterator", "Identifier": { "PURL": "pkg:npm/stop-iteration-iterator@1.1.0", "UID": "d9b83423f10f8a84", "BOMRef": "pkg:npm/stop-iteration-iterator@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0", "es-get-iterator@1.1.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "string.prototype.matchall@4.0.12", "Name": "string.prototype.matchall", "Identifier": { "PURL": "pkg:npm/string.prototype.matchall@4.0.12", "UID": "8110090607345f92", "BOMRef": "pkg:npm/string.prototype.matchall@4.0.12" }, "Version": "4.0.12", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "string.prototype.repeat@1.0.0", "Name": "string.prototype.repeat", "Identifier": { "PURL": "pkg:npm/string.prototype.repeat@1.0.0", "UID": "b9f0c1e35a6fa213", "BOMRef": "pkg:npm/string.prototype.repeat@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint-plugin-react@7.37.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "string.prototype.trim@1.2.10", "Name": "string.prototype.trim", "Identifier": { "PURL": "pkg:npm/string.prototype.trim@1.2.10", "UID": "6e77bb4a2476cc7e", "BOMRef": "pkg:npm/string.prototype.trim@1.2.10" }, "Version": "1.2.10", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "string.prototype.trimend@1.0.9", "Name": "string.prototype.trimend", "Identifier": { "PURL": "pkg:npm/string.prototype.trimend@1.0.9", "UID": "db4a39997cfd999a", "BOMRef": "pkg:npm/string.prototype.trimend@1.0.9" }, "Version": "1.0.9", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "string.prototype.trimstart@1.0.8", "Name": "string.prototype.trimstart", "Identifier": { "PURL": "pkg:npm/string.prototype.trimstart@1.0.8", "UID": "ce28e8798bf99731", "BOMRef": "pkg:npm/string.prototype.trimstart@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "stringify-entities@4.0.4", "Name": "stringify-entities", "Identifier": { "PURL": "pkg:npm/stringify-entities@4.0.4", "UID": "44ba863032f055b2", "BOMRef": "pkg:npm/stringify-entities@4.0.4" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-jsx@2.1.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "strip-ansi@6.0.1", "Name": "strip-ansi", "Identifier": { "PURL": "pkg:npm/strip-ansi@6.0.1", "UID": "93c247c24f818bc6", "BOMRef": "pkg:npm/strip-ansi@6.0.1" }, "Version": "6.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "strip-indent@3.0.0", "Name": "strip-indent", "Identifier": { "PURL": "pkg:npm/strip-indent@3.0.0", "UID": "944d93135068a53e", "BOMRef": "pkg:npm/strip-indent@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "redent@3.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "strip-json-comments@3.1.1", "Name": "strip-json-comments", "Identifier": { "PURL": "pkg:npm/strip-json-comments@3.1.1", "UID": "7006a6fe968920f", "BOMRef": "pkg:npm/strip-json-comments@3.1.1" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "@eslint/eslintrc@2.1.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "strip-literal@3.0.0", "Name": "strip-literal", "Identifier": { "PURL": "pkg:npm/strip-literal@3.0.0", "UID": "f6df543f6adc020a", "BOMRef": "pkg:npm/strip-literal@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/runner@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "style-to-object@0.4.4", "Name": "style-to-object", "Identifier": { "PURL": "pkg:npm/style-to-object@0.4.4", "UID": "b8c0177da0ecc954", "BOMRef": "pkg:npm/style-to-object@0.4.4" }, "Version": "0.4.4", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "stylis@4.2.0", "Name": "stylis", "Identifier": { "PURL": "pkg:npm/stylis@4.2.0", "UID": "4b5cead9b12b0f94", "BOMRef": "pkg:npm/stylis@4.2.0" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "@emotion/babel-plugin@11.13.5", "@emotion/cache@11.14.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "supports-color@7.2.0", "Name": "supports-color", "Identifier": { "PURL": "pkg:npm/supports-color@7.2.0", "UID": "db06e23aba04782c", "BOMRef": "pkg:npm/supports-color@7.2.0" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "chalk@3.0.0", "chalk@4.1.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "supports-preserve-symlinks-flag@1.0.0", "Name": "supports-preserve-symlinks-flag", "Identifier": { "PURL": "pkg:npm/supports-preserve-symlinks-flag@1.0.0", "UID": "9c536e9a857ea5", "BOMRef": "pkg:npm/supports-preserve-symlinks-flag@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "resolve@1.22.10", "resolve@2.0.0-next.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "svg-parser@2.0.4", "Name": "svg-parser", "Identifier": { "PURL": "pkg:npm/svg-parser@2.0.4", "UID": "c1b832b5b1a8c99", "BOMRef": "pkg:npm/svg-parser@2.0.4" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "@svgr/plugin-jsx@8.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "symbol-tree@3.2.4", "Name": "symbol-tree", "Identifier": { "PURL": "pkg:npm/symbol-tree@3.2.4", "UID": "7327cc1631bb8cf", "BOMRef": "pkg:npm/symbol-tree@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tailwindcss@4.1.11", "Name": "tailwindcss", "Identifier": { "PURL": "pkg:npm/tailwindcss@4.1.11", "UID": "8e7f2ac65090f492", "BOMRef": "pkg:npm/tailwindcss@4.1.11" }, "Version": "4.1.11", "Licenses": [ "MIT" ], "DependsOn": [ "@tailwindcss/cli@4.1.11", "@tailwindcss/node@4.1.11", "@uppy/components@0.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tapable@2.2.2", "Name": "tapable", "Identifier": { "PURL": "pkg:npm/tapable@2.2.2", "UID": "8e524d94305b3c96", "BOMRef": "pkg:npm/tapable@2.2.2" }, "Version": "2.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "enhanced-resolve@5.18.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tar@7.4.3", "Name": "tar", "Identifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "a47f5dc2b84bfe84", "BOMRef": "pkg:npm/tar@7.4.3" }, "Version": "7.4.3", "Licenses": [ "ISC" ], "DependsOn": [ "@tailwindcss/oxide@4.1.11" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "text-table@0.2.0", "Name": "text-table", "Identifier": { "PURL": "pkg:npm/text-table@0.2.0", "UID": "e09690e0aa3789d7", "BOMRef": "pkg:npm/text-table@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "eslint@8.57.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tinybench@2.9.0", "Name": "tinybench", "Identifier": { "PURL": "pkg:npm/tinybench@2.9.0", "UID": "28cc1a125a747c01", "BOMRef": "pkg:npm/tinybench@2.9.0" }, "Version": "2.9.0", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tinycolor2@1.6.0", "Name": "tinycolor2", "Identifier": { "PURL": "pkg:npm/tinycolor2@1.6.0", "UID": "9803a0b4f533afa7", "BOMRef": "pkg:npm/tinycolor2@1.6.0" }, "Version": "1.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "canvas-color-tracker@1.3.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tinyexec@0.3.2", "Name": "tinyexec", "Identifier": { "PURL": "pkg:npm/tinyexec@0.3.2", "UID": "c7304498af31dba7", "BOMRef": "pkg:npm/tinyexec@0.3.2" }, "Version": "0.3.2", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tinyglobby@0.2.14", "Name": "tinyglobby", "Identifier": { "PURL": "pkg:npm/tinyglobby@0.2.14", "UID": "ef3e180f4388c13a", "BOMRef": "pkg:npm/tinyglobby@0.2.14" }, "Version": "0.2.14", "Licenses": [ "MIT" ], "DependsOn": [ "vite@6.4.1", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tinypool@1.1.1", "Name": "tinypool", "Identifier": { "PURL": "pkg:npm/tinypool@1.1.1", "UID": "297fbb4e35e32aa6", "BOMRef": "pkg:npm/tinypool@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tinyrainbow@2.0.0", "Name": "tinyrainbow", "Identifier": { "PURL": "pkg:npm/tinyrainbow@2.0.0", "UID": "3dafd5f6713c47bd", "BOMRef": "pkg:npm/tinyrainbow@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/expect@3.2.4", "@vitest/pretty-format@3.2.4", "@vitest/utils@3.2.4", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tinyspy@4.0.3", "Name": "tinyspy", "Identifier": { "PURL": "pkg:npm/tinyspy@4.0.3", "UID": "73e3be5bdca9a580", "BOMRef": "pkg:npm/tinyspy@4.0.3" }, "Version": "4.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@vitest/spy@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "to-regex-range@5.0.1", "Name": "to-regex-range", "Identifier": { "PURL": "pkg:npm/to-regex-range@5.0.1", "UID": "594bc83e615f29ef", "BOMRef": "pkg:npm/to-regex-range@5.0.1" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "fill-range@7.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "toggle-selection@1.0.6", "Name": "toggle-selection", "Identifier": { "PURL": "pkg:npm/toggle-selection@1.0.6", "UID": "a042801d2a2b6176", "BOMRef": "pkg:npm/toggle-selection@1.0.6" }, "Version": "1.0.6", "Licenses": [ "MIT" ], "DependsOn": [ "copy-to-clipboard@3.3.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tough-cookie@4.1.4", "Name": "tough-cookie", "Identifier": { "PURL": "pkg:npm/tough-cookie@4.1.4", "UID": "de5c7c83320b9a9e", "BOMRef": "pkg:npm/tough-cookie@4.1.4" }, "Version": "4.1.4", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tr46@4.1.1", "Name": "tr46", "Identifier": { "PURL": "pkg:npm/tr46@4.1.1", "UID": "490c18bce3d1a701", "BOMRef": "pkg:npm/tr46@4.1.1" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "whatwg-url@12.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "trim-lines@3.0.1", "Name": "trim-lines", "Identifier": { "PURL": "pkg:npm/trim-lines@3.0.1", "UID": "39daa8b7b8043eef", "BOMRef": "pkg:npm/trim-lines@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-hast@12.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "trough@2.2.0", "Name": "trough", "Identifier": { "PURL": "pkg:npm/trough@2.2.0", "UID": "bae83682f666d4de", "BOMRef": "pkg:npm/trough@2.2.0" }, "Version": "2.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "unified@10.1.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "tslib@2.8.1", "Name": "tslib", "Identifier": { "PURL": "pkg:npm/tslib@2.8.1", "UID": "f4e2e454007334e7", "BOMRef": "pkg:npm/tslib@2.8.1" }, "Version": "2.8.1", "Licenses": [ "0BSD" ], "DependsOn": [ "dot-case@3.0.4", "lower-case@2.0.2", "no-case@3.0.4", "snake-case@3.0.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "type-check@0.4.0", "Name": "type-check", "Identifier": { "PURL": "pkg:npm/type-check@0.4.0", "UID": "f0a0dc07f03832da", "BOMRef": "pkg:npm/type-check@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "levn@0.4.1", "optionator@0.9.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "type-fest@0.20.2", "Name": "type-fest", "Identifier": { "PURL": "pkg:npm/type-fest@0.20.2", "UID": "46b07f8788c48592", "BOMRef": "pkg:npm/type-fest@0.20.2" }, "Version": "0.20.2", "Licenses": [ "MIT OR CC0-1.0" ], "DependsOn": [ "globals@13.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "typed-array-buffer@1.0.3", "Name": "typed-array-buffer", "Identifier": { "PURL": "pkg:npm/typed-array-buffer@1.0.3", "UID": "55e3c24ddb50539d", "BOMRef": "pkg:npm/typed-array-buffer@1.0.3" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "typed-array-byte-length@1.0.3", "Name": "typed-array-byte-length", "Identifier": { "PURL": "pkg:npm/typed-array-byte-length@1.0.3", "UID": "539452f1fcfc1199", "BOMRef": "pkg:npm/typed-array-byte-length@1.0.3" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "typed-array-byte-offset@1.0.4", "Name": "typed-array-byte-offset", "Identifier": { "PURL": "pkg:npm/typed-array-byte-offset@1.0.4", "UID": "3a9087d26f691fc0", "BOMRef": "pkg:npm/typed-array-byte-offset@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "typed-array-length@1.0.7", "Name": "typed-array-length", "Identifier": { "PURL": "pkg:npm/typed-array-length@1.0.7", "UID": "4231e1c52e86ea90", "BOMRef": "pkg:npm/typed-array-length@1.0.7" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "typescript@5.8.3", "Name": "typescript", "Identifier": { "PURL": "pkg:npm/typescript@5.8.3", "UID": "94936f39389825a6", "BOMRef": "pkg:npm/typescript@5.8.3" }, "Version": "5.8.3", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "@qdrant/js-client-rest@1.15.1", "cosmiconfig@8.3.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unbox-primitive@1.1.0", "Name": "unbox-primitive", "Identifier": { "PURL": "pkg:npm/unbox-primitive@1.1.0", "UID": "4021c41735af7c4", "BOMRef": "pkg:npm/unbox-primitive@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "es-abstract@1.24.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "undici@6.21.3", "Name": "undici", "Identifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "45def18b2c315306", "BOMRef": "pkg:npm/undici@6.21.3" }, "Version": "6.21.3", "Licenses": [ "MIT" ], "DependsOn": [ "@qdrant/js-client-rest@1.15.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "undici-types@7.8.0", "Name": "undici-types", "Identifier": { "PURL": "pkg:npm/undici-types@7.8.0", "UID": "1efe36184f94e817", "BOMRef": "pkg:npm/undici-types@7.8.0" }, "Version": "7.8.0", "Licenses": [ "MIT" ], "DependsOn": [ "@types/node@24.0.10" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unified@10.1.2", "Name": "unified", "Identifier": { "PURL": "pkg:npm/unified@10.1.2", "UID": "b26fdcd02e46787b", "BOMRef": "pkg:npm/unified@10.1.2" }, "Version": "10.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "remark-parse@10.0.2", "remark-rehype@10.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-generated@2.0.1", "Name": "unist-util-generated", "Identifier": { "PURL": "pkg:npm/unist-util-generated@2.0.1", "UID": "6c6a6623e939dcc", "BOMRef": "pkg:npm/unist-util-generated@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-to-hast@12.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-is@5.2.1", "Name": "unist-util-is", "Identifier": { "PURL": "pkg:npm/unist-util-is@5.2.1", "UID": "7af4cf2c14f8df4f", "BOMRef": "pkg:npm/unist-util-is@5.2.1" }, "Version": "5.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "unist-util-visit-parents@5.1.3", "mdast-util-phrasing@3.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-is@6.0.0", "Name": "unist-util-is", "Identifier": { "PURL": "pkg:npm/unist-util-is@6.0.0", "UID": "85c5f11190ec5f81", "BOMRef": "a54136c8-ddfb-4f8f-bcef-64fc15da9803" }, "Version": "6.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-is@6.0.0", "Name": "unist-util-is", "Identifier": { "PURL": "pkg:npm/unist-util-is@6.0.0", "UID": "58568dac9855130e", "BOMRef": "495e2113-bf72-4502-8485-9d20c752f159" }, "Version": "6.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-visit-parents@6.0.1", "unist-util-visit@5.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-position@4.0.4", "Name": "unist-util-position", "Identifier": { "PURL": "pkg:npm/unist-util-position@4.0.4", "UID": "d0bd48bb6acbb27", "BOMRef": "pkg:npm/unist-util-position@4.0.4" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3", "mdast-util-to-hast@12.3.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-position-from-estree@1.1.2", "Name": "unist-util-position-from-estree", "Identifier": { "PURL": "pkg:npm/unist-util-position-from-estree@1.1.2", "UID": "648882c518835aa2", "BOMRef": "pkg:npm/unist-util-position-from-estree@1.1.2" }, "Version": "1.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-mdx-expression@1.0.9" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-remove-position@4.0.2", "Name": "unist-util-remove-position", "Identifier": { "PURL": "pkg:npm/unist-util-remove-position@4.0.2", "UID": "1b11d0e7d74d635a", "BOMRef": "pkg:npm/unist-util-remove-position@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-jsx@2.1.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-stringify-position@3.0.3", "Name": "unist-util-stringify-position", "Identifier": { "PURL": "pkg:npm/unist-util-stringify-position@3.0.3", "UID": "8fa642cd11e3ec55", "BOMRef": "pkg:npm/unist-util-stringify-position@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "mdast-util-from-markdown@1.3.1", "mdast-util-mdx-jsx@2.1.4", "vfile-message@3.1.4", "vfile@5.3.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit@4.1.2", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@4.1.2", "UID": "6f68f2447299d6e8", "BOMRef": "94a53415-2913-4422-a57d-4350071724b2" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "mdast-util-definitions@5.1.2", "mdast-util-to-hast@12.3.0", "mdast-util-to-markdown@1.5.0", "unist-util-remove-position@4.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit@4.1.2", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@4.1.2", "UID": "3a62616153dfe1cf", "BOMRef": "99bc0a1a-6a9d-4656-bdd8-70a80512d309" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit@4.1.2", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@4.1.2", "UID": "7f8a63594f2b57c2", "BOMRef": "27388817-9c71-4f12-a211-2921d9d24d3b" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit@4.1.2", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@4.1.2", "UID": "3267b9f42791164b", "BOMRef": "cdb28e41-7ba9-45cf-9489-fb6ced1a7295" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit@4.1.2", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@4.1.2", "UID": "cd354ab629cb0b95", "BOMRef": "ffba8c54-3e8c-450f-8447-01bfbf606d67" }, "Version": "4.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit@5.0.0", "Name": "unist-util-visit", "Identifier": { "PURL": "pkg:npm/unist-util-visit@5.0.0", "UID": "a12706331aa57faf", "BOMRef": "pkg:npm/unist-util-visit@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit-parents@5.1.3", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@5.1.3", "UID": "ec82edfe3fe31a8", "BOMRef": "04d83663-1647-4603-8018-ef27c4e40260" }, "Version": "5.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit-parents@5.1.3", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@5.1.3", "UID": "6209e8239c337b0a", "BOMRef": "d3636cbf-db76-41da-8e5e-c4a19cacf637" }, "Version": "5.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit-parents@5.1.3", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@5.1.3", "UID": "1f8334d504003000", "BOMRef": "2e963c48-9317-499a-9521-3b831a2eb7e5" }, "Version": "5.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit-parents@5.1.3", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@5.1.3", "UID": "8bf6b5b36fd56c14", "BOMRef": "298a155c-2d16-44cd-895e-de7c22e398b0" }, "Version": "5.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit-parents@5.1.3", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@5.1.3", "UID": "c4bfc6160d647550", "BOMRef": "c9e102c7-f54e-4e33-8514-7be63b493f4f" }, "Version": "5.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2", "unist-util-visit@4.1.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "unist-util-visit-parents@6.0.1", "Name": "unist-util-visit-parents", "Identifier": { "PURL": "pkg:npm/unist-util-visit-parents@6.0.1", "UID": "8c9c91510d9f1b1c", "BOMRef": "pkg:npm/unist-util-visit-parents@6.0.1" }, "Version": "6.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "unist-util-visit@5.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "universalify@0.2.0", "Name": "universalify", "Identifier": { "PURL": "pkg:npm/universalify@0.2.0", "UID": "6ede0252af70a691", "BOMRef": "pkg:npm/universalify@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "tough-cookie@4.1.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "update-browserslist-db@1.1.3", "Name": "update-browserslist-db", "Identifier": { "PURL": "pkg:npm/update-browserslist-db@1.1.3", "UID": "f05f9d8c9905827c", "BOMRef": "pkg:npm/update-browserslist-db@1.1.3" }, "Version": "1.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "browserslist@4.25.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "uri-js@4.4.1", "Name": "uri-js", "Identifier": { "PURL": "pkg:npm/uri-js@4.4.1", "UID": "ae07d25cefc39981", "BOMRef": "pkg:npm/uri-js@4.4.1" }, "Version": "4.4.1", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "ajv@6.12.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "url-parse@1.5.10", "Name": "url-parse", "Identifier": { "PURL": "pkg:npm/url-parse@1.5.10", "UID": "75f1cb0bdecb6bcd", "BOMRef": "pkg:npm/url-parse@1.5.10" }, "Version": "1.5.10", "Licenses": [ "MIT" ], "DependsOn": [ "tough-cookie@4.1.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "use-sync-external-store@1.5.0", "Name": "use-sync-external-store", "Identifier": { "PURL": "pkg:npm/use-sync-external-store@1.5.0", "UID": "22fe90d370733d69", "BOMRef": "pkg:npm/use-sync-external-store@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "DependsOn": [ "@mui/x-data-grid@7.29.8", "@uppy/react@4.4.0", "zustand@4.5.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "uvu@0.5.6", "Name": "uvu", "Identifier": { "PURL": "pkg:npm/uvu@0.5.6", "UID": "81a0f1d235b7dbf9", "BOMRef": "pkg:npm/uvu@0.5.6" }, "Version": "0.5.6", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-from-markdown@1.3.1", "micromark-core-commonmark@1.1.0", "micromark-extension-mdx-expression@1.0.8", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-label@1.1.0", "micromark-factory-mdx-expression@1.0.9", "micromark-util-events-to-acorn@1.2.3", "micromark-util-subtokenize@1.1.0", "micromark@3.2.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "vfile@5.3.7", "Name": "vfile", "Identifier": { "PURL": "pkg:npm/vfile@5.3.7", "UID": "85aa407abc789967", "BOMRef": "pkg:npm/vfile@5.3.7" }, "Version": "5.3.7", "Licenses": [ "MIT" ], "DependsOn": [ "@mdx-js/mdx@2.3.0", "@mdx-js/rollup@2.3.0", "unified@10.1.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "vfile-message@3.1.4", "Name": "vfile-message", "Identifier": { "PURL": "pkg:npm/vfile-message@3.1.4", "UID": "942b475a8a410397", "BOMRef": "pkg:npm/vfile-message@3.1.4" }, "Version": "3.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "mdast-util-mdx-jsx@2.1.4", "micromark-extension-mdx-jsx@1.0.5", "micromark-extension-mdxjs-esm@1.0.5", "micromark-factory-mdx-expression@1.0.9", "micromark-util-events-to-acorn@1.2.3", "vfile@5.3.7" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "vite@6.4.1", "Name": "vite", "Identifier": { "PURL": "pkg:npm/vite@6.4.1", "UID": "b42bef5d8db05b3d", "BOMRef": "pkg:npm/vite@6.4.1" }, "Version": "6.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "@vitejs/plugin-react@4.6.0", "@vitest/mocker@3.2.4", "qdrant-web-ui@0.2.5", "vite-node@3.2.4", "vite-plugin-eslint@1.8.1", "vite-plugin-svgr@4.3.0", "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "vite-node@3.2.4", "Name": "vite-node", "Identifier": { "PURL": "pkg:npm/vite-node@3.2.4", "UID": "694f4bd0560d3a4c", "BOMRef": "pkg:npm/vite-node@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "vite-plugin-eslint@1.8.1", "Name": "vite-plugin-eslint", "Identifier": { "PURL": "pkg:npm/vite-plugin-eslint@1.8.1", "UID": "d17dcd852ecd39be", "BOMRef": "pkg:npm/vite-plugin-eslint@1.8.1" }, "Version": "1.8.1", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "vite-plugin-svgr@4.3.0", "Name": "vite-plugin-svgr", "Identifier": { "PURL": "pkg:npm/vite-plugin-svgr@4.3.0", "UID": "def323700a779ac6", "BOMRef": "pkg:npm/vite-plugin-svgr@4.3.0" }, "Version": "4.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "vitest@3.2.4", "Name": "vitest", "Identifier": { "PURL": "pkg:npm/vitest@3.2.4", "UID": "a3508547425c03ad", "BOMRef": "pkg:npm/vitest@3.2.4" }, "Version": "3.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "w3c-xmlserializer@4.0.0", "Name": "w3c-xmlserializer", "Identifier": { "PURL": "pkg:npm/w3c-xmlserializer@4.0.0", "UID": "1485306d079aa476", "BOMRef": "pkg:npm/w3c-xmlserializer@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "web-vitals@2.1.4", "Name": "web-vitals", "Identifier": { "PURL": "pkg:npm/web-vitals@2.1.4", "UID": "e95ba419c81db2b", "BOMRef": "pkg:npm/web-vitals@2.1.4" }, "Version": "2.1.4", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "qdrant-web-ui@0.2.5" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "webidl-conversions@7.0.0", "Name": "webidl-conversions", "Identifier": { "PURL": "pkg:npm/webidl-conversions@7.0.0", "UID": "f81993adf794b76d", "BOMRef": "pkg:npm/webidl-conversions@7.0.0" }, "Version": "7.0.0", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "domexception@4.0.0", "jsdom@22.1.0", "whatwg-url@12.0.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "whatwg-encoding@2.0.0", "Name": "whatwg-encoding", "Identifier": { "PURL": "pkg:npm/whatwg-encoding@2.0.0", "UID": "a567016516dd303e", "BOMRef": "pkg:npm/whatwg-encoding@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "html-encoding-sniffer@3.0.0", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "whatwg-mimetype@3.0.0", "Name": "whatwg-mimetype", "Identifier": { "PURL": "pkg:npm/whatwg-mimetype@3.0.0", "UID": "af7c5ef63a6d7d30", "BOMRef": "pkg:npm/whatwg-mimetype@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "data-urls@4.0.0", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "whatwg-url@12.0.1", "Name": "whatwg-url", "Identifier": { "PURL": "pkg:npm/whatwg-url@12.0.1", "UID": "6f46b17d2529ace1", "BOMRef": "pkg:npm/whatwg-url@12.0.1" }, "Version": "12.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "data-urls@4.0.0", "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "2341ea42243c9450", "BOMRef": "pkg:npm/which@2.0.2" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "cross-spawn@7.0.6" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "which-boxed-primitive@1.1.1", "Name": "which-boxed-primitive", "Identifier": { "PURL": "pkg:npm/which-boxed-primitive@1.1.1", "UID": "e603607801ebfffe", "BOMRef": "pkg:npm/which-boxed-primitive@1.1.1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "unbox-primitive@1.1.0", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "which-builtin-type@1.2.1", "Name": "which-builtin-type", "Identifier": { "PURL": "pkg:npm/which-builtin-type@1.2.1", "UID": "eae593e1e2064b07", "BOMRef": "pkg:npm/which-builtin-type@1.2.1" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "reflect.getprototypeof@1.0.10" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "which-collection@1.0.2", "Name": "which-collection", "Identifier": { "PURL": "pkg:npm/which-collection@1.0.2", "UID": "fc9534fcfb746142", "BOMRef": "pkg:npm/which-collection@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "which-typed-array@1.1.19", "Name": "which-typed-array", "Identifier": { "PURL": "pkg:npm/which-typed-array@1.1.19", "UID": "cd663326ae5b96a5", "BOMRef": "pkg:npm/which-typed-array@1.1.19" }, "Version": "1.1.19", "Licenses": [ "MIT" ], "DependsOn": [ "deep-equal@2.2.3", "es-abstract@1.24.0", "is-typed-array@1.1.15", "which-builtin-type@1.2.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "why-is-node-running@2.3.0", "Name": "why-is-node-running", "Identifier": { "PURL": "pkg:npm/why-is-node-running@2.3.0", "UID": "a6fa32df455bc84f", "BOMRef": "pkg:npm/why-is-node-running@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "vitest@3.2.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "wildcard@1.1.2", "Name": "wildcard", "Identifier": { "PURL": "pkg:npm/wildcard@1.1.2", "UID": "7bd0a32b363d55ec", "BOMRef": "pkg:npm/wildcard@1.1.2" }, "Version": "1.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "mime-match@1.0.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "word-wrap@1.2.5", "Name": "word-wrap", "Identifier": { "PURL": "pkg:npm/word-wrap@1.2.5", "UID": "74cbec626cb13f51", "BOMRef": "pkg:npm/word-wrap@1.2.5" }, "Version": "1.2.5", "Licenses": [ "MIT" ], "DependsOn": [ "optionator@0.9.4" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "wrappy@1.0.2", "Name": "wrappy", "Identifier": { "PURL": "pkg:npm/wrappy@1.0.2", "UID": "b548c1f142340f61", "BOMRef": "pkg:npm/wrappy@1.0.2" }, "Version": "1.0.2", "Licenses": [ "ISC" ], "DependsOn": [ "inflight@1.0.6", "once@1.4.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "ws@8.18.3", "Name": "ws", "Identifier": { "PURL": "pkg:npm/ws@8.18.3", "UID": "232d244e208d32ff", "BOMRef": "pkg:npm/ws@8.18.3" }, "Version": "8.18.3", "Licenses": [ "MIT" ], "DependsOn": [ "jsdom@22.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "xml-name-validator@4.0.0", "Name": "xml-name-validator", "Identifier": { "PURL": "pkg:npm/xml-name-validator@4.0.0", "UID": "a2092c79d237cca0", "BOMRef": "pkg:npm/xml-name-validator@4.0.0" }, "Version": "4.0.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "jsdom@22.1.0", "w3c-xmlserializer@4.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "xmlchars@2.2.0", "Name": "xmlchars", "Identifier": { "PURL": "pkg:npm/xmlchars@2.2.0", "UID": "4bcb67225ac74c2b", "BOMRef": "pkg:npm/xmlchars@2.2.0" }, "Version": "2.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "saxes@6.0.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "yallist@3.1.1", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@3.1.1", "UID": "a2b25e32bbd6f9e4", "BOMRef": "pkg:npm/yallist@3.1.1" }, "Version": "3.1.1", "Licenses": [ "ISC" ], "DependsOn": [ "lru-cache@5.1.1" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "7af34d8d43ded103", "BOMRef": "pkg:npm/yallist@5.0.0" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "DependsOn": [ "tar@7.4.3" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "yaml@1.10.2", "Name": "yaml", "Identifier": { "PURL": "pkg:npm/yaml@1.10.2", "UID": "f53297dc540f52f", "BOMRef": "pkg:npm/yaml@1.10.2" }, "Version": "1.10.2", "Licenses": [ "ISC" ], "DependsOn": [ "cosmiconfig@7.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "yocto-queue@0.1.0", "Name": "yocto-queue", "Identifier": { "PURL": "pkg:npm/yocto-queue@0.1.0", "UID": "222574a2ed83d9ce", "BOMRef": "pkg:npm/yocto-queue@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "p-limit@3.1.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "zustand@4.5.7", "Name": "zustand", "Identifier": { "PURL": "pkg:npm/zustand@4.5.7", "UID": "3a3f9e7d661057c4", "BOMRef": "pkg:npm/zustand@4.5.7" }, "Version": "4.5.7", "Licenses": [ "MIT" ], "DependsOn": [ "@textea/json-viewer@2.17.2" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } }, { "ID": "zwitch@2.0.4", "Name": "zwitch", "Identifier": { "PURL": "pkg:npm/zwitch@2.0.4", "UID": "96c0d78a5606f83f", "BOMRef": "pkg:npm/zwitch@2.0.4" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "hast-util-to-estree@2.3.3", "mdast-util-to-markdown@1.5.0" ], "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" } } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2026-22029", "VendorIDs": [ "GHSA-2w69-qvjg-hvjx" ], "PkgID": "@remix-run/router@1.23.0", "PkgName": "@remix-run/router", "PkgIdentifier": { "PURL": "pkg:npm/%40remix-run/router@1.23.0", "UID": "5ac20fc3c50c356a", "BOMRef": "pkg:npm/%40remix-run/router@1.23.0" }, "InstalledVersion": "1.23.0", "FixedVersion": "1.23.2", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22029", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:44a050cca15d427abe209d3516a947fd473f2e9fabfc9136b11cff0727cfc1cf", "Title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects", "Description": "React Router is a router for React. In @remix-run/router version prior to 1.23.2. and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (\u003cBrowserRouter\u003e) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0.", "Severity": "HIGH", "CweIDs": [ "CWE-79" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "V3Score": 8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "V3Score": 8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-22029", "https://github.com/remix-run/react-router", "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx", "https://nvd.nist.gov/vuln/detail/CVE-2026-22029", "https://www.cve.org/CVERecord?id=CVE-2026-22029" ], "PublishedDate": "2026-01-10T03:15:48.87Z", "LastModifiedDate": "2026-02-10T19:36:31.503Z" }, { "VulnerabilityID": "CVE-2026-3449", "VendorIDs": [ "GHSA-vpq2-c234-7xj6" ], "PkgID": "@tootallnate/once@2.0.0", "PkgName": "@tootallnate/once", "PkgIdentifier": { "PURL": "pkg:npm/%40tootallnate/once@2.0.0", "UID": "5cfc71c06b07f0ea", "BOMRef": "pkg:npm/%40tootallnate/once@2.0.0" }, "InstalledVersion": "2.0.0", "FixedVersion": "3.0.1", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-3449", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:acab8c27ffa57c57a47500de1dd2599d4df4b543f4271f9225e132d6d7366a13", "Title": "@tootallnate/once: @tootallnate/once: Denial of Service due to incorrect control flow scoping with AbortSignal", "Description": "Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then() usage to hang indefinitely. This can cause a control-flow leak that can lead to stalled requests, blocked workers, or degraded application availability.", "Severity": "LOW", "CweIDs": [ "CWE-705" ], "VendorSeverity": { "ghsa": 1, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "V3Score": 3.3, "V40Score": 1.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-3449", "https://github.com/TooTallNate/once", "https://github.com/TooTallNate/once/commit/b9f43cc5259bee2952d91ad3cdbd201a82df448a", "https://github.com/TooTallNate/once/issues/8", "https://nvd.nist.gov/vuln/detail/CVE-2026-3449", "https://security.snyk.io/vuln/SNYK-JS-TOOTALLNATEONCE-15250612", "https://www.cve.org/CVERecord?id=CVE-2026-3449" ], "PublishedDate": "2026-03-03T05:17:25.017Z", "LastModifiedDate": "2026-03-03T21:52:29.877Z" }, { "VulnerabilityID": "CVE-2025-69873", "VendorIDs": [ "GHSA-2g4f-4pwh-qvx6" ], "PkgID": "ajv@6.12.6", "PkgName": "ajv", "PkgIdentifier": { "PURL": "pkg:npm/ajv@6.12.6", "UID": "ed8f7750a11df86f", "BOMRef": "pkg:npm/ajv@6.12.6" }, "InstalledVersion": "6.12.6", "FixedVersion": "8.18.0, 6.14.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-69873", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:e60019248483252c8fa38c4e881c8fef790df69427334906b2a7ffcd67000d8c", "Title": "ajv: ReDoS via $data reference", "Description": "ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., \"^(a|a)*$\") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. This issue is also fixed in version 6.14.0.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1333", "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "V40Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-69873", "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md", "https://github.com/advisories/GHSA-2g4f-4pwh-qvx6", "https://github.com/ajv-validator/ajv", "https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5", "https://github.com/ajv-validator/ajv/pull/2586", "https://github.com/ajv-validator/ajv/pull/2588", "https://github.com/ajv-validator/ajv/pull/2590", "https://github.com/ajv-validator/ajv/releases/tag/v6.14.0", "https://github.com/ajv-validator/ajv/releases/tag/v8.18.0", "https://github.com/github/advisory-database/pull/6991", "https://nvd.nist.gov/vuln/detail/CVE-2025-69873", "https://www.cve.org/CVERecord?id=CVE-2025-69873" ], "PublishedDate": "2026-02-11T19:15:50.467Z", "LastModifiedDate": "2026-03-02T21:16:24.213Z" }, { "VulnerabilityID": "CVE-2026-25639", "VendorIDs": [ "GHSA-43fc-jf86-j433" ], "PkgID": "axios@1.12.2", "PkgName": "axios", "PkgIdentifier": { "PURL": "pkg:npm/axios@1.12.2", "UID": "fc88be7b114d5ef8", "BOMRef": "pkg:npm/axios@1.12.2" }, "InstalledVersion": "1.12.2", "FixedVersion": "1.13.5, 0.30.3", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25639", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:185e4eadca40af1c96a07633e1714bdfd539d15e22be656cee267d012e0b11e1", "Title": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig", "Description": "Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service. This vulnerability is fixed in versions 0.30.3 and 1.13.5.", "Severity": "HIGH", "CweIDs": [ "CWE-754" ], "VendorSeverity": { "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-25639", "https://github.com/axios/axios", "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57", "https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e", "https://github.com/axios/axios/pull/7369", "https://github.com/axios/axios/pull/7388", "https://github.com/axios/axios/releases/tag/v0.30.3", "https://github.com/axios/axios/releases/tag/v1.13.5", "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433", "https://nvd.nist.gov/vuln/detail/CVE-2026-25639", "https://www.cve.org/CVERecord?id=CVE-2026-25639" ], "PublishedDate": "2026-02-09T21:15:49.01Z", "LastModifiedDate": "2026-02-18T18:24:34.12Z" }, { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@1.1.12", "PkgName": "brace-expansion", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@1.1.12", "UID": "ec9c7bb86c43f766", "BOMRef": "pkg:npm/brace-expansion@1.1.12" }, "InstalledVersion": "1.1.12", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:394a3896a15db60c16b500cd0496318a9d7e9483acbff1c2c70676117951d5e8", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-24001", "VendorIDs": [ "GHSA-73rr-hh4g-fpgx" ], "PkgID": "diff@5.2.0", "PkgName": "diff", "PkgIdentifier": { "PURL": "pkg:npm/diff@5.2.0", "UID": "53182b2059b6e667", "BOMRef": "pkg:npm/diff@5.2.0" }, "InstalledVersion": "5.2.0", "FixedVersion": "8.0.3, 5.2.2, 4.0.4, 3.5.1", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-24001", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:0577606435d7fe1ef946c676fbe82c462ebb59d485a16daa96f31bb1a3b5f981", "Title": "jsdiff: denial of service vulnerability in parsePatch and applyPatch", "Description": "jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch whose filename headers contain the line break characters `\\r`, `\\u2028`, or `\\u2029` can cause the `parsePatch` method to enter an infinite loop. It then consumes memory without limit until the process crashes due to running out of memory. Applications are therefore likely to be vulnerable to a denial-of-service attack if they call `parsePatch` with a user-provided patch as input. A large payload is not needed to trigger the vulnerability, so size limits on user input do not provide any protection. Furthermore, some applications may be vulnerable even when calling `parsePatch` on a patch generated by the application itself if the user is nonetheless able to control the filename headers (e.g. by directly providing the filenames of the files to be diffed). The `applyPatch` method is similarly affected if (and only if) called with a string representation of a patch as an argument, since under the hood it parses that string using `parsePatch`. Other methods of the library are unaffected. Finally, a second and lesser interdependent bug - a ReDOS - also exhibits when those same line break characters are present in a patch's *patch* header (also known as its \"leading garbage\"). A maliciously-crafted patch header of length *n* can take `parsePatch` O(*n*³) time to parse. Versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1 contain a fix. As a workaround, do not attempt to parse patches that contain any of these characters: `\\r`, `\\u2028`, or `\\u2029`.", "Severity": "LOW", "CweIDs": [ "CWE-400", "CWE-1333" ], "VendorSeverity": { "ghsa": 1, "nvd": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-24001", "https://github.com/kpdecker/jsdiff", "https://github.com/kpdecker/jsdiff/commit/15a1585230748c8ae6f8274c202e0c87309142f5", "https://github.com/kpdecker/jsdiff/issues/653", "https://github.com/kpdecker/jsdiff/pull/649", "https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx", "https://nvd.nist.gov/vuln/detail/CVE-2026-24001", "https://www.cve.org/CVERecord?id=CVE-2026-24001" ], "PublishedDate": "2026-01-22T03:15:47.627Z", "LastModifiedDate": "2026-03-04T15:23:41.347Z" }, { "VulnerabilityID": "CVE-2026-32141", "VendorIDs": [ "GHSA-25h7-pfq9-p65f" ], "PkgID": "flatted@3.3.3", "PkgName": "flatted", "PkgIdentifier": { "PURL": "pkg:npm/flatted@3.3.3", "UID": "9c3543c77d7050b9", "BOMRef": "pkg:npm/flatted@3.3.3" }, "InstalledVersion": "3.3.3", "FixedVersion": "3.4.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-32141", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:62c3e12dd8e11bbdbf17ba7b5a7d0ce88525de9dada4c0116ce2c4f8e730299d", "Title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase", "Description": "flatted is a circular JSON parser. Prior to 3.4.0, flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process. This vulnerability is fixed in 3.4.0.", "Severity": "HIGH", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-32141", "https://github.com/WebReflection/flatted", "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606", "https://github.com/WebReflection/flatted/pull/88", "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f", "https://nvd.nist.gov/vuln/detail/CVE-2026-32141", "https://www.cve.org/CVERecord?id=CVE-2026-32141" ], "PublishedDate": "2026-03-12T18:16:25.837Z", "LastModifiedDate": "2026-03-19T21:07:24.717Z" }, { "VulnerabilityID": "CVE-2026-33228", "VendorIDs": [ "GHSA-rf6f-7fwh-wjgh" ], "PkgID": "flatted@3.3.3", "PkgName": "flatted", "PkgIdentifier": { "PURL": "pkg:npm/flatted@3.3.3", "UID": "9c3543c77d7050b9", "BOMRef": "pkg:npm/flatted@3.3.3" }, "InstalledVersion": "3.3.3", "FixedVersion": "3.4.2", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33228", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:823d0d140d8b884463cc30117479f55fe870b31b07835a9a91af8262c70816d4", "Title": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON.", "Description": "flatted is a circular JSON parser. Prior to version 3.4.2, the parse() function in flatted can use attacker-controlled string values from the parsed JSON as direct array index keys, without validating that they are numeric. Since the internal input buffer is a JavaScript Array, accessing it with the key \"__proto__\" returns Array.prototype via the inherited getter. This object is then treated as a legitimate parsed value and assigned as a property of the output object, effectively leaking a live reference to Array.prototype to the consumer. Any code that subsequently writes to that property will pollute the global prototype. This issue has been patched in version 3.4.2.", "Severity": "HIGH", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 3, "nvd": 4, "redhat": 4 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "V40Score": 8.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33228", "https://github.com/WebReflection/flatted", "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802", "https://github.com/WebReflection/flatted/releases/tag/v3.4.2", "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh", "https://nvd.nist.gov/vuln/detail/CVE-2026-33228", "https://www.cve.org/CVERecord?id=CVE-2026-33228" ], "PublishedDate": "2026-03-20T23:16:46.51Z", "LastModifiedDate": "2026-03-23T19:14:31.04Z" }, { "VulnerabilityID": "CVE-2026-4800", "VendorIDs": [ "GHSA-r5fr-rjxr-66jc" ], "PkgID": "lodash@4.17.21", "PkgName": "lodash", "PkgIdentifier": { "PURL": "pkg:npm/lodash@4.17.21", "UID": "3e0306ace99098a", "BOMRef": "pkg:npm/lodash@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.18.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4800", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:76703af5c40ea26eb6a807312fa41989bfbf01a94ac661b1d38af00b97203bff", "Title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports", "Description": "Impact:\n\nThe fix for CVE-2021-23337 (https://github.com/advisories/GHSA-35jh-r3h4-6jhm) added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink.\n\nWhen an application passes untrusted input as options.imports key names, an attacker can inject default-parameter expressions that execute arbitrary code at template compilation time.\n\nAdditionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().\n\nPatches:\n\nUsers should upgrade to version 4.18.0.\n\nWorkarounds:\n\nDo not pass untrusted input as key names in options.imports. Only use developer-controlled, static key names.", "Severity": "HIGH", "CweIDs": [ "CWE-94" ], "VendorSeverity": { "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4800", "https://cna.openjsf.org/security-advisories.html", "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c", "https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc", "https://nvd.nist.gov/vuln/detail/CVE-2026-4800", "https://www.cve.org/CVERecord?id=CVE-2026-4800" ], "PublishedDate": "2026-03-31T20:16:29.66Z", "LastModifiedDate": "2026-04-01T14:23:37.727Z" }, { "VulnerabilityID": "CVE-2025-13465", "VendorIDs": [ "GHSA-xxjr-mmjv-4gpg" ], "PkgID": "lodash@4.17.21", "PkgName": "lodash", "PkgIdentifier": { "PURL": "pkg:npm/lodash@4.17.21", "UID": "3e0306ace99098a", "BOMRef": "pkg:npm/lodash@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.17.23", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13465", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ad15e270fc40b402e03c1888c2eb0a67e44dab4d4e014f6718c386cfb98744a8", "Title": "lodash: prototype pollution in _.unset and _.omit functions", "Description": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "alma": 3, "ghsa": 2, "nvd": 2, "oracle-oval": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P", "V3Score": 6.5, "V40Score": 6.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 8.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:2452", "https://access.redhat.com/security/cve/CVE-2025-13465", "https://bugzilla.redhat.com/2431740", "https://errata.almalinux.org/9/ALSA-2026-2452.html", "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81", "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg", "https://linux.oracle.com/cve/CVE-2025-13465.html", "https://linux.oracle.com/errata/ELSA-2026-2452.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-13465", "https://www.cve.org/CVERecord?id=CVE-2025-13465" ], "PublishedDate": "2026-01-21T20:16:05.25Z", "LastModifiedDate": "2026-02-17T17:10:07.52Z" }, { "VulnerabilityID": "CVE-2026-2950", "VendorIDs": [ "GHSA-f23m-r3pf-42rh" ], "PkgID": "lodash@4.17.21", "PkgName": "lodash", "PkgIdentifier": { "PURL": "pkg:npm/lodash@4.17.21", "UID": "3e0306ace99098a", "BOMRef": "pkg:npm/lodash@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.18.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2950", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:a5faf7fc43c1ae4c271c49693e56e6b40902104b09133773535b249fb8e9bad7", "Title": "Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototy ...", "Description": "Impact:\n\nLodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the _.unset and _.omit functions. The fix for (CVE-2025-13465: https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg) only guards against string key members, so an attacker can bypass the check by passing array-wrapped path segments. This allows deletion of properties from built-in prototypes such as Object.prototype, Number.prototype, and String.prototype.\n\nThe issue permits deletion of prototype properties but does not allow overwriting their original behavior.\n\nPatches:\n\nThis issue is patched in 4.18.0.\n\nWorkarounds:\n\nNone. Upgrade to the patched version.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh", "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg", "https://nvd.nist.gov/vuln/detail/CVE-2026-2950" ], "PublishedDate": "2026-03-31T20:16:26.207Z", "LastModifiedDate": "2026-04-01T14:23:37.727Z" }, { "VulnerabilityID": "CVE-2026-4800", "VendorIDs": [ "GHSA-r5fr-rjxr-66jc" ], "PkgID": "lodash-es@4.17.21", "PkgName": "lodash-es", "PkgIdentifier": { "PURL": "pkg:npm/lodash-es@4.17.21", "UID": "692d1a5bcf7af295", "BOMRef": "pkg:npm/lodash-es@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.18.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4800", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:623635b41681043e00bcfb4205f2eebc762ee4bdcfd67e9875bea8dd3ae82296", "Title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports", "Description": "Impact:\n\nThe fix for CVE-2021-23337 (https://github.com/advisories/GHSA-35jh-r3h4-6jhm) added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink.\n\nWhen an application passes untrusted input as options.imports key names, an attacker can inject default-parameter expressions that execute arbitrary code at template compilation time.\n\nAdditionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().\n\nPatches:\n\nUsers should upgrade to version 4.18.0.\n\nWorkarounds:\n\nDo not pass untrusted input as key names in options.imports. Only use developer-controlled, static key names.", "Severity": "HIGH", "CweIDs": [ "CWE-94" ], "VendorSeverity": { "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 8.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4800", "https://cna.openjsf.org/security-advisories.html", "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c", "https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc", "https://nvd.nist.gov/vuln/detail/CVE-2026-4800", "https://www.cve.org/CVERecord?id=CVE-2026-4800" ], "PublishedDate": "2026-03-31T20:16:29.66Z", "LastModifiedDate": "2026-04-01T14:23:37.727Z" }, { "VulnerabilityID": "CVE-2025-13465", "VendorIDs": [ "GHSA-xxjr-mmjv-4gpg" ], "PkgID": "lodash-es@4.17.21", "PkgName": "lodash-es", "PkgIdentifier": { "PURL": "pkg:npm/lodash-es@4.17.21", "UID": "692d1a5bcf7af295", "BOMRef": "pkg:npm/lodash-es@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.17.23", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13465", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:c346f338e703f2e58c3776398600f6fc207276fde19b4303cddd4b6498982a3d", "Title": "lodash: prototype pollution in _.unset and _.omit functions", "Description": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "alma": 3, "ghsa": 2, "nvd": 2, "oracle-oval": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P", "V3Score": 6.5, "V40Score": 6.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "V3Score": 8.2 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:2452", "https://access.redhat.com/security/cve/CVE-2025-13465", "https://bugzilla.redhat.com/2431740", "https://errata.almalinux.org/9/ALSA-2026-2452.html", "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81", "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg", "https://linux.oracle.com/cve/CVE-2025-13465.html", "https://linux.oracle.com/errata/ELSA-2026-2452.html", "https://nvd.nist.gov/vuln/detail/CVE-2025-13465", "https://www.cve.org/CVERecord?id=CVE-2025-13465" ], "PublishedDate": "2026-01-21T20:16:05.25Z", "LastModifiedDate": "2026-02-17T17:10:07.52Z" }, { "VulnerabilityID": "CVE-2026-2950", "VendorIDs": [ "GHSA-f23m-r3pf-42rh" ], "PkgID": "lodash-es@4.17.21", "PkgName": "lodash-es", "PkgIdentifier": { "PURL": "pkg:npm/lodash-es@4.17.21", "UID": "692d1a5bcf7af295", "BOMRef": "pkg:npm/lodash-es@4.17.21" }, "InstalledVersion": "4.17.21", "FixedVersion": "4.18.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2950", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:f4a9ec48ff3220094ce55ab67993f7215e46fde18298567b094eae37dd81b608", "Title": "Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototy ...", "Description": "Impact:\n\nLodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the _.unset and _.omit functions. The fix for (CVE-2025-13465: https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg) only guards against string key members, so an attacker can bypass the check by passing array-wrapped path segments. This allows deletion of properties from built-in prototypes such as Object.prototype, Number.prototype, and String.prototype.\n\nThe issue permits deletion of prototype properties but does not allow overwriting their original behavior.\n\nPatches:\n\nThis issue is patched in 4.18.0.\n\nWorkarounds:\n\nNone. Upgrade to the patched version.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://github.com/lodash/lodash", "https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh", "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg", "https://nvd.nist.gov/vuln/detail/CVE-2026-2950" ], "PublishedDate": "2026-03-31T20:16:26.207Z", "LastModifiedDate": "2026-04-01T14:23:37.727Z" }, { "VulnerabilityID": "CVE-2026-26996", "VendorIDs": [ "GHSA-3ppc-4f35-3m26" ], "PkgID": "minimatch@3.1.2", "PkgName": "minimatch", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@3.1.2", "UID": "1dd855d58430b8ca", "BOMRef": "pkg:npm/minimatch@3.1.2" }, "InstalledVersion": "3.1.2", "FixedVersion": "10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-26996", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:f6d0828911f78c6328a53b27b810bcbcbb78dadf0d4842cc827bcf1bdf1202af", "Title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive * wildcards followed by a literal character that doesn't appear in the test string. Each * compiles to a separate [^/]*? regex group, and when the match fails, V8's regex engine backtracks exponentially across all possible splits. The time complexity is O(4^N) where N is the number of * characters. With N=15, a single minimatch() call takes ~2 seconds. With N=34, it hangs effectively forever. Any application that passes user-controlled strings to minimatch() as the pattern argument is vulnerable to DoS. This issue has been fixed in version 10.2.1.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 8.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-26996", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5", "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26", "https://nvd.nist.gov/vuln/detail/CVE-2026-26996", "https://www.cve.org/CVERecord?id=CVE-2026-26996" ], "PublishedDate": "2026-02-20T03:16:01.62Z", "LastModifiedDate": "2026-03-06T21:32:10.65Z" }, { "VulnerabilityID": "CVE-2026-27903", "VendorIDs": [ "GHSA-7r86-cg39-jmmj" ], "PkgID": "minimatch@3.1.2", "PkgName": "minimatch", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@3.1.2", "UID": "1dd855d58430b8ca", "BOMRef": "pkg:npm/minimatch@3.1.2" }, "InstalledVersion": "3.1.2", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:9cb4fe9ed317eb6e07b3184ecbc32e154ebc08a5a24460170fcfdf6627a7d9de", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27904", "VendorIDs": [ "GHSA-23c5-xmqv-rm74" ], "PkgID": "minimatch@3.1.2", "PkgName": "minimatch", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@3.1.2", "UID": "1dd855d58430b8ca", "BOMRef": "pkg:npm/minimatch@3.1.2" }, "InstalledVersion": "3.1.2", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:414cb9f02fe18fb23936419fb2e181eb42da3da0f291f016a97056426d32538d", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-33671", "VendorIDs": [ "GHSA-c2c7-rcm5-vvqj" ], "PkgID": "picomatch@2.3.1", "PkgName": "picomatch", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@2.3.1", "UID": "cc56fa443c484956", "BOMRef": "8352903c-e46d-4fb2-b656-f275f81947ff" }, "InstalledVersion": "2.3.1", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33671", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:5f32ca997dc089571229582624a2b4c035b1e8bfe8267e0ed2e966def3ec67d9", "Title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Applications are impacted when they allow untrusted users to supply glob patterns that are passed to `picomatch` for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Possible mitigations include disabling extglob support for untrusted patterns by using `noextglob: true`, rejecting or sanitizing patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`, enforcing strict allowlists for accepted pattern syntax, running matching in an isolated worker or separate process with time and resource limits, and applying application-level request throttling and input validation for any endpoint that accepts glob patterns.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33671", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d", "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj", "https://nvd.nist.gov/vuln/detail/CVE-2026-33671", "https://www.cve.org/CVERecord?id=CVE-2026-33671" ], "PublishedDate": "2026-03-26T22:16:30.21Z", "LastModifiedDate": "2026-04-01T13:45:11.687Z" }, { "VulnerabilityID": "CVE-2026-33672", "VendorIDs": [ "GHSA-3v7f-55p6-f55p" ], "PkgID": "picomatch@2.3.1", "PkgName": "picomatch", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@2.3.1", "UID": "cc56fa443c484956", "BOMRef": "8352903c-e46d-4fb2-b656-f275f81947ff" }, "InstalledVersion": "2.3.1", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33672", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7de110acdc840aea538fe6155c80f530db0a1c9eb1e178236e2f172606c310b8", "Title": "picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to a method injection vulnerability affecting the `POSIX_REGEX_SOURCE` object. Because the object inherits from `Object.prototype`, specially crafted POSIX bracket expressions (e.g., `[[:constructor:]]`) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression. This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. All users of affected `picomatch` versions that process untrusted or user-controlled glob patterns are potentially impacted. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch. Possible mitigations include sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`; avoiding the use of POSIX bracket expressions if user input is involved; and manually patching the library by modifying `POSIX_REGEX_SOURCE` to use a null prototype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33672", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903", "https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p", "https://nvd.nist.gov/vuln/detail/CVE-2026-33672", "https://www.cve.org/CVERecord?id=CVE-2026-33672" ], "PublishedDate": "2026-03-26T22:16:30.387Z", "LastModifiedDate": "2026-04-01T13:44:53.397Z" }, { "VulnerabilityID": "CVE-2026-33671", "VendorIDs": [ "GHSA-c2c7-rcm5-vvqj" ], "PkgID": "picomatch@4.0.2", "PkgName": "picomatch", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.2", "UID": "3caf5f4afe683db7", "BOMRef": "pkg:npm/picomatch@4.0.2" }, "InstalledVersion": "4.0.2", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33671", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:8b083fb1a0c84cf4604a0fd0758a1cd4815e276677288cc520e6ca9a10845fbe", "Title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Applications are impacted when they allow untrusted users to supply glob patterns that are passed to `picomatch` for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Possible mitigations include disabling extglob support for untrusted patterns by using `noextglob: true`, rejecting or sanitizing patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`, enforcing strict allowlists for accepted pattern syntax, running matching in an isolated worker or separate process with time and resource limits, and applying application-level request throttling and input validation for any endpoint that accepts glob patterns.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33671", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d", "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj", "https://nvd.nist.gov/vuln/detail/CVE-2026-33671", "https://www.cve.org/CVERecord?id=CVE-2026-33671" ], "PublishedDate": "2026-03-26T22:16:30.21Z", "LastModifiedDate": "2026-04-01T13:45:11.687Z" }, { "VulnerabilityID": "CVE-2026-33672", "VendorIDs": [ "GHSA-3v7f-55p6-f55p" ], "PkgID": "picomatch@4.0.2", "PkgName": "picomatch", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.2", "UID": "3caf5f4afe683db7", "BOMRef": "pkg:npm/picomatch@4.0.2" }, "InstalledVersion": "4.0.2", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33672", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bfc39bce56c7be2c53abfbd483662a91e9f597802bda36194204fe465306a8ea", "Title": "picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to a method injection vulnerability affecting the `POSIX_REGEX_SOURCE` object. Because the object inherits from `Object.prototype`, specially crafted POSIX bracket expressions (e.g., `[[:constructor:]]`) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression. This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. All users of affected `picomatch` versions that process untrusted or user-controlled glob patterns are potentially impacted. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch. Possible mitigations include sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`; avoiding the use of POSIX bracket expressions if user input is involved; and manually patching the library by modifying `POSIX_REGEX_SOURCE` to use a null prototype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33672", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903", "https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p", "https://nvd.nist.gov/vuln/detail/CVE-2026-33672", "https://www.cve.org/CVERecord?id=CVE-2026-33672" ], "PublishedDate": "2026-03-26T22:16:30.387Z", "LastModifiedDate": "2026-04-01T13:44:53.397Z" }, { "VulnerabilityID": "CVE-2026-22028", "VendorIDs": [ "GHSA-36hm-qxxp-pg3m" ], "PkgID": "preact@10.26.9", "PkgName": "preact", "PkgIdentifier": { "PURL": "pkg:npm/preact@10.26.9", "UID": "d24020d3945df8b6", "BOMRef": "pkg:npm/preact@10.26.9" }, "InstalledVersion": "10.26.9", "FixedVersion": "10.26.10, 10.27.3, 10.28.2", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22028", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:936e2087d6644b543349047139e5971dba652555b895489031083f255ee7cd44", "Title": "preact: Preact: Arbitrary script execution via JSON serialization protection bypass", "Description": "Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DOM elements from being constructed from arbitrary JSON. A regression introduced in Preact 10.26.5 caused this protection to be softened. In applications where values from JSON payloads are assumed to be strings and passed unmodified to Preact as children, a specially-crafted JSON payload could be constructed that would be incorrectly treated as a valid VNode. When this chain of failures occurs it can result in HTML injection, which can allow arbitrary script execution if not mitigated by CSP or other means. Applications using affected Preact versions are vulnerable if they meet all of the following conditions: first, pass unmodified, unsanitized values from user-modifiable data sources (APIs, databases, local storage, etc.) directly into the render tree; second assume these values are strings but the data source could return actual JavaScript objects instead of JSON strings; and third, the data source either fails to perform type sanitization AND blindly stores/returns raw objects interchangeably with strings, OR is compromised (e.g., poisoned local storage, filesystem, or database). Versions 10.26.10, 10.27.3, and 10.28.2 patch the issue. The patch versions restore the previous strict equality checks that prevent JSON-parsed objects from being treated as valid VNodes. Other mitigations are available for those who cannot immediately upgrade. Validate input types, cast or validate network data, sanitize external data, and use Content Security Policy (CSP).", "Severity": "HIGH", "CweIDs": [ "CWE-843" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U", "V40Score": 7.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-22028", "https://github.com/preactjs/preact", "https://github.com/preactjs/preact/security/advisories/GHSA-36hm-qxxp-pg3m", "https://nvd.nist.gov/vuln/detail/CVE-2026-22028", "https://www.cve.org/CVERecord?id=CVE-2026-22028" ], "PublishedDate": "2026-01-08T15:15:44.853Z", "LastModifiedDate": "2026-01-12T18:58:38.207Z" }, { "VulnerabilityID": "CVE-2025-68470", "VendorIDs": [ "GHSA-9jcx-v3wj-wh4m" ], "PkgID": "react-router@6.30.1", "PkgName": "react-router", "PkgIdentifier": { "PURL": "pkg:npm/react-router@6.30.1", "UID": "357d5ed1312e84b2", "BOMRef": "pkg:npm/react-router@6.30.1" }, "InstalledVersion": "6.30.1", "FixedVersion": "6.30.2, 7.9.6", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-68470", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:1f584cae03602051f743ca5aa1e173f7cc510ce2be3dccb511cf85bbf21bf8cb", "Title": "react-router: React Router unexpected external redirect", "Description": "React Router is a router for React. In versions 6.0.0 through 6.30.1 and 7.0.0 through 7.9.5, an attacker-supplied path can be crafted so that when a React Router application navigates to it via navigate(), \u003cLink\u003e, or redirect(), the app performs a navigation/redirect to an external URL. This is only an issue if you are passing untrusted content into navigation paths in your application code. This issue has been patched in versions 6.30.2 and 7.9.6.", "Severity": "MEDIUM", "CweIDs": [ "CWE-601" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-68470", "https://github.com/remix-run/react-router", "https://github.com/remix-run/react-router/security/advisories/GHSA-9jcx-v3wj-wh4m", "https://nvd.nist.gov/vuln/detail/CVE-2025-68470", "https://www.cve.org/CVERecord?id=CVE-2025-68470" ], "PublishedDate": "2026-01-10T03:15:48.477Z", "LastModifiedDate": "2026-01-30T18:20:54.873Z" }, { "VulnerabilityID": "CVE-2026-27606", "VendorIDs": [ "GHSA-mw96-cpmx-2vgc" ], "PkgID": "rollup@2.79.2", "PkgName": "rollup", "PkgIdentifier": { "PURL": "pkg:npm/rollup@2.79.2", "UID": "b816620694fb7b45", "BOMRef": "pkg:npm/rollup@2.79.2" }, "InstalledVersion": "2.79.2", "FixedVersion": "2.80.0, 3.30.0, 4.59.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27606", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:37679548e4c37b01e70516290b86a15ffd6e14403cfe0bdb7078ca4e40d70556", "Title": "rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability", "Description": "Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 4, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P", "V40Score": 8.8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 9.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27606", "https://github.com/rollup/rollup", "https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2", "https://github.com/rollup/rollup/commit/c8cf1f9c48c516285758c1e11f08a54f304fd44e", "https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3", "https://github.com/rollup/rollup/releases/tag/v2.80.0", "https://github.com/rollup/rollup/releases/tag/v3.30.0", "https://github.com/rollup/rollup/releases/tag/v4.59.0", "https://github.com/rollup/rollup/security/advisories/GHSA-mw96-cpmx-2vgc", "https://nvd.nist.gov/vuln/detail/CVE-2026-27606", "https://www.cve.org/CVERecord?id=CVE-2026-27606" ], "PublishedDate": "2026-02-25T03:16:04.603Z", "LastModifiedDate": "2026-02-25T16:05:11.063Z" }, { "VulnerabilityID": "CVE-2026-27606", "VendorIDs": [ "GHSA-mw96-cpmx-2vgc" ], "PkgID": "rollup@4.44.2", "PkgName": "rollup", "PkgIdentifier": { "PURL": "pkg:npm/rollup@4.44.2", "UID": "72df50630c982dc4", "BOMRef": "pkg:npm/rollup@4.44.2" }, "InstalledVersion": "4.44.2", "FixedVersion": "2.80.0, 3.30.0, 4.59.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27606", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:1826534c4058c9a037371f846f4d92ebe535a31bc461297a8d96f9142150e823", "Title": "rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability", "Description": "Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 4, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P", "V40Score": 8.8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 9.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27606", "https://github.com/rollup/rollup", "https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2", "https://github.com/rollup/rollup/commit/c8cf1f9c48c516285758c1e11f08a54f304fd44e", "https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3", "https://github.com/rollup/rollup/releases/tag/v2.80.0", "https://github.com/rollup/rollup/releases/tag/v3.30.0", "https://github.com/rollup/rollup/releases/tag/v4.59.0", "https://github.com/rollup/rollup/security/advisories/GHSA-mw96-cpmx-2vgc", "https://nvd.nist.gov/vuln/detail/CVE-2026-27606", "https://www.cve.org/CVERecord?id=CVE-2026-27606" ], "PublishedDate": "2026-02-25T03:16:04.603Z", "LastModifiedDate": "2026-02-25T16:05:11.063Z" }, { "VulnerabilityID": "CVE-2026-23745", "VendorIDs": [ "GHSA-8qq5-rm4j-mr97" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "a47f5dc2b84bfe84", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.3", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-23745", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:54e246eafd3a19461f8c7bff7d84dd18db3694ccc2b656243163e8a0a26bf55b", "Title": "node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives", "Description": "node-tar is a Tar for Node.js. The node-tar library (\u003c= 7.5.2) fails to sanitize the linkpath of Link (hardlink) and SymbolicLink entries when preservePaths is false (the default secure behavior). This allows malicious archives to bypass the extraction root restriction, leading to Arbitrary File Overwrite via hardlinks and Symlink Poisoning via absolute symlink targets. This vulnerability is fixed in 7.5.3.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", "V3Score": 6.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "V3Score": 8.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-23745", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/340eb285b6d986e91969a1170d7fe9b0face405e", "https://github.com/isaacs/node-tar/security/advisories/GHSA-8qq5-rm4j-mr97", "https://nvd.nist.gov/vuln/detail/CVE-2026-23745", "https://www.cve.org/CVERecord?id=CVE-2026-23745" ], "PublishedDate": "2026-01-16T22:16:26.83Z", "LastModifiedDate": "2026-02-18T16:20:07.823Z" }, { "VulnerabilityID": "CVE-2026-23950", "VendorIDs": [ "GHSA-r6q2-hw4h-h46w" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "a47f5dc2b84bfe84", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.4", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-23950", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:b4abfc3829172450c256597b8c5ff5b1a420470b772ff307f623f0ebd2d17057", "Title": "node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition", "Description": "node-tar,a Tar for Node.js, has a race condition vulnerability in versions up to and including 7.5.3. This is due to an incomplete handling of Unicode path collisions in the `path-reservations` system. On case-insensitive or normalization-insensitive filesystems (such as macOS APFS, In which it has been tested), the library fails to lock colliding paths (e.g., `ß` and `ss`), allowing them to be processed in parallel. This bypasses the library's internal concurrency safeguards and permits Symlink Poisoning attacks via race conditions. The library uses a `PathReservations` system to ensure that metadata checks and file operations for the same path are serialized. This prevents race conditions where one entry might clobber another concurrently. This is a Race Condition which enables Arbitrary File Overwrite. This vulnerability affects users and systems using node-tar on macOS (APFS/HFS+). Because of using `NFD` Unicode normalization (in which `ß` and `ss` are different), conflicting paths do not have their order properly preserved under filesystems that ignore Unicode normalization (e.g., APFS (in which `ß` causes an inode collision with `ss`)). This enables an attacker to circumvent internal parallelization locks (`PathReservations`) using conflicting filenames within a malicious tar archive. The patch in version 7.5.4 updates `path-reservations.js` to use a normalization form that matches the target filesystem's behavior (e.g., `NFKD`), followed by first `toLocaleLowerCase('en')` and then `toLocaleUpperCase('en')`. As a workaround, users who cannot upgrade promptly, and who are programmatically using `node-tar` to extract arbitrary tarball data should filter out all `SymbolicLink` entries (as npm does) to defend against arbitrary file writes via this file system entry name collision issue.", "Severity": "HIGH", "CweIDs": [ "CWE-176", "CWE-352", "CWE-367" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L", "V3Score": 8.8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L", "V3Score": 8.8 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-23950", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/3b1abfae650056edfabcbe0a0df5954d390521e6", "https://github.com/isaacs/node-tar/security/advisories/GHSA-r6q2-hw4h-h46w", "https://nvd.nist.gov/vuln/detail/CVE-2026-23950", "https://www.cve.org/CVERecord?id=CVE-2026-23950" ], "PublishedDate": "2026-01-20T01:15:57.87Z", "LastModifiedDate": "2026-02-18T15:50:29.91Z" }, { "VulnerabilityID": "CVE-2026-24842", "VendorIDs": [ "GHSA-34x7-hfp2-rc4v" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "a47f5dc2b84bfe84", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.7", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-24842", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:25f22c6eb657f3708958a40b6d41993023a9ef6e710b714256e5ca272632fbc7", "Title": "node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check", "Description": "node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path resolution semantics than the actual hardlink creation logic. This mismatch allows an attacker to craft a malicious TAR archive that bypasses path traversal protections and creates hardlinks to arbitrary files outside the extraction directory. Version 7.5.7 contains a fix for the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "V3Score": 8.2 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "V3Score": 8.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-24842", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f4a7aa9bc3d717c987fdf1480ff7a64e87ffdb46", "https://github.com/isaacs/node-tar/security/advisories/GHSA-34x7-hfp2-rc4v", "https://nvd.nist.gov/vuln/detail/CVE-2026-24842", "https://www.cve.org/CVERecord?id=CVE-2026-24842" ], "PublishedDate": "2026-01-28T01:16:14.947Z", "LastModifiedDate": "2026-02-02T14:30:10.89Z" }, { "VulnerabilityID": "CVE-2026-26960", "VendorIDs": [ "GHSA-83g3-92jg-28cx" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "a47f5dc2b84bfe84", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.8", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-26960", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:c319a059b780724d6f7019dff0df1ba6191903f27fea6a377249166cb813dd7e", "Title": "tar: node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation", "Description": "node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting user. Severity is high because the primitive bypasses path protections and turns archive extraction into a direct filesystem access primitive. This issue has been fixed in version 7.5.8.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "V3Score": 7.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "V3Score": 7.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "V3Score": 7.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-26960", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384", "https://github.com/isaacs/node-tar/commit/d18e4e1f846f4ddddc153b0f536a19c050e7499f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-83g3-92jg-28cx", "https://nvd.nist.gov/vuln/detail/CVE-2026-26960", "https://www.cve.org/CVERecord?id=CVE-2026-26960" ], "PublishedDate": "2026-02-20T02:16:53.883Z", "LastModifiedDate": "2026-02-20T19:24:16.537Z" }, { "VulnerabilityID": "CVE-2026-29786", "VendorIDs": [ "GHSA-qffp-2rhf-9h96" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "a47f5dc2b84bfe84", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.10", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:0b2ce4e5b4b2c8e01e6262392e3c66ed1c149c21556d1d078d420fce857191d7", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-31802", "VendorIDs": [ "GHSA-9ppj-qmqm-q256" ], "PkgID": "tar@7.4.3", "PkgName": "tar", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.4.3", "UID": "a47f5dc2b84bfe84", "BOMRef": "pkg:npm/tar@7.4.3" }, "InstalledVersion": "7.4.3", "FixedVersion": "7.5.11", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31802", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:6e9eccfea9e7c52691eca667ec3de15ddbe4c5b0d3b34f96f327f9c8420425b9", "Title": "tar: tar: File overwrite via drive-relative symlink traversal", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31802", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad", "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256", "https://nvd.nist.gov/vuln/detail/CVE-2026-31802", "https://www.cve.org/CVERecord?id=CVE-2026-31802" ], "PublishedDate": "2026-03-10T07:44:58.02Z", "LastModifiedDate": "2026-03-18T18:13:34.703Z" }, { "VulnerabilityID": "CVE-2026-1526", "VendorIDs": [ "GHSA-vrm6-8vpv-qv8q" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "45def18b2c315306", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "6.24.0, 7.24.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1526", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:c62df4f6607d812c4af608d5f24b067224530958d5ae904654953b8c02955a3a", "Title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression", "Description": "The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\n\nThe vulnerability exists in the PerMessageDeflate.decompress() method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold.", "Severity": "HIGH", "CweIDs": [ "CWE-409" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1526", "https://cna.openjsf.org/security-advisories.html", "https://datatracker.ietf.org/doc/html/rfc7692", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q", "https://hackerone.com/reports/3481206", "https://nvd.nist.gov/vuln/detail/CVE-2026-1526", "https://owasp.org/www-community/attacks/Denial_of_Service", "https://www.cve.org/CVERecord?id=CVE-2026-1526" ], "PublishedDate": "2026-03-12T21:16:23.933Z", "LastModifiedDate": "2026-03-20T15:56:47.337Z" }, { "VulnerabilityID": "CVE-2026-1528", "VendorIDs": [ "GHSA-f269-vfmq-vjvj" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "45def18b2c315306", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "6.24.0, 7.24.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1528", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:df33ac7fd6c8caf2e8ae94dd5b72206744b0c78e1c3725155cf7bc21405ede2e", "Title": "undici: undici: Denial of Service via crafted WebSocket frame with large length", "Description": "ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process.\n\nPatches\n\nPatched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.", "Severity": "HIGH", "CweIDs": [ "CWE-248", "CWE-1284" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1528", "https://cna.openjsf.org/security-advisories.html", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj", "https://hackerone.com/reports/3537648", "https://nvd.nist.gov/vuln/detail/CVE-2026-1528", "https://www.cve.org/CVERecord?id=CVE-2026-1528" ], "PublishedDate": "2026-03-12T21:16:25.33Z", "LastModifiedDate": "2026-03-20T15:41:40.11Z" }, { "VulnerabilityID": "CVE-2026-2229", "VendorIDs": [ "GHSA-v9p9-hfj2-hcw8" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "45def18b2c315306", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "6.24.0, 7.24.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2229", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:640e6f9dd640196c89af0a02ac87ddc0ccdac54d5d5295a62bbaadca9c8e0691", "Title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter", "Description": "ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the server_max_window_bits parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range server_max_window_bits value (outside zlib's valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\n\nThe vulnerability exists because:\n\n * The isValidClientWindowBits() function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\n * The createInflateRaw() call is not wrapped in a try-catch block\n * The resulting exception propagates up through the call stack and crashes the Node.js process", "Severity": "HIGH", "CweIDs": [ "CWE-248", "CWE-1284" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-2229", "https://cna.openjsf.org/security-advisories.html", "https://datatracker.ietf.org/doc/html/rfc7692", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8", "https://hackerone.com/reports/3487486", "https://nodejs.org/api/zlib.html#class-zlibinflateraw", "https://nvd.nist.gov/vuln/detail/CVE-2026-2229", "https://www.cve.org/CVERecord?id=CVE-2026-2229" ], "PublishedDate": "2026-03-12T21:16:25.573Z", "LastModifiedDate": "2026-03-20T15:39:12.24Z" }, { "VulnerabilityID": "CVE-2026-1525", "VendorIDs": [ "GHSA-2mjp-6q6p-2qxm" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "45def18b2c315306", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "6.24.0, 7.24.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1525", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:86af27fe6cf2468a4ae3fe86eac1864fdd0c6546bf6859827e586ca41f3af5b7", "Title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers", "Description": "Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names (e.g., Content-Length and content-length). This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire.\n\nWho is impacted:\n\n * Applications using undici.request(), undici.Client, or similar low-level APIs with headers passed as flat arrays\n * Applications that accept user-controlled header names without case-normalization\n\n\nPotential consequences:\n\n * Denial of Service: Strict HTTP parsers (proxies, servers) will reject requests with duplicate Content-Length headers (400 Bad Request)\n * HTTP Request Smuggling: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking", "Severity": "MEDIUM", "CweIDs": [ "CWE-444" ], "VendorSeverity": { "amazon": 3, "ghsa": 2, "nvd": 4, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "V3Score": 9.8 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "V3Score": 7.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1525", "https://cna.openjsf.org/security-advisories.html", "https://cwe.mitre.org/data/definitions/444.html", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm", "https://hackerone.com/reports/3556037", "https://nvd.nist.gov/vuln/detail/CVE-2026-1525", "https://www.cve.org/CVERecord?id=CVE-2026-1525", "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6" ], "PublishedDate": "2026-03-12T20:16:02.67Z", "LastModifiedDate": "2026-03-19T17:29:34.053Z" }, { "VulnerabilityID": "CVE-2026-1527", "VendorIDs": [ "GHSA-4992-7rv2-5pvq" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "45def18b2c315306", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "6.24.0, 7.24.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-1527", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:1419d070c27321c779730c7c3d4b0803e40f859d08764b3ecb5fb39a279ee634", "Title": "undici: Undici: HTTP header injection and request smuggling vulnerability", "Description": "ImpactWhen an application passes user-controlled input to the upgrade option of client.request(), an attacker can inject CRLF sequences (\\r\\n) to:\n\n * Inject arbitrary HTTP headers\n * Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\nThe vulnerability exists because undici writes the upgrade value directly to the socket without validating for invalid header characters:\n\n// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}", "Severity": "MEDIUM", "CweIDs": [ "CWE-93" ], "VendorSeverity": { "amazon": 3, "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "V3Score": 4.6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-1527", "https://cna.openjsf.org/security-advisories.html", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq", "https://hackerone.com/reports/3487198", "https://nvd.nist.gov/vuln/detail/CVE-2026-1527", "https://www.cve.org/CVERecord?id=CVE-2026-1527" ], "PublishedDate": "2026-03-12T21:16:25.137Z", "LastModifiedDate": "2026-03-20T15:49:31.37Z" }, { "VulnerabilityID": "CVE-2026-22036", "VendorIDs": [ "GHSA-g9mf-h72j-4rw9" ], "PkgID": "undici@6.21.3", "PkgName": "undici", "PkgIdentifier": { "PURL": "pkg:npm/undici@6.21.3", "UID": "45def18b2c315306", "BOMRef": "pkg:npm/undici@6.21.3" }, "InstalledVersion": "6.21.3", "FixedVersion": "7.18.2, 6.23.0", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22036", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:f9ba4bac4f1b37b9f6e17094d8da9b6d79677891efa3ee4a16ff73aa713651fa", "Title": "undici: Undici: Denial of Service via excessive decompression steps", "Description": "Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0, the number of links in the decompression chain is unbounded and the default maxHeaderSize allows a malicious server to insert thousands compression steps leading to high CPU usage and excessive memory allocation. This vulnerability is fixed in 7.18.0 and 6.23.0.", "Severity": "MEDIUM", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "amazon": 3, "ghsa": 2, "nvd": 3, "redhat": 1 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-22036", "https://github.com/nodejs/undici", "https://github.com/nodejs/undici/commit/b04e3cbb569c1596f86c108e9b52c79d8475dcb3", "https://github.com/nodejs/undici/security/advisories/GHSA-g9mf-h72j-4rw9", "https://nvd.nist.gov/vuln/detail/CVE-2026-22036", "https://www.cve.org/CVERecord?id=CVE-2026-22036" ], "PublishedDate": "2026-01-14T19:16:47.833Z", "LastModifiedDate": "2026-01-22T21:15:50.07Z" }, { "VulnerabilityID": "CVE-2026-33532", "VendorIDs": [ "GHSA-48c2-rrv3-qjmp" ], "PkgID": "yaml@1.10.2", "PkgName": "yaml", "PkgIdentifier": { "PURL": "pkg:npm/yaml@1.10.2", "UID": "f53297dc540f52f", "BOMRef": "pkg:npm/yaml@1.10.2" }, "InstalledVersion": "1.10.2", "FixedVersion": "2.8.3, 1.10.3", "Status": "fixed", "Layer": { "Digest": "sha256:c0ce8e5746c8053e7af9526948e1ff878b5d8f98897556b9147e8131052ae840", "DiffID": "sha256:fe8b911fc455adb5281383e69c44b5a39a296cb93a8fa738dc17a343c0630974" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33532", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ea5ff7f0bd377620ee8af63b26165c9bbcf783f2de087e53ee89a6ad56d3fcbd", "Title": "yaml: yaml: Denial of Service via deeply nested YAML document parsing", "Description": "`yaml` is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of `yaml` on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a depth bound. An attacker who can supply YAML for parsing can trigger a `RangeError: Maximum call stack size exceeded` with a small payload (~2–10 KB). The `RangeError` is not a `YAMLParseError`, so applications that only catch YAML-specific errors will encounter an unexpected exception type. Depending on the host application's exception handling, this can fail requests or terminate the Node.js process. Flow sequences allow deep nesting with minimal bytes (2 bytes per level: one `[` and one `]`). On the default Node.js stack, approximately 1,000–5,000 levels of nesting (2–10 KB input) exhaust the call stack. The exact threshold is environment-dependent (Node.js version, stack size, call stack depth at invocation). Note: the library's `Parser` (CST phase) uses a stack-based iterative approach and is not affected. Only the compose/resolve phase uses actual call-stack recursion. All three public parsing APIs are affected: `YAML.parse()`, `YAML.parseDocument()`, and `YAML.parseAllDocuments()`. Versions 1.10.3 and 2.8.3 contain a patch.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33532", "https://github.com/eemeli/yaml", "https://github.com/eemeli/yaml/commit/1e84ebbea7ec35011a4c61bbb820a529ee4f359b", "https://github.com/eemeli/yaml/releases/tag/v1.10.3", "https://github.com/eemeli/yaml/releases/tag/v2.8.3", "https://github.com/eemeli/yaml/security/advisories/GHSA-48c2-rrv3-qjmp", "https://nvd.nist.gov/vuln/detail/CVE-2026-33532", "https://www.cve.org/CVERecord?id=CVE-2026-33532" ], "PublishedDate": "2026-03-26T20:16:15.543Z", "LastModifiedDate": "2026-04-02T18:11:37.49Z" } ] }, { "Target": "qdrant/qdrant.spdx.json", "Class": "lang-pkgs", "Type": "cargo", "Packages": [ { "ID": "actix-codec@0.5.0", "Name": "actix-codec", "Identifier": { "PURL": "pkg:cargo/actix-codec@0.5.0", "UID": "e8de9d5648d2a9fe", "BOMRef": "pkg:cargo/actix-codec@0.5.0" }, "Version": "0.5.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bitflags@1.3.2", "bytes@1.10.1", "futures-core@0.3.31", "futures-sink@0.3.31", "log@0.4.29", "memchr@2.7.4", "pin-project-lite@0.2.12", "tokio-util@0.7.17", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-cors@0.7.1", "Name": "actix-cors", "Identifier": { "PURL": "pkg:cargo/actix-cors@0.7.1", "UID": "33efdfd13940fac2", "BOMRef": "pkg:cargo/actix-cors@0.7.1" }, "Version": "0.7.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-utils@3.0.1", "actix-web@4.12.1", "derive_more@2.1.0", "futures-util@0.3.31", "log@0.4.29", "once_cell@1.21.3", "smallvec@1.15.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-files@0.6.9", "Name": "actix-files", "Identifier": { "PURL": "pkg:cargo/actix-files@0.6.9", "UID": "9755dfda483da25", "BOMRef": "pkg:cargo/actix-files@0.6.9" }, "Version": "0.6.9", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-http@3.11.2", "actix-service@2.0.2", "actix-utils@3.0.1", "actix-web@4.12.1", "bitflags@2.9.1", "bytes@1.10.1", "derive_more@2.1.0", "futures-core@0.3.31", "http-range@0.1.5", "log@0.4.29", "mime@0.3.16", "mime_guess@2.0.4", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "v_htmlescape@0.15.8" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-http@3.11.2", "Name": "actix-http", "Identifier": { "PURL": "pkg:cargo/actix-http@3.11.2", "UID": "b5076e530f644ff6", "BOMRef": "pkg:cargo/actix-http@3.11.2" }, "Version": "3.11.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-codec@0.5.0", "actix-rt@2.10.0", "actix-service@2.0.2", "actix-tls@3.4.0", "actix-utils@3.0.1", "base64@0.22.0", "bitflags@2.9.1", "brotli@8.0.1", "bytes@1.10.1", "bytestring@1.2.0", "derive_more@2.1.0", "encoding_rs@0.8.33", "flate2@1.1.5", "foldhash@0.1.4", "futures-core@0.3.31", "h2@0.3.27", "http@0.2.12", "httparse@1.10.1", "httpdate@1.0.2", "itoa@1.0.5", "language-tags@0.3.2", "local-channel@0.1.3", "mime@0.3.16", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "rand@0.9.2", "sha1@0.10.5", "smallvec@1.15.1", "tokio-util@0.7.17", "tokio@1.48.0", "tracing@0.1.43", "zstd@0.13.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-macros@0.2.3", "Name": "actix-macros", "Identifier": { "PURL": "pkg:cargo/actix-macros@0.2.3", "UID": "4e2d219405053325", "BOMRef": "pkg:cargo/actix-macros@0.2.3" }, "Version": "0.2.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-multipart@0.7.2", "Name": "actix-multipart", "Identifier": { "PURL": "pkg:cargo/actix-multipart@0.7.2", "UID": "7a6c47942b88da40", "BOMRef": "pkg:cargo/actix-multipart@0.7.2" }, "Version": "0.7.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-multipart-derive@0.7.0", "actix-utils@3.0.1", "actix-web@4.12.1", "derive_more@0.99.17", "futures-core@0.3.31", "futures-util@0.3.31", "httparse@1.10.1", "local-waker@0.1.3", "log@0.4.29", "memchr@2.7.4", "mime@0.3.16", "rand@0.8.5", "serde@1.0.226", "serde_json@1.0.145", "serde_plain@1.0.1", "tempfile@3.23.0", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-multipart-derive@0.7.0", "Name": "actix-multipart-derive", "Identifier": { "PURL": "pkg:cargo/actix-multipart-derive@0.7.0", "UID": "e26426d51b678d65", "BOMRef": "pkg:cargo/actix-multipart-derive@0.7.0" }, "Version": "0.7.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "darling@0.20.8", "parse-size@1.0.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-router@0.5.3", "Name": "actix-router", "Identifier": { "PURL": "pkg:cargo/actix-router@0.5.3", "UID": "6418e1111688f02c", "BOMRef": "pkg:cargo/actix-router@0.5.3" }, "Version": "0.5.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytestring@1.2.0", "cfg-if@1.0.0", "http@0.2.12", "regex-lite@0.1.5", "regex@1.11.0", "serde@1.0.226", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-rt@2.10.0", "Name": "actix-rt", "Identifier": { "PURL": "pkg:cargo/actix-rt@2.10.0", "UID": "3253b981e64de635", "BOMRef": "pkg:cargo/actix-rt@2.10.0" }, "Version": "2.10.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-server@2.6.0", "Name": "actix-server", "Identifier": { "PURL": "pkg:cargo/actix-server@2.6.0", "UID": "510fa73312d0bd57", "BOMRef": "pkg:cargo/actix-server@2.6.0" }, "Version": "2.6.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-rt@2.10.0", "actix-service@2.0.2", "actix-utils@3.0.1", "futures-core@0.3.31", "futures-util@0.3.31", "mio@1.0.1", "socket2@0.5.10", "tokio@1.48.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-service@2.0.2", "Name": "actix-service", "Identifier": { "PURL": "pkg:cargo/actix-service@2.0.2", "UID": "4b7bc884b4abc03e", "BOMRef": "pkg:cargo/actix-service@2.0.2" }, "Version": "2.0.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31", "paste@1.0.11", "pin-project-lite@0.2.12" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-tls@3.4.0", "Name": "actix-tls", "Identifier": { "PURL": "pkg:cargo/actix-tls@3.4.0", "UID": "8f83d9761ca95341", "BOMRef": "pkg:cargo/actix-tls@3.4.0" }, "Version": "3.4.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-rt@2.10.0", "actix-service@2.0.2", "actix-utils@3.0.1", "futures-core@0.3.31", "impl-more@0.1.6", "pin-project-lite@0.2.12", "rustls-pki-types@1.13.1", "tokio-rustls@0.26.0", "tokio-util@0.7.17", "tokio@1.48.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-utils@3.0.1", "Name": "actix-utils", "Identifier": { "PURL": "pkg:cargo/actix-utils@3.0.1", "UID": "31d04966537fcc7c", "BOMRef": "pkg:cargo/actix-utils@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "local-waker@0.1.3", "pin-project-lite@0.2.12" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-web@4.12.1", "Name": "actix-web", "Identifier": { "PURL": "pkg:cargo/actix-web@4.12.1", "UID": "6de5186362e60418", "BOMRef": "pkg:cargo/actix-web@4.12.1" }, "Version": "4.12.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-codec@0.5.0", "actix-http@3.11.2", "actix-macros@0.2.3", "actix-router@0.5.3", "actix-rt@2.10.0", "actix-server@2.6.0", "actix-service@2.0.2", "actix-tls@3.4.0", "actix-utils@3.0.1", "actix-web-codegen@4.3.0", "bytes@1.10.1", "bytestring@1.2.0", "cfg-if@1.0.0", "cookie@0.16.2", "derive_more@2.1.0", "encoding_rs@0.8.33", "foldhash@0.1.4", "futures-core@0.3.31", "futures-util@0.3.31", "impl-more@0.1.6", "itoa@1.0.5", "language-tags@0.3.2", "log@0.4.29", "mime@0.3.16", "once_cell@1.21.3", "pin-project-lite@0.2.12", "regex-lite@0.1.5", "regex@1.11.0", "serde@1.0.226", "serde_json@1.0.145", "serde_urlencoded@0.7.1", "smallvec@1.15.1", "socket2@0.6.0", "time@0.3.17", "tracing@0.1.43", "url@2.5.7" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-web-codegen@4.3.0", "Name": "actix-web-codegen", "Identifier": { "PURL": "pkg:cargo/actix-web-codegen@4.3.0", "UID": "ab1f390177961996", "BOMRef": "pkg:cargo/actix-web-codegen@4.3.0" }, "Version": "4.3.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-router@0.5.3", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-web-extras@0.1.0", "Name": "actix-web-extras", "Identifier": { "PURL": "pkg:cargo/actix-web-extras@0.1.0", "UID": "2d13252c86e4ddc2", "BOMRef": "pkg:cargo/actix-web-extras@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-web@4.12.1", "futures-core@0.3.31", "futures-util@0.3.31", "pin-project-lite@0.2.12" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "actix-web-validator@7.0.0", "Name": "actix-web-validator", "Identifier": { "PURL": "pkg:cargo/actix-web-validator@7.0.0", "UID": "8efeaa9b0f919866", "BOMRef": "pkg:cargo/actix-web-validator@7.0.0" }, "Version": "7.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "actix-http@3.11.2", "actix-router@0.5.3", "actix-web@4.12.1", "bytes@1.10.1", "futures-util@0.3.31", "futures@0.3.31", "log@0.4.29", "mime@0.3.16", "serde@1.0.226", "serde_json@1.0.145", "serde_qs@0.13.0", "serde_urlencoded@0.7.1", "thiserror@2.0.17", "validator@0.20.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "addr2line@0.19.0", "Name": "addr2line", "Identifier": { "PURL": "pkg:cargo/addr2line@0.19.0", "UID": "e52cd150b8c7d7bf", "BOMRef": "pkg:cargo/addr2line@0.19.0" }, "Version": "0.19.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "gimli@0.27.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "adler@1.0.2", "Name": "adler", "Identifier": { "PURL": "pkg:cargo/adler@1.0.2", "UID": "39123fab5e06f552", "BOMRef": "pkg:cargo/adler@1.0.2" }, "Version": "1.0.2", "Licenses": [ "0BSD OR MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "adler2@2.0.0", "Name": "adler2", "Identifier": { "PURL": "pkg:cargo/adler2@2.0.0", "UID": "d40c3f2f587bdbb3", "BOMRef": "pkg:cargo/adler2@2.0.0" }, "Version": "2.0.0", "Licenses": [ "0BSD OR MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "adler32@1.2.0", "Name": "adler32", "Identifier": { "PURL": "pkg:cargo/adler32@1.2.0", "UID": "c4cde0205e6781d9", "BOMRef": "pkg:cargo/adler32@1.2.0" }, "Version": "1.2.0", "Licenses": [ "Zlib" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ahash@0.8.11", "Name": "ahash", "Identifier": { "PURL": "pkg:cargo/ahash@0.8.11", "UID": "308fdf707172a4c8", "BOMRef": "pkg:cargo/ahash@0.8.11" }, "Version": "0.8.11", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "getrandom@0.2.11", "once_cell@1.21.3", "serde@1.0.226", "zerocopy@0.7.35" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "aho-corasick@1.1.3", "Name": "aho-corasick", "Identifier": { "PURL": "pkg:cargo/aho-corasick@1.1.3", "UID": "fb874fd23970444e", "BOMRef": "pkg:cargo/aho-corasick@1.1.3" }, "Version": "1.1.3", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "aligned-vec@0.6.1", "Name": "aligned-vec", "Identifier": { "PURL": "pkg:cargo/aligned-vec@0.6.1", "UID": "2c6687ed48d96820", "BOMRef": "pkg:cargo/aligned-vec@0.6.1" }, "Version": "0.6.1", "Licenses": [ "MIT" ], "DependsOn": [ "equator@0.2.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "alloc-no-stdlib@2.0.4", "Name": "alloc-no-stdlib", "Identifier": { "PURL": "pkg:cargo/alloc-no-stdlib@2.0.4", "UID": "b25ee71abdf85b1b", "BOMRef": "pkg:cargo/alloc-no-stdlib@2.0.4" }, "Version": "2.0.4", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "alloc-stdlib@0.2.2", "Name": "alloc-stdlib", "Identifier": { "PURL": "pkg:cargo/alloc-stdlib@0.2.2", "UID": "241971ffe2443676", "BOMRef": "pkg:cargo/alloc-stdlib@0.2.2" }, "Version": "0.2.2", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "alloc-no-stdlib@2.0.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "allocator-api2@0.2.16", "Name": "allocator-api2", "Identifier": { "PURL": "pkg:cargo/allocator-api2@0.2.16", "UID": "d114edb1d5b2b03a", "BOMRef": "pkg:cargo/allocator-api2@0.2.16" }, "Version": "0.2.16", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "android_system_properties@0.1.5", "Name": "android_system_properties", "Identifier": { "PURL": "pkg:cargo/android_system_properties@0.1.5", "UID": "404ffc854e0326e3", "BOMRef": "pkg:cargo/android_system_properties@0.1.5" }, "Version": "0.1.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "anstream@0.6.11", "Name": "anstream", "Identifier": { "PURL": "pkg:cargo/anstream@0.6.11", "UID": "438b626021844d51", "BOMRef": "pkg:cargo/anstream@0.6.11" }, "Version": "0.6.11", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "anstyle-parse@0.2.0", "anstyle-query@1.0.0", "anstyle-wincon@3.0.1", "anstyle@1.0.8", "colorchoice@1.0.0", "utf8parse@0.2.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "anstyle@1.0.8", "Name": "anstyle", "Identifier": { "PURL": "pkg:cargo/anstyle@1.0.8", "UID": "b400161e9b9ab0ff", "BOMRef": "pkg:cargo/anstyle@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "anstyle-parse@0.2.0", "Name": "anstyle-parse", "Identifier": { "PURL": "pkg:cargo/anstyle-parse@0.2.0", "UID": "1cecc276c0397e5c", "BOMRef": "pkg:cargo/anstyle-parse@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "utf8parse@0.2.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "anstyle-query@1.0.0", "Name": "anstyle-query", "Identifier": { "PURL": "pkg:cargo/anstyle-query@1.0.0", "UID": "f46b9f1db676c269", "BOMRef": "pkg:cargo/anstyle-query@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-sys@0.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "anstyle-wincon@3.0.1", "Name": "anstyle-wincon", "Identifier": { "PURL": "pkg:cargo/anstyle-wincon@3.0.1", "UID": "33b437fc89b4eae2", "BOMRef": "pkg:cargo/anstyle-wincon@3.0.1" }, "Version": "3.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "anstyle@1.0.8", "windows-sys@0.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "antidote@1.0.0", "Name": "antidote", "Identifier": { "PURL": "pkg:cargo/antidote@1.0.0", "UID": "21604410a8f930a0", "BOMRef": "pkg:cargo/antidote@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "anyhow@1.0.100", "Name": "anyhow", "Identifier": { "PURL": "pkg:cargo/anyhow@1.0.100", "UID": "66175ee13ffebed2", "BOMRef": "pkg:cargo/anyhow@1.0.100" }, "Version": "1.0.100", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "approx@0.5.1", "Name": "approx", "Identifier": { "PURL": "pkg:cargo/approx@0.5.1", "UID": "a231be48e2770014", "BOMRef": "pkg:cargo/approx@0.5.1" }, "Version": "0.5.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "arc-swap@1.7.1", "Name": "arc-swap", "Identifier": { "PURL": "pkg:cargo/arc-swap@1.7.1", "UID": "b499ae8e9323bf87", "BOMRef": "pkg:cargo/arc-swap@1.7.1" }, "Version": "1.7.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "arraydeque@0.5.1", "Name": "arraydeque", "Identifier": { "PURL": "pkg:cargo/arraydeque@0.5.1", "UID": "33c27b0fb3294486", "BOMRef": "pkg:cargo/arraydeque@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "arrayvec@0.4.12", "Name": "arrayvec", "Identifier": { "PURL": "pkg:cargo/arrayvec@0.4.12", "UID": "7845fded0b012530", "BOMRef": "pkg:cargo/arrayvec@0.4.12" }, "Version": "0.4.12", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "nodrop@0.1.14" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "arrayvec@0.7.6", "Name": "arrayvec", "Identifier": { "PURL": "pkg:cargo/arrayvec@0.7.6", "UID": "a2358472946d6c5", "BOMRef": "pkg:cargo/arrayvec@0.7.6" }, "Version": "0.7.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ash@0.38.0+1.3.281", "Name": "ash", "Identifier": { "PURL": "pkg:cargo/ash@0.38.0%2B1.3.281", "UID": "a4ba2abf155f399", "BOMRef": "pkg:cargo/ash@0.38.0%2B1.3.281" }, "Version": "0.38.0+1.3.281", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libloading@0.8.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "async-stream@0.3.3", "Name": "async-stream", "Identifier": { "PURL": "pkg:cargo/async-stream@0.3.3", "UID": "d85694168640e980", "BOMRef": "pkg:cargo/async-stream@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "async-stream-impl@0.3.3", "futures-core@0.3.31" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "async-stream-impl@0.3.3", "Name": "async-stream-impl", "Identifier": { "PURL": "pkg:cargo/async-stream-impl@0.3.3", "UID": "f751016d37084664", "BOMRef": "pkg:cargo/async-stream-impl@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "async-trait@0.1.89", "Name": "async-trait", "Identifier": { "PURL": "pkg:cargo/async-trait@0.1.89", "UID": "e2f27566b7bbeafb", "BOMRef": "pkg:cargo/async-trait@0.1.89" }, "Version": "0.1.89", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "atomic_refcell@0.1.13", "Name": "atomic_refcell", "Identifier": { "PURL": "pkg:cargo/atomic_refcell@0.1.13", "UID": "4e7b4d8391d0da3c", "BOMRef": "pkg:cargo/atomic_refcell@0.1.13" }, "Version": "0.1.13", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "atomicwrites@0.4.4", "Name": "atomicwrites", "Identifier": { "PURL": "pkg:cargo/atomicwrites@0.4.4", "UID": "9f088436559a86cf", "BOMRef": "pkg:cargo/atomicwrites@0.4.4" }, "Version": "0.4.4", "Licenses": [ "MIT" ], "DependsOn": [ "rustix@0.38.40", "tempfile@3.23.0", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "axum@0.6.12", "Name": "axum", "Identifier": { "PURL": "pkg:cargo/axum@0.6.12", "UID": "cfa23f988fbccd14", "BOMRef": "pkg:cargo/axum@0.6.12" }, "Version": "0.6.12", "Licenses": [ "MIT" ], "DependsOn": [ "async-trait@0.1.89", "axum-core@0.3.3", "bitflags@1.3.2", "bytes@1.10.1", "futures-util@0.3.31", "http-body@0.4.5", "http@0.2.12", "hyper@0.14.26", "itoa@1.0.5", "matchit@0.7.0", "memchr@2.7.4", "mime@0.3.16", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "serde@1.0.226", "sync_wrapper@0.1.2", "tower-layer@0.3.3", "tower-service@0.3.3", "tower@0.4.13" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "axum@0.7.5", "Name": "axum", "Identifier": { "PURL": "pkg:cargo/axum@0.7.5", "UID": "27460488e7a91f8b", "BOMRef": "pkg:cargo/axum@0.7.5" }, "Version": "0.7.5", "Licenses": [ "MIT" ], "DependsOn": [ "async-trait@0.1.89", "axum-core@0.4.3", "bytes@1.10.1", "futures-util@0.3.31", "http-body-util@0.1.2", "http-body@1.0.0", "http@1.3.1", "itoa@1.0.5", "matchit@0.7.0", "memchr@2.7.4", "mime@0.3.16", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "serde@1.0.226", "sync_wrapper@1.0.1", "tower-layer@0.3.3", "tower-service@0.3.3", "tower@0.4.13" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "axum-core@0.3.3", "Name": "axum-core", "Identifier": { "PURL": "pkg:cargo/axum-core@0.3.3", "UID": "29e6124385c5b173", "BOMRef": "pkg:cargo/axum-core@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "async-trait@0.1.89", "bytes@1.10.1", "futures-util@0.3.31", "http-body@0.4.5", "http@0.2.12", "mime@0.3.16", "tower-layer@0.3.3", "tower-service@0.3.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "axum-core@0.4.3", "Name": "axum-core", "Identifier": { "PURL": "pkg:cargo/axum-core@0.4.3", "UID": "eddea17388308331", "BOMRef": "pkg:cargo/axum-core@0.4.3" }, "Version": "0.4.3", "Licenses": [ "MIT" ], "DependsOn": [ "async-trait@0.1.89", "bytes@1.10.1", "futures-util@0.3.31", "http-body-util@0.1.2", "http-body@1.0.0", "http@1.3.1", "mime@0.3.16", "pin-project-lite@0.2.12", "sync_wrapper@0.1.2", "tower-layer@0.3.3", "tower-service@0.3.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "backtrace@0.3.67", "Name": "backtrace", "Identifier": { "PURL": "pkg:cargo/backtrace@0.3.67", "UID": "d8095d138ebed55b", "BOMRef": "pkg:cargo/backtrace@0.3.67" }, "Version": "0.3.67", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "addr2line@0.19.0", "cfg-if@1.0.0", "libc@0.2.174", "miniz_oxide@0.6.2", "object@0.30.0", "rustc-demangle@0.1.21" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "base16ct@0.2.0", "Name": "base16ct", "Identifier": { "PURL": "pkg:cargo/base16ct@0.2.0", "UID": "9dbd4a3209bc8eb4", "BOMRef": "pkg:cargo/base16ct@0.2.0" }, "Version": "0.2.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "base64@0.13.1", "Name": "base64", "Identifier": { "PURL": "pkg:cargo/base64@0.13.1", "UID": "bd3cde40f2169ce9", "BOMRef": "pkg:cargo/base64@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "base64@0.21.0", "Name": "base64", "Identifier": { "PURL": "pkg:cargo/base64@0.21.0", "UID": "f960dc1a36c312d8", "BOMRef": "pkg:cargo/base64@0.21.0" }, "Version": "0.21.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "base64@0.22.0", "Name": "base64", "Identifier": { "PURL": "pkg:cargo/base64@0.22.0", "UID": "502dec39aa62837f", "BOMRef": "pkg:cargo/base64@0.22.0" }, "Version": "0.22.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "base64ct@1.8.0", "Name": "base64ct", "Identifier": { "PURL": "pkg:cargo/base64ct@1.8.0", "UID": "896d43cd2522ac2", "BOMRef": "pkg:cargo/base64ct@1.8.0" }, "Version": "1.8.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bincode@1.3.3", "Name": "bincode", "Identifier": { "PURL": "pkg:cargo/bincode@1.3.3", "UID": "89976eba43b7ff6", "BOMRef": "pkg:cargo/bincode@1.3.3" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bincode@2.0.1", "Name": "bincode", "Identifier": { "PURL": "pkg:cargo/bincode@2.0.1", "UID": "d891276bd1a59233", "BOMRef": "pkg:cargo/bincode@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "bincode_derive@2.0.1", "serde@1.0.226", "unty@0.0.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bincode_derive@2.0.1", "Name": "bincode_derive", "Identifier": { "PURL": "pkg:cargo/bincode_derive@2.0.1", "UID": "a50fcb25c23a53dd", "BOMRef": "pkg:cargo/bincode_derive@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "virtue@0.0.18" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "binout@0.2.1", "Name": "binout", "Identifier": { "PURL": "pkg:cargo/binout@0.2.1", "UID": "3667abb4cf4c422b", "BOMRef": "pkg:cargo/binout@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bitflags@1.3.2", "Name": "bitflags", "Identifier": { "PURL": "pkg:cargo/bitflags@1.3.2", "UID": "eabfc7bf94ac4aaa", "BOMRef": "pkg:cargo/bitflags@1.3.2" }, "Version": "1.3.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bitflags@2.9.1", "Name": "bitflags", "Identifier": { "PURL": "pkg:cargo/bitflags@2.9.1", "UID": "9af7a796f2f45104", "BOMRef": "pkg:cargo/bitflags@2.9.1" }, "Version": "2.9.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bitm@0.4.2", "Name": "bitm", "Identifier": { "PURL": "pkg:cargo/bitm@0.4.2", "UID": "9427f0e5102e128e", "BOMRef": "pkg:cargo/bitm@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "dyn_size_of@0.4.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bitpacking@0.9.2", "Name": "bitpacking", "Identifier": { "PURL": "pkg:cargo/bitpacking@0.9.2", "UID": "87a8a124ae5b1d00", "BOMRef": "pkg:cargo/bitpacking@0.9.2" }, "Version": "0.9.2", "Licenses": [ "MIT" ], "DependsOn": [ "crunchy@0.2.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bitvec@1.0.1", "Name": "bitvec", "Identifier": { "PURL": "pkg:cargo/bitvec@1.0.1", "UID": "2a3b990248ece7d3", "BOMRef": "pkg:cargo/bitvec@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "funty@2.0.0", "radium@0.7.0", "tap@1.0.1", "wyz@0.5.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "blake2-rfc@0.2.18", "Name": "blake2-rfc", "Identifier": { "PURL": "pkg:cargo/blake2-rfc@0.2.18", "UID": "433e2c8ba2d9d282", "BOMRef": "pkg:cargo/blake2-rfc@0.2.18" }, "Version": "0.2.18", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "arrayvec@0.4.12", "constant_time_eq@0.1.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "block-buffer@0.10.3", "Name": "block-buffer", "Identifier": { "PURL": "pkg:cargo/block-buffer@0.10.3", "UID": "bfedfa098171f681", "BOMRef": "pkg:cargo/block-buffer@0.10.3" }, "Version": "0.10.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "generic-array@0.14.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "brotli@8.0.1", "Name": "brotli", "Identifier": { "PURL": "pkg:cargo/brotli@8.0.1", "UID": "d31e4df7cfe1ac37", "BOMRef": "pkg:cargo/brotli@8.0.1" }, "Version": "8.0.1", "Licenses": [ "BSD-3-Clause AND MIT" ], "DependsOn": [ "alloc-no-stdlib@2.0.4", "alloc-stdlib@0.2.2", "brotli-decompressor@5.0.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "brotli-decompressor@5.0.0", "Name": "brotli-decompressor", "Identifier": { "PURL": "pkg:cargo/brotli-decompressor@5.0.0", "UID": "73bc0952bf0fd66c", "BOMRef": "pkg:cargo/brotli-decompressor@5.0.0" }, "Version": "5.0.0", "Licenses": [ "BSD-3-Clause OR MIT" ], "DependsOn": [ "alloc-no-stdlib@2.0.4", "alloc-stdlib@0.2.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bumpalo@3.11.1", "Name": "bumpalo", "Identifier": { "PURL": "pkg:cargo/bumpalo@3.11.1", "UID": "51762b8faf0d5f62", "BOMRef": "pkg:cargo/bumpalo@3.11.1" }, "Version": "3.11.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bytemuck@1.24.0", "Name": "bytemuck", "Identifier": { "PURL": "pkg:cargo/bytemuck@1.24.0", "UID": "1872010aae4b1fee", "BOMRef": "pkg:cargo/bytemuck@1.24.0" }, "Version": "1.24.0", "Licenses": [ "Zlib OR Apache-2.0 OR MIT" ], "DependsOn": [ "bytemuck_derive@1.10.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bytemuck_derive@1.10.2", "Name": "bytemuck_derive", "Identifier": { "PURL": "pkg:cargo/bytemuck_derive@1.10.2", "UID": "6bbee3ef929ab978", "BOMRef": "pkg:cargo/bytemuck_derive@1.10.2" }, "Version": "1.10.2", "Licenses": [ "Zlib OR Apache-2.0 OR MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "byteorder@1.5.0", "Name": "byteorder", "Identifier": { "PURL": "pkg:cargo/byteorder@1.5.0", "UID": "1151577a298fa5cf", "BOMRef": "pkg:cargo/byteorder@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unlicense OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bytes@1.10.1", "Name": "bytes", "Identifier": { "PURL": "pkg:cargo/bytes@1.10.1", "UID": "faaee59a172a8031", "BOMRef": "pkg:cargo/bytes@1.10.1" }, "Version": "1.10.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bytestring@1.2.0", "Name": "bytestring", "Identifier": { "PURL": "pkg:cargo/bytestring@1.2.0", "UID": "78ea083ebac0b5ad", "BOMRef": "pkg:cargo/bytestring@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytes@1.10.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "bzip2-sys@0.1.11+1.0.8", "Name": "bzip2-sys", "Identifier": { "PURL": "pkg:cargo/bzip2-sys@0.1.11%2B1.0.8", "UID": "563c03ae2e6f6436", "BOMRef": "pkg:cargo/bzip2-sys@0.1.11%2B1.0.8" }, "Version": "0.1.11+1.0.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "cedarwood@0.4.6", "Name": "cedarwood", "Identifier": { "PURL": "pkg:cargo/cedarwood@0.4.6", "UID": "3ceafbc715f16279", "BOMRef": "pkg:cargo/cedarwood@0.4.6" }, "Version": "0.4.6", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "smallvec@1.15.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "cfg-if@1.0.0", "Name": "cfg-if", "Identifier": { "PURL": "pkg:cargo/cfg-if@1.0.0", "UID": "42c2cd919f4dd74a", "BOMRef": "pkg:cargo/cfg-if@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "cgroups-rs@0.3.4", "Name": "cgroups-rs", "Identifier": { "PURL": "pkg:cargo/cgroups-rs@0.3.4", "UID": "5d553752f15a94ea", "BOMRef": "pkg:cargo/cgroups-rs@0.3.4" }, "Version": "0.3.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "log@0.4.29", "nix@0.25.1", "regex@1.11.0", "thiserror@1.0.69" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "charabia@0.9.7", "Name": "charabia", "Identifier": { "PURL": "pkg:cargo/charabia@0.9.7", "UID": "77c12810e4ed890e", "BOMRef": "pkg:cargo/charabia@0.9.7" }, "Version": "0.9.7", "Licenses": [ "MIT" ], "DependsOn": [ "aho-corasick@1.1.3", "csv@1.4.0", "either@1.13.0", "fst@0.4.7", "irg-kvariants@0.1.1", "jieba-rs@0.7.3", "once_cell@1.21.3", "serde@1.0.226", "slice-group-by@0.3.1", "unicode-normalization@0.1.24", "whatlang@0.16.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "chrono@0.4.42", "Name": "chrono", "Identifier": { "PURL": "pkg:cargo/chrono@0.4.42", "UID": "e7909be3c3925b00", "BOMRef": "pkg:cargo/chrono@0.4.42" }, "Version": "0.4.42", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "iana-time-zone@0.1.53", "js-sys@0.3.77", "num-traits@0.2.19", "serde@1.0.226", "wasm-bindgen@0.2.100", "windows-link@0.2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "clap@4.5.53", "Name": "clap", "Identifier": { "PURL": "pkg:cargo/clap@4.5.53", "UID": "126421f0c06daf4f", "BOMRef": "pkg:cargo/clap@4.5.53" }, "Version": "4.5.53", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "clap_builder@4.5.53", "clap_derive@4.5.49" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "clap_builder@4.5.53", "Name": "clap_builder", "Identifier": { "PURL": "pkg:cargo/clap_builder@4.5.53", "UID": "567335dce12f13da", "BOMRef": "pkg:cargo/clap_builder@4.5.53" }, "Version": "4.5.53", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "anstream@0.6.11", "anstyle@1.0.8", "clap_lex@0.7.4", "strsim@0.11.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "clap_derive@4.5.49", "Name": "clap_derive", "Identifier": { "PURL": "pkg:cargo/clap_derive@4.5.49", "UID": "f7403cea1d86b69d", "BOMRef": "pkg:cargo/clap_derive@4.5.49" }, "Version": "4.5.49", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "heck@0.5.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "clap_lex@0.7.4", "Name": "clap_lex", "Identifier": { "PURL": "pkg:cargo/clap_lex@0.7.4", "UID": "145d4322037e6dc7", "BOMRef": "pkg:cargo/clap_lex@0.7.4" }, "Version": "0.7.4", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "colorchoice@1.0.0", "Name": "colorchoice", "Identifier": { "PURL": "pkg:cargo/colorchoice@1.0.0", "UID": "1659a29ef317540f", "BOMRef": "pkg:cargo/colorchoice@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "colored@3.0.0", "Name": "colored", "Identifier": { "PURL": "pkg:cargo/colored@3.0.0", "UID": "d2707e14d9e3cb7b", "BOMRef": "pkg:cargo/colored@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MPL-2.0" ], "DependsOn": [ "windows-sys@0.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "config@0.15.18", "Name": "config", "Identifier": { "PURL": "pkg:cargo/config@0.15.18", "UID": "da27d1d333648d32", "BOMRef": "pkg:cargo/config@0.15.18" }, "Version": "0.15.18", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "pathdiff@0.2.3", "serde_core@1.0.226", "winnow@0.7.13", "yaml-rust2@0.10.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "console@0.16.0", "Name": "console", "Identifier": { "PURL": "pkg:cargo/console@0.16.0", "UID": "fd8dc1440677000d", "BOMRef": "pkg:cargo/console@0.16.0" }, "Version": "0.16.0", "Licenses": [ "MIT" ], "DependsOn": [ "encode_unicode@1.0.0", "libc@0.2.174", "once_cell@1.21.3", "unicode-width@0.2.0", "windows-sys@0.60.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "console-api@0.8.1", "Name": "console-api", "Identifier": { "PURL": "pkg:cargo/console-api@0.8.1", "UID": "c114324efa7fc504", "BOMRef": "pkg:cargo/console-api@0.8.1" }, "Version": "0.8.1", "Licenses": [ "MIT" ], "DependsOn": [ "futures-core@0.3.31", "prost-types@0.13.1", "prost@0.13.1", "tonic@0.12.3", "tracing-core@0.1.35" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "console-subscriber@0.4.1", "Name": "console-subscriber", "Identifier": { "PURL": "pkg:cargo/console-subscriber@0.4.1", "UID": "3318f99c1cbc6c26", "BOMRef": "pkg:cargo/console-subscriber@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT" ], "DependsOn": [ "console-api@0.8.1", "crossbeam-channel@0.5.15", "crossbeam-utils@0.8.20", "futures-task@0.3.31", "hdrhistogram@7.5.2", "humantime@2.3.0", "hyper-util@0.1.13", "parking_lot@0.12.5", "prost-types@0.13.1", "prost@0.13.1", "serde@1.0.226", "serde_json@1.0.145", "thread_local@1.1.7", "tokio-stream@0.1.17", "tokio@1.48.0", "tonic@0.12.3", "tracing-core@0.1.35", "tracing-subscriber@0.3.22", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "const-oid@0.9.6", "Name": "const-oid", "Identifier": { "PURL": "pkg:cargo/const-oid@0.9.6", "UID": "e4de7b604ac26118", "BOMRef": "pkg:cargo/const-oid@0.9.6" }, "Version": "0.9.6", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "constant_time_eq@0.1.5", "Name": "constant_time_eq", "Identifier": { "PURL": "pkg:cargo/constant_time_eq@0.1.5", "UID": "41b8711246b861e8", "BOMRef": "pkg:cargo/constant_time_eq@0.1.5" }, "Version": "0.1.5", "Licenses": [ "CC0-1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "constant_time_eq@0.4.2", "Name": "constant_time_eq", "Identifier": { "PURL": "pkg:cargo/constant_time_eq@0.4.2", "UID": "4359742727159e00", "BOMRef": "pkg:cargo/constant_time_eq@0.4.2" }, "Version": "0.4.2", "Licenses": [ "CC0-1.0 OR MIT-0 OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "convert_case@0.10.0", "Name": "convert_case", "Identifier": { "PURL": "pkg:cargo/convert_case@0.10.0", "UID": "40debdfff4018c0d", "BOMRef": "pkg:cargo/convert_case@0.10.0" }, "Version": "0.10.0", "Licenses": [ "MIT" ], "DependsOn": [ "unicode-segmentation@1.12.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "convert_case@0.4.0", "Name": "convert_case", "Identifier": { "PURL": "pkg:cargo/convert_case@0.4.0", "UID": "f2e959eb4217f458", "BOMRef": "pkg:cargo/convert_case@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "cookie@0.16.2", "Name": "cookie", "Identifier": { "PURL": "pkg:cargo/cookie@0.16.2", "UID": "48ed42b521de8e66", "BOMRef": "pkg:cargo/cookie@0.16.2" }, "Version": "0.16.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "percent-encoding@2.3.2", "time@0.3.17" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "core-foundation@0.9.4", "Name": "core-foundation", "Identifier": { "PURL": "pkg:cargo/core-foundation@0.9.4", "UID": "ac3b7b9cc96e6dad", "BOMRef": "pkg:cargo/core-foundation@0.9.4" }, "Version": "0.9.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "core-foundation-sys@0.8.7", "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "core-foundation-sys@0.8.7", "Name": "core-foundation-sys", "Identifier": { "PURL": "pkg:cargo/core-foundation-sys@0.8.7", "UID": "f9920e2648cbb869", "BOMRef": "pkg:cargo/core-foundation-sys@0.8.7" }, "Version": "0.8.7", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "core2@0.4.0", "Name": "core2", "Identifier": { "PURL": "pkg:cargo/core2@0.4.0", "UID": "a3bd29a6480448fd", "BOMRef": "pkg:cargo/core2@0.4.0" }, "Version": "0.4.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "count-min-sketch@0.1.8", "Name": "count-min-sketch", "Identifier": { "PURL": "pkg:cargo/count-min-sketch@0.1.8", "UID": "99653c6364d1e279", "BOMRef": "pkg:cargo/count-min-sketch@0.1.8" }, "Version": "0.1.8", "Licenses": [ "MIT" ], "DependsOn": [ "rand@0.8.5", "siphasher@1.0.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "cpp_demangle@0.4.2", "Name": "cpp_demangle", "Identifier": { "PURL": "pkg:cargo/cpp_demangle@0.4.2", "UID": "9a8cbf8bb1cbd34", "BOMRef": "pkg:cargo/cpp_demangle@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "cpufeatures@0.2.17", "Name": "cpufeatures", "Identifier": { "PURL": "pkg:cargo/cpufeatures@0.2.17", "UID": "71d434a3ae6fd8eb", "BOMRef": "pkg:cargo/cpufeatures@0.2.17" }, "Version": "0.2.17", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "crc32c@0.6.8", "Name": "crc32c", "Identifier": { "PURL": "pkg:cargo/crc32c@0.6.8", "UID": "9a579837d8c7074d", "BOMRef": "pkg:cargo/crc32c@0.6.8" }, "Version": "0.6.8", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "crc32fast@1.3.2", "Name": "crc32fast", "Identifier": { "PURL": "pkg:cargo/crc32fast@1.3.2", "UID": "fddd77eee8218629", "BOMRef": "pkg:cargo/crc32fast@1.3.2" }, "Version": "1.3.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "crossbeam-channel@0.5.15", "Name": "crossbeam-channel", "Identifier": { "PURL": "pkg:cargo/crossbeam-channel@0.5.15", "UID": "7f6f3b62418f4094", "BOMRef": "pkg:cargo/crossbeam-channel@0.5.15" }, "Version": "0.5.15", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "crossbeam-utils@0.8.20" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "crossbeam-deque@0.8.2", "Name": "crossbeam-deque", "Identifier": { "PURL": "pkg:cargo/crossbeam-deque@0.8.2", "UID": "f3b3a1e2063202a8", "BOMRef": "pkg:cargo/crossbeam-deque@0.8.2" }, "Version": "0.8.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "crossbeam-epoch@0.9.13", "crossbeam-utils@0.8.20" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "crossbeam-epoch@0.9.13", "Name": "crossbeam-epoch", "Identifier": { "PURL": "pkg:cargo/crossbeam-epoch@0.9.13", "UID": "99d38de033fb1046", "BOMRef": "pkg:cargo/crossbeam-epoch@0.9.13" }, "Version": "0.9.13", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "crossbeam-utils@0.8.20", "memoffset@0.7.1", "scopeguard@1.1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "crossbeam-utils@0.8.20", "Name": "crossbeam-utils", "Identifier": { "PURL": "pkg:cargo/crossbeam-utils@0.8.20", "UID": "b96d1a2504182577", "BOMRef": "pkg:cargo/crossbeam-utils@0.8.20" }, "Version": "0.8.20", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "crunchy@0.2.2", "Name": "crunchy", "Identifier": { "PURL": "pkg:cargo/crunchy@0.2.2", "UID": "2c01ede9f9b73584", "BOMRef": "pkg:cargo/crunchy@0.2.2" }, "Version": "0.2.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "crypto-bigint@0.5.5", "Name": "crypto-bigint", "Identifier": { "PURL": "pkg:cargo/crypto-bigint@0.5.5", "UID": "2a288409b6531c07", "BOMRef": "pkg:cargo/crypto-bigint@0.5.5" }, "Version": "0.5.5", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "generic-array@0.14.9", "rand_core@0.6.4", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "crypto-common@0.1.6", "Name": "crypto-common", "Identifier": { "PURL": "pkg:cargo/crypto-common@0.1.6", "UID": "b336964875b7f89b", "BOMRef": "pkg:cargo/crypto-common@0.1.6" }, "Version": "0.1.6", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "generic-array@0.14.9", "typenum@1.16.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "csv@1.4.0", "Name": "csv", "Identifier": { "PURL": "pkg:cargo/csv@1.4.0", "UID": "a9c7e584b7d4c104", "BOMRef": "pkg:cargo/csv@1.4.0" }, "Version": "1.4.0", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "csv-core@0.1.11", "itoa@1.0.5", "ryu@1.0.12", "serde_core@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "csv-core@0.1.11", "Name": "csv-core", "Identifier": { "PURL": "pkg:cargo/csv-core@0.1.11", "UID": "3e7e96359f031ab7", "BOMRef": "pkg:cargo/csv-core@0.1.11" }, "Version": "0.1.11", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "curve25519-dalek@4.1.3", "Name": "curve25519-dalek", "Identifier": { "PURL": "pkg:cargo/curve25519-dalek@4.1.3", "UID": "56d68e61c62ed59d", "BOMRef": "pkg:cargo/curve25519-dalek@4.1.3" }, "Version": "4.1.3", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "cfg-if@1.0.0", "cpufeatures@0.2.17", "curve25519-dalek-derive@0.1.1", "digest@0.10.7", "fiat-crypto@0.2.9", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "curve25519-dalek-derive@0.1.1", "Name": "curve25519-dalek-derive", "Identifier": { "PURL": "pkg:cargo/curve25519-dalek-derive@0.1.1", "UID": "12cfc19022973a9d", "BOMRef": "pkg:cargo/curve25519-dalek-derive@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "cxx@1.0.85", "Name": "cxx", "Identifier": { "PURL": "pkg:cargo/cxx@1.0.85", "UID": "4aadd3e52766c5a9", "BOMRef": "pkg:cargo/cxx@1.0.85" }, "Version": "1.0.85", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cxxbridge-macro@1.0.85", "link-cplusplus@1.0.8" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "cxxbridge-macro@1.0.85", "Name": "cxxbridge-macro", "Identifier": { "PURL": "pkg:cargo/cxxbridge-macro@1.0.85", "UID": "ec85e12e514a02f5", "BOMRef": "pkg:cargo/cxxbridge-macro@1.0.85" }, "Version": "1.0.85", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "daachorse@1.0.0", "Name": "daachorse", "Identifier": { "PURL": "pkg:cargo/daachorse@1.0.0", "UID": "6dc62f58fa61d7b8", "BOMRef": "pkg:cargo/daachorse@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "darling@0.20.8", "Name": "darling", "Identifier": { "PURL": "pkg:cargo/darling@0.20.8", "UID": "dd8c98ffaf5dc74d", "BOMRef": "pkg:cargo/darling@0.20.8" }, "Version": "0.20.8", "Licenses": [ "MIT" ], "DependsOn": [ "darling_core@0.20.8", "darling_macro@0.20.8" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "darling_core@0.20.8", "Name": "darling_core", "Identifier": { "PURL": "pkg:cargo/darling_core@0.20.8", "UID": "62f791debbd77f90", "BOMRef": "pkg:cargo/darling_core@0.20.8" }, "Version": "0.20.8", "Licenses": [ "MIT" ], "DependsOn": [ "fnv@1.0.7", "ident_case@1.0.1", "proc-macro2@1.0.101", "quote@1.0.42", "strsim@0.10.0", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "darling_macro@0.20.8", "Name": "darling_macro", "Identifier": { "PURL": "pkg:cargo/darling_macro@0.20.8", "UID": "105b9fc8e89c8f53", "BOMRef": "pkg:cargo/darling_macro@0.20.8" }, "Version": "0.20.8", "Licenses": [ "MIT" ], "DependsOn": [ "darling_core@0.20.8", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "dary_heap@0.3.7", "Name": "dary_heap", "Identifier": { "PURL": "pkg:cargo/dary_heap@0.3.7", "UID": "da3bad2e40a8ecb0", "BOMRef": "pkg:cargo/dary_heap@0.3.7" }, "Version": "0.3.7", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "dashmap@6.1.0", "Name": "dashmap", "Identifier": { "PURL": "pkg:cargo/dashmap@6.1.0", "UID": "fac67d8586d9bd8c", "BOMRef": "pkg:cargo/dashmap@6.1.0" }, "Version": "6.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "cfg-if@1.0.0", "crossbeam-utils@0.8.20", "hashbrown@0.14.2", "lock_api@0.4.14", "once_cell@1.21.3", "parking_lot_core@0.9.12" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "data-encoding@2.9.0", "Name": "data-encoding", "Identifier": { "PURL": "pkg:cargo/data-encoding@2.9.0", "UID": "9da6b72f4dadba84", "BOMRef": "pkg:cargo/data-encoding@2.9.0" }, "Version": "2.9.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "debugid@0.8.0", "Name": "debugid", "Identifier": { "PURL": "pkg:cargo/debugid@0.8.0", "UID": "f4abec3e9858ef1c", "BOMRef": "pkg:cargo/debugid@0.8.0" }, "Version": "0.8.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "uuid@1.19.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "delegate@0.13.4", "Name": "delegate", "Identifier": { "PURL": "pkg:cargo/delegate@0.13.4", "UID": "211750b4ca8da6be", "BOMRef": "pkg:cargo/delegate@0.13.4" }, "Version": "0.13.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "der@0.7.10", "Name": "der", "Identifier": { "PURL": "pkg:cargo/der@0.7.10", "UID": "fe4fd7a29360b02", "BOMRef": "pkg:cargo/der@0.7.10" }, "Version": "0.7.10", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "const-oid@0.9.6", "pem-rfc7468@0.7.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "derive_more@0.99.17", "Name": "derive_more", "Identifier": { "PURL": "pkg:cargo/derive_more@0.99.17", "UID": "414002e4f826908", "BOMRef": "pkg:cargo/derive_more@0.99.17" }, "Version": "0.99.17", "Licenses": [ "MIT" ], "DependsOn": [ "convert_case@0.4.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "derive_more@2.1.0", "Name": "derive_more", "Identifier": { "PURL": "pkg:cargo/derive_more@2.1.0", "UID": "880f9704704ace44", "BOMRef": "pkg:cargo/derive_more@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "derive_more-impl@2.1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "derive_more-impl@2.1.0", "Name": "derive_more-impl", "Identifier": { "PURL": "pkg:cargo/derive_more-impl@2.1.0", "UID": "cc9c7359754cb9f2", "BOMRef": "pkg:cargo/derive_more-impl@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "convert_case@0.10.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111", "unicode-xid@0.2.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "digest@0.10.7", "Name": "digest", "Identifier": { "PURL": "pkg:cargo/digest@0.10.7", "UID": "3bf953101bb278a2", "BOMRef": "pkg:cargo/digest@0.10.7" }, "Version": "0.10.7", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "block-buffer@0.10.3", "const-oid@0.9.6", "crypto-common@0.1.6", "subtle@2.5.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "displaydoc@0.2.5", "Name": "displaydoc", "Identifier": { "PURL": "pkg:cargo/displaydoc@0.2.5", "UID": "c6d4ddfc0b275673", "BOMRef": "pkg:cargo/displaydoc@0.2.5" }, "Version": "0.2.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "docopt@1.1.1", "Name": "docopt", "Identifier": { "PURL": "pkg:cargo/docopt@1.1.1", "UID": "eec7af2b4a4511e1", "BOMRef": "pkg:cargo/docopt@1.1.1" }, "Version": "1.1.1", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "lazy_static@1.5.0", "regex@1.11.0", "serde@1.0.226", "strsim@0.10.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "dyn-clone@1.0.10", "Name": "dyn-clone", "Identifier": { "PURL": "pkg:cargo/dyn-clone@1.0.10", "UID": "88e0f9b6c85c423e", "BOMRef": "pkg:cargo/dyn-clone@1.0.10" }, "Version": "1.0.10", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "dyn_size_of@0.4.2", "Name": "dyn_size_of", "Identifier": { "PURL": "pkg:cargo/dyn_size_of@0.4.2", "UID": "2786fe86460b43cf", "BOMRef": "pkg:cargo/dyn_size_of@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "earcutr@0.4.2", "Name": "earcutr", "Identifier": { "PURL": "pkg:cargo/earcutr@0.4.2", "UID": "4559c38b590b8510", "BOMRef": "pkg:cargo/earcutr@0.4.2" }, "Version": "0.4.2", "Licenses": [ "ISC" ], "DependsOn": [ "itertools@0.10.5", "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ecdsa@0.16.9", "Name": "ecdsa", "Identifier": { "PURL": "pkg:cargo/ecdsa@0.16.9", "UID": "21eb7da4b9210055", "BOMRef": "pkg:cargo/ecdsa@0.16.9" }, "Version": "0.16.9", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "der@0.7.10", "digest@0.10.7", "elliptic-curve@0.13.8", "rfc6979@0.4.0", "signature@2.2.0", "spki@0.7.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ecow@0.2.6", "Name": "ecow", "Identifier": { "PURL": "pkg:cargo/ecow@0.2.6", "UID": "9b7139e6b66afa87", "BOMRef": "pkg:cargo/ecow@0.2.6" }, "Version": "0.2.6", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ed25519@2.2.3", "Name": "ed25519", "Identifier": { "PURL": "pkg:cargo/ed25519@2.2.3", "UID": "97e687cc352b78d5", "BOMRef": "pkg:cargo/ed25519@2.2.3" }, "Version": "2.2.3", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "pkcs8@0.10.2", "signature@2.2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ed25519-dalek@2.2.0", "Name": "ed25519-dalek", "Identifier": { "PURL": "pkg:cargo/ed25519-dalek@2.2.0", "UID": "7b0a00b46e9f1f00", "BOMRef": "pkg:cargo/ed25519-dalek@2.2.0" }, "Version": "2.2.0", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "curve25519-dalek@4.1.3", "ed25519@2.2.3", "serde@1.0.226", "sha2@0.10.9", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "either@1.13.0", "Name": "either", "Identifier": { "PURL": "pkg:cargo/either@1.13.0", "UID": "fa8e00cb46e14b65", "BOMRef": "pkg:cargo/either@1.13.0" }, "Version": "1.13.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "elliptic-curve@0.13.8", "Name": "elliptic-curve", "Identifier": { "PURL": "pkg:cargo/elliptic-curve@0.13.8", "UID": "d15800e07987a941", "BOMRef": "pkg:cargo/elliptic-curve@0.13.8" }, "Version": "0.13.8", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "base16ct@0.2.0", "crypto-bigint@0.5.5", "digest@0.10.7", "ff@0.13.1", "generic-array@0.14.9", "group@0.13.0", "hkdf@0.12.4", "pem-rfc7468@0.7.0", "pkcs8@0.10.2", "rand_core@0.6.4", "sec1@0.7.3", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "encode_unicode@1.0.0", "Name": "encode_unicode", "Identifier": { "PURL": "pkg:cargo/encode_unicode@1.0.0", "UID": "3a5ddbfe77c530a0", "BOMRef": "pkg:cargo/encode_unicode@1.0.0" }, "Version": "1.0.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "encoding_rs@0.8.33", "Name": "encoding_rs", "Identifier": { "PURL": "pkg:cargo/encoding_rs@0.8.33", "UID": "5bc5a9d8147cce4", "BOMRef": "pkg:cargo/encoding_rs@0.8.33" }, "Version": "0.8.33", "Licenses": [ "(Apache-2.0 OR MIT) AND BSD-3-Clause" ], "DependsOn": [ "cfg-if@1.0.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "env_filter@0.1.0", "Name": "env_filter", "Identifier": { "PURL": "pkg:cargo/env_filter@0.1.0", "UID": "499a185e35f9d6b5", "BOMRef": "pkg:cargo/env_filter@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "log@0.4.29", "regex@1.11.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "env_logger@0.11.8", "Name": "env_logger", "Identifier": { "PURL": "pkg:cargo/env_logger@0.11.8", "UID": "578e4e327f700afd", "BOMRef": "pkg:cargo/env_logger@0.11.8" }, "Version": "0.11.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "anstream@0.6.11", "anstyle@1.0.8", "env_filter@0.1.0", "jiff@0.2.15", "log@0.4.29" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "equator@0.2.2", "Name": "equator", "Identifier": { "PURL": "pkg:cargo/equator@0.2.2", "UID": "5e490bc7266e5aa4", "BOMRef": "pkg:cargo/equator@0.2.2" }, "Version": "0.2.2", "Licenses": [ "MIT" ], "DependsOn": [ "equator-macro@0.2.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "equator-macro@0.2.1", "Name": "equator-macro", "Identifier": { "PURL": "pkg:cargo/equator-macro@0.2.1", "UID": "5000a89d803e06b4", "BOMRef": "pkg:cargo/equator-macro@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "equivalent@1.0.1", "Name": "equivalent", "Identifier": { "PURL": "pkg:cargo/equivalent@1.0.1", "UID": "5cc65e32e3f4f21c", "BOMRef": "pkg:cargo/equivalent@1.0.1" }, "Version": "1.0.1", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "erased-serde@0.3.31", "Name": "erased-serde", "Identifier": { "PURL": "pkg:cargo/erased-serde@0.3.31", "UID": "85cf7718d2c6b111", "BOMRef": "pkg:cargo/erased-serde@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "erased-serde@0.4.2", "Name": "erased-serde", "Identifier": { "PURL": "pkg:cargo/erased-serde@0.4.2", "UID": "7b50f4d2f0d6a", "BOMRef": "pkg:cargo/erased-serde@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "errno@0.3.10", "Name": "errno", "Identifier": { "PURL": "pkg:cargo/errno@0.3.10", "UID": "46d80962c40e7f7a", "BOMRef": "pkg:cargo/errno@0.3.10" }, "Version": "0.3.10", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "windows-sys@0.59.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "faccess@0.2.4", "Name": "faccess", "Identifier": { "PURL": "pkg:cargo/faccess@0.2.4", "UID": "147f882ab7c6a5d9", "BOMRef": "pkg:cargo/faccess@0.2.4" }, "Version": "0.2.4", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@1.3.2", "libc@0.2.174", "winapi@0.3.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "fastrand@2.2.0", "Name": "fastrand", "Identifier": { "PURL": "pkg:cargo/fastrand@2.2.0", "UID": "9e7bada7dfa21254", "BOMRef": "pkg:cargo/fastrand@2.2.0" }, "Version": "2.2.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ff@0.13.1", "Name": "ff", "Identifier": { "PURL": "pkg:cargo/ff@0.13.1", "UID": "b9c6723c3d59d4e7", "BOMRef": "pkg:cargo/ff@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rand_core@0.6.4", "subtle@2.5.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "fiat-crypto@0.2.9", "Name": "fiat-crypto", "Identifier": { "PURL": "pkg:cargo/fiat-crypto@0.2.9", "UID": "a8006c38b570d350", "BOMRef": "pkg:cargo/fiat-crypto@0.2.9" }, "Version": "0.2.9", "Licenses": [ "MIT OR Apache-2.0 OR BSD-1-Clause" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "filetime@0.2.19", "Name": "filetime", "Identifier": { "PURL": "pkg:cargo/filetime@0.2.19", "UID": "7dbc7dd407e836ab", "BOMRef": "pkg:cargo/filetime@0.2.19" }, "Version": "0.2.19", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "libc@0.2.174", "redox_syscall@0.2.16", "windows-sys@0.42.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "findshlibs@0.10.2", "Name": "findshlibs", "Identifier": { "PURL": "pkg:cargo/findshlibs@0.10.2", "UID": "cca865b6c94e9344", "BOMRef": "pkg:cargo/findshlibs@0.10.2" }, "Version": "0.10.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "lazy_static@1.5.0", "libc@0.2.174", "winapi@0.3.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "fixedbitset@0.4.2", "Name": "fixedbitset", "Identifier": { "PURL": "pkg:cargo/fixedbitset@0.4.2", "UID": "9eb58192de2a8b22", "BOMRef": "pkg:cargo/fixedbitset@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "flate2@1.1.5", "Name": "flate2", "Identifier": { "PURL": "pkg:cargo/flate2@1.1.5", "UID": "1078a2a950ae27c0", "BOMRef": "pkg:cargo/flate2@1.1.5" }, "Version": "1.1.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "crc32fast@1.3.2", "miniz_oxide@0.8.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "float_next_after@1.0.0", "Name": "float_next_after", "Identifier": { "PURL": "pkg:cargo/float_next_after@1.0.0", "UID": "514b94fab57d7f44", "BOMRef": "pkg:cargo/float_next_after@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "fnv@1.0.7", "Name": "fnv", "Identifier": { "PURL": "pkg:cargo/fnv@1.0.7", "UID": "926c48782c129934", "BOMRef": "pkg:cargo/fnv@1.0.7" }, "Version": "1.0.7", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "foldhash@0.1.4", "Name": "foldhash", "Identifier": { "PURL": "pkg:cargo/foldhash@0.1.4", "UID": "d9c279770ce53ab5", "BOMRef": "pkg:cargo/foldhash@0.1.4" }, "Version": "0.1.4", "Licenses": [ "Zlib" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "foreign-types@0.5.0", "Name": "foreign-types", "Identifier": { "PURL": "pkg:cargo/foreign-types@0.5.0", "UID": "d4d4d381c4081486", "BOMRef": "pkg:cargo/foreign-types@0.5.0" }, "Version": "0.5.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "foreign-types-macros@0.2.3", "foreign-types-shared@0.3.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "foreign-types-macros@0.2.3", "Name": "foreign-types-macros", "Identifier": { "PURL": "pkg:cargo/foreign-types-macros@0.2.3", "UID": "7cb8e5791136a74a", "BOMRef": "pkg:cargo/foreign-types-macros@0.2.3" }, "Version": "0.2.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "foreign-types-shared@0.3.1", "Name": "foreign-types-shared", "Identifier": { "PURL": "pkg:cargo/foreign-types-shared@0.3.1", "UID": "10afbf1c5258d9a1", "BOMRef": "pkg:cargo/foreign-types-shared@0.3.1" }, "Version": "0.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "form_urlencoded@1.2.2", "Name": "form_urlencoded", "Identifier": { "PURL": "pkg:cargo/form_urlencoded@1.2.2", "UID": "aa66165916812f63", "BOMRef": "pkg:cargo/form_urlencoded@1.2.2" }, "Version": "1.2.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "percent-encoding@2.3.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "fs-err@3.2.0", "Name": "fs-err", "Identifier": { "PURL": "pkg:cargo/fs-err@3.2.0", "UID": "59f75c5d70cf96e9", "BOMRef": "pkg:cargo/fs-err@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "path_facts@0.2.1", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "fs4@0.13.1", "Name": "fs4", "Identifier": { "PURL": "pkg:cargo/fs4@0.13.1", "UID": "309fd1faa5091caa", "BOMRef": "pkg:cargo/fs4@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rustix@1.0.2", "windows-sys@0.59.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "fs_extra@1.3.0", "Name": "fs_extra", "Identifier": { "PURL": "pkg:cargo/fs_extra@1.3.0", "UID": "7247be63ee35a271", "BOMRef": "pkg:cargo/fs_extra@1.3.0" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "fst@0.4.7", "Name": "fst", "Identifier": { "PURL": "pkg:cargo/fst@0.4.7", "UID": "a80f1f20954d3ce8", "BOMRef": "pkg:cargo/fst@0.4.7" }, "Version": "0.4.7", "Licenses": [ "Unlicense OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "funty@2.0.0", "Name": "funty", "Identifier": { "PURL": "pkg:cargo/funty@2.0.0", "UID": "b7cd24c9c61a5237", "BOMRef": "pkg:cargo/funty@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "futures@0.3.31", "Name": "futures", "Identifier": { "PURL": "pkg:cargo/futures@0.3.31", "UID": "524860b85b6be1fa", "BOMRef": "pkg:cargo/futures@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-channel@0.3.31", "futures-core@0.3.31", "futures-executor@0.3.31", "futures-io@0.3.31", "futures-sink@0.3.31", "futures-task@0.3.31", "futures-util@0.3.31" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "futures-channel@0.3.31", "Name": "futures-channel", "Identifier": { "PURL": "pkg:cargo/futures-channel@0.3.31", "UID": "bf34216bf8e9d6c1", "BOMRef": "pkg:cargo/futures-channel@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31", "futures-sink@0.3.31" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "futures-core@0.3.31", "Name": "futures-core", "Identifier": { "PURL": "pkg:cargo/futures-core@0.3.31", "UID": "d8d2fa3197649698", "BOMRef": "pkg:cargo/futures-core@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "futures-executor@0.3.31", "Name": "futures-executor", "Identifier": { "PURL": "pkg:cargo/futures-executor@0.3.31", "UID": "4695406b43d2b9fb", "BOMRef": "pkg:cargo/futures-executor@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31", "futures-task@0.3.31", "futures-util@0.3.31" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "futures-io@0.3.31", "Name": "futures-io", "Identifier": { "PURL": "pkg:cargo/futures-io@0.3.31", "UID": "d1ed9d77d16ebf89", "BOMRef": "pkg:cargo/futures-io@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "futures-macro@0.3.31", "Name": "futures-macro", "Identifier": { "PURL": "pkg:cargo/futures-macro@0.3.31", "UID": "30ea6a9fefe48082", "BOMRef": "pkg:cargo/futures-macro@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "futures-sink@0.3.31", "Name": "futures-sink", "Identifier": { "PURL": "pkg:cargo/futures-sink@0.3.31", "UID": "4a959dc0627a5201", "BOMRef": "pkg:cargo/futures-sink@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "futures-task@0.3.31", "Name": "futures-task", "Identifier": { "PURL": "pkg:cargo/futures-task@0.3.31", "UID": "436d37c834e2b195", "BOMRef": "pkg:cargo/futures-task@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "futures-util@0.3.31", "Name": "futures-util", "Identifier": { "PURL": "pkg:cargo/futures-util@0.3.31", "UID": "6fdb7acbd1c5d072", "BOMRef": "pkg:cargo/futures-util@0.3.31" }, "Version": "0.3.31", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-channel@0.3.31", "futures-core@0.3.31", "futures-io@0.3.31", "futures-macro@0.3.31", "futures-sink@0.3.31", "futures-task@0.3.31", "memchr@2.7.4", "pin-project-lite@0.2.12", "pin-utils@0.1.0", "slab@0.4.11" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "fxhash@0.2.1", "Name": "fxhash", "Identifier": { "PURL": "pkg:cargo/fxhash@0.2.1", "UID": "68385c33eeaaf22e", "BOMRef": "pkg:cargo/fxhash@0.2.1" }, "Version": "0.2.1", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "byteorder@1.5.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "generator@0.7.4", "Name": "generator", "Identifier": { "PURL": "pkg:cargo/generator@0.7.4", "UID": "ed61b2dfcc4f3e7b", "BOMRef": "pkg:cargo/generator@0.7.4" }, "Version": "0.7.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "log@0.4.29", "windows@0.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "generic-array@0.14.9", "Name": "generic-array", "Identifier": { "PURL": "pkg:cargo/generic-array@0.14.9", "UID": "a23c99b13bcfe17d", "BOMRef": "pkg:cargo/generic-array@0.14.9" }, "Version": "0.14.9", "Licenses": [ "MIT" ], "DependsOn": [ "typenum@1.16.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "geo@0.32.0", "Name": "geo", "Identifier": { "PURL": "pkg:cargo/geo@0.32.0", "UID": "98e29c34ecceb23", "BOMRef": "pkg:cargo/geo@0.32.0" }, "Version": "0.32.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "earcutr@0.4.2", "float_next_after@1.0.0", "geo-types@0.7.18", "geographiclib-rs@0.2.3", "i_overlay@4.0.2", "log@0.4.29", "num-traits@0.2.19", "rand@0.8.5", "robust@1.1.0", "rstar@0.12.0", "sif-itree@0.4.0", "spade@2.12.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "geo-types@0.7.18", "Name": "geo-types", "Identifier": { "PURL": "pkg:cargo/geo-types@0.7.18", "UID": "fd28f0f2021ee2ac", "BOMRef": "pkg:cargo/geo-types@0.7.18" }, "Version": "0.7.18", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "approx@0.5.1", "num-traits@0.2.19", "rayon@1.11.0", "rstar@0.12.0", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "geographiclib-rs@0.2.3", "Name": "geographiclib-rs", "Identifier": { "PURL": "pkg:cargo/geographiclib-rs@0.2.3", "UID": "2ee988ce94f34541", "BOMRef": "pkg:cargo/geographiclib-rs@0.2.3" }, "Version": "0.2.3", "Licenses": [ "MIT" ], "DependsOn": [ "lazy_static@1.5.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "geohash@0.13.1", "Name": "geohash", "Identifier": { "PURL": "pkg:cargo/geohash@0.13.1", "UID": "b22dc6420a3ce721", "BOMRef": "pkg:cargo/geohash@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "geo-types@0.7.18", "libm@0.2.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "getrandom@0.1.16", "Name": "getrandom", "Identifier": { "PURL": "pkg:cargo/getrandom@0.1.16", "UID": "e5d71a2c97cf1f30", "BOMRef": "pkg:cargo/getrandom@0.1.16" }, "Version": "0.1.16", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "libc@0.2.174", "wasi@0.9.0+wasi-snapshot-preview1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "getrandom@0.2.11", "Name": "getrandom", "Identifier": { "PURL": "pkg:cargo/getrandom@0.2.11", "UID": "b638b7fae9686c62", "BOMRef": "pkg:cargo/getrandom@0.2.11" }, "Version": "0.2.11", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "libc@0.2.174", "wasi@0.11.0+wasi-snapshot-preview1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "getrandom@0.3.0", "Name": "getrandom", "Identifier": { "PURL": "pkg:cargo/getrandom@0.3.0", "UID": "69950196c7af8c33", "BOMRef": "pkg:cargo/getrandom@0.3.0" }, "Version": "0.3.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "libc@0.2.174", "wasi@0.13.3+wasi-0.2.2", "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "getset@0.1.2", "Name": "getset", "Identifier": { "PURL": "pkg:cargo/getset@0.1.2", "UID": "553df45f6badb139", "BOMRef": "pkg:cargo/getset@0.1.2" }, "Version": "0.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro-error@1.0.4", "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "gimli@0.27.0", "Name": "gimli", "Identifier": { "PURL": "pkg:cargo/gimli@0.27.0", "UID": "e1ae25fd7d3588e7", "BOMRef": "pkg:cargo/gimli@0.27.0" }, "Version": "0.27.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "gpu-allocator@0.27.0", "Name": "gpu-allocator", "Identifier": { "PURL": "pkg:cargo/gpu-allocator@0.27.0", "UID": "cb2e5960dd1849fc", "BOMRef": "pkg:cargo/gpu-allocator@0.27.0" }, "Version": "0.27.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ash@0.38.0+1.3.281", "log@0.4.29", "presser@0.3.1", "thiserror@1.0.69", "windows@0.57.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "group@0.13.0", "Name": "group", "Identifier": { "PURL": "pkg:cargo/group@0.13.0", "UID": "69f587826d464ecd", "BOMRef": "pkg:cargo/group@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ff@0.13.1", "rand_core@0.6.4", "subtle@2.5.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "h2@0.3.27", "Name": "h2", "Identifier": { "PURL": "pkg:cargo/h2@0.3.27", "UID": "1d3d5308cb968b01", "BOMRef": "pkg:cargo/h2@0.3.27" }, "Version": "0.3.27", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "fnv@1.0.7", "futures-core@0.3.31", "futures-sink@0.3.31", "futures-util@0.3.31", "http@0.2.12", "indexmap@2.12.1", "slab@0.4.11", "tokio-util@0.7.17", "tokio@1.48.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "h2@0.4.4", "Name": "h2", "Identifier": { "PURL": "pkg:cargo/h2@0.4.4", "UID": "1675a5bbf424359", "BOMRef": "pkg:cargo/h2@0.4.4" }, "Version": "0.4.4", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "fnv@1.0.7", "futures-core@0.3.31", "futures-sink@0.3.31", "futures-util@0.3.31", "http@1.3.1", "indexmap@2.12.1", "slab@0.4.11", "tokio-util@0.7.17", "tokio@1.48.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "half@1.8.2", "Name": "half", "Identifier": { "PURL": "pkg:cargo/half@1.8.2", "UID": "da3e978411ca3f8a", "BOMRef": "pkg:cargo/half@1.8.2" }, "Version": "1.8.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "half@2.7.1", "Name": "half", "Identifier": { "PURL": "pkg:cargo/half@2.7.1", "UID": "d934301a30e4dfe5", "BOMRef": "pkg:cargo/half@2.7.1" }, "Version": "2.7.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "crunchy@0.2.2", "num-traits@0.2.19", "serde@1.0.226", "zerocopy@0.8.31" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hash32@0.3.1", "Name": "hash32", "Identifier": { "PURL": "pkg:cargo/hash32@0.3.1", "UID": "aba809b4c6092bf9", "BOMRef": "pkg:cargo/hash32@0.3.1" }, "Version": "0.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "byteorder@1.5.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hashbrown@0.12.3", "Name": "hashbrown", "Identifier": { "PURL": "pkg:cargo/hashbrown@0.12.3", "UID": "71e69b76cfc00c2b", "BOMRef": "pkg:cargo/hashbrown@0.12.3" }, "Version": "0.12.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hashbrown@0.14.2", "Name": "hashbrown", "Identifier": { "PURL": "pkg:cargo/hashbrown@0.14.2", "UID": "e65b81d5c11c322", "BOMRef": "pkg:cargo/hashbrown@0.14.2" }, "Version": "0.14.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ahash@0.8.11", "allocator-api2@0.2.16" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hashbrown@0.15.2", "Name": "hashbrown", "Identifier": { "PURL": "pkg:cargo/hashbrown@0.15.2", "UID": "bb1b2c988a288ef0", "BOMRef": "pkg:cargo/hashbrown@0.15.2" }, "Version": "0.15.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "allocator-api2@0.2.16", "equivalent@1.0.1", "foldhash@0.1.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hashbrown@0.16.1", "Name": "hashbrown", "Identifier": { "PURL": "pkg:cargo/hashbrown@0.16.1", "UID": "57c98b98047b925e", "BOMRef": "pkg:cargo/hashbrown@0.16.1" }, "Version": "0.16.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hashlink@0.10.0", "Name": "hashlink", "Identifier": { "PURL": "pkg:cargo/hashlink@0.10.0", "UID": "8f6542e5cbb2485d", "BOMRef": "pkg:cargo/hashlink@0.10.0" }, "Version": "0.10.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hashbrown@0.15.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hashring@0.3.6", "Name": "hashring", "Identifier": { "PURL": "pkg:cargo/hashring@0.3.6", "UID": "929a18167be50e26", "BOMRef": "pkg:cargo/hashring@0.3.6" }, "Version": "0.3.6", "Licenses": [ "MIT" ], "DependsOn": [ "siphasher@0.3.10" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hdrhistogram@7.5.2", "Name": "hdrhistogram", "Identifier": { "PURL": "pkg:cargo/hdrhistogram@7.5.2", "UID": "f84b501f23a46cc0", "BOMRef": "pkg:cargo/hdrhistogram@7.5.2" }, "Version": "7.5.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "base64@0.13.1", "byteorder@1.5.0", "flate2@1.1.5", "nom@7.1.3", "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "heapless@0.8.0", "Name": "heapless", "Identifier": { "PURL": "pkg:cargo/heapless@0.8.0", "UID": "7dedc38c54f5cf52", "BOMRef": "pkg:cargo/heapless@0.8.0" }, "Version": "0.8.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hash32@0.3.1", "stable_deref_trait@1.2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "heck@0.5.0", "Name": "heck", "Identifier": { "PURL": "pkg:cargo/heck@0.5.0", "UID": "30b42617a1ed2399", "BOMRef": "pkg:cargo/heck@0.5.0" }, "Version": "0.5.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hermit-abi@0.3.9", "Name": "hermit-abi", "Identifier": { "PURL": "pkg:cargo/hermit-abi@0.3.9", "UID": "bb74f276e15711ee", "BOMRef": "pkg:cargo/hermit-abi@0.3.9" }, "Version": "0.3.9", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hermit-abi@0.5.1", "Name": "hermit-abi", "Identifier": { "PURL": "pkg:cargo/hermit-abi@0.5.1", "UID": "98350227b2ce9cb6", "BOMRef": "pkg:cargo/hermit-abi@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hex@0.4.3", "Name": "hex", "Identifier": { "PURL": "pkg:cargo/hex@0.4.3", "UID": "6f7b29133b749007", "BOMRef": "pkg:cargo/hex@0.4.3" }, "Version": "0.4.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hkdf@0.12.4", "Name": "hkdf", "Identifier": { "PURL": "pkg:cargo/hkdf@0.12.4", "UID": "51350da3695fa53c", "BOMRef": "pkg:cargo/hkdf@0.12.4" }, "Version": "0.12.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hmac@0.12.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hmac@0.12.1", "Name": "hmac", "Identifier": { "PURL": "pkg:cargo/hmac@0.12.1", "UID": "4c752a9d3eb3bca8", "BOMRef": "pkg:cargo/hmac@0.12.1" }, "Version": "0.12.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "digest@0.10.7" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "http@0.2.12", "Name": "http", "Identifier": { "PURL": "pkg:cargo/http@0.2.12", "UID": "86dcb4bd2cc50bdc", "BOMRef": "pkg:cargo/http@0.2.12" }, "Version": "0.2.12", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "fnv@1.0.7", "itoa@1.0.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "http@1.3.1", "Name": "http", "Identifier": { "PURL": "pkg:cargo/http@1.3.1", "UID": "4a3bc05a88d8535c", "BOMRef": "pkg:cargo/http@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "fnv@1.0.7", "itoa@1.0.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "http-body@0.4.5", "Name": "http-body", "Identifier": { "PURL": "pkg:cargo/http-body@0.4.5", "UID": "b322390de11d5fc3", "BOMRef": "pkg:cargo/http-body@0.4.5" }, "Version": "0.4.5", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "http@0.2.12", "pin-project-lite@0.2.12" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "http-body@1.0.0", "Name": "http-body", "Identifier": { "PURL": "pkg:cargo/http-body@1.0.0", "UID": "1dbc0ed224621770", "BOMRef": "pkg:cargo/http-body@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "http@1.3.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "http-body-util@0.1.2", "Name": "http-body-util", "Identifier": { "PURL": "pkg:cargo/http-body-util@0.1.2", "UID": "a61c4045e45dce48", "BOMRef": "pkg:cargo/http-body-util@0.1.2" }, "Version": "0.1.2", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "futures-util@0.3.31", "http-body@1.0.0", "http@1.3.1", "pin-project-lite@0.2.12" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "http-range@0.1.5", "Name": "http-range", "Identifier": { "PURL": "pkg:cargo/http-range@0.1.5", "UID": "621348b38e34157d", "BOMRef": "pkg:cargo/http-range@0.1.5" }, "Version": "0.1.5", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "http-serde@2.1.1", "Name": "http-serde", "Identifier": { "PURL": "pkg:cargo/http-serde@2.1.1", "UID": "5be7d3cc585673c0", "BOMRef": "pkg:cargo/http-serde@2.1.1" }, "Version": "2.1.1", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "http@1.3.1", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "httparse@1.10.1", "Name": "httparse", "Identifier": { "PURL": "pkg:cargo/httparse@1.10.1", "UID": "eb98a0d0ce0360e6", "BOMRef": "pkg:cargo/httparse@1.10.1" }, "Version": "1.10.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "httpdate@1.0.2", "Name": "httpdate", "Identifier": { "PURL": "pkg:cargo/httpdate@1.0.2", "UID": "23f459dc89ba218c", "BOMRef": "pkg:cargo/httpdate@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "humantime@2.3.0", "Name": "humantime", "Identifier": { "PURL": "pkg:cargo/humantime@2.3.0", "UID": "56f827c6d792f799", "BOMRef": "pkg:cargo/humantime@2.3.0" }, "Version": "2.3.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hyper@0.14.26", "Name": "hyper", "Identifier": { "PURL": "pkg:cargo/hyper@0.14.26", "UID": "26efb489b621a7", "BOMRef": "pkg:cargo/hyper@0.14.26" }, "Version": "0.14.26", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "futures-channel@0.3.31", "futures-core@0.3.31", "futures-util@0.3.31", "h2@0.3.27", "http-body@0.4.5", "http@0.2.12", "httparse@1.10.1", "httpdate@1.0.2", "itoa@1.0.5", "pin-project-lite@0.2.12", "socket2@0.4.9", "tokio@1.48.0", "tower-service@0.3.3", "tracing@0.1.43", "want@0.3.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hyper@1.6.0", "Name": "hyper", "Identifier": { "PURL": "pkg:cargo/hyper@1.6.0", "UID": "5646304c76c5d8ef", "BOMRef": "pkg:cargo/hyper@1.6.0" }, "Version": "1.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "futures-channel@0.3.31", "futures-util@0.3.31", "h2@0.4.4", "http-body@1.0.0", "http@1.3.1", "httparse@1.10.1", "httpdate@1.0.2", "itoa@1.0.5", "pin-project-lite@0.2.12", "smallvec@1.15.1", "tokio@1.48.0", "want@0.3.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hyper-rustls@0.27.2", "Name": "hyper-rustls", "Identifier": { "PURL": "pkg:cargo/hyper-rustls@0.27.2", "UID": "2558b57585c7c9bd", "BOMRef": "pkg:cargo/hyper-rustls@0.27.2" }, "Version": "0.27.2", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "futures-util@0.3.31", "http@1.3.1", "hyper-util@0.1.13", "hyper@1.6.0", "rustls-native-certs@0.7.0", "rustls-pki-types@1.13.1", "rustls@0.23.35", "tokio-rustls@0.26.0", "tokio@1.48.0", "tower-service@0.3.3", "webpki-roots@0.26.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hyper-timeout@0.4.1", "Name": "hyper-timeout", "Identifier": { "PURL": "pkg:cargo/hyper-timeout@0.4.1", "UID": "60a3c682a3f726fd", "BOMRef": "pkg:cargo/hyper-timeout@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hyper@0.14.26", "pin-project-lite@0.2.12", "tokio-io-timeout@1.2.0", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hyper-timeout@0.5.1", "Name": "hyper-timeout", "Identifier": { "PURL": "pkg:cargo/hyper-timeout@0.5.1", "UID": "98dcec4e192f2a71", "BOMRef": "pkg:cargo/hyper-timeout@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hyper-util@0.1.13", "hyper@1.6.0", "pin-project-lite@0.2.12", "tokio@1.48.0", "tower-service@0.3.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "hyper-util@0.1.13", "Name": "hyper-util", "Identifier": { "PURL": "pkg:cargo/hyper-util@0.1.13", "UID": "3f3b640d60347d73", "BOMRef": "pkg:cargo/hyper-util@0.1.13" }, "Version": "0.1.13", "Licenses": [ "MIT" ], "DependsOn": [ "base64@0.22.0", "bytes@1.10.1", "futures-channel@0.3.31", "futures-core@0.3.31", "futures-util@0.3.31", "http-body@1.0.0", "http@1.3.1", "hyper@1.6.0", "ipnet@2.11.0", "libc@0.2.174", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "socket2@0.5.10", "tokio@1.48.0", "tower-service@0.3.3", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "i_float@1.15.0", "Name": "i_float", "Identifier": { "PURL": "pkg:cargo/i_float@1.15.0", "UID": "99544ee38028cc8", "BOMRef": "pkg:cargo/i_float@1.15.0" }, "Version": "1.15.0", "Licenses": [ "MIT" ], "DependsOn": [ "libm@0.2.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "i_key_sort@0.6.0", "Name": "i_key_sort", "Identifier": { "PURL": "pkg:cargo/i_key_sort@0.6.0", "UID": "1ba241cb026d0061", "BOMRef": "pkg:cargo/i_key_sort@0.6.0" }, "Version": "0.6.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "i_overlay@4.0.2", "Name": "i_overlay", "Identifier": { "PURL": "pkg:cargo/i_overlay@4.0.2", "UID": "6d59102d38fc29d0", "BOMRef": "pkg:cargo/i_overlay@4.0.2" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "DependsOn": [ "i_float@1.15.0", "i_key_sort@0.6.0", "i_shape@1.14.0", "i_tree@0.16.0", "rayon@1.11.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "i_shape@1.14.0", "Name": "i_shape", "Identifier": { "PURL": "pkg:cargo/i_shape@1.14.0", "UID": "d6e83b369228d85e", "BOMRef": "pkg:cargo/i_shape@1.14.0" }, "Version": "1.14.0", "Licenses": [ "MIT" ], "DependsOn": [ "i_float@1.15.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "i_tree@0.16.0", "Name": "i_tree", "Identifier": { "PURL": "pkg:cargo/i_tree@0.16.0", "UID": "ba56651dabbf314d", "BOMRef": "pkg:cargo/i_tree@0.16.0" }, "Version": "0.16.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "iana-time-zone@0.1.53", "Name": "iana-time-zone", "Identifier": { "PURL": "pkg:cargo/iana-time-zone@0.1.53", "UID": "ec2e3aad6c542377", "BOMRef": "pkg:cargo/iana-time-zone@0.1.53" }, "Version": "0.1.53", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "android_system_properties@0.1.5", "core-foundation-sys@0.8.7", "iana-time-zone-haiku@0.1.1", "js-sys@0.3.77", "wasm-bindgen@0.2.100", "winapi@0.3.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "iana-time-zone-haiku@0.1.1", "Name": "iana-time-zone-haiku", "Identifier": { "PURL": "pkg:cargo/iana-time-zone-haiku@0.1.1", "UID": "5aee01cec7c17b71", "BOMRef": "pkg:cargo/iana-time-zone-haiku@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cxx@1.0.85" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "icu_collections@1.5.0", "Name": "icu_collections", "Identifier": { "PURL": "pkg:cargo/icu_collections@1.5.0", "UID": "d08ef005050972da", "BOMRef": "pkg:cargo/icu_collections@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "yoke@0.7.4", "zerofrom@0.1.4", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "icu_locid@1.5.0", "Name": "icu_locid", "Identifier": { "PURL": "pkg:cargo/icu_locid@1.5.0", "UID": "7ee09c425d763b23", "BOMRef": "pkg:cargo/icu_locid@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "litemap@0.7.3", "tinystr@0.7.6", "writeable@0.5.5", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "icu_locid_transform@1.5.0", "Name": "icu_locid_transform", "Identifier": { "PURL": "pkg:cargo/icu_locid_transform@1.5.0", "UID": "f059447bb30b65af", "BOMRef": "pkg:cargo/icu_locid_transform@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "icu_locid@1.5.0", "icu_locid_transform_data@1.5.0", "icu_provider@1.5.0", "tinystr@0.7.6", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "icu_locid_transform_data@1.5.0", "Name": "icu_locid_transform_data", "Identifier": { "PURL": "pkg:cargo/icu_locid_transform_data@1.5.0", "UID": "696e71a478d2ffbb", "BOMRef": "pkg:cargo/icu_locid_transform_data@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "icu_normalizer@1.5.0", "Name": "icu_normalizer", "Identifier": { "PURL": "pkg:cargo/icu_normalizer@1.5.0", "UID": "dfb19d4ae8d1d6e8", "BOMRef": "pkg:cargo/icu_normalizer@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "icu_collections@1.5.0", "icu_normalizer_data@1.5.0", "icu_properties@1.5.1", "icu_provider@1.5.0", "smallvec@1.15.1", "utf16_iter@1.0.5", "utf8_iter@1.0.4", "write16@1.0.0", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "icu_normalizer_data@1.5.0", "Name": "icu_normalizer_data", "Identifier": { "PURL": "pkg:cargo/icu_normalizer_data@1.5.0", "UID": "8a5ab5ba0cd349bd", "BOMRef": "pkg:cargo/icu_normalizer_data@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "icu_properties@1.5.1", "Name": "icu_properties", "Identifier": { "PURL": "pkg:cargo/icu_properties@1.5.1", "UID": "5f659a666f6aa61f", "BOMRef": "pkg:cargo/icu_properties@1.5.1" }, "Version": "1.5.1", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "icu_collections@1.5.0", "icu_locid_transform@1.5.0", "icu_properties_data@1.5.0", "icu_provider@1.5.0", "tinystr@0.7.6", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "icu_properties_data@1.5.0", "Name": "icu_properties_data", "Identifier": { "PURL": "pkg:cargo/icu_properties_data@1.5.0", "UID": "dd4083ace4f04fdc", "BOMRef": "pkg:cargo/icu_properties_data@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "icu_provider@1.5.0", "Name": "icu_provider", "Identifier": { "PURL": "pkg:cargo/icu_provider@1.5.0", "UID": "4015baa4dc8e2bd9", "BOMRef": "pkg:cargo/icu_provider@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "icu_locid@1.5.0", "icu_provider_macros@1.5.0", "stable_deref_trait@1.2.0", "tinystr@0.7.6", "writeable@0.5.5", "yoke@0.7.4", "zerofrom@0.1.4", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "icu_provider_macros@1.5.0", "Name": "icu_provider_macros", "Identifier": { "PURL": "pkg:cargo/icu_provider_macros@1.5.0", "UID": "cdc5e9ec2be3f6f", "BOMRef": "pkg:cargo/icu_provider_macros@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ident_case@1.0.1", "Name": "ident_case", "Identifier": { "PURL": "pkg:cargo/ident_case@1.0.1", "UID": "ad364984ac97e17b", "BOMRef": "pkg:cargo/ident_case@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "idna@1.1.0", "Name": "idna", "Identifier": { "PURL": "pkg:cargo/idna@1.1.0", "UID": "3dbb9d2e774827dc", "BOMRef": "pkg:cargo/idna@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "idna_adapter@1.2.0", "smallvec@1.15.1", "utf8_iter@1.0.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "idna_adapter@1.2.0", "Name": "idna_adapter", "Identifier": { "PURL": "pkg:cargo/idna_adapter@1.2.0", "UID": "3c1f2c6bb943a833", "BOMRef": "pkg:cargo/idna_adapter@1.2.0" }, "Version": "1.2.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "icu_normalizer@1.5.0", "icu_properties@1.5.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "impl-more@0.1.6", "Name": "impl-more", "Identifier": { "PURL": "pkg:cargo/impl-more@0.1.6", "UID": "d716133ea0c760e2", "BOMRef": "pkg:cargo/impl-more@0.1.6" }, "Version": "0.1.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "include-flate@0.3.0", "Name": "include-flate", "Identifier": { "PURL": "pkg:cargo/include-flate@0.3.0", "UID": "e29c0c89af659a53", "BOMRef": "pkg:cargo/include-flate@0.3.0" }, "Version": "0.3.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "include-flate-codegen@0.2.0", "lazy_static@1.5.0", "libflate@2.1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "include-flate-codegen@0.2.0", "Name": "include-flate-codegen", "Identifier": { "PURL": "pkg:cargo/include-flate-codegen@0.2.0", "UID": "e2c46eb93fbd8902", "BOMRef": "pkg:cargo/include-flate-codegen@0.2.0" }, "Version": "0.2.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "libflate@2.1.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "indexmap@1.9.2", "Name": "indexmap", "Identifier": { "PURL": "pkg:cargo/indexmap@1.9.2", "UID": "440136893d5b7032", "BOMRef": "pkg:cargo/indexmap@1.9.2" }, "Version": "1.9.2", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "hashbrown@0.12.3", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "indexmap@2.12.1", "Name": "indexmap", "Identifier": { "PURL": "pkg:cargo/indexmap@2.12.1", "UID": "35812bd369f255ae", "BOMRef": "pkg:cargo/indexmap@2.12.1" }, "Version": "2.12.1", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "equivalent@1.0.1", "hashbrown@0.16.1", "serde@1.0.226", "serde_core@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "indicatif@0.18.3", "Name": "indicatif", "Identifier": { "PURL": "pkg:cargo/indicatif@0.18.3", "UID": "cf1476028330364", "BOMRef": "pkg:cargo/indicatif@0.18.3" }, "Version": "0.18.3", "Licenses": [ "MIT" ], "DependsOn": [ "console@0.16.0", "portable-atomic@1.11.1", "rayon@1.11.0", "unicode-width@0.2.0", "unit-prefix@0.5.1", "web-time@1.1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "indoc@2.0.6", "Name": "indoc", "Identifier": { "PURL": "pkg:cargo/indoc@2.0.6", "UID": "c919711c1412d6d2", "BOMRef": "pkg:cargo/indoc@2.0.6" }, "Version": "2.0.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "integer-encoding@4.1.0", "Name": "integer-encoding", "Identifier": { "PURL": "pkg:cargo/integer-encoding@4.1.0", "UID": "882abaa63459e425", "BOMRef": "pkg:cargo/integer-encoding@4.1.0" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "inventory@0.3.14", "Name": "inventory", "Identifier": { "PURL": "pkg:cargo/inventory@0.3.14", "UID": "741e1acef123cabe", "BOMRef": "pkg:cargo/inventory@0.3.14" }, "Version": "0.3.14", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "io-uring@0.7.11", "Name": "io-uring", "Identifier": { "PURL": "pkg:cargo/io-uring@0.7.11", "UID": "3bd636e409219b87", "BOMRef": "pkg:cargo/io-uring@0.7.11" }, "Version": "0.7.11", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bitflags@2.9.1", "cfg-if@1.0.0", "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ipnet@2.11.0", "Name": "ipnet", "Identifier": { "PURL": "pkg:cargo/ipnet@2.11.0", "UID": "7365a9ae18db8af4", "BOMRef": "pkg:cargo/ipnet@2.11.0" }, "Version": "2.11.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "irg-kvariants@0.1.1", "Name": "irg-kvariants", "Identifier": { "PURL": "pkg:cargo/irg-kvariants@0.1.1", "UID": "6a0cfc3cd279dd19", "BOMRef": "pkg:cargo/irg-kvariants@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT" ], "DependsOn": [ "csv@1.4.0", "once_cell@1.21.3", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "iri-string@0.7.8", "Name": "iri-string", "Identifier": { "PURL": "pkg:cargo/iri-string@0.7.8", "UID": "8a55a50cc387ea3a", "BOMRef": "pkg:cargo/iri-string@0.7.8" }, "Version": "0.7.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "memchr@2.7.4", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "is_sorted@0.1.1", "Name": "is_sorted", "Identifier": { "PURL": "pkg:cargo/is_sorted@0.1.1", "UID": "18d65006bf7774e9", "BOMRef": "pkg:cargo/is_sorted@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "itertools@0.10.5", "Name": "itertools", "Identifier": { "PURL": "pkg:cargo/itertools@0.10.5", "UID": "350805b4fb392c10", "BOMRef": "pkg:cargo/itertools@0.10.5" }, "Version": "0.10.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "either@1.13.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "itertools@0.12.1", "Name": "itertools", "Identifier": { "PURL": "pkg:cargo/itertools@0.12.1", "UID": "959db0d87a12d0b4", "BOMRef": "pkg:cargo/itertools@0.12.1" }, "Version": "0.12.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "either@1.13.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "itertools@0.13.0", "Name": "itertools", "Identifier": { "PURL": "pkg:cargo/itertools@0.13.0", "UID": "1fed477d62bc326", "BOMRef": "pkg:cargo/itertools@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "either@1.13.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "itertools@0.14.0", "Name": "itertools", "Identifier": { "PURL": "pkg:cargo/itertools@0.14.0", "UID": "ccedceb0e33a1ecb", "BOMRef": "pkg:cargo/itertools@0.14.0" }, "Version": "0.14.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "either@1.13.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "itoa@1.0.5", "Name": "itoa", "Identifier": { "PURL": "pkg:cargo/itoa@1.0.5", "UID": "a554a93625fb0131", "BOMRef": "pkg:cargo/itoa@1.0.5" }, "Version": "1.0.5", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "jieba-macros@0.7.1", "Name": "jieba-macros", "Identifier": { "PURL": "pkg:cargo/jieba-macros@0.7.1", "UID": "ad04becf1605ab46", "BOMRef": "pkg:cargo/jieba-macros@0.7.1" }, "Version": "0.7.1", "Licenses": [ "MIT" ], "DependsOn": [ "phf_codegen@0.11.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "jieba-rs@0.7.3", "Name": "jieba-rs", "Identifier": { "PURL": "pkg:cargo/jieba-rs@0.7.3", "UID": "58690736ff703520", "BOMRef": "pkg:cargo/jieba-rs@0.7.3" }, "Version": "0.7.3", "Licenses": [ "MIT" ], "DependsOn": [ "cedarwood@0.4.6", "fxhash@0.2.1", "include-flate@0.3.0", "jieba-macros@0.7.1", "lazy_static@1.5.0", "phf@0.11.2", "regex@1.11.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "jiff@0.2.15", "Name": "jiff", "Identifier": { "PURL": "pkg:cargo/jiff@0.2.15", "UID": "dcab0825825c589b", "BOMRef": "pkg:cargo/jiff@0.2.15" }, "Version": "0.2.15", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "jiff-static@0.2.15", "log@0.4.29", "portable-atomic-util@0.2.4", "portable-atomic@1.11.1", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "jiff-static@0.2.15", "Name": "jiff-static", "Identifier": { "PURL": "pkg:cargo/jiff-static@0.2.15", "UID": "10747a5c0d6e09db", "BOMRef": "pkg:cargo/jiff-static@0.2.15" }, "Version": "0.2.15", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "js-sys@0.3.77", "Name": "js-sys", "Identifier": { "PURL": "pkg:cargo/js-sys@0.3.77", "UID": "f5899657901e2785", "BOMRef": "pkg:cargo/js-sys@0.3.77" }, "Version": "0.3.77", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "once_cell@1.21.3", "wasm-bindgen@0.2.100" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "jsonwebtoken@10.0.0", "Name": "jsonwebtoken", "Identifier": { "PURL": "pkg:cargo/jsonwebtoken@10.0.0", "UID": "b796168a175b8c", "BOMRef": "pkg:cargo/jsonwebtoken@10.0.0" }, "Version": "10.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "base64@0.22.0", "ed25519-dalek@2.2.0", "getrandom@0.2.11", "hmac@0.12.1", "js-sys@0.3.77", "p256@0.13.2", "p384@0.13.1", "pem@3.0.3", "rand@0.8.5", "rsa@0.9.8", "serde@1.0.226", "serde_json@1.0.145", "sha2@0.10.9", "signature@2.2.0", "simple_asn1@0.6.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "language-tags@0.3.2", "Name": "language-tags", "Identifier": { "PURL": "pkg:cargo/language-tags@0.3.2", "UID": "dc75f031181f52f6", "BOMRef": "pkg:cargo/language-tags@0.3.2" }, "Version": "0.3.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "lazy_static@1.5.0", "Name": "lazy_static", "Identifier": { "PURL": "pkg:cargo/lazy_static@1.5.0", "UID": "3891107ca5b4455", "BOMRef": "pkg:cargo/lazy_static@1.5.0" }, "Version": "1.5.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "spin@0.9.8" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "libc@0.2.174", "Name": "libc", "Identifier": { "PURL": "pkg:cargo/libc@0.2.174", "UID": "e812089caabee931", "BOMRef": "pkg:cargo/libc@0.2.174" }, "Version": "0.2.174", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "libflate@1.4.0", "Name": "libflate", "Identifier": { "PURL": "pkg:cargo/libflate@1.4.0", "UID": "dd6ec4dd4c96e432", "BOMRef": "pkg:cargo/libflate@1.4.0" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "DependsOn": [ "adler32@1.2.0", "crc32fast@1.3.2", "libflate_lz77@1.2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "libflate@2.1.0", "Name": "libflate", "Identifier": { "PURL": "pkg:cargo/libflate@2.1.0", "UID": "93f8b026da9c1161", "BOMRef": "pkg:cargo/libflate@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "adler32@1.2.0", "core2@0.4.0", "crc32fast@1.3.2", "dary_heap@0.3.7", "libflate_lz77@2.1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "libflate_lz77@1.2.0", "Name": "libflate_lz77", "Identifier": { "PURL": "pkg:cargo/libflate_lz77@1.2.0", "UID": "e9cc8bc2487a096e", "BOMRef": "pkg:cargo/libflate_lz77@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "rle-decode-fast@1.0.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "libflate_lz77@2.1.0", "Name": "libflate_lz77", "Identifier": { "PURL": "pkg:cargo/libflate_lz77@2.1.0", "UID": "f9e571282f8a2840", "BOMRef": "pkg:cargo/libflate_lz77@2.1.0" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "core2@0.4.0", "hashbrown@0.14.2", "rle-decode-fast@1.0.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "libloading@0.8.5", "Name": "libloading", "Identifier": { "PURL": "pkg:cargo/libloading@0.8.5", "UID": "5eaeee2b14c4505a", "BOMRef": "pkg:cargo/libloading@0.8.5" }, "Version": "0.8.5", "Licenses": [ "ISC" ], "DependsOn": [ "cfg-if@1.0.0", "windows-targets@0.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "libm@0.2.6", "Name": "libm", "Identifier": { "PURL": "pkg:cargo/libm@0.2.6", "UID": "ac16ed9366389b96", "BOMRef": "pkg:cargo/libm@0.2.6" }, "Version": "0.2.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "librocksdb-sys@0.17.3+10.4.2", "Name": "librocksdb-sys", "Identifier": { "PURL": "pkg:cargo/librocksdb-sys@0.17.3%2B10.4.2", "UID": "7770528f6037d4af", "BOMRef": "pkg:cargo/librocksdb-sys@0.17.3%2B10.4.2" }, "Version": "0.17.3+10.4.2", "Licenses": [ "MIT OR Apache-2.0 OR BSD-3-Clause" ], "DependsOn": [ "bzip2-sys@0.1.11+1.0.8", "libc@0.2.174", "libz-sys@1.1.8", "lz4-sys@1.11.1+lz4-1.10.0", "zstd-sys@2.0.9+zstd.1.5.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "libz-sys@1.1.8", "Name": "libz-sys", "Identifier": { "PURL": "pkg:cargo/libz-sys@1.1.8", "UID": "9a0b7d2576bfff13", "BOMRef": "pkg:cargo/libz-sys@1.1.8" }, "Version": "1.1.8", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "link-cplusplus@1.0.8", "Name": "link-cplusplus", "Identifier": { "PURL": "pkg:cargo/link-cplusplus@1.0.8", "UID": "e45facae187ae9a5", "BOMRef": "pkg:cargo/link-cplusplus@1.0.8" }, "Version": "1.0.8", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "linux-raw-sys@0.4.14", "Name": "linux-raw-sys", "Identifier": { "PURL": "pkg:cargo/linux-raw-sys@0.4.14", "UID": "82d5002180973087", "BOMRef": "pkg:cargo/linux-raw-sys@0.4.14" }, "Version": "0.4.14", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "linux-raw-sys@0.9.2", "Name": "linux-raw-sys", "Identifier": { "PURL": "pkg:cargo/linux-raw-sys@0.9.2", "UID": "cb995fffce050162", "BOMRef": "pkg:cargo/linux-raw-sys@0.9.2" }, "Version": "0.9.2", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "litemap@0.7.3", "Name": "litemap", "Identifier": { "PURL": "pkg:cargo/litemap@0.7.3", "UID": "a6736c4f1e70b32b", "BOMRef": "pkg:cargo/litemap@0.7.3" }, "Version": "0.7.3", "Licenses": [ "Unicode-3.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "local-channel@0.1.3", "Name": "local-channel", "Identifier": { "PURL": "pkg:cargo/local-channel@0.1.3", "UID": "3c7bdaf6246fa7be", "BOMRef": "pkg:cargo/local-channel@0.1.3" }, "Version": "0.1.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31", "futures-sink@0.3.31", "futures-util@0.3.31", "local-waker@0.1.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "local-waker@0.1.3", "Name": "local-waker", "Identifier": { "PURL": "pkg:cargo/local-waker@0.1.3", "UID": "8f0d604c7c267f27", "BOMRef": "pkg:cargo/local-waker@0.1.3" }, "Version": "0.1.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "lock_api@0.4.14", "Name": "lock_api", "Identifier": { "PURL": "pkg:cargo/lock_api@0.4.14", "UID": "2b947c9eaf8c23dc", "BOMRef": "pkg:cargo/lock_api@0.4.14" }, "Version": "0.4.14", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "scopeguard@1.1.0", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "log@0.4.29", "Name": "log", "Identifier": { "PURL": "pkg:cargo/log@0.4.29", "UID": "73b966fe4e4877b6", "BOMRef": "pkg:cargo/log@0.4.29" }, "Version": "0.4.29", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "loom@0.7.1", "Name": "loom", "Identifier": { "PURL": "pkg:cargo/loom@0.7.1", "UID": "b5f33605f4dc80a5", "BOMRef": "pkg:cargo/loom@0.7.1" }, "Version": "0.7.1", "Licenses": [ "MIT" ], "DependsOn": [ "cfg-if@1.0.0", "generator@0.7.4", "scoped-tls@1.0.1", "tracing-subscriber@0.3.22", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "lz4-sys@1.11.1+lz4-1.10.0", "Name": "lz4-sys", "Identifier": { "PURL": "pkg:cargo/lz4-sys@1.11.1%2Blz4-1.10.0", "UID": "9bcc27ed7913044a", "BOMRef": "pkg:cargo/lz4-sys@1.11.1%2Blz4-1.10.0" }, "Version": "1.11.1+lz4-1.10.0", "Licenses": [ "MIT" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "lz4_flex@0.12.0", "Name": "lz4_flex", "Identifier": { "PURL": "pkg:cargo/lz4_flex@0.12.0", "UID": "e70fa3e164610cfd", "BOMRef": "pkg:cargo/lz4_flex@0.12.0" }, "Version": "0.12.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "macro_rules_attribute@0.2.2", "Name": "macro_rules_attribute", "Identifier": { "PURL": "pkg:cargo/macro_rules_attribute@0.2.2", "UID": "be9f8a0dbe33cec1", "BOMRef": "pkg:cargo/macro_rules_attribute@0.2.2" }, "Version": "0.2.2", "Licenses": [ "Apache-2.0 OR MIT OR Zlib" ], "DependsOn": [ "macro_rules_attribute-proc_macro@0.2.2", "paste@1.0.11" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "macro_rules_attribute-proc_macro@0.2.2", "Name": "macro_rules_attribute-proc_macro", "Identifier": { "PURL": "pkg:cargo/macro_rules_attribute-proc_macro@0.2.2", "UID": "4ca8de68f90581b", "BOMRef": "pkg:cargo/macro_rules_attribute-proc_macro@0.2.2" }, "Version": "0.2.2", "Licenses": [ "Apache-2.0 OR MIT OR Zlib" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "matchers@0.2.0", "Name": "matchers", "Identifier": { "PURL": "pkg:cargo/matchers@0.2.0", "UID": "c05c0d38b5cc2ada", "BOMRef": "pkg:cargo/matchers@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "regex-automata@0.4.8" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "matchit@0.7.0", "Name": "matchit", "Identifier": { "PURL": "pkg:cargo/matchit@0.7.0", "UID": "d270dd36af2505a7", "BOMRef": "pkg:cargo/matchit@0.7.0" }, "Version": "0.7.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "md-5@0.10.6", "Name": "md-5", "Identifier": { "PURL": "pkg:cargo/md-5@0.10.6", "UID": "c598565d2e2372ce", "BOMRef": "pkg:cargo/md-5@0.10.6" }, "Version": "0.10.6", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "digest@0.10.7" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "memchr@2.7.4", "Name": "memchr", "Identifier": { "PURL": "pkg:cargo/memchr@2.7.4", "UID": "cf85f3cd57e4414e", "BOMRef": "pkg:cargo/memchr@2.7.4" }, "Version": "2.7.4", "Licenses": [ "Unlicense OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "memmap2@0.9.9", "Name": "memmap2", "Identifier": { "PURL": "pkg:cargo/memmap2@0.9.9", "UID": "268feb538e84c217", "BOMRef": "pkg:cargo/memmap2@0.9.9" }, "Version": "0.9.9", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "memoffset@0.7.1", "Name": "memoffset", "Identifier": { "PURL": "pkg:cargo/memoffset@0.7.1", "UID": "fd77db27681b2d9d", "BOMRef": "pkg:cargo/memoffset@0.7.1" }, "Version": "0.7.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "memoffset@0.9.1", "Name": "memoffset", "Identifier": { "PURL": "pkg:cargo/memoffset@0.9.1", "UID": "56740e3997bab4be", "BOMRef": "pkg:cargo/memoffset@0.9.1" }, "Version": "0.9.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "mime@0.3.16", "Name": "mime", "Identifier": { "PURL": "pkg:cargo/mime@0.3.16", "UID": "1d764a439fbf3bdd", "BOMRef": "pkg:cargo/mime@0.3.16" }, "Version": "0.3.16", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "mime_guess@2.0.4", "Name": "mime_guess", "Identifier": { "PURL": "pkg:cargo/mime_guess@2.0.4", "UID": "bdb7b2688c5a0adf", "BOMRef": "pkg:cargo/mime_guess@2.0.4" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "DependsOn": [ "mime@0.3.16", "unicase@2.6.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "minimal-lexical@0.2.1", "Name": "minimal-lexical", "Identifier": { "PURL": "pkg:cargo/minimal-lexical@0.2.1", "UID": "d283bf229319cd41", "BOMRef": "pkg:cargo/minimal-lexical@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "miniz_oxide@0.6.2", "Name": "miniz_oxide", "Identifier": { "PURL": "pkg:cargo/miniz_oxide@0.6.2", "UID": "65f34a480aa2d240", "BOMRef": "pkg:cargo/miniz_oxide@0.6.2" }, "Version": "0.6.2", "Licenses": [ "MIT OR Zlib OR Apache-2.0" ], "DependsOn": [ "adler@1.0.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "miniz_oxide@0.8.5", "Name": "miniz_oxide", "Identifier": { "PURL": "pkg:cargo/miniz_oxide@0.8.5", "UID": "48ff9a7d405dd8ee", "BOMRef": "pkg:cargo/miniz_oxide@0.8.5" }, "Version": "0.8.5", "Licenses": [ "MIT OR Zlib OR Apache-2.0" ], "DependsOn": [ "adler2@2.0.0", "simd-adler32@0.3.7" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "mio@1.0.1", "Name": "mio", "Identifier": { "PURL": "pkg:cargo/mio@1.0.1", "UID": "b7196115e7a5e71f", "BOMRef": "pkg:cargo/mio@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "DependsOn": [ "hermit-abi@0.3.9", "libc@0.2.174", "log@0.4.29", "wasi@0.11.0+wasi-snapshot-preview1", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "names@0.14.0", "Name": "names", "Identifier": { "PURL": "pkg:cargo/names@0.14.0", "UID": "c815add0c3ba7409", "BOMRef": "pkg:cargo/names@0.14.0" }, "Version": "0.14.0", "Licenses": [ "MIT" ], "DependsOn": [ "rand@0.8.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "nix@0.25.1", "Name": "nix", "Identifier": { "PURL": "pkg:cargo/nix@0.25.1", "UID": "6f6be9f9fae2e1f", "BOMRef": "pkg:cargo/nix@0.25.1" }, "Version": "0.25.1", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@1.3.2", "cfg-if@1.0.0", "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "nix@0.27.1", "Name": "nix", "Identifier": { "PURL": "pkg:cargo/nix@0.27.1", "UID": "c39ed7e93edb9a7f", "BOMRef": "pkg:cargo/nix@0.27.1" }, "Version": "0.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@2.9.1", "cfg-if@1.0.0", "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "nix@0.30.1", "Name": "nix", "Identifier": { "PURL": "pkg:cargo/nix@0.30.1", "UID": "735b0f05b7f7c6ad", "BOMRef": "pkg:cargo/nix@0.30.1" }, "Version": "0.30.1", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@2.9.1", "cfg-if@1.0.0", "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "nodrop@0.1.14", "Name": "nodrop", "Identifier": { "PURL": "pkg:cargo/nodrop@0.1.14", "UID": "c233c70f46c278c", "BOMRef": "pkg:cargo/nodrop@0.1.14" }, "Version": "0.1.14", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "nom@7.1.3", "Name": "nom", "Identifier": { "PURL": "pkg:cargo/nom@7.1.3", "UID": "ea28cbc12e5b778a", "BOMRef": "pkg:cargo/nom@7.1.3" }, "Version": "7.1.3", "Licenses": [ "MIT" ], "DependsOn": [ "memchr@2.7.4", "minimal-lexical@0.2.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "nom@8.0.0", "Name": "nom", "Identifier": { "PURL": "pkg:cargo/nom@8.0.0", "UID": "eed44225a238cc5a", "BOMRef": "pkg:cargo/nom@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ntapi@0.4.1", "Name": "ntapi", "Identifier": { "PURL": "pkg:cargo/ntapi@0.4.1", "UID": "fdac8fed27ff25fb", "BOMRef": "pkg:cargo/ntapi@0.4.1" }, "Version": "0.4.1", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "winapi@0.3.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "nu-ansi-term@0.50.1", "Name": "nu-ansi-term", "Identifier": { "PURL": "pkg:cargo/nu-ansi-term@0.50.1", "UID": "e8464b9918f5a5f6", "BOMRef": "pkg:cargo/nu-ansi-term@0.50.1" }, "Version": "0.50.1", "Licenses": [ "MIT" ], "DependsOn": [ "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "num-bigint@0.4.4", "Name": "num-bigint", "Identifier": { "PURL": "pkg:cargo/num-bigint@0.4.4", "UID": "881dc47b89ac921f", "BOMRef": "pkg:cargo/num-bigint@0.4.4" }, "Version": "0.4.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "num-integer@0.1.46", "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "num-bigint-dig@0.8.4", "Name": "num-bigint-dig", "Identifier": { "PURL": "pkg:cargo/num-bigint-dig@0.8.4", "UID": "4ebdb9ef662dbe19", "BOMRef": "pkg:cargo/num-bigint-dig@0.8.4" }, "Version": "0.8.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "byteorder@1.5.0", "lazy_static@1.5.0", "libm@0.2.6", "num-integer@0.1.46", "num-iter@0.1.45", "num-traits@0.2.19", "rand@0.8.5", "smallvec@1.15.1", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "num-cmp@0.1.0", "Name": "num-cmp", "Identifier": { "PURL": "pkg:cargo/num-cmp@0.1.0", "UID": "ad2c367a9a27752b", "BOMRef": "pkg:cargo/num-cmp@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "num-derive@0.4.2", "Name": "num-derive", "Identifier": { "PURL": "pkg:cargo/num-derive@0.4.2", "UID": "2b491f8db13015aa", "BOMRef": "pkg:cargo/num-derive@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "num-integer@0.1.46", "Name": "num-integer", "Identifier": { "PURL": "pkg:cargo/num-integer@0.1.46", "UID": "d97abe24415314e2", "BOMRef": "pkg:cargo/num-integer@0.1.46" }, "Version": "0.1.46", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "num-iter@0.1.45", "Name": "num-iter", "Identifier": { "PURL": "pkg:cargo/num-iter@0.1.45", "UID": "fd614b8a9d860ee0", "BOMRef": "pkg:cargo/num-iter@0.1.45" }, "Version": "0.1.45", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "num-integer@0.1.46", "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "num-traits@0.2.19", "Name": "num-traits", "Identifier": { "PURL": "pkg:cargo/num-traits@0.2.19", "UID": "63b4a9fd4f7d084d", "BOMRef": "pkg:cargo/num-traits@0.2.19" }, "Version": "0.2.19", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libm@0.2.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "num_cpus@1.17.0", "Name": "num_cpus", "Identifier": { "PURL": "pkg:cargo/num_cpus@1.17.0", "UID": "e8afd4b1a02a1918", "BOMRef": "pkg:cargo/num_cpus@1.17.0" }, "Version": "1.17.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hermit-abi@0.5.1", "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "objc2-core-foundation@0.3.1", "Name": "objc2-core-foundation", "Identifier": { "PURL": "pkg:cargo/objc2-core-foundation@0.3.1", "UID": "c0268d87debd7760", "BOMRef": "pkg:cargo/objc2-core-foundation@0.3.1" }, "Version": "0.3.1", "Licenses": [ "Zlib OR Apache-2.0 OR MIT" ], "DependsOn": [ "bitflags@2.9.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "objc2-io-kit@0.3.1", "Name": "objc2-io-kit", "Identifier": { "PURL": "pkg:cargo/objc2-io-kit@0.3.1", "UID": "e95d9e9b0f03f487", "BOMRef": "pkg:cargo/objc2-io-kit@0.3.1" }, "Version": "0.3.1", "Licenses": [ "Zlib OR Apache-2.0 OR MIT" ], "DependsOn": [ "libc@0.2.174", "objc2-core-foundation@0.3.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "object@0.30.0", "Name": "object", "Identifier": { "PURL": "pkg:cargo/object@0.30.0", "UID": "6c6c17a85690e26f", "BOMRef": "pkg:cargo/object@0.30.0" }, "Version": "0.30.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "object_store@0.12.4", "Name": "object_store", "Identifier": { "PURL": "pkg:cargo/object_store@0.12.4", "UID": "53d4b1875d11712e", "BOMRef": "pkg:cargo/object_store@0.12.4" }, "Version": "0.12.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "async-trait@0.1.89", "base64@0.22.0", "bytes@1.10.1", "chrono@0.4.42", "form_urlencoded@1.2.2", "futures@0.3.31", "http-body-util@0.1.2", "http@1.3.1", "humantime@2.3.0", "hyper@1.6.0", "itertools@0.14.0", "md-5@0.10.6", "parking_lot@0.12.5", "percent-encoding@2.3.2", "quick-xml@0.38.0", "rand@0.9.2", "reqwest@0.12.26", "ring@0.17.13", "serde@1.0.226", "serde_json@1.0.145", "serde_urlencoded@0.7.1", "thiserror@2.0.17", "tokio@1.48.0", "tracing@0.1.43", "url@2.5.7", "walkdir@2.5.0", "wasm-bindgen-futures@0.4.42", "web-time@1.1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "once_cell@1.21.3", "Name": "once_cell", "Identifier": { "PURL": "pkg:cargo/once_cell@1.21.3", "UID": "2045351abdea031f", "BOMRef": "pkg:cargo/once_cell@1.21.3" }, "Version": "1.21.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "openssl-probe@0.1.5", "Name": "openssl-probe", "Identifier": { "PURL": "pkg:cargo/openssl-probe@0.1.5", "UID": "8acd91dab7b3f8fd", "BOMRef": "pkg:cargo/openssl-probe@0.1.5" }, "Version": "0.1.5", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ordered-float@2.10.1", "Name": "ordered-float", "Identifier": { "PURL": "pkg:cargo/ordered-float@2.10.1", "UID": "336433b958ed7662", "BOMRef": "pkg:cargo/ordered-float@2.10.1" }, "Version": "2.10.1", "Licenses": [ "MIT" ], "DependsOn": [ "num-traits@0.2.19" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ordered-float@5.1.0", "Name": "ordered-float", "Identifier": { "PURL": "pkg:cargo/ordered-float@5.1.0", "UID": "ace919294f115e7b", "BOMRef": "pkg:cargo/ordered-float@5.1.0" }, "Version": "5.1.0", "Licenses": [ "MIT" ], "DependsOn": [ "num-traits@0.2.19", "rand@0.8.5", "schemars@0.8.22", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "p256@0.13.2", "Name": "p256", "Identifier": { "PURL": "pkg:cargo/p256@0.13.2", "UID": "7e8af3327749a5ff", "BOMRef": "pkg:cargo/p256@0.13.2" }, "Version": "0.13.2", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "ecdsa@0.16.9", "elliptic-curve@0.13.8", "primeorder@0.13.6", "sha2@0.10.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "p384@0.13.1", "Name": "p384", "Identifier": { "PURL": "pkg:cargo/p384@0.13.1", "UID": "fb01846052475512", "BOMRef": "pkg:cargo/p384@0.13.1" }, "Version": "0.13.1", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "ecdsa@0.16.9", "elliptic-curve@0.13.8", "primeorder@0.13.6", "sha2@0.10.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "parking_lot@0.12.5", "Name": "parking_lot", "Identifier": { "PURL": "pkg:cargo/parking_lot@0.12.5", "UID": "9332f574b6d0089c", "BOMRef": "pkg:cargo/parking_lot@0.12.5" }, "Version": "0.12.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "lock_api@0.4.14", "parking_lot_core@0.9.12" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "parking_lot_core@0.9.12", "Name": "parking_lot_core", "Identifier": { "PURL": "pkg:cargo/parking_lot_core@0.9.12", "UID": "b3d31f5c4e906791", "BOMRef": "pkg:cargo/parking_lot_core@0.9.12" }, "Version": "0.9.12", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "backtrace@0.3.67", "cfg-if@1.0.0", "libc@0.2.174", "petgraph@0.6.2", "redox_syscall@0.5.12", "smallvec@1.15.1", "windows-link@0.2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "parse-size@1.0.0", "Name": "parse-size", "Identifier": { "PURL": "pkg:cargo/parse-size@1.0.0", "UID": "2c694da5b2d8831a", "BOMRef": "pkg:cargo/parse-size@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "paste@1.0.11", "Name": "paste", "Identifier": { "PURL": "pkg:cargo/paste@1.0.11", "UID": "2109680a60c3621b", "BOMRef": "pkg:cargo/paste@1.0.11" }, "Version": "1.0.11", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "path_facts@0.2.1", "Name": "path_facts", "Identifier": { "PURL": "pkg:cargo/path_facts@0.2.1", "UID": "ef059b1df512bf1c", "BOMRef": "pkg:cargo/path_facts@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "faccess@0.2.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pathdiff@0.2.3", "Name": "pathdiff", "Identifier": { "PURL": "pkg:cargo/pathdiff@0.2.3", "UID": "ffb9124cd090f8d5", "BOMRef": "pkg:cargo/pathdiff@0.2.3" }, "Version": "0.2.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pem@3.0.3", "Name": "pem", "Identifier": { "PURL": "pkg:cargo/pem@3.0.3", "UID": "8e57a1f50ca048c7", "BOMRef": "pkg:cargo/pem@3.0.3" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "DependsOn": [ "base64@0.21.0", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pem-rfc7468@0.7.0", "Name": "pem-rfc7468", "Identifier": { "PURL": "pkg:cargo/pem-rfc7468@0.7.0", "UID": "a6890e53995ea859", "BOMRef": "pkg:cargo/pem-rfc7468@0.7.0" }, "Version": "0.7.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "base64ct@1.8.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "percent-encoding@2.3.2", "Name": "percent-encoding", "Identifier": { "PURL": "pkg:cargo/percent-encoding@2.3.2", "UID": "30945a028c00af0d", "BOMRef": "pkg:cargo/percent-encoding@2.3.2" }, "Version": "2.3.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "permutation_iterator@0.1.2", "Name": "permutation_iterator", "Identifier": { "PURL": "pkg:cargo/permutation_iterator@0.1.2", "UID": "25daa6c0e5701ff", "BOMRef": "pkg:cargo/permutation_iterator@0.1.2" }, "Version": "0.1.2", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "blake2-rfc@0.2.18", "rand@0.7.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "petgraph@0.6.2", "Name": "petgraph", "Identifier": { "PURL": "pkg:cargo/petgraph@0.6.2", "UID": "7f990e2a26073bd6", "BOMRef": "pkg:cargo/petgraph@0.6.2" }, "Version": "0.6.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "fixedbitset@0.4.2", "indexmap@1.9.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ph@0.8.5", "Name": "ph", "Identifier": { "PURL": "pkg:cargo/ph@0.8.5", "UID": "f6b3c1f689def5e", "BOMRef": "pkg:cargo/ph@0.8.5" }, "Version": "0.8.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "aligned-vec@0.6.1", "binout@0.2.1", "bitm@0.4.2", "dyn_size_of@0.4.2", "rayon@1.11.0", "seedable_hash@0.1.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "phf@0.11.2", "Name": "phf", "Identifier": { "PURL": "pkg:cargo/phf@0.11.2", "UID": "4bb78883d1180405", "BOMRef": "pkg:cargo/phf@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT" ], "DependsOn": [ "phf_shared@0.11.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "phf_codegen@0.11.2", "Name": "phf_codegen", "Identifier": { "PURL": "pkg:cargo/phf_codegen@0.11.2", "UID": "b887d2a1cfba0fa9", "BOMRef": "pkg:cargo/phf_codegen@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT" ], "DependsOn": [ "phf_generator@0.11.2", "phf_shared@0.11.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "phf_generator@0.11.2", "Name": "phf_generator", "Identifier": { "PURL": "pkg:cargo/phf_generator@0.11.2", "UID": "2963c8848ef7a022", "BOMRef": "pkg:cargo/phf_generator@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT" ], "DependsOn": [ "phf_shared@0.11.2", "rand@0.8.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "phf_shared@0.11.2", "Name": "phf_shared", "Identifier": { "PURL": "pkg:cargo/phf_shared@0.11.2", "UID": "982f9c5824ce8c1", "BOMRef": "pkg:cargo/phf_shared@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT" ], "DependsOn": [ "siphasher@0.3.10" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pin-project@1.0.12", "Name": "pin-project", "Identifier": { "PURL": "pkg:cargo/pin-project@1.0.12", "UID": "c3c9e32c6d4db381", "BOMRef": "pkg:cargo/pin-project@1.0.12" }, "Version": "1.0.12", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "pin-project-internal@1.0.12" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pin-project-internal@1.0.12", "Name": "pin-project-internal", "Identifier": { "PURL": "pkg:cargo/pin-project-internal@1.0.12", "UID": "8e48677d57e7085", "BOMRef": "pkg:cargo/pin-project-internal@1.0.12" }, "Version": "1.0.12", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pin-project-lite@0.2.12", "Name": "pin-project-lite", "Identifier": { "PURL": "pkg:cargo/pin-project-lite@0.2.12", "UID": "d8c252cbee9cba6a", "BOMRef": "pkg:cargo/pin-project-lite@0.2.12" }, "Version": "0.2.12", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pin-utils@0.1.0", "Name": "pin-utils", "Identifier": { "PURL": "pkg:cargo/pin-utils@0.1.0", "UID": "2f183aa5c003dde6", "BOMRef": "pkg:cargo/pin-utils@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pkcs1@0.7.5", "Name": "pkcs1", "Identifier": { "PURL": "pkg:cargo/pkcs1@0.7.5", "UID": "89904623ec99b9ca", "BOMRef": "pkg:cargo/pkcs1@0.7.5" }, "Version": "0.7.5", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "der@0.7.10", "pkcs8@0.10.2", "spki@0.7.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pkcs8@0.10.2", "Name": "pkcs8", "Identifier": { "PURL": "pkg:cargo/pkcs8@0.10.2", "UID": "da43a2cc4d145d", "BOMRef": "pkg:cargo/pkcs8@0.10.2" }, "Version": "0.10.2", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "der@0.7.10", "spki@0.7.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "portable-atomic@1.11.1", "Name": "portable-atomic", "Identifier": { "PURL": "pkg:cargo/portable-atomic@1.11.1", "UID": "862d98599058496c", "BOMRef": "pkg:cargo/portable-atomic@1.11.1" }, "Version": "1.11.1", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "portable-atomic-util@0.2.4", "Name": "portable-atomic-util", "Identifier": { "PURL": "pkg:cargo/portable-atomic-util@0.2.4", "UID": "f4b5e197f5d6d012", "BOMRef": "pkg:cargo/portable-atomic-util@0.2.4" }, "Version": "0.2.4", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "portable-atomic@1.11.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pprof2@0.13.1", "Name": "pprof2", "Identifier": { "PURL": "pkg:cargo/pprof2@0.13.1", "UID": "b6ac1fde65ae5879", "BOMRef": "pkg:cargo/pprof2@0.13.1" }, "Version": "0.13.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "backtrace@0.3.67", "cfg-if@1.0.0", "findshlibs@0.10.2", "libc@0.2.174", "log@0.4.29", "nix@0.27.1", "once_cell@1.21.3", "parking_lot@0.12.5", "smallvec@1.15.1", "symbolic-demangle@12.12.3", "tempfile@3.23.0", "thiserror@2.0.17" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ppv-lite86@0.2.17", "Name": "ppv-lite86", "Identifier": { "PURL": "pkg:cargo/ppv-lite86@0.2.17", "UID": "913a06e50aa62c04", "BOMRef": "pkg:cargo/ppv-lite86@0.2.17" }, "Version": "0.2.17", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "presser@0.3.1", "Name": "presser", "Identifier": { "PURL": "pkg:cargo/presser@0.3.1", "UID": "f86636af5e3057bf", "BOMRef": "pkg:cargo/presser@0.3.1" }, "Version": "0.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "primeorder@0.13.6", "Name": "primeorder", "Identifier": { "PURL": "pkg:cargo/primeorder@0.13.6", "UID": "7d461234983d41b8", "BOMRef": "pkg:cargo/primeorder@0.13.6" }, "Version": "0.13.6", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "elliptic-curve@0.13.8" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "proc-macro-error@1.0.4", "Name": "proc-macro-error", "Identifier": { "PURL": "pkg:cargo/proc-macro-error@1.0.4", "UID": "cf72d7b197d73a22", "BOMRef": "pkg:cargo/proc-macro-error@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro-error-attr@1.0.4", "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "proc-macro-error-attr@1.0.4", "Name": "proc-macro-error-attr", "Identifier": { "PURL": "pkg:cargo/proc-macro-error-attr@1.0.4", "UID": "fe7d902d5e5c42e5", "BOMRef": "pkg:cargo/proc-macro-error-attr@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "proc-macro-error-attr2@2.0.0", "Name": "proc-macro-error-attr2", "Identifier": { "PURL": "pkg:cargo/proc-macro-error-attr2@2.0.0", "UID": "4435ee69f361e87a", "BOMRef": "pkg:cargo/proc-macro-error-attr2@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "proc-macro-error2@2.0.1", "Name": "proc-macro-error2", "Identifier": { "PURL": "pkg:cargo/proc-macro-error2@2.0.1", "UID": "74340fc3c2e369e8", "BOMRef": "pkg:cargo/proc-macro-error2@2.0.1" }, "Version": "2.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro-error-attr2@2.0.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "proc-macro2@1.0.101", "Name": "proc-macro2", "Identifier": { "PURL": "pkg:cargo/proc-macro2@1.0.101", "UID": "3b274d1249620fbe", "BOMRef": "pkg:cargo/proc-macro2@1.0.101" }, "Version": "1.0.101", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "unicode-ident@1.0.13" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "procfs@0.18.0", "Name": "procfs", "Identifier": { "PURL": "pkg:cargo/procfs@0.18.0", "UID": "6549a6ff8b2b3945", "BOMRef": "pkg:cargo/procfs@0.18.0" }, "Version": "0.18.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bitflags@2.9.1", "procfs-core@0.18.0", "rustix@1.0.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "procfs-core@0.18.0", "Name": "procfs-core", "Identifier": { "PURL": "pkg:cargo/procfs-core@0.18.0", "UID": "9a9206efdb074199", "BOMRef": "pkg:cargo/procfs-core@0.18.0" }, "Version": "0.18.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bitflags@2.9.1", "hex@0.4.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prometheus@0.14.0", "Name": "prometheus", "Identifier": { "PURL": "pkg:cargo/prometheus@0.14.0", "UID": "95d581bdeac84ed4", "BOMRef": "pkg:cargo/prometheus@0.14.0" }, "Version": "0.14.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "fnv@1.0.7", "lazy_static@1.5.0", "memchr@2.7.4", "parking_lot@0.12.5", "thiserror@2.0.17" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prost@0.11.9", "Name": "prost", "Identifier": { "PURL": "pkg:cargo/prost@0.11.9", "UID": "8692d87b7fe765c6", "BOMRef": "pkg:cargo/prost@0.11.9" }, "Version": "0.11.9", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "prost-derive@0.11.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prost@0.12.6", "Name": "prost", "Identifier": { "PURL": "pkg:cargo/prost@0.12.6", "UID": "c9528d84ca75a63d", "BOMRef": "pkg:cargo/prost@0.12.6" }, "Version": "0.12.6", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "prost-derive@0.12.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prost@0.13.1", "Name": "prost", "Identifier": { "PURL": "pkg:cargo/prost@0.13.1", "UID": "7338eb0af6595ed7", "BOMRef": "pkg:cargo/prost@0.13.1" }, "Version": "0.13.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "prost-derive@0.13.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prost-derive@0.11.9", "Name": "prost-derive", "Identifier": { "PURL": "pkg:cargo/prost-derive@0.11.9", "UID": "8525f3cf315ceae3", "BOMRef": "pkg:cargo/prost-derive@0.11.9" }, "Version": "0.11.9", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "anyhow@1.0.100", "itertools@0.10.5", "proc-macro2@1.0.101", "quote@1.0.42", "syn@1.0.107" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prost-derive@0.12.6", "Name": "prost-derive", "Identifier": { "PURL": "pkg:cargo/prost-derive@0.12.6", "UID": "f7e9197db7d0e3c7", "BOMRef": "pkg:cargo/prost-derive@0.12.6" }, "Version": "0.12.6", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "anyhow@1.0.100", "itertools@0.12.1", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prost-derive@0.13.1", "Name": "prost-derive", "Identifier": { "PURL": "pkg:cargo/prost-derive@0.13.1", "UID": "f97864c364eb4b3e", "BOMRef": "pkg:cargo/prost-derive@0.13.1" }, "Version": "0.13.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "anyhow@1.0.100", "itertools@0.13.0", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prost-types@0.12.6", "Name": "prost-types", "Identifier": { "PURL": "pkg:cargo/prost-types@0.12.6", "UID": "a9b069f0e6562d85", "BOMRef": "pkg:cargo/prost-types@0.12.6" }, "Version": "0.12.6", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "prost@0.12.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prost-types@0.13.1", "Name": "prost-types", "Identifier": { "PURL": "pkg:cargo/prost-types@0.13.1", "UID": "d8dc8b0322dea29f", "BOMRef": "pkg:cargo/prost-types@0.13.1" }, "Version": "0.13.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "prost@0.13.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prost-wkt@0.5.1", "Name": "prost-wkt", "Identifier": { "PURL": "pkg:cargo/prost-wkt@0.5.1", "UID": "80c0e6201a0af7bd", "BOMRef": "pkg:cargo/prost-wkt@0.5.1" }, "Version": "0.5.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "chrono@0.4.42", "inventory@0.3.14", "prost@0.12.6", "serde@1.0.226", "serde_derive@1.0.226", "serde_json@1.0.145", "typetag@0.2.15" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "prost-wkt-types@0.5.1", "Name": "prost-wkt-types", "Identifier": { "PURL": "pkg:cargo/prost-wkt-types@0.5.1", "UID": "577eac5148e4d07", "BOMRef": "pkg:cargo/prost-wkt-types@0.5.1" }, "Version": "0.5.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "chrono@0.4.42", "prost-wkt@0.5.1", "prost@0.12.6", "serde@1.0.226", "serde_derive@1.0.226", "serde_json@1.0.145" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "protobuf@2.28.0", "Name": "protobuf", "Identifier": { "PURL": "pkg:cargo/protobuf@2.28.0", "UID": "cb13b734e6e40a80", "BOMRef": "pkg:cargo/protobuf@2.28.0" }, "Version": "2.28.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pyo3@0.27.2", "Name": "pyo3", "Identifier": { "PURL": "pkg:cargo/pyo3@0.27.2", "UID": "a83c6f9005977395", "BOMRef": "pkg:cargo/pyo3@0.27.2" }, "Version": "0.27.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "indoc@2.0.6", "libc@0.2.174", "memoffset@0.9.1", "once_cell@1.21.3", "portable-atomic@1.11.1", "pyo3-ffi@0.27.2", "pyo3-macros@0.27.2", "unindent@0.2.4", "uuid@1.19.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pyo3-build-config@0.27.2", "Name": "pyo3-build-config", "Identifier": { "PURL": "pkg:cargo/pyo3-build-config@0.27.2", "UID": "e058cb0c8ef81b66", "BOMRef": "pkg:cargo/pyo3-build-config@0.27.2" }, "Version": "0.27.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "target-lexicon@0.13.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pyo3-ffi@0.27.2", "Name": "pyo3-ffi", "Identifier": { "PURL": "pkg:cargo/pyo3-ffi@0.27.2", "UID": "3cbb2290467de621", "BOMRef": "pkg:cargo/pyo3-ffi@0.27.2" }, "Version": "0.27.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pyo3-macros@0.27.2", "Name": "pyo3-macros", "Identifier": { "PURL": "pkg:cargo/pyo3-macros@0.27.2", "UID": "11759ed4a02a65a0", "BOMRef": "pkg:cargo/pyo3-macros@0.27.2" }, "Version": "0.27.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "pyo3-macros-backend@0.27.2", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pyo3-macros-backend@0.27.2", "Name": "pyo3-macros-backend", "Identifier": { "PURL": "pkg:cargo/pyo3-macros-backend@0.27.2", "UID": "d2d96deb46987b00", "BOMRef": "pkg:cargo/pyo3-macros-backend@0.27.2" }, "Version": "0.27.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "heck@0.5.0", "proc-macro2@1.0.101", "pyo3-build-config@0.27.2", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pyroscope@0.5.8", "Name": "pyroscope", "Identifier": { "PURL": "pkg:cargo/pyroscope@0.5.8", "UID": "e850b946a6121634", "BOMRef": "pkg:cargo/pyroscope@0.5.8" }, "Version": "0.5.8", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "libflate@1.4.0", "log@0.4.29", "names@0.14.0", "prost@0.11.9", "reqwest@0.12.26", "serde_json@1.0.145", "thiserror@1.0.69", "url@2.5.7", "winapi@0.3.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "pyroscope_pprofrs@0.2.10", "Name": "pyroscope_pprofrs", "Identifier": { "PURL": "pkg:cargo/pyroscope_pprofrs@0.2.10", "UID": "9e4d7031099b65fb", "BOMRef": "pkg:cargo/pyroscope_pprofrs@0.2.10" }, "Version": "0.2.10", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "log@0.4.29", "pprof2@0.13.1", "pyroscope@0.5.8" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "quick-xml@0.38.0", "Name": "quick-xml", "Identifier": { "PURL": "pkg:cargo/quick-xml@0.38.0", "UID": "6f273205cda30098", "BOMRef": "pkg:cargo/quick-xml@0.38.0" }, "Version": "0.38.0", "Licenses": [ "MIT" ], "DependsOn": [ "memchr@2.7.4", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "quinn@0.11.2", "Name": "quinn", "Identifier": { "PURL": "pkg:cargo/quinn@0.11.2", "UID": "d0605be85f342e65", "BOMRef": "pkg:cargo/quinn@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "pin-project-lite@0.2.12", "quinn-proto@0.11.8", "quinn-udp@0.5.2", "rustc-hash@1.1.0", "rustls@0.23.35", "thiserror@1.0.69", "tokio@1.48.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "quinn-proto@0.11.8", "Name": "quinn-proto", "Identifier": { "PURL": "pkg:cargo/quinn-proto@0.11.8", "UID": "9718fabcc5ba1c38", "BOMRef": "pkg:cargo/quinn-proto@0.11.8" }, "Version": "0.11.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytes@1.10.1", "rand@0.8.5", "ring@0.17.13", "rustc-hash@2.1.1", "rustls@0.23.35", "slab@0.4.11", "thiserror@1.0.69", "tinyvec@1.10.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "quinn-udp@0.5.2", "Name": "quinn-udp", "Identifier": { "PURL": "pkg:cargo/quinn-udp@0.5.2", "UID": "6a213b84dad18d88", "BOMRef": "pkg:cargo/quinn-udp@0.5.2" }, "Version": "0.5.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "once_cell@1.21.3", "socket2@0.5.10", "tracing@0.1.43", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "quote@1.0.42", "Name": "quote", "Identifier": { "PURL": "pkg:cargo/quote@1.0.42", "UID": "8ddd863078516aba", "BOMRef": "pkg:cargo/quote@1.0.42" }, "Version": "1.0.42", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "radium@0.7.0", "Name": "radium", "Identifier": { "PURL": "pkg:cargo/radium@0.7.0", "UID": "85ad7a86639f0686", "BOMRef": "pkg:cargo/radium@0.7.0" }, "Version": "0.7.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "raft@0.7.0", "Name": "raft", "Identifier": { "PURL": "pkg:cargo/raft@0.7.0", "UID": "d2321349fc0438b3", "BOMRef": "pkg:cargo/raft@0.7.0" }, "Version": "0.7.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "fxhash@0.2.1", "getset@0.1.2", "protobuf@2.28.0", "raft-proto@0.7.0", "rand@0.8.5", "slog@2.8.2", "thiserror@1.0.69" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "raft-proto@0.7.0", "Name": "raft-proto", "Identifier": { "PURL": "pkg:cargo/raft-proto@0.7.0", "UID": "472c4ed3d67f6eb3", "BOMRef": "pkg:cargo/raft-proto@0.7.0" }, "Version": "0.7.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "lazy_static@1.5.0", "prost@0.11.9", "protobuf@2.28.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand@0.7.3", "Name": "rand", "Identifier": { "PURL": "pkg:cargo/rand@0.7.3", "UID": "d875fae889556a6f", "BOMRef": "pkg:cargo/rand@0.7.3" }, "Version": "0.7.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "getrandom@0.1.16", "libc@0.2.174", "rand_chacha@0.2.2", "rand_core@0.5.1", "rand_hc@0.2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand@0.8.5", "Name": "rand", "Identifier": { "PURL": "pkg:cargo/rand@0.8.5", "UID": "bd5aeb71d6ee6f05", "BOMRef": "pkg:cargo/rand@0.8.5" }, "Version": "0.8.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "rand_chacha@0.3.1", "rand_core@0.6.4", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand@0.9.2", "Name": "rand", "Identifier": { "PURL": "pkg:cargo/rand@0.9.2", "UID": "5af8032180a383c8", "BOMRef": "pkg:cargo/rand@0.9.2" }, "Version": "0.9.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rand_chacha@0.9.0", "rand_core@0.9.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand_chacha@0.2.2", "Name": "rand_chacha", "Identifier": { "PURL": "pkg:cargo/rand_chacha@0.2.2", "UID": "60982c1cc52cf017", "BOMRef": "pkg:cargo/rand_chacha@0.2.2" }, "Version": "0.2.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ppv-lite86@0.2.17", "rand_core@0.5.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand_chacha@0.3.1", "Name": "rand_chacha", "Identifier": { "PURL": "pkg:cargo/rand_chacha@0.3.1", "UID": "6d8a72b280b3bb1c", "BOMRef": "pkg:cargo/rand_chacha@0.3.1" }, "Version": "0.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ppv-lite86@0.2.17", "rand_core@0.6.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand_chacha@0.9.0", "Name": "rand_chacha", "Identifier": { "PURL": "pkg:cargo/rand_chacha@0.9.0", "UID": "e79f6ca12f618fa8", "BOMRef": "pkg:cargo/rand_chacha@0.9.0" }, "Version": "0.9.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "ppv-lite86@0.2.17", "rand_core@0.9.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand_core@0.5.1", "Name": "rand_core", "Identifier": { "PURL": "pkg:cargo/rand_core@0.5.1", "UID": "c9c9f3cc06df3dec", "BOMRef": "pkg:cargo/rand_core@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "getrandom@0.1.16" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand_core@0.6.4", "Name": "rand_core", "Identifier": { "PURL": "pkg:cargo/rand_core@0.6.4", "UID": "4942e5ecd955bf1e", "BOMRef": "pkg:cargo/rand_core@0.6.4" }, "Version": "0.6.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "getrandom@0.2.11", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand_core@0.9.0", "Name": "rand_core", "Identifier": { "PURL": "pkg:cargo/rand_core@0.9.0", "UID": "d7e33630fbd5c30", "BOMRef": "pkg:cargo/rand_core@0.9.0" }, "Version": "0.9.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "getrandom@0.3.0", "zerocopy@0.8.31" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand_distr@0.5.1", "Name": "rand_distr", "Identifier": { "PURL": "pkg:cargo/rand_distr@0.5.1", "UID": "a8a1a0208f262006", "BOMRef": "pkg:cargo/rand_distr@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "num-traits@0.2.19", "rand@0.9.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rand_hc@0.2.0", "Name": "rand_hc", "Identifier": { "PURL": "pkg:cargo/rand_hc@0.2.0", "UID": "98fd1b5b037a8e42", "BOMRef": "pkg:cargo/rand_hc@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rand_core@0.5.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rayon@1.11.0", "Name": "rayon", "Identifier": { "PURL": "pkg:cargo/rayon@1.11.0", "UID": "4754ba74a940732f", "BOMRef": "pkg:cargo/rayon@1.11.0" }, "Version": "1.11.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "either@1.13.0", "rayon-core@1.13.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rayon-core@1.13.0", "Name": "rayon-core", "Identifier": { "PURL": "pkg:cargo/rayon-core@1.13.0", "UID": "68a9a6044fe1aa01", "BOMRef": "pkg:cargo/rayon-core@1.13.0" }, "Version": "1.13.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "crossbeam-deque@0.8.2", "crossbeam-utils@0.8.20" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "redox_syscall@0.2.16", "Name": "redox_syscall", "Identifier": { "PURL": "pkg:cargo/redox_syscall@0.2.16", "UID": "2b9c43fa4ba9a875", "BOMRef": "pkg:cargo/redox_syscall@0.2.16" }, "Version": "0.2.16", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@1.3.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "redox_syscall@0.5.12", "Name": "redox_syscall", "Identifier": { "PURL": "pkg:cargo/redox_syscall@0.5.12", "UID": "55fb592cee84f1ef", "BOMRef": "pkg:cargo/redox_syscall@0.5.12" }, "Version": "0.5.12", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@2.9.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "regex@1.11.0", "Name": "regex", "Identifier": { "PURL": "pkg:cargo/regex@1.11.0", "UID": "6e2aa8db59baf469", "BOMRef": "pkg:cargo/regex@1.11.0" }, "Version": "1.11.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "aho-corasick@1.1.3", "memchr@2.7.4", "regex-automata@0.4.8", "regex-syntax@0.8.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "regex-automata@0.4.8", "Name": "regex-automata", "Identifier": { "PURL": "pkg:cargo/regex-automata@0.4.8", "UID": "b5ece2eecd950b6d", "BOMRef": "pkg:cargo/regex-automata@0.4.8" }, "Version": "0.4.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "aho-corasick@1.1.3", "memchr@2.7.4", "regex-syntax@0.8.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "regex-lite@0.1.5", "Name": "regex-lite", "Identifier": { "PURL": "pkg:cargo/regex-lite@0.1.5", "UID": "57245bdafbaccc39", "BOMRef": "pkg:cargo/regex-lite@0.1.5" }, "Version": "0.1.5", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "regex-syntax@0.8.5", "Name": "regex-syntax", "Identifier": { "PURL": "pkg:cargo/regex-syntax@0.8.5", "UID": "1b3832a16c8d00f3", "BOMRef": "pkg:cargo/regex-syntax@0.8.5" }, "Version": "0.8.5", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "reqwest@0.12.26", "Name": "reqwest", "Identifier": { "PURL": "pkg:cargo/reqwest@0.12.26", "UID": "518699f5657a4d65", "BOMRef": "pkg:cargo/reqwest@0.12.26" }, "Version": "0.12.26", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "base64@0.22.0", "bytes@1.10.1", "futures-channel@0.3.31", "futures-core@0.3.31", "futures-util@0.3.31", "h2@0.4.4", "http-body-util@0.1.2", "http-body@1.0.0", "http@1.3.1", "hyper-rustls@0.27.2", "hyper-util@0.1.13", "hyper@1.6.0", "js-sys@0.3.77", "log@0.4.29", "percent-encoding@2.3.2", "pin-project-lite@0.2.12", "quinn@0.11.2", "rustls-native-certs@0.8.0", "rustls-pki-types@1.13.1", "rustls@0.23.35", "serde@1.0.226", "serde_json@1.0.145", "serde_urlencoded@0.7.1", "sync_wrapper@1.0.1", "tokio-rustls@0.26.0", "tokio-util@0.7.17", "tokio@1.48.0", "tower-http@0.6.8", "tower-service@0.3.3", "tower@0.5.2", "url@2.5.7", "wasm-bindgen-futures@0.4.42", "wasm-bindgen@0.2.100", "wasm-streams@0.4.0", "web-sys@0.3.69", "webpki-roots@1.0.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rfc6979@0.4.0", "Name": "rfc6979", "Identifier": { "PURL": "pkg:cargo/rfc6979@0.4.0", "UID": "4a5c5ed66d47b706", "BOMRef": "pkg:cargo/rfc6979@0.4.0" }, "Version": "0.4.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "hmac@0.12.1", "subtle@2.5.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ring@0.17.13", "Name": "ring", "Identifier": { "PURL": "pkg:cargo/ring@0.17.13", "UID": "18130a489a82aae3", "BOMRef": "pkg:cargo/ring@0.17.13" }, "Version": "0.17.13", "Licenses": [ "Apache-2.0 AND ISC" ], "DependsOn": [ "cfg-if@1.0.0", "getrandom@0.2.11", "libc@0.2.174", "untrusted@0.9.0", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ringbuffer@0.16.0", "Name": "ringbuffer", "Identifier": { "PURL": "pkg:cargo/ringbuffer@0.16.0", "UID": "efda617d85fa4ac4", "BOMRef": "pkg:cargo/ringbuffer@0.16.0" }, "Version": "0.16.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rle-decode-fast@1.0.3", "Name": "rle-decode-fast", "Identifier": { "PURL": "pkg:cargo/rle-decode-fast@1.0.3", "UID": "e4fd7d29a07fee8d", "BOMRef": "pkg:cargo/rle-decode-fast@1.0.3" }, "Version": "1.0.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rmp@0.8.14", "Name": "rmp", "Identifier": { "PURL": "pkg:cargo/rmp@0.8.14", "UID": "b2c827aef59528b5", "BOMRef": "pkg:cargo/rmp@0.8.14" }, "Version": "0.8.14", "Licenses": [ "MIT" ], "DependsOn": [ "byteorder@1.5.0", "num-traits@0.2.19", "paste@1.0.11" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rmp-serde@1.3.0", "Name": "rmp-serde", "Identifier": { "PURL": "pkg:cargo/rmp-serde@1.3.0", "UID": "3807d6ed30f4ef1f", "BOMRef": "pkg:cargo/rmp-serde@1.3.0" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "byteorder@1.5.0", "rmp@0.8.14", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "roaring@0.11.2", "Name": "roaring", "Identifier": { "PURL": "pkg:cargo/roaring@0.11.2", "UID": "de58564a0cab4c3", "BOMRef": "pkg:cargo/roaring@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bytemuck@1.24.0", "byteorder@1.5.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "robust@1.1.0", "Name": "robust", "Identifier": { "PURL": "pkg:cargo/robust@1.1.0", "UID": "a7c83384a06dc912", "BOMRef": "pkg:cargo/robust@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rocksdb@0.24.0", "Name": "rocksdb", "Identifier": { "PURL": "pkg:cargo/rocksdb@0.24.0", "UID": "d8de8f2f182ee1f7", "BOMRef": "pkg:cargo/rocksdb@0.24.0" }, "Version": "0.24.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "librocksdb-sys@0.17.3+10.4.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rsa@0.9.8", "Name": "rsa", "Identifier": { "PURL": "pkg:cargo/rsa@0.9.8", "UID": "da5fb982f0fd977", "BOMRef": "pkg:cargo/rsa@0.9.8" }, "Version": "0.9.8", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "const-oid@0.9.6", "digest@0.10.7", "num-bigint-dig@0.8.4", "num-integer@0.1.46", "num-traits@0.2.19", "pkcs1@0.7.5", "pkcs8@0.10.2", "rand_core@0.6.4", "signature@2.2.0", "spki@0.7.3", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rstack@0.3.3", "Name": "rstack", "Identifier": { "PURL": "pkg:cargo/rstack@0.3.3", "UID": "41ad8707325000cc", "BOMRef": "pkg:cargo/rstack@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "libc@0.2.174", "log@0.4.29", "unwind@0.4.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rstack-self@0.3.0", "Name": "rstack-self", "Identifier": { "PURL": "pkg:cargo/rstack-self@0.3.0", "UID": "1454656ddaa5c653", "BOMRef": "pkg:cargo/rstack-self@0.3.0" }, "Version": "0.3.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "antidote@1.0.0", "backtrace@0.3.67", "bincode@1.3.3", "lazy_static@1.5.0", "libc@0.2.174", "rstack@0.3.3", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rstar@0.12.0", "Name": "rstar", "Identifier": { "PURL": "pkg:cargo/rstar@0.12.0", "UID": "7feb525e48f49d0f", "BOMRef": "pkg:cargo/rstar@0.12.0" }, "Version": "0.12.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "heapless@0.8.0", "num-traits@0.2.19", "smallvec@1.15.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustc-demangle@0.1.21", "Name": "rustc-demangle", "Identifier": { "PURL": "pkg:cargo/rustc-demangle@0.1.21", "UID": "7d009944d5732ad", "BOMRef": "pkg:cargo/rustc-demangle@0.1.21" }, "Version": "0.1.21", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustc-hash@1.1.0", "Name": "rustc-hash", "Identifier": { "PURL": "pkg:cargo/rustc-hash@1.1.0", "UID": "46f7e032dfb77d6e", "BOMRef": "pkg:cargo/rustc-hash@1.1.0" }, "Version": "1.1.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustc-hash@2.1.1", "Name": "rustc-hash", "Identifier": { "PURL": "pkg:cargo/rustc-hash@2.1.1", "UID": "9fb9f9fc64519bf4", "BOMRef": "pkg:cargo/rustc-hash@2.1.1" }, "Version": "2.1.1", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustix@0.38.40", "Name": "rustix", "Identifier": { "PURL": "pkg:cargo/rustix@0.38.40", "UID": "e1322bae9b1506a0", "BOMRef": "pkg:cargo/rustix@0.38.40" }, "Version": "0.38.40", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "DependsOn": [ "bitflags@2.9.1", "errno@0.3.10", "libc@0.2.174", "linux-raw-sys@0.4.14", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustix@1.0.2", "Name": "rustix", "Identifier": { "PURL": "pkg:cargo/rustix@1.0.2", "UID": "eb0ff6767046c4d0", "BOMRef": "pkg:cargo/rustix@1.0.2" }, "Version": "1.0.2", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "DependsOn": [ "bitflags@2.9.1", "errno@0.3.10", "libc@0.2.174", "linux-raw-sys@0.9.2", "windows-sys@0.59.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustls@0.22.4", "Name": "rustls", "Identifier": { "PURL": "pkg:cargo/rustls@0.22.4", "UID": "1120bb4aed7a08b3", "BOMRef": "pkg:cargo/rustls@0.22.4" }, "Version": "0.22.4", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "log@0.4.29", "ring@0.17.13", "rustls-pki-types@1.13.1", "rustls-webpki@0.102.8", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustls@0.23.35", "Name": "rustls", "Identifier": { "PURL": "pkg:cargo/rustls@0.23.35", "UID": "93cc57222e801f9e", "BOMRef": "pkg:cargo/rustls@0.23.35" }, "Version": "0.23.35", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "log@0.4.29", "once_cell@1.21.3", "ring@0.17.13", "rustls-pki-types@1.13.1", "rustls-webpki@0.103.6", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustls-native-certs@0.7.0", "Name": "rustls-native-certs", "Identifier": { "PURL": "pkg:cargo/rustls-native-certs@0.7.0", "UID": "ec8d40b80e3270ea", "BOMRef": "pkg:cargo/rustls-native-certs@0.7.0" }, "Version": "0.7.0", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "openssl-probe@0.1.5", "rustls-pemfile@2.2.0", "rustls-pki-types@1.13.1", "schannel@0.1.23", "security-framework@2.10.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustls-native-certs@0.8.0", "Name": "rustls-native-certs", "Identifier": { "PURL": "pkg:cargo/rustls-native-certs@0.8.0", "UID": "c9b057b21d98ec3c", "BOMRef": "pkg:cargo/rustls-native-certs@0.8.0" }, "Version": "0.8.0", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "openssl-probe@0.1.5", "rustls-pemfile@2.2.0", "rustls-pki-types@1.13.1", "schannel@0.1.23", "security-framework@2.10.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustls-pemfile@2.2.0", "Name": "rustls-pemfile", "Identifier": { "PURL": "pkg:cargo/rustls-pemfile@2.2.0", "UID": "25b6aea6089ab36f", "BOMRef": "pkg:cargo/rustls-pemfile@2.2.0" }, "Version": "2.2.0", "Licenses": [ "Apache-2.0 OR ISC OR MIT" ], "DependsOn": [ "rustls-pki-types@1.13.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustls-pki-types@1.13.1", "Name": "rustls-pki-types", "Identifier": { "PURL": "pkg:cargo/rustls-pki-types@1.13.1", "UID": "9e05ad29efe3cad2", "BOMRef": "pkg:cargo/rustls-pki-types@1.13.1" }, "Version": "1.13.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustls-webpki@0.102.8", "Name": "rustls-webpki", "Identifier": { "PURL": "pkg:cargo/rustls-webpki@0.102.8", "UID": "33b662da95ae7c62", "BOMRef": "pkg:cargo/rustls-webpki@0.102.8" }, "Version": "0.102.8", "Licenses": [ "ISC" ], "DependsOn": [ "ring@0.17.13", "rustls-pki-types@1.13.1", "untrusted@0.9.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustls-webpki@0.103.6", "Name": "rustls-webpki", "Identifier": { "PURL": "pkg:cargo/rustls-webpki@0.103.6", "UID": "1a6b1df4a483fef5", "BOMRef": "pkg:cargo/rustls-webpki@0.103.6" }, "Version": "0.103.6", "Licenses": [ "ISC" ], "DependsOn": [ "ring@0.17.13", "rustls-pki-types@1.13.1", "untrusted@0.9.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "rustversion@1.0.11", "Name": "rustversion", "Identifier": { "PURL": "pkg:cargo/rustversion@1.0.11", "UID": "3ae6b5c517aafc0b", "BOMRef": "pkg:cargo/rustversion@1.0.11" }, "Version": "1.0.11", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "ryu@1.0.12", "Name": "ryu", "Identifier": { "PURL": "pkg:cargo/ryu@1.0.12", "UID": "84f97a9a53cf2c4b", "BOMRef": "pkg:cargo/ryu@1.0.12" }, "Version": "1.0.12", "Licenses": [ "Apache-2.0 OR BSL-1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "same-file@1.0.6", "Name": "same-file", "Identifier": { "PURL": "pkg:cargo/same-file@1.0.6", "UID": "40418af592720946", "BOMRef": "pkg:cargo/same-file@1.0.6" }, "Version": "1.0.6", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "winapi-util@0.1.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "scc@2.4.0", "Name": "scc", "Identifier": { "PURL": "pkg:cargo/scc@2.4.0", "UID": "93034584486ed1eb", "BOMRef": "pkg:cargo/scc@2.4.0" }, "Version": "2.4.0", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "sdd@3.0.10" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "schannel@0.1.23", "Name": "schannel", "Identifier": { "PURL": "pkg:cargo/schannel@0.1.23", "UID": "a3f28668c623989c", "BOMRef": "pkg:cargo/schannel@0.1.23" }, "Version": "0.1.23", "Licenses": [ "MIT" ], "DependsOn": [ "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "schemars@0.8.22", "Name": "schemars", "Identifier": { "PURL": "pkg:cargo/schemars@0.8.22", "UID": "33eca652d82dd4c4", "BOMRef": "pkg:cargo/schemars@0.8.22" }, "Version": "0.8.22", "Licenses": [ "MIT" ], "DependsOn": [ "chrono@0.4.42", "dyn-clone@1.0.10", "indexmap@1.9.2", "indexmap@2.12.1", "schemars_derive@0.8.22", "serde@1.0.226", "serde_json@1.0.145", "url@2.5.7", "uuid@1.19.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "schemars_derive@0.8.22", "Name": "schemars_derive", "Identifier": { "PURL": "pkg:cargo/schemars_derive@0.8.22", "UID": "445dc9f4921cb7e7", "BOMRef": "pkg:cargo/schemars_derive@0.8.22" }, "Version": "0.8.22", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "serde_derive_internals@0.29.0", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "scoped-tls@1.0.1", "Name": "scoped-tls", "Identifier": { "PURL": "pkg:cargo/scoped-tls@1.0.1", "UID": "6b980fa7526df6d0", "BOMRef": "pkg:cargo/scoped-tls@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "scopeguard@1.1.0", "Name": "scopeguard", "Identifier": { "PURL": "pkg:cargo/scopeguard@1.1.0", "UID": "18cae116c03bc1ca", "BOMRef": "pkg:cargo/scopeguard@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "sdd@3.0.10", "Name": "sdd", "Identifier": { "PURL": "pkg:cargo/sdd@3.0.10", "UID": "be4cf4b8704746de", "BOMRef": "pkg:cargo/sdd@3.0.10" }, "Version": "3.0.10", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "seahash@4.1.0", "Name": "seahash", "Identifier": { "PURL": "pkg:cargo/seahash@4.1.0", "UID": "c7cca3d507d388dd", "BOMRef": "pkg:cargo/seahash@4.1.0" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "sec1@0.7.3", "Name": "sec1", "Identifier": { "PURL": "pkg:cargo/sec1@0.7.3", "UID": "671aee4815301a9e", "BOMRef": "pkg:cargo/sec1@0.7.3" }, "Version": "0.7.3", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "base16ct@0.2.0", "der@0.7.10", "generic-array@0.14.9", "pkcs8@0.10.2", "subtle@2.5.0", "zeroize@1.8.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "security-framework@2.10.0", "Name": "security-framework", "Identifier": { "PURL": "pkg:cargo/security-framework@2.10.0", "UID": "493f24ff85fb2582", "BOMRef": "pkg:cargo/security-framework@2.10.0" }, "Version": "2.10.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bitflags@1.3.2", "core-foundation-sys@0.8.7", "core-foundation@0.9.4", "libc@0.2.174", "security-framework-sys@2.11.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "security-framework-sys@2.11.0", "Name": "security-framework-sys", "Identifier": { "PURL": "pkg:cargo/security-framework-sys@2.11.0", "UID": "99f3401821d6d358", "BOMRef": "pkg:cargo/security-framework-sys@2.11.0" }, "Version": "2.11.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "core-foundation-sys@0.8.7", "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "seedable_hash@0.1.1", "Name": "seedable_hash", "Identifier": { "PURL": "pkg:cargo/seedable_hash@0.1.1", "UID": "ffb7d3056ee5c655", "BOMRef": "pkg:cargo/seedable_hash@0.1.1" }, "Version": "0.1.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "wyhash@0.5.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "self_cell@1.2.1", "Name": "self_cell", "Identifier": { "PURL": "pkg:cargo/self_cell@1.2.1", "UID": "fc65295984da95ca", "BOMRef": "pkg:cargo/self_cell@1.2.1" }, "Version": "1.2.1", "Licenses": [ "Apache-2.0 OR GPL-2.0-only" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "semver@1.0.27", "Name": "semver", "Identifier": { "PURL": "pkg:cargo/semver@1.0.27", "UID": "96fc7df610f04d03", "BOMRef": "pkg:cargo/semver@1.0.27" }, "Version": "1.0.27", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde@1.0.226", "serde_core@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde@1.0.226", "Name": "serde", "Identifier": { "PURL": "pkg:cargo/serde@1.0.226", "UID": "5459eca2d58747ae", "BOMRef": "pkg:cargo/serde@1.0.226" }, "Version": "1.0.226", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde_core@1.0.226", "serde_derive@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde-untagged@0.1.9", "Name": "serde-untagged", "Identifier": { "PURL": "pkg:cargo/serde-untagged@0.1.9", "UID": "c8180a7f042238e5", "BOMRef": "pkg:cargo/serde-untagged@0.1.9" }, "Version": "0.1.9", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "erased-serde@0.4.2", "serde@1.0.226", "serde_core@1.0.226", "typeid@1.0.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde-value@0.7.0", "Name": "serde-value", "Identifier": { "PURL": "pkg:cargo/serde-value@0.7.0", "UID": "e5bc7cd4cebf0937", "BOMRef": "pkg:cargo/serde-value@0.7.0" }, "Version": "0.7.0", "Licenses": [ "MIT" ], "DependsOn": [ "ordered-float@2.10.1", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde_cbor@0.11.2", "Name": "serde_cbor", "Identifier": { "PURL": "pkg:cargo/serde_cbor@0.11.2", "UID": "5616cc79bc79a709", "BOMRef": "pkg:cargo/serde_cbor@0.11.2" }, "Version": "0.11.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "half@1.8.2", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde_core@1.0.226", "Name": "serde_core", "Identifier": { "PURL": "pkg:cargo/serde_core@1.0.226", "UID": "7a754ffb5a42991e", "BOMRef": "pkg:cargo/serde_core@1.0.226" }, "Version": "1.0.226", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde_derive@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde_derive@1.0.226", "Name": "serde_derive", "Identifier": { "PURL": "pkg:cargo/serde_derive@1.0.226", "UID": "2ba03def155c7392", "BOMRef": "pkg:cargo/serde_derive@1.0.226" }, "Version": "1.0.226", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde_derive_internals@0.29.0", "Name": "serde_derive_internals", "Identifier": { "PURL": "pkg:cargo/serde_derive_internals@0.29.0", "UID": "11e1b1ab6242d8c2", "BOMRef": "pkg:cargo/serde_derive_internals@0.29.0" }, "Version": "0.29.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde_json@1.0.145", "Name": "serde_json", "Identifier": { "PURL": "pkg:cargo/serde_json@1.0.145", "UID": "38e29b5a3d70dd5b", "BOMRef": "pkg:cargo/serde_json@1.0.145" }, "Version": "1.0.145", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "indexmap@2.12.1", "itoa@1.0.5", "memchr@2.7.4", "ryu@1.0.12", "serde@1.0.226", "serde_core@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde_plain@1.0.1", "Name": "serde_plain", "Identifier": { "PURL": "pkg:cargo/serde_plain@1.0.1", "UID": "3866702c4aae8a52", "BOMRef": "pkg:cargo/serde_plain@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde_qs@0.13.0", "Name": "serde_qs", "Identifier": { "PURL": "pkg:cargo/serde_qs@0.13.0", "UID": "ae8677a8579e39d9", "BOMRef": "pkg:cargo/serde_qs@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "actix-web@4.12.1", "futures@0.3.31", "percent-encoding@2.3.2", "serde@1.0.226", "thiserror@1.0.69" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde_urlencoded@0.7.1", "Name": "serde_urlencoded", "Identifier": { "PURL": "pkg:cargo/serde_urlencoded@0.7.1", "UID": "12ee0b90e68e34d0", "BOMRef": "pkg:cargo/serde_urlencoded@0.7.1" }, "Version": "0.7.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "form_urlencoded@1.2.2", "itoa@1.0.5", "ryu@1.0.12", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serde_variant@0.1.3", "Name": "serde_variant", "Identifier": { "PURL": "pkg:cargo/serde_variant@0.1.3", "UID": "94f0ee84fda39d5e", "BOMRef": "pkg:cargo/serde_variant@0.1.3" }, "Version": "0.1.3", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serial_test@3.2.0", "Name": "serial_test", "Identifier": { "PURL": "pkg:cargo/serial_test@3.2.0", "UID": "27e6893862c65d06", "BOMRef": "pkg:cargo/serial_test@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "once_cell@1.21.3", "parking_lot@0.12.5", "scc@2.4.0", "serial_test_derive@3.2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "serial_test_derive@3.2.0", "Name": "serial_test_derive", "Identifier": { "PURL": "pkg:cargo/serial_test_derive@3.2.0", "UID": "5421f5dd5fba7fbc", "BOMRef": "pkg:cargo/serial_test_derive@3.2.0" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "sha1@0.10.5", "Name": "sha1", "Identifier": { "PURL": "pkg:cargo/sha1@0.10.5", "UID": "36b7ff548e82aed4", "BOMRef": "pkg:cargo/sha1@0.10.5" }, "Version": "0.10.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "cpufeatures@0.2.17", "digest@0.10.7" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "sha2@0.10.9", "Name": "sha2", "Identifier": { "PURL": "pkg:cargo/sha2@0.10.9", "UID": "7a9809126dd366fc", "BOMRef": "pkg:cargo/sha2@0.10.9" }, "Version": "0.10.9", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "cpufeatures@0.2.17", "digest@0.10.7" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "shaderc@0.10.1", "Name": "shaderc", "Identifier": { "PURL": "pkg:cargo/shaderc@0.10.1", "UID": "a352e8185d800eb8", "BOMRef": "pkg:cargo/shaderc@0.10.1" }, "Version": "0.10.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "shaderc-sys@0.10.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "shaderc-sys@0.10.1", "Name": "shaderc-sys", "Identifier": { "PURL": "pkg:cargo/shaderc-sys@0.10.1", "UID": "35d1a1d3779c8006", "BOMRef": "pkg:cargo/shaderc-sys@0.10.1" }, "Version": "0.10.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "link-cplusplus@1.0.8" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "sharded-slab@0.1.4", "Name": "sharded-slab", "Identifier": { "PURL": "pkg:cargo/sharded-slab@0.1.4", "UID": "79693b0b5a074040", "BOMRef": "pkg:cargo/sharded-slab@0.1.4" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "DependsOn": [ "lazy_static@1.5.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "sif-itree@0.4.0", "Name": "sif-itree", "Identifier": { "PURL": "pkg:cargo/sif-itree@0.4.0", "UID": "8661a4234272115e", "BOMRef": "pkg:cargo/sif-itree@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "signal-hook-registry@1.4.0", "Name": "signal-hook-registry", "Identifier": { "PURL": "pkg:cargo/signal-hook-registry@1.4.0", "UID": "2a9a0ea0d3d4a28e", "BOMRef": "pkg:cargo/signal-hook-registry@1.4.0" }, "Version": "1.4.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "signature@2.2.0", "Name": "signature", "Identifier": { "PURL": "pkg:cargo/signature@2.2.0", "UID": "8a89f01fecbbcb0a", "BOMRef": "pkg:cargo/signature@2.2.0" }, "Version": "2.2.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "digest@0.10.7", "rand_core@0.6.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "simd-adler32@0.3.7", "Name": "simd-adler32", "Identifier": { "PURL": "pkg:cargo/simd-adler32@0.3.7", "UID": "fe204eda7494a8a3", "BOMRef": "pkg:cargo/simd-adler32@0.3.7" }, "Version": "0.3.7", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "simple_asn1@0.6.2", "Name": "simple_asn1", "Identifier": { "PURL": "pkg:cargo/simple_asn1@0.6.2", "UID": "df8929844db8da08", "BOMRef": "pkg:cargo/simple_asn1@0.6.2" }, "Version": "0.6.2", "Licenses": [ "ISC" ], "DependsOn": [ "num-bigint@0.4.4", "num-traits@0.2.19", "thiserror@1.0.69", "time@0.3.17" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "siphasher@0.3.10", "Name": "siphasher", "Identifier": { "PURL": "pkg:cargo/siphasher@0.3.10", "UID": "5204244e7708e1dd", "BOMRef": "pkg:cargo/siphasher@0.3.10" }, "Version": "0.3.10", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "siphasher@1.0.1", "Name": "siphasher", "Identifier": { "PURL": "pkg:cargo/siphasher@1.0.1", "UID": "1c3394551cdffbdf", "BOMRef": "pkg:cargo/siphasher@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "slab@0.4.11", "Name": "slab", "Identifier": { "PURL": "pkg:cargo/slab@0.4.11", "UID": "3895182e6945f472", "BOMRef": "pkg:cargo/slab@0.4.11" }, "Version": "0.4.11", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "slice-group-by@0.3.1", "Name": "slice-group-by", "Identifier": { "PURL": "pkg:cargo/slice-group-by@0.3.1", "UID": "62a98fa470cc4bad", "BOMRef": "pkg:cargo/slice-group-by@0.3.1" }, "Version": "0.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "slog@2.8.2", "Name": "slog", "Identifier": { "PURL": "pkg:cargo/slog@2.8.2", "UID": "3dbc6a3a1f7969ab", "BOMRef": "pkg:cargo/slog@2.8.2" }, "Version": "2.8.2", "Licenses": [ "MPL-2.0 OR MIT OR Apache-2.0" ], "DependsOn": [ "anyhow@1.0.100", "erased-serde@0.3.31", "serde_core@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "slog-scope@4.4.0", "Name": "slog-scope", "Identifier": { "PURL": "pkg:cargo/slog-scope@4.4.0", "UID": "2de9b570c265036e", "BOMRef": "pkg:cargo/slog-scope@4.4.0" }, "Version": "4.4.0", "Licenses": [ "MPL-2.0 OR MIT OR Apache-2.0" ], "DependsOn": [ "arc-swap@1.7.1", "lazy_static@1.5.0", "slog@2.8.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "slog-stdlog@4.1.1", "Name": "slog-stdlog", "Identifier": { "PURL": "pkg:cargo/slog-stdlog@4.1.1", "UID": "4f01949d847be5ea", "BOMRef": "pkg:cargo/slog-stdlog@4.1.1" }, "Version": "4.1.1", "Licenses": [ "MPL-2.0 OR MIT OR Apache-2.0" ], "DependsOn": [ "log@0.4.29", "slog-scope@4.4.0", "slog@2.8.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "smallvec@1.15.1", "Name": "smallvec", "Identifier": { "PURL": "pkg:cargo/smallvec@1.15.1", "UID": "9304ea7e8f72520c", "BOMRef": "pkg:cargo/smallvec@1.15.1" }, "Version": "1.15.1", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "socket2@0.4.9", "Name": "socket2", "Identifier": { "PURL": "pkg:cargo/socket2@0.4.9", "UID": "33224cd5ecdff34b", "BOMRef": "pkg:cargo/socket2@0.4.9" }, "Version": "0.4.9", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "winapi@0.3.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "socket2@0.5.10", "Name": "socket2", "Identifier": { "PURL": "pkg:cargo/socket2@0.5.10", "UID": "75b59c44570c48e7", "BOMRef": "pkg:cargo/socket2@0.5.10" }, "Version": "0.5.10", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "windows-sys@0.52.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "socket2@0.6.0", "Name": "socket2", "Identifier": { "PURL": "pkg:cargo/socket2@0.6.0", "UID": "f191194bff4cbc43", "BOMRef": "pkg:cargo/socket2@0.6.0" }, "Version": "0.6.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "windows-sys@0.59.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "spade@2.12.1", "Name": "spade", "Identifier": { "PURL": "pkg:cargo/spade@2.12.1", "UID": "5f781ab30ecd7b15", "BOMRef": "pkg:cargo/spade@2.12.1" }, "Version": "2.12.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "hashbrown@0.14.2", "num-traits@0.2.19", "robust@1.1.0", "smallvec@1.15.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "spin@0.9.8", "Name": "spin", "Identifier": { "PURL": "pkg:cargo/spin@0.9.8", "UID": "65bc25355ad5431b", "BOMRef": "pkg:cargo/spin@0.9.8" }, "Version": "0.9.8", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "spki@0.7.3", "Name": "spki", "Identifier": { "PURL": "pkg:cargo/spki@0.7.3", "UID": "b2eeff0df4d36691", "BOMRef": "pkg:cargo/spki@0.7.3" }, "Version": "0.7.3", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "base64ct@1.8.0", "der@0.7.10" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "stable_deref_trait@1.2.0", "Name": "stable_deref_trait", "Identifier": { "PURL": "pkg:cargo/stable_deref_trait@1.2.0", "UID": "d366669069630db7", "BOMRef": "pkg:cargo/stable_deref_trait@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "strsim@0.10.0", "Name": "strsim", "Identifier": { "PURL": "pkg:cargo/strsim@0.10.0", "UID": "1dda2e80cc1b7a72", "BOMRef": "pkg:cargo/strsim@0.10.0" }, "Version": "0.10.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "strsim@0.11.0", "Name": "strsim", "Identifier": { "PURL": "pkg:cargo/strsim@0.11.0", "UID": "8fa7604cdd9cfadc", "BOMRef": "pkg:cargo/strsim@0.11.0" }, "Version": "0.11.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "strum@0.27.2", "Name": "strum", "Identifier": { "PURL": "pkg:cargo/strum@0.27.2", "UID": "818a1e173fbe1818", "BOMRef": "pkg:cargo/strum@0.27.2" }, "Version": "0.27.2", "Licenses": [ "MIT" ], "DependsOn": [ "strum_macros@0.27.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "strum_macros@0.27.1", "Name": "strum_macros", "Identifier": { "PURL": "pkg:cargo/strum_macros@0.27.1", "UID": "3972e2297f7e6e32", "BOMRef": "pkg:cargo/strum_macros@0.27.1" }, "Version": "0.27.1", "Licenses": [ "MIT" ], "DependsOn": [ "heck@0.5.0", "proc-macro2@1.0.101", "quote@1.0.42", "rustversion@1.0.11", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "subtle@2.5.0", "Name": "subtle", "Identifier": { "PURL": "pkg:cargo/subtle@2.5.0", "UID": "e26e010a2399b314", "BOMRef": "pkg:cargo/subtle@2.5.0" }, "Version": "2.5.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "symbolic-common@12.12.3", "Name": "symbolic-common", "Identifier": { "PURL": "pkg:cargo/symbolic-common@12.12.3", "UID": "d16a3b45cb1d45e2", "BOMRef": "pkg:cargo/symbolic-common@12.12.3" }, "Version": "12.12.3", "Licenses": [ "MIT" ], "DependsOn": [ "debugid@0.8.0", "memmap2@0.9.9", "stable_deref_trait@1.2.0", "uuid@1.19.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "symbolic-demangle@12.12.3", "Name": "symbolic-demangle", "Identifier": { "PURL": "pkg:cargo/symbolic-demangle@12.12.3", "UID": "3107b3d3676d7288", "BOMRef": "pkg:cargo/symbolic-demangle@12.12.3" }, "Version": "12.12.3", "Licenses": [ "MIT" ], "DependsOn": [ "cpp_demangle@0.4.2", "rustc-demangle@0.1.21", "symbolic-common@12.12.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "syn@1.0.107", "Name": "syn", "Identifier": { "PURL": "pkg:cargo/syn@1.0.107", "UID": "fc55d71a887c1e83", "BOMRef": "pkg:cargo/syn@1.0.107" }, "Version": "1.0.107", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "unicode-ident@1.0.13" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "syn@2.0.111", "Name": "syn", "Identifier": { "PURL": "pkg:cargo/syn@2.0.111", "UID": "97c485812b662988", "BOMRef": "pkg:cargo/syn@2.0.111" }, "Version": "2.0.111", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "unicode-ident@1.0.13" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "sync_wrapper@0.1.2", "Name": "sync_wrapper", "Identifier": { "PURL": "pkg:cargo/sync_wrapper@0.1.2", "UID": "72f57ab7c698eec6", "BOMRef": "pkg:cargo/sync_wrapper@0.1.2" }, "Version": "0.1.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "sync_wrapper@1.0.1", "Name": "sync_wrapper", "Identifier": { "PURL": "pkg:cargo/sync_wrapper@1.0.1", "UID": "218367911cca9f0c", "BOMRef": "pkg:cargo/sync_wrapper@1.0.1" }, "Version": "1.0.1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "futures-core@0.3.31" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "synstructure@0.13.1", "Name": "synstructure", "Identifier": { "PURL": "pkg:cargo/synstructure@0.13.1", "UID": "6383e599dfee1f0b", "BOMRef": "pkg:cargo/synstructure@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "sys-info@0.9.1", "Name": "sys-info", "Identifier": { "PURL": "pkg:cargo/sys-info@0.9.1", "UID": "ea79c69f13f85711", "BOMRef": "pkg:cargo/sys-info@0.9.1" }, "Version": "0.9.1", "Licenses": [ "MIT" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "sysinfo@0.37.2", "Name": "sysinfo", "Identifier": { "PURL": "pkg:cargo/sysinfo@0.37.2", "UID": "ca0825f12c125ca4", "BOMRef": "pkg:cargo/sysinfo@0.37.2" }, "Version": "0.37.2", "Licenses": [ "MIT" ], "DependsOn": [ "libc@0.2.174", "memchr@2.7.4", "ntapi@0.4.1", "objc2-core-foundation@0.3.1", "objc2-io-kit@0.3.1", "windows@0.61.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tap@1.0.1", "Name": "tap", "Identifier": { "PURL": "pkg:cargo/tap@1.0.1", "UID": "d0c3a87bb9b09b41", "BOMRef": "pkg:cargo/tap@1.0.1" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "target-lexicon@0.13.3", "Name": "target-lexicon", "Identifier": { "PURL": "pkg:cargo/target-lexicon@0.13.3", "UID": "c6bd323106ad27", "BOMRef": "pkg:cargo/target-lexicon@0.13.3" }, "Version": "0.13.3", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tempfile@3.23.0", "Name": "tempfile", "Identifier": { "PURL": "pkg:cargo/tempfile@3.23.0", "UID": "30fb58677d713632", "BOMRef": "pkg:cargo/tempfile@3.23.0" }, "Version": "3.23.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "fastrand@2.2.0", "getrandom@0.3.0", "once_cell@1.21.3", "rustix@1.0.2", "windows-sys@0.60.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "thiserror@1.0.69", "Name": "thiserror", "Identifier": { "PURL": "pkg:cargo/thiserror@1.0.69", "UID": "5c251998ce000ed0", "BOMRef": "pkg:cargo/thiserror@1.0.69" }, "Version": "1.0.69", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "thiserror-impl@1.0.69" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "thiserror@2.0.17", "Name": "thiserror", "Identifier": { "PURL": "pkg:cargo/thiserror@2.0.17", "UID": "38863a7e22449869", "BOMRef": "pkg:cargo/thiserror@2.0.17" }, "Version": "2.0.17", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "thiserror-impl@2.0.17" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "thiserror-impl@1.0.69", "Name": "thiserror-impl", "Identifier": { "PURL": "pkg:cargo/thiserror-impl@1.0.69", "UID": "1ff1d32c60510075", "BOMRef": "pkg:cargo/thiserror-impl@1.0.69" }, "Version": "1.0.69", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "thiserror-impl@2.0.17", "Name": "thiserror-impl", "Identifier": { "PURL": "pkg:cargo/thiserror-impl@2.0.17", "UID": "e1f7bdae6d8da3c7", "BOMRef": "pkg:cargo/thiserror-impl@2.0.17" }, "Version": "2.0.17", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "thread-priority@3.0.0", "Name": "thread-priority", "Identifier": { "PURL": "pkg:cargo/thread-priority@3.0.0", "UID": "90f4f69189a8b815", "BOMRef": "pkg:cargo/thread-priority@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@2.9.1", "cfg-if@1.0.0", "libc@0.2.174", "log@0.4.29", "rustversion@1.0.11", "windows@0.61.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "thread_local@1.1.7", "Name": "thread_local", "Identifier": { "PURL": "pkg:cargo/thread_local@1.1.7", "UID": "d78ac3c4c435173d", "BOMRef": "pkg:cargo/thread_local@1.1.7" }, "Version": "1.1.7", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "once_cell@1.21.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tikv-jemalloc-ctl@0.6.1", "Name": "tikv-jemalloc-ctl", "Identifier": { "PURL": "pkg:cargo/tikv-jemalloc-ctl@0.6.1", "UID": "cd4705d838a9e034", "BOMRef": "pkg:cargo/tikv-jemalloc-ctl@0.6.1" }, "Version": "0.6.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "paste@1.0.11", "tikv-jemalloc-sys@0.6.1+5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tikv-jemalloc-sys@0.6.1+5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7", "Name": "tikv-jemalloc-sys", "Identifier": { "PURL": "pkg:cargo/tikv-jemalloc-sys@0.6.1%2B5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7", "UID": "5902c843cd2474f", "BOMRef": "pkg:cargo/tikv-jemalloc-sys@0.6.1%2B5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7" }, "Version": "0.6.1+5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tikv-jemallocator@0.6.1", "Name": "tikv-jemallocator", "Identifier": { "PURL": "pkg:cargo/tikv-jemallocator@0.6.1", "UID": "c061259fc49f8801", "BOMRef": "pkg:cargo/tikv-jemallocator@0.6.1" }, "Version": "0.6.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "tikv-jemalloc-sys@0.6.1+5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "time@0.3.17", "Name": "time", "Identifier": { "PURL": "pkg:cargo/time@0.3.17", "UID": "80f7e14d1536a5de", "BOMRef": "pkg:cargo/time@0.3.17" }, "Version": "0.3.17", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "itoa@1.0.5", "serde@1.0.226", "time-core@0.1.0", "time-macros@0.2.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "time-core@0.1.0", "Name": "time-core", "Identifier": { "PURL": "pkg:cargo/time-core@0.1.0", "UID": "8ad2d80eea4e6340", "BOMRef": "pkg:cargo/time-core@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "time-macros@0.2.6", "Name": "time-macros", "Identifier": { "PURL": "pkg:cargo/time-macros@0.2.6", "UID": "6c23a6f7abcea5ab", "BOMRef": "pkg:cargo/time-macros@0.2.6" }, "Version": "0.2.6", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "time-core@0.1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tinystr@0.7.6", "Name": "tinystr", "Identifier": { "PURL": "pkg:cargo/tinystr@0.7.6", "UID": "88db4c3adfa9af4d", "BOMRef": "pkg:cargo/tinystr@0.7.6" }, "Version": "0.7.6", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "displaydoc@0.2.5", "zerovec@0.10.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tinyvec@1.10.0", "Name": "tinyvec", "Identifier": { "PURL": "pkg:cargo/tinyvec@1.10.0", "UID": "7e5fa0c279dc0093", "BOMRef": "pkg:cargo/tinyvec@1.10.0" }, "Version": "1.10.0", "Licenses": [ "Zlib OR Apache-2.0 OR MIT" ], "DependsOn": [ "tinyvec_macros@0.1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tinyvec_macros@0.1.0", "Name": "tinyvec_macros", "Identifier": { "PURL": "pkg:cargo/tinyvec_macros@0.1.0", "UID": "cf357eda6478b2c7", "BOMRef": "pkg:cargo/tinyvec_macros@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0 OR Zlib" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tokio@1.48.0", "Name": "tokio", "Identifier": { "PURL": "pkg:cargo/tokio@1.48.0", "UID": "64793f92e1d67c09", "BOMRef": "pkg:cargo/tokio@1.48.0" }, "Version": "1.48.0", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "libc@0.2.174", "mio@1.0.1", "parking_lot@0.12.5", "pin-project-lite@0.2.12", "signal-hook-registry@1.4.0", "socket2@0.6.0", "tokio-macros@2.6.0", "tracing@0.1.43", "windows-sys@0.61.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tokio-io-timeout@1.2.0", "Name": "tokio-io-timeout", "Identifier": { "PURL": "pkg:cargo/tokio-io-timeout@1.2.0", "UID": "572b169ef844d8bf", "BOMRef": "pkg:cargo/tokio-io-timeout@1.2.0" }, "Version": "1.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "pin-project-lite@0.2.12", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tokio-macros@2.6.0", "Name": "tokio-macros", "Identifier": { "PURL": "pkg:cargo/tokio-macros@2.6.0", "UID": "d9eae62800e5d456", "BOMRef": "pkg:cargo/tokio-macros@2.6.0" }, "Version": "2.6.0", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tokio-rustls@0.25.0", "Name": "tokio-rustls", "Identifier": { "PURL": "pkg:cargo/tokio-rustls@0.25.0", "UID": "3a84f8425b0904bc", "BOMRef": "pkg:cargo/tokio-rustls@0.25.0" }, "Version": "0.25.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rustls-pki-types@1.13.1", "rustls@0.22.4", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tokio-rustls@0.26.0", "Name": "tokio-rustls", "Identifier": { "PURL": "pkg:cargo/tokio-rustls@0.26.0", "UID": "62e8c9a0c49d1352", "BOMRef": "pkg:cargo/tokio-rustls@0.26.0" }, "Version": "0.26.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rustls-pki-types@1.13.1", "rustls@0.23.35", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tokio-stream@0.1.17", "Name": "tokio-stream", "Identifier": { "PURL": "pkg:cargo/tokio-stream@0.1.17", "UID": "2cf0555536c3860", "BOMRef": "pkg:cargo/tokio-stream@0.1.17" }, "Version": "0.1.17", "Licenses": [ "MIT" ], "DependsOn": [ "futures-core@0.3.31", "pin-project-lite@0.2.12", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tokio-util@0.7.17", "Name": "tokio-util", "Identifier": { "PURL": "pkg:cargo/tokio-util@0.7.17", "UID": "aba78fa471274463", "BOMRef": "pkg:cargo/tokio-util@0.7.17" }, "Version": "0.7.17", "Licenses": [ "MIT" ], "DependsOn": [ "bytes@1.10.1", "futures-core@0.3.31", "futures-sink@0.3.31", "futures-util@0.3.31", "pin-project-lite@0.2.12", "tokio@1.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tonic@0.11.0", "Name": "tonic", "Identifier": { "PURL": "pkg:cargo/tonic@0.11.0", "UID": "306d8e297b286057", "BOMRef": "pkg:cargo/tonic@0.11.0" }, "Version": "0.11.0", "Licenses": [ "MIT" ], "DependsOn": [ "async-stream@0.3.3", "async-trait@0.1.89", "axum@0.6.12", "base64@0.21.0", "bytes@1.10.1", "flate2@1.1.5", "h2@0.3.27", "http-body@0.4.5", "http@0.2.12", "hyper-timeout@0.4.1", "hyper@0.14.26", "percent-encoding@2.3.2", "pin-project@1.0.12", "prost@0.12.6", "rustls-pemfile@2.2.0", "rustls-pki-types@1.13.1", "tokio-rustls@0.25.0", "tokio-stream@0.1.17", "tokio@1.48.0", "tower-layer@0.3.3", "tower-service@0.3.3", "tower@0.4.13", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tonic@0.12.3", "Name": "tonic", "Identifier": { "PURL": "pkg:cargo/tonic@0.12.3", "UID": "8820a0b3392f62bb", "BOMRef": "pkg:cargo/tonic@0.12.3" }, "Version": "0.12.3", "Licenses": [ "MIT" ], "DependsOn": [ "async-stream@0.3.3", "async-trait@0.1.89", "axum@0.7.5", "base64@0.22.0", "bytes@1.10.1", "h2@0.4.4", "http-body-util@0.1.2", "http-body@1.0.0", "http@1.3.1", "hyper-timeout@0.5.1", "hyper-util@0.1.13", "hyper@1.6.0", "percent-encoding@2.3.2", "pin-project@1.0.12", "prost@0.13.1", "socket2@0.5.10", "tokio-stream@0.1.17", "tokio@1.48.0", "tower-layer@0.3.3", "tower-service@0.3.3", "tower@0.4.13", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tonic-reflection@0.11.0", "Name": "tonic-reflection", "Identifier": { "PURL": "pkg:cargo/tonic-reflection@0.11.0", "UID": "49ef90c69a9785ff", "BOMRef": "pkg:cargo/tonic-reflection@0.11.0" }, "Version": "0.11.0", "Licenses": [ "MIT" ], "DependsOn": [ "prost-types@0.12.6", "prost@0.12.6", "tokio-stream@0.1.17", "tokio@1.48.0", "tonic@0.11.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tower@0.4.13", "Name": "tower", "Identifier": { "PURL": "pkg:cargo/tower@0.4.13", "UID": "4a4b523358c273c1", "BOMRef": "pkg:cargo/tower@0.4.13" }, "Version": "0.4.13", "Licenses": [ "MIT" ], "DependsOn": [ "futures-core@0.3.31", "futures-util@0.3.31", "indexmap@1.9.2", "pin-project-lite@0.2.12", "pin-project@1.0.12", "rand@0.8.5", "slab@0.4.11", "tokio-util@0.7.17", "tokio@1.48.0", "tower-layer@0.3.3", "tower-service@0.3.3", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tower@0.5.2", "Name": "tower", "Identifier": { "PURL": "pkg:cargo/tower@0.5.2", "UID": "6224021a8f713205", "BOMRef": "pkg:cargo/tower@0.5.2" }, "Version": "0.5.2", "Licenses": [ "MIT" ], "DependsOn": [ "futures-core@0.3.31", "futures-util@0.3.31", "pin-project-lite@0.2.12", "sync_wrapper@1.0.1", "tokio@1.48.0", "tower-layer@0.3.3", "tower-service@0.3.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tower-http@0.6.8", "Name": "tower-http", "Identifier": { "PURL": "pkg:cargo/tower-http@0.6.8", "UID": "2952327d39cd3f0", "BOMRef": "pkg:cargo/tower-http@0.6.8" }, "Version": "0.6.8", "Licenses": [ "MIT" ], "DependsOn": [ "bitflags@2.9.1", "bytes@1.10.1", "futures-util@0.3.31", "http-body@1.0.0", "http@1.3.1", "iri-string@0.7.8", "pin-project-lite@0.2.12", "tower-layer@0.3.3", "tower-service@0.3.3", "tower@0.5.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tower-layer@0.3.3", "Name": "tower-layer", "Identifier": { "PURL": "pkg:cargo/tower-layer@0.3.3", "UID": "d6d8b00fcf32078b", "BOMRef": "pkg:cargo/tower-layer@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tower-service@0.3.3", "Name": "tower-service", "Identifier": { "PURL": "pkg:cargo/tower-service@0.3.3", "UID": "c9340f4a4d1692dc", "BOMRef": "pkg:cargo/tower-service@0.3.3" }, "Version": "0.3.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tracing@0.1.43", "Name": "tracing", "Identifier": { "PURL": "pkg:cargo/tracing@0.1.43", "UID": "d2bae3a3846c8221", "BOMRef": "pkg:cargo/tracing@0.1.43" }, "Version": "0.1.43", "Licenses": [ "MIT" ], "DependsOn": [ "log@0.4.29", "pin-project-lite@0.2.12", "tracing-attributes@0.1.31", "tracing-core@0.1.35" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tracing-attributes@0.1.31", "Name": "tracing-attributes", "Identifier": { "PURL": "pkg:cargo/tracing-attributes@0.1.31", "UID": "9fc863a4ae8ee8c0", "BOMRef": "pkg:cargo/tracing-attributes@0.1.31" }, "Version": "0.1.31", "Licenses": [ "MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tracing-core@0.1.35", "Name": "tracing-core", "Identifier": { "PURL": "pkg:cargo/tracing-core@0.1.35", "UID": "e5b6ba2e56706f3b", "BOMRef": "pkg:cargo/tracing-core@0.1.35" }, "Version": "0.1.35", "Licenses": [ "MIT" ], "DependsOn": [ "once_cell@1.21.3", "valuable@0.1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tracing-log@0.2.0", "Name": "tracing-log", "Identifier": { "PURL": "pkg:cargo/tracing-log@0.2.0", "UID": "1f555a34415e308d", "BOMRef": "pkg:cargo/tracing-log@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "log@0.4.29", "once_cell@1.21.3", "tracing-core@0.1.35" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tracing-serde@0.2.0", "Name": "tracing-serde", "Identifier": { "PURL": "pkg:cargo/tracing-serde@0.2.0", "UID": "81d8b3cd6c3a1e3", "BOMRef": "pkg:cargo/tracing-serde@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "DependsOn": [ "serde@1.0.226", "tracing-core@0.1.35" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tracing-subscriber@0.3.22", "Name": "tracing-subscriber", "Identifier": { "PURL": "pkg:cargo/tracing-subscriber@0.3.22", "UID": "3c8f94183ba8c150", "BOMRef": "pkg:cargo/tracing-subscriber@0.3.22" }, "Version": "0.3.22", "Licenses": [ "MIT" ], "DependsOn": [ "matchers@0.2.0", "nu-ansi-term@0.50.1", "once_cell@1.21.3", "parking_lot@0.12.5", "regex-automata@0.4.8", "serde@1.0.226", "serde_json@1.0.145", "sharded-slab@0.1.4", "smallvec@1.15.1", "thread_local@1.1.7", "tracing-core@0.1.35", "tracing-log@0.2.0", "tracing-serde@0.2.0", "tracing@0.1.43" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tracing-tracy@0.11.4", "Name": "tracing-tracy", "Identifier": { "PURL": "pkg:cargo/tracing-tracy@0.11.4", "UID": "c4e05b56ff6cbdbb", "BOMRef": "pkg:cargo/tracing-tracy@0.11.4" }, "Version": "0.11.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "tracing-core@0.1.35", "tracing-subscriber@0.3.22", "tracy-client@0.17.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tracy-client@0.17.0", "Name": "tracy-client", "Identifier": { "PURL": "pkg:cargo/tracy-client@0.17.0", "UID": "892574e22201bc4d", "BOMRef": "pkg:cargo/tracy-client@0.17.0" }, "Version": "0.17.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "loom@0.7.1", "once_cell@1.21.3", "tracy-client-sys@0.21.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "tracy-client-sys@0.21.2", "Name": "tracy-client-sys", "Identifier": { "PURL": "pkg:cargo/tracy-client-sys@0.21.2", "UID": "818aeb870e07256f", "BOMRef": "pkg:cargo/tracy-client-sys@0.21.2" }, "Version": "0.21.2", "Licenses": [ "(MIT OR Apache-2.0) AND BSD-3-Clause" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "try-lock@0.2.3", "Name": "try-lock", "Identifier": { "PURL": "pkg:cargo/try-lock@0.2.3", "UID": "cee3b327dd36b5d1", "BOMRef": "pkg:cargo/try-lock@0.2.3" }, "Version": "0.2.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "typeid@1.0.0", "Name": "typeid", "Identifier": { "PURL": "pkg:cargo/typeid@1.0.0", "UID": "65c897ca382e8aac", "BOMRef": "pkg:cargo/typeid@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "typenum@1.16.0", "Name": "typenum", "Identifier": { "PURL": "pkg:cargo/typenum@1.16.0", "UID": "c054cb9be543a72d", "BOMRef": "pkg:cargo/typenum@1.16.0" }, "Version": "1.16.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "typetag@0.2.15", "Name": "typetag", "Identifier": { "PURL": "pkg:cargo/typetag@0.2.15", "UID": "2434f518845cfcd9", "BOMRef": "pkg:cargo/typetag@0.2.15" }, "Version": "0.2.15", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "erased-serde@0.4.2", "inventory@0.3.14", "once_cell@1.21.3", "serde@1.0.226", "typetag-impl@0.2.15" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "typetag-impl@0.2.15", "Name": "typetag-impl", "Identifier": { "PURL": "pkg:cargo/typetag-impl@0.2.15", "UID": "f97e73184737483d", "BOMRef": "pkg:cargo/typetag-impl@0.2.15" }, "Version": "0.2.15", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unicase@2.6.0", "Name": "unicase", "Identifier": { "PURL": "pkg:cargo/unicase@2.6.0", "UID": "3cfd4f5c0e0c3ffe", "BOMRef": "pkg:cargo/unicase@2.6.0" }, "Version": "2.6.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unicode-ident@1.0.13", "Name": "unicode-ident", "Identifier": { "PURL": "pkg:cargo/unicode-ident@1.0.13", "UID": "730c679a6e06a0c9", "BOMRef": "pkg:cargo/unicode-ident@1.0.13" }, "Version": "1.0.13", "Licenses": [ "(MIT OR Apache-2.0) AND Unicode-DFS-2016" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unicode-normalization@0.1.24", "Name": "unicode-normalization", "Identifier": { "PURL": "pkg:cargo/unicode-normalization@0.1.24", "UID": "4b166c330bd461e5", "BOMRef": "pkg:cargo/unicode-normalization@0.1.24" }, "Version": "0.1.24", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "tinyvec@1.10.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unicode-segmentation@1.12.0", "Name": "unicode-segmentation", "Identifier": { "PURL": "pkg:cargo/unicode-segmentation@1.12.0", "UID": "ae5f063b05ae40b7", "BOMRef": "pkg:cargo/unicode-segmentation@1.12.0" }, "Version": "1.12.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unicode-width@0.2.0", "Name": "unicode-width", "Identifier": { "PURL": "pkg:cargo/unicode-width@0.2.0", "UID": "ae4e7dd86912d950", "BOMRef": "pkg:cargo/unicode-width@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unicode-xid@0.2.6", "Name": "unicode-xid", "Identifier": { "PURL": "pkg:cargo/unicode-xid@0.2.6", "UID": "73d0b089d1289fd0", "BOMRef": "pkg:cargo/unicode-xid@0.2.6" }, "Version": "0.2.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unindent@0.2.4", "Name": "unindent", "Identifier": { "PURL": "pkg:cargo/unindent@0.2.4", "UID": "99b14d681ca62531", "BOMRef": "pkg:cargo/unindent@0.2.4" }, "Version": "0.2.4", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unit-prefix@0.5.1", "Name": "unit-prefix", "Identifier": { "PURL": "pkg:cargo/unit-prefix@0.5.1", "UID": "6733bbbc4698186a", "BOMRef": "pkg:cargo/unit-prefix@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "untrusted@0.9.0", "Name": "untrusted", "Identifier": { "PURL": "pkg:cargo/untrusted@0.9.0", "UID": "59b09dd046473c2e", "BOMRef": "pkg:cargo/untrusted@0.9.0" }, "Version": "0.9.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unty@0.0.4", "Name": "unty", "Identifier": { "PURL": "pkg:cargo/unty@0.0.4", "UID": "a236e0617d57df2a", "BOMRef": "pkg:cargo/unty@0.0.4" }, "Version": "0.0.4", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unwind@0.4.1", "Name": "unwind", "Identifier": { "PURL": "pkg:cargo/unwind@0.4.1", "UID": "ec97b6692843a111", "BOMRef": "pkg:cargo/unwind@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "foreign-types@0.5.0", "libc@0.2.174", "unwind-sys@0.1.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "unwind-sys@0.1.3", "Name": "unwind-sys", "Identifier": { "PURL": "pkg:cargo/unwind-sys@0.1.3", "UID": "6bdc636ea6be60e8", "BOMRef": "pkg:cargo/unwind-sys@0.1.3" }, "Version": "0.1.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "url@2.5.7", "Name": "url", "Identifier": { "PURL": "pkg:cargo/url@2.5.7", "UID": "9b8e5f6430757aad", "BOMRef": "pkg:cargo/url@2.5.7" }, "Version": "2.5.7", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "form_urlencoded@1.2.2", "idna@1.1.0", "percent-encoding@2.3.2", "serde@1.0.226" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "urlencoding@2.1.3", "Name": "urlencoding", "Identifier": { "PURL": "pkg:cargo/urlencoding@2.1.3", "UID": "f015ce5190628bc0", "BOMRef": "pkg:cargo/urlencoding@2.1.3" }, "Version": "2.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "utf16_iter@1.0.5", "Name": "utf16_iter", "Identifier": { "PURL": "pkg:cargo/utf16_iter@1.0.5", "UID": "aeb12d6d47f30e25", "BOMRef": "pkg:cargo/utf16_iter@1.0.5" }, "Version": "1.0.5", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "utf8_iter@1.0.4", "Name": "utf8_iter", "Identifier": { "PURL": "pkg:cargo/utf8_iter@1.0.4", "UID": "eac72375ff682b62", "BOMRef": "pkg:cargo/utf8_iter@1.0.4" }, "Version": "1.0.4", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "utf8parse@0.2.1", "Name": "utf8parse", "Identifier": { "PURL": "pkg:cargo/utf8parse@0.2.1", "UID": "676717018f95fb18", "BOMRef": "pkg:cargo/utf8parse@0.2.1" }, "Version": "0.2.1", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "uuid@1.19.0", "Name": "uuid", "Identifier": { "PURL": "pkg:cargo/uuid@1.19.0", "UID": "21822f657283df5c", "BOMRef": "pkg:cargo/uuid@1.19.0" }, "Version": "1.19.0", "Licenses": [ "Apache-2.0 OR MIT" ], "DependsOn": [ "getrandom@0.3.0", "js-sys@0.3.77", "serde_core@1.0.226", "wasm-bindgen@0.2.100" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "v_htmlescape@0.15.8", "Name": "v_htmlescape", "Identifier": { "PURL": "pkg:cargo/v_htmlescape@0.15.8", "UID": "244a8cfaa06e4b1d", "BOMRef": "pkg:cargo/v_htmlescape@0.15.8" }, "Version": "0.15.8", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "validator@0.20.0", "Name": "validator", "Identifier": { "PURL": "pkg:cargo/validator@0.20.0", "UID": "ca416217afc4ecb3", "BOMRef": "pkg:cargo/validator@0.20.0" }, "Version": "0.20.0", "Licenses": [ "MIT" ], "DependsOn": [ "idna@1.1.0", "once_cell@1.21.3", "regex@1.11.0", "serde@1.0.226", "serde_derive@1.0.226", "serde_json@1.0.145", "url@2.5.7", "validator_derive@0.20.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "validator_derive@0.20.0", "Name": "validator_derive", "Identifier": { "PURL": "pkg:cargo/validator_derive@0.20.0", "UID": "75565da300be8b7", "BOMRef": "pkg:cargo/validator_derive@0.20.0" }, "Version": "0.20.0", "Licenses": [ "MIT" ], "DependsOn": [ "darling@0.20.8", "once_cell@1.21.3", "proc-macro-error2@2.0.1", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "valuable@0.1.0", "Name": "valuable", "Identifier": { "PURL": "pkg:cargo/valuable@0.1.0", "UID": "1757a6ef06fba2d3", "BOMRef": "pkg:cargo/valuable@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "vaporetto@0.6.5", "Name": "vaporetto", "Identifier": { "PURL": "pkg:cargo/vaporetto@0.6.5", "UID": "cd64aa9686e3200b", "BOMRef": "pkg:cargo/vaporetto@0.6.5" }, "Version": "0.6.5", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bincode@2.0.1", "daachorse@1.0.0", "hashbrown@0.15.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "virtue@0.0.18", "Name": "virtue", "Identifier": { "PURL": "pkg:cargo/virtue@0.0.18", "UID": "e15089dd3ae54986", "BOMRef": "pkg:cargo/virtue@0.0.18" }, "Version": "0.0.18", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "walkdir@2.5.0", "Name": "walkdir", "Identifier": { "PURL": "pkg:cargo/walkdir@2.5.0", "UID": "224fc1572dd8a710", "BOMRef": "pkg:cargo/walkdir@2.5.0" }, "Version": "2.5.0", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "same-file@1.0.6", "winapi-util@0.1.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "want@0.3.0", "Name": "want", "Identifier": { "PURL": "pkg:cargo/want@0.3.0", "UID": "94e26f5701b346d2", "BOMRef": "pkg:cargo/want@0.3.0" }, "Version": "0.3.0", "Licenses": [ "MIT" ], "DependsOn": [ "log@0.4.29", "try-lock@0.2.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wasi@0.11.0+wasi-snapshot-preview1", "Name": "wasi", "Identifier": { "PURL": "pkg:cargo/wasi@0.11.0%2Bwasi-snapshot-preview1", "UID": "17148af6d90f9d0f", "BOMRef": "pkg:cargo/wasi@0.11.0%2Bwasi-snapshot-preview1" }, "Version": "0.11.0+wasi-snapshot-preview1", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wasi@0.13.3+wasi-0.2.2", "Name": "wasi", "Identifier": { "PURL": "pkg:cargo/wasi@0.13.3%2Bwasi-0.2.2", "UID": "38606477964f1505", "BOMRef": "pkg:cargo/wasi@0.13.3%2Bwasi-0.2.2" }, "Version": "0.13.3+wasi-0.2.2", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "DependsOn": [ "wit-bindgen-rt@0.33.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wasi@0.9.0+wasi-snapshot-preview1", "Name": "wasi", "Identifier": { "PURL": "pkg:cargo/wasi@0.9.0%2Bwasi-snapshot-preview1", "UID": "34d11e5b14247701", "BOMRef": "pkg:cargo/wasi@0.9.0%2Bwasi-snapshot-preview1" }, "Version": "0.9.0+wasi-snapshot-preview1", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wasm-bindgen@0.2.100", "Name": "wasm-bindgen", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen@0.2.100", "UID": "dc4ff968c0baa33f", "BOMRef": "pkg:cargo/wasm-bindgen@0.2.100" }, "Version": "0.2.100", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "once_cell@1.21.3", "rustversion@1.0.11", "wasm-bindgen-macro@0.2.100" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wasm-bindgen-backend@0.2.100", "Name": "wasm-bindgen-backend", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen-backend@0.2.100", "UID": "1d83e3f3a1771eba", "BOMRef": "pkg:cargo/wasm-bindgen-backend@0.2.100" }, "Version": "0.2.100", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "bumpalo@3.11.1", "log@0.4.29", "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111", "wasm-bindgen-shared@0.2.100" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wasm-bindgen-futures@0.4.42", "Name": "wasm-bindgen-futures", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen-futures@0.4.42", "UID": "324b391475ce3c9a", "BOMRef": "pkg:cargo/wasm-bindgen-futures@0.4.42" }, "Version": "0.4.42", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "cfg-if@1.0.0", "js-sys@0.3.77", "wasm-bindgen@0.2.100", "web-sys@0.3.69" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wasm-bindgen-macro@0.2.100", "Name": "wasm-bindgen-macro", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen-macro@0.2.100", "UID": "afb539063ea98a05", "BOMRef": "pkg:cargo/wasm-bindgen-macro@0.2.100" }, "Version": "0.2.100", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "quote@1.0.42", "wasm-bindgen-macro-support@0.2.100" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wasm-bindgen-macro-support@0.2.100", "Name": "wasm-bindgen-macro-support", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen-macro-support@0.2.100", "UID": "6331450eee45d6cf", "BOMRef": "pkg:cargo/wasm-bindgen-macro-support@0.2.100" }, "Version": "0.2.100", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111", "wasm-bindgen-backend@0.2.100", "wasm-bindgen-shared@0.2.100" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wasm-bindgen-shared@0.2.100", "Name": "wasm-bindgen-shared", "Identifier": { "PURL": "pkg:cargo/wasm-bindgen-shared@0.2.100", "UID": "da6758608a78bbb9", "BOMRef": "pkg:cargo/wasm-bindgen-shared@0.2.100" }, "Version": "0.2.100", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "unicode-ident@1.0.13" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wasm-streams@0.4.0", "Name": "wasm-streams", "Identifier": { "PURL": "pkg:cargo/wasm-streams@0.4.0", "UID": "1e9f45cce62fb8b", "BOMRef": "pkg:cargo/wasm-streams@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "futures-util@0.3.31", "js-sys@0.3.77", "wasm-bindgen-futures@0.4.42", "wasm-bindgen@0.2.100", "web-sys@0.3.69" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "web-sys@0.3.69", "Name": "web-sys", "Identifier": { "PURL": "pkg:cargo/web-sys@0.3.69", "UID": "eef5dbbd5bd5a296", "BOMRef": "pkg:cargo/web-sys@0.3.69" }, "Version": "0.3.69", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "js-sys@0.3.77", "wasm-bindgen@0.2.100" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "web-time@1.1.0", "Name": "web-time", "Identifier": { "PURL": "pkg:cargo/web-time@1.1.0", "UID": "a3ac66093434da32", "BOMRef": "pkg:cargo/web-time@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "js-sys@0.3.77", "wasm-bindgen@0.2.100" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "webpki-roots@0.26.1", "Name": "webpki-roots", "Identifier": { "PURL": "pkg:cargo/webpki-roots@0.26.1", "UID": "de507e641496091a", "BOMRef": "pkg:cargo/webpki-roots@0.26.1" }, "Version": "0.26.1", "Licenses": [ "MPL-2.0" ], "DependsOn": [ "rustls-pki-types@1.13.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "webpki-roots@1.0.0", "Name": "webpki-roots", "Identifier": { "PURL": "pkg:cargo/webpki-roots@1.0.0", "UID": "9a5568b7bc0fb3a8", "BOMRef": "pkg:cargo/webpki-roots@1.0.0" }, "Version": "1.0.0", "Licenses": [ "CDLA-Permissive-2.0" ], "DependsOn": [ "rustls-pki-types@1.13.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "whatlang@0.16.4", "Name": "whatlang", "Identifier": { "PURL": "pkg:cargo/whatlang@0.16.4", "UID": "a0c258c96b4bfb7a", "BOMRef": "pkg:cargo/whatlang@0.16.4" }, "Version": "0.16.4", "Licenses": [ "MIT" ], "DependsOn": [ "hashbrown@0.14.2", "once_cell@1.21.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "winapi@0.3.9", "Name": "winapi", "Identifier": { "PURL": "pkg:cargo/winapi@0.3.9", "UID": "e711b6b4fba7833c", "BOMRef": "pkg:cargo/winapi@0.3.9" }, "Version": "0.3.9", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "winapi-i686-pc-windows-gnu@0.4.0", "winapi-x86_64-pc-windows-gnu@0.4.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "winapi-i686-pc-windows-gnu@0.4.0", "Name": "winapi-i686-pc-windows-gnu", "Identifier": { "PURL": "pkg:cargo/winapi-i686-pc-windows-gnu@0.4.0", "UID": "2f60af0782315c02", "BOMRef": "pkg:cargo/winapi-i686-pc-windows-gnu@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "winapi-util@0.1.5", "Name": "winapi-util", "Identifier": { "PURL": "pkg:cargo/winapi-util@0.1.5", "UID": "e144a91a2a0295d6", "BOMRef": "pkg:cargo/winapi-util@0.1.5" }, "Version": "0.1.5", "Licenses": [ "Unlicense OR MIT" ], "DependsOn": [ "winapi@0.3.9" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "winapi-x86_64-pc-windows-gnu@0.4.0", "Name": "winapi-x86_64-pc-windows-gnu", "Identifier": { "PURL": "pkg:cargo/winapi-x86_64-pc-windows-gnu@0.4.0", "UID": "9a1335c93289c478", "BOMRef": "pkg:cargo/winapi-x86_64-pc-windows-gnu@0.4.0" }, "Version": "0.4.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows@0.48.0", "Name": "windows", "Identifier": { "PURL": "pkg:cargo/windows@0.48.0", "UID": "4b14ffc79fb865da", "BOMRef": "pkg:cargo/windows@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows@0.57.0", "Name": "windows", "Identifier": { "PURL": "pkg:cargo/windows@0.57.0", "UID": "8e82cf36f0ff0ad", "BOMRef": "pkg:cargo/windows@0.57.0" }, "Version": "0.57.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-core@0.57.0", "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows@0.61.3", "Name": "windows", "Identifier": { "PURL": "pkg:cargo/windows@0.61.3", "UID": "d76cdc16780222b5", "BOMRef": "pkg:cargo/windows@0.61.3" }, "Version": "0.61.3", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-collections@0.2.0", "windows-core@0.61.2", "windows-future@0.2.1", "windows-link@0.1.3", "windows-numerics@0.2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-collections@0.2.0", "Name": "windows-collections", "Identifier": { "PURL": "pkg:cargo/windows-collections@0.2.0", "UID": "1e75b857ebd4c3b5", "BOMRef": "pkg:cargo/windows-collections@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-core@0.61.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-core@0.57.0", "Name": "windows-core", "Identifier": { "PURL": "pkg:cargo/windows-core@0.57.0", "UID": "4b57fdff6a311c15", "BOMRef": "pkg:cargo/windows-core@0.57.0" }, "Version": "0.57.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-implement@0.57.0", "windows-interface@0.57.0", "windows-result@0.1.2", "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-core@0.61.2", "Name": "windows-core", "Identifier": { "PURL": "pkg:cargo/windows-core@0.61.2", "UID": "43afcd7aa7a7383e", "BOMRef": "pkg:cargo/windows-core@0.61.2" }, "Version": "0.61.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-implement@0.60.0", "windows-interface@0.59.1", "windows-link@0.1.3", "windows-result@0.3.4", "windows-strings@0.4.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-future@0.2.1", "Name": "windows-future", "Identifier": { "PURL": "pkg:cargo/windows-future@0.2.1", "UID": "86a47b8590dc3b85", "BOMRef": "pkg:cargo/windows-future@0.2.1" }, "Version": "0.2.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-core@0.61.2", "windows-link@0.1.3", "windows-threading@0.1.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-implement@0.57.0", "Name": "windows-implement", "Identifier": { "PURL": "pkg:cargo/windows-implement@0.57.0", "UID": "1648d64a089ecb6e", "BOMRef": "pkg:cargo/windows-implement@0.57.0" }, "Version": "0.57.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-implement@0.60.0", "Name": "windows-implement", "Identifier": { "PURL": "pkg:cargo/windows-implement@0.60.0", "UID": "1d63287f59e6a593", "BOMRef": "pkg:cargo/windows-implement@0.60.0" }, "Version": "0.60.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-interface@0.57.0", "Name": "windows-interface", "Identifier": { "PURL": "pkg:cargo/windows-interface@0.57.0", "UID": "be1467eb08dccfce", "BOMRef": "pkg:cargo/windows-interface@0.57.0" }, "Version": "0.57.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-interface@0.59.1", "Name": "windows-interface", "Identifier": { "PURL": "pkg:cargo/windows-interface@0.59.1", "UID": "b069ac2265531778", "BOMRef": "pkg:cargo/windows-interface@0.59.1" }, "Version": "0.59.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-link@0.1.3", "Name": "windows-link", "Identifier": { "PURL": "pkg:cargo/windows-link@0.1.3", "UID": "f94d1ce03024abbd", "BOMRef": "pkg:cargo/windows-link@0.1.3" }, "Version": "0.1.3", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-link@0.2.0", "Name": "windows-link", "Identifier": { "PURL": "pkg:cargo/windows-link@0.2.0", "UID": "62a7941280f47855", "BOMRef": "pkg:cargo/windows-link@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-numerics@0.2.0", "Name": "windows-numerics", "Identifier": { "PURL": "pkg:cargo/windows-numerics@0.2.0", "UID": "fa96e56a8b23107e", "BOMRef": "pkg:cargo/windows-numerics@0.2.0" }, "Version": "0.2.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-core@0.61.2", "windows-link@0.1.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-result@0.1.2", "Name": "windows-result", "Identifier": { "PURL": "pkg:cargo/windows-result@0.1.2", "UID": "407e0cea9142dddb", "BOMRef": "pkg:cargo/windows-result@0.1.2" }, "Version": "0.1.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-result@0.3.4", "Name": "windows-result", "Identifier": { "PURL": "pkg:cargo/windows-result@0.3.4", "UID": "a80aba0b8807077f", "BOMRef": "pkg:cargo/windows-result@0.3.4" }, "Version": "0.3.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-link@0.1.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-strings@0.4.2", "Name": "windows-strings", "Identifier": { "PURL": "pkg:cargo/windows-strings@0.4.2", "UID": "10b409354599a87c", "BOMRef": "pkg:cargo/windows-strings@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-link@0.1.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-sys@0.42.0", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.42.0", "UID": "8c0c2ae56b994937", "BOMRef": "pkg:cargo/windows-sys@0.42.0" }, "Version": "0.42.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows_aarch64_gnullvm@0.42.2", "windows_aarch64_msvc@0.42.2", "windows_i686_gnu@0.42.2", "windows_i686_msvc@0.42.2", "windows_x86_64_gnu@0.42.2", "windows_x86_64_gnullvm@0.42.2", "windows_x86_64_msvc@0.42.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-sys@0.48.0", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.48.0", "UID": "3428c8b0a1d31afd", "BOMRef": "pkg:cargo/windows-sys@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-sys@0.52.0", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.52.0", "UID": "68407eb4de804e0", "BOMRef": "pkg:cargo/windows-sys@0.52.0" }, "Version": "0.52.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-sys@0.59.0", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.59.0", "UID": "a75b5f3fbb5e654e", "BOMRef": "pkg:cargo/windows-sys@0.59.0" }, "Version": "0.59.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.52.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-sys@0.60.2", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.60.2", "UID": "7b6a689157ea0321", "BOMRef": "pkg:cargo/windows-sys@0.60.2" }, "Version": "0.60.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-targets@0.53.2" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-sys@0.61.1", "Name": "windows-sys", "Identifier": { "PURL": "pkg:cargo/windows-sys@0.61.1", "UID": "61dddaf0e7d14e75", "BOMRef": "pkg:cargo/windows-sys@0.61.1" }, "Version": "0.61.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-link@0.2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-targets@0.48.0", "Name": "windows-targets", "Identifier": { "PURL": "pkg:cargo/windows-targets@0.48.0", "UID": "53891f583a998220", "BOMRef": "pkg:cargo/windows-targets@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows_aarch64_gnullvm@0.48.0", "windows_aarch64_msvc@0.48.0", "windows_i686_gnu@0.48.0", "windows_i686_msvc@0.48.0", "windows_x86_64_gnu@0.48.0", "windows_x86_64_gnullvm@0.48.0", "windows_x86_64_msvc@0.48.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-targets@0.52.6", "Name": "windows-targets", "Identifier": { "PURL": "pkg:cargo/windows-targets@0.52.6", "UID": "b882a46dcfa23c9a", "BOMRef": "pkg:cargo/windows-targets@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows_aarch64_gnullvm@0.52.6", "windows_aarch64_msvc@0.52.6", "windows_i686_gnu@0.52.6", "windows_i686_gnullvm@0.52.6", "windows_i686_msvc@0.52.6", "windows_x86_64_gnu@0.52.6", "windows_x86_64_gnullvm@0.52.6", "windows_x86_64_msvc@0.52.6" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-targets@0.53.2", "Name": "windows-targets", "Identifier": { "PURL": "pkg:cargo/windows-targets@0.53.2", "UID": "d967fe91310deea8", "BOMRef": "pkg:cargo/windows-targets@0.53.2" }, "Version": "0.53.2", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows_aarch64_gnullvm@0.53.0", "windows_aarch64_msvc@0.53.0", "windows_i686_gnu@0.53.0", "windows_i686_gnullvm@0.53.0", "windows_i686_msvc@0.53.0", "windows_x86_64_gnu@0.53.0", "windows_x86_64_gnullvm@0.53.0", "windows_x86_64_msvc@0.53.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows-threading@0.1.0", "Name": "windows-threading", "Identifier": { "PURL": "pkg:cargo/windows-threading@0.1.0", "UID": "24bd11f726675dd6", "BOMRef": "pkg:cargo/windows-threading@0.1.0" }, "Version": "0.1.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "windows-link@0.1.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_aarch64_gnullvm@0.42.2", "Name": "windows_aarch64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_gnullvm@0.42.2", "UID": "3cbcbc78b4679267", "BOMRef": "pkg:cargo/windows_aarch64_gnullvm@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_aarch64_gnullvm@0.48.0", "Name": "windows_aarch64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_gnullvm@0.48.0", "UID": "6c6c5f0cb785fce0", "BOMRef": "pkg:cargo/windows_aarch64_gnullvm@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_aarch64_gnullvm@0.52.6", "Name": "windows_aarch64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_gnullvm@0.52.6", "UID": "47b89cdd94a074d7", "BOMRef": "pkg:cargo/windows_aarch64_gnullvm@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_aarch64_gnullvm@0.53.0", "Name": "windows_aarch64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_gnullvm@0.53.0", "UID": "f593257e42ff4b56", "BOMRef": "pkg:cargo/windows_aarch64_gnullvm@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_aarch64_msvc@0.42.2", "Name": "windows_aarch64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_msvc@0.42.2", "UID": "dfe6651b750f70fa", "BOMRef": "pkg:cargo/windows_aarch64_msvc@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_aarch64_msvc@0.48.0", "Name": "windows_aarch64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_msvc@0.48.0", "UID": "ecc1e7b29ff3e80", "BOMRef": "pkg:cargo/windows_aarch64_msvc@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_aarch64_msvc@0.52.6", "Name": "windows_aarch64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_msvc@0.52.6", "UID": "b7905b9cea4e1f1d", "BOMRef": "pkg:cargo/windows_aarch64_msvc@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_aarch64_msvc@0.53.0", "Name": "windows_aarch64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_aarch64_msvc@0.53.0", "UID": "47b2e64f42c1a80", "BOMRef": "pkg:cargo/windows_aarch64_msvc@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_i686_gnu@0.42.2", "Name": "windows_i686_gnu", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnu@0.42.2", "UID": "78360d2bcf517a76", "BOMRef": "pkg:cargo/windows_i686_gnu@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_i686_gnu@0.48.0", "Name": "windows_i686_gnu", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnu@0.48.0", "UID": "a95947ae7e5220c3", "BOMRef": "pkg:cargo/windows_i686_gnu@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_i686_gnu@0.52.6", "Name": "windows_i686_gnu", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnu@0.52.6", "UID": "834a5e7b5b634b71", "BOMRef": "pkg:cargo/windows_i686_gnu@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_i686_gnu@0.53.0", "Name": "windows_i686_gnu", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnu@0.53.0", "UID": "8b02460ec3e9693a", "BOMRef": "pkg:cargo/windows_i686_gnu@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_i686_gnullvm@0.52.6", "Name": "windows_i686_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnullvm@0.52.6", "UID": "9484fe77a29098dc", "BOMRef": "pkg:cargo/windows_i686_gnullvm@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_i686_gnullvm@0.53.0", "Name": "windows_i686_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_i686_gnullvm@0.53.0", "UID": "a7d5e576edb57a39", "BOMRef": "pkg:cargo/windows_i686_gnullvm@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_i686_msvc@0.42.2", "Name": "windows_i686_msvc", "Identifier": { "PURL": "pkg:cargo/windows_i686_msvc@0.42.2", "UID": "1e7fb99fa265f919", "BOMRef": "pkg:cargo/windows_i686_msvc@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_i686_msvc@0.48.0", "Name": "windows_i686_msvc", "Identifier": { "PURL": "pkg:cargo/windows_i686_msvc@0.48.0", "UID": "5ff1956ca66a8544", "BOMRef": "pkg:cargo/windows_i686_msvc@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_i686_msvc@0.52.6", "Name": "windows_i686_msvc", "Identifier": { "PURL": "pkg:cargo/windows_i686_msvc@0.52.6", "UID": "555f777a99a7a6b0", "BOMRef": "pkg:cargo/windows_i686_msvc@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_i686_msvc@0.53.0", "Name": "windows_i686_msvc", "Identifier": { "PURL": "pkg:cargo/windows_i686_msvc@0.53.0", "UID": "c812d0cce4bad840", "BOMRef": "pkg:cargo/windows_i686_msvc@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_gnu@0.42.2", "Name": "windows_x86_64_gnu", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnu@0.42.2", "UID": "df95c35679f1f569", "BOMRef": "pkg:cargo/windows_x86_64_gnu@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_gnu@0.48.0", "Name": "windows_x86_64_gnu", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnu@0.48.0", "UID": "31c6af05712135c4", "BOMRef": "pkg:cargo/windows_x86_64_gnu@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_gnu@0.52.6", "Name": "windows_x86_64_gnu", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnu@0.52.6", "UID": "17324a8bc7d779f5", "BOMRef": "pkg:cargo/windows_x86_64_gnu@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_gnu@0.53.0", "Name": "windows_x86_64_gnu", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnu@0.53.0", "UID": "643d229439e5493a", "BOMRef": "pkg:cargo/windows_x86_64_gnu@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_gnullvm@0.42.2", "Name": "windows_x86_64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnullvm@0.42.2", "UID": "e111cf87c2708ce8", "BOMRef": "pkg:cargo/windows_x86_64_gnullvm@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_gnullvm@0.48.0", "Name": "windows_x86_64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnullvm@0.48.0", "UID": "6542a1d4b84e0e6c", "BOMRef": "pkg:cargo/windows_x86_64_gnullvm@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_gnullvm@0.52.6", "Name": "windows_x86_64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnullvm@0.52.6", "UID": "939d15c403aa921e", "BOMRef": "pkg:cargo/windows_x86_64_gnullvm@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_gnullvm@0.53.0", "Name": "windows_x86_64_gnullvm", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_gnullvm@0.53.0", "UID": "9966a597bce72b14", "BOMRef": "pkg:cargo/windows_x86_64_gnullvm@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_msvc@0.42.2", "Name": "windows_x86_64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_msvc@0.42.2", "UID": "d2f7de81d9dc8719", "BOMRef": "pkg:cargo/windows_x86_64_msvc@0.42.2" }, "Version": "0.42.2", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_msvc@0.48.0", "Name": "windows_x86_64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_msvc@0.48.0", "UID": "abf853aef8c500a5", "BOMRef": "pkg:cargo/windows_x86_64_msvc@0.48.0" }, "Version": "0.48.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_msvc@0.52.6", "Name": "windows_x86_64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_msvc@0.52.6", "UID": "6d709e0f6f9f5a8c", "BOMRef": "pkg:cargo/windows_x86_64_msvc@0.52.6" }, "Version": "0.52.6", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "windows_x86_64_msvc@0.53.0", "Name": "windows_x86_64_msvc", "Identifier": { "PURL": "pkg:cargo/windows_x86_64_msvc@0.53.0", "UID": "6dc4bc34dfde9fc8", "BOMRef": "pkg:cargo/windows_x86_64_msvc@0.53.0" }, "Version": "0.53.0", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "winnow@0.7.13", "Name": "winnow", "Identifier": { "PURL": "pkg:cargo/winnow@0.7.13", "UID": "a454b7916de7e368", "BOMRef": "pkg:cargo/winnow@0.7.13" }, "Version": "0.7.13", "Licenses": [ "MIT" ], "DependsOn": [ "memchr@2.7.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wit-bindgen-rt@0.33.0", "Name": "wit-bindgen-rt", "Identifier": { "PURL": "pkg:cargo/wit-bindgen-rt@0.33.0", "UID": "5b459cc269605e49", "BOMRef": "pkg:cargo/wit-bindgen-rt@0.33.0" }, "Version": "0.33.0", "Licenses": [ "Apache-2.0 OR Apache-2.0 OR MIT" ], "DependsOn": [ "bitflags@2.9.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "write16@1.0.0", "Name": "write16", "Identifier": { "PURL": "pkg:cargo/write16@1.0.0", "UID": "b1fdbff2fb16b06", "BOMRef": "pkg:cargo/write16@1.0.0" }, "Version": "1.0.0", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "writeable@0.5.5", "Name": "writeable", "Identifier": { "PURL": "pkg:cargo/writeable@0.5.5", "UID": "cc222271e1f8e194", "BOMRef": "pkg:cargo/writeable@0.5.5" }, "Version": "0.5.5", "Licenses": [ "Unicode-3.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wyhash@0.5.0", "Name": "wyhash", "Identifier": { "PURL": "pkg:cargo/wyhash@0.5.0", "UID": "c528f90f28ca5537", "BOMRef": "pkg:cargo/wyhash@0.5.0" }, "Version": "0.5.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "rand_core@0.6.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "wyz@0.5.1", "Name": "wyz", "Identifier": { "PURL": "pkg:cargo/wyz@0.5.1", "UID": "c39ab7bd61f8d58", "BOMRef": "pkg:cargo/wyz@0.5.1" }, "Version": "0.5.1", "Licenses": [ "MIT" ], "DependsOn": [ "tap@1.0.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "xattr@1.3.1", "Name": "xattr", "Identifier": { "PURL": "pkg:cargo/xattr@1.3.1", "UID": "23b4f4b315cdc253", "BOMRef": "pkg:cargo/xattr@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "libc@0.2.174", "linux-raw-sys@0.4.14", "rustix@0.38.40" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "yaml-rust2@0.10.4", "Name": "yaml-rust2", "Identifier": { "PURL": "pkg:cargo/yaml-rust2@0.10.4", "UID": "98ef1ca606ed29d9", "BOMRef": "pkg:cargo/yaml-rust2@0.10.4" }, "Version": "0.10.4", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "arraydeque@0.5.1", "encoding_rs@0.8.33", "hashlink@0.10.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "yoke@0.7.4", "Name": "yoke", "Identifier": { "PURL": "pkg:cargo/yoke@0.7.4", "UID": "d7f3a03685ad4610", "BOMRef": "pkg:cargo/yoke@0.7.4" }, "Version": "0.7.4", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "serde@1.0.226", "stable_deref_trait@1.2.0", "yoke-derive@0.7.4", "zerofrom@0.1.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "yoke-derive@0.7.4", "Name": "yoke-derive", "Identifier": { "PURL": "pkg:cargo/yoke-derive@0.7.4", "UID": "d916318472efbdfc", "BOMRef": "pkg:cargo/yoke-derive@0.7.4" }, "Version": "0.7.4", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111", "synstructure@0.13.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zerocopy@0.7.35", "Name": "zerocopy", "Identifier": { "PURL": "pkg:cargo/zerocopy@0.7.35", "UID": "8cc4ff030ce97ff6", "BOMRef": "pkg:cargo/zerocopy@0.7.35" }, "Version": "0.7.35", "Licenses": [ "BSD-2-Clause OR Apache-2.0 OR MIT" ], "DependsOn": [ "zerocopy-derive@0.7.35" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zerocopy@0.8.31", "Name": "zerocopy", "Identifier": { "PURL": "pkg:cargo/zerocopy@0.8.31", "UID": "baa36e72c9053a27", "BOMRef": "pkg:cargo/zerocopy@0.8.31" }, "Version": "0.8.31", "Licenses": [ "BSD-2-Clause OR Apache-2.0 OR MIT" ], "DependsOn": [ "zerocopy-derive@0.8.31" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zerocopy-derive@0.7.35", "Name": "zerocopy-derive", "Identifier": { "PURL": "pkg:cargo/zerocopy-derive@0.7.35", "UID": "88eaea7688cf02de", "BOMRef": "pkg:cargo/zerocopy-derive@0.7.35" }, "Version": "0.7.35", "Licenses": [ "BSD-2-Clause OR Apache-2.0 OR MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zerocopy-derive@0.8.31", "Name": "zerocopy-derive", "Identifier": { "PURL": "pkg:cargo/zerocopy-derive@0.8.31", "UID": "13f1e54c363c9cb8", "BOMRef": "pkg:cargo/zerocopy-derive@0.8.31" }, "Version": "0.8.31", "Licenses": [ "BSD-2-Clause OR Apache-2.0 OR MIT" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zerofrom@0.1.4", "Name": "zerofrom", "Identifier": { "PURL": "pkg:cargo/zerofrom@0.1.4", "UID": "e8f804bc1ac64f2b", "BOMRef": "pkg:cargo/zerofrom@0.1.4" }, "Version": "0.1.4", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "zerofrom-derive@0.1.4" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zerofrom-derive@0.1.4", "Name": "zerofrom-derive", "Identifier": { "PURL": "pkg:cargo/zerofrom-derive@0.1.4", "UID": "f430d08cb8a9734a", "BOMRef": "pkg:cargo/zerofrom-derive@0.1.4" }, "Version": "0.1.4", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111", "synstructure@0.13.1" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zeroize@1.8.1", "Name": "zeroize", "Identifier": { "PURL": "pkg:cargo/zeroize@1.8.1", "UID": "fc2920f781a6f151", "BOMRef": "pkg:cargo/zeroize@1.8.1" }, "Version": "1.8.1", "Licenses": [ "Apache-2.0 OR MIT" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zerovec@0.10.4", "Name": "zerovec", "Identifier": { "PURL": "pkg:cargo/zerovec@0.10.4", "UID": "6f55df3d834d8a76", "BOMRef": "pkg:cargo/zerovec@0.10.4" }, "Version": "0.10.4", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "yoke@0.7.4", "zerofrom@0.1.4", "zerovec-derive@0.10.3" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zerovec-derive@0.10.3", "Name": "zerovec-derive", "Identifier": { "PURL": "pkg:cargo/zerovec-derive@0.10.3", "UID": "b933631dfe78e39f", "BOMRef": "pkg:cargo/zerovec-derive@0.10.3" }, "Version": "0.10.3", "Licenses": [ "Unicode-3.0" ], "DependsOn": [ "proc-macro2@1.0.101", "quote@1.0.42", "syn@2.0.111" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zstd@0.13.0", "Name": "zstd", "Identifier": { "PURL": "pkg:cargo/zstd@0.13.0", "UID": "fe284563fd98e5ea", "BOMRef": "pkg:cargo/zstd@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT" ], "DependsOn": [ "zstd-safe@7.0.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zstd-safe@7.0.0", "Name": "zstd-safe", "Identifier": { "PURL": "pkg:cargo/zstd-safe@7.0.0", "UID": "afeac598965e7afe", "BOMRef": "pkg:cargo/zstd-safe@7.0.0" }, "Version": "7.0.0", "Licenses": [ "MIT OR Apache-2.0" ], "DependsOn": [ "zstd-sys@2.0.9+zstd.1.5.5" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } }, { "ID": "zstd-sys@2.0.9+zstd.1.5.5", "Name": "zstd-sys", "Identifier": { "PURL": "pkg:cargo/zstd-sys@2.0.9%2Bzstd.1.5.5", "UID": "36657493457e30fd", "BOMRef": "pkg:cargo/zstd-sys@2.0.9%2Bzstd.1.5.5" }, "Version": "2.0.9+zstd.1.5.5", "Licenses": [ "MIT OR Apache-2.0" ], "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" } } ], "Vulnerabilities": [ { "VulnerabilityID": "GHSA-8v2v-wjwg-vx6r", "PkgID": "actix-files@0.6.9", "PkgName": "actix-files", "PkgIdentifier": { "PURL": "pkg:cargo/actix-files@0.6.9", "UID": "9755dfda483da25", "BOMRef": "pkg:cargo/actix-files@0.6.9" }, "InstalledVersion": "0.6.9", "FixedVersion": "0.6.10", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-8v2v-wjwg-vx6r", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:9506914f0833b882dca93da782e9d78e5c49e82a6bd458b82eaf040da9124682", "Title": "actix-files has a possible exposure of information vulnerability", "Description": "### Summary\n\nWhen passing a non-existing folder to the `actix_files::Files::new()` method causes the actix server to expose unexpected files.\n\n### Details\n\nThe `actix-files` library exposes a [`Files` struct](https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L38) that configures an actix `service` to serve the files in a folder as static assets. Below you can find the [signature of the `Files::new` method](https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L98):\n\n```rust\npub fn new\u003cT: Into\u003cPathBuf\u003e\u003e(mount_path: \u0026str, serve_from: T) -\u003e Files\n```\n\nWhen the `mount_path` you pass to `Files` doesn't exist, [it defaults to an empty path](https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L104) (`Path::new()`). When the service receives a HTTP request, it [joins the request information with the empty path](https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/service.rs#L136) and calls `canonicalize`. Rust resolves this path as relative and returns any file that matches it.\n\nThis behavior causes the library to expose unexpected files when the folder is not present.\n\n### PoC\n\n_There is a working PoC on https://github.com/Angelmmiguel/actix-files-vuln, although the next steps can be followed to reproduce the issue_\n\n1. Clone the https://github.com/actix/examples repository.\n2. Change your directory to the `basics/static-files` folder.\n3. Edit the `src/main.rs` file and change the line 13 to mount a non-existing folder:\n\n ```diff\n - .service(Files::new(\"/images\", \"static/images/\").show_files_listing())\n + .service(Files::new(\"/images\", \"static/missing/\").show_files_listing())\n ```\n \n4. Run the project with `cargo run`.\n5. Access the \u003chttp://localhost:8080/images/Cargo.toml\u003e URL.\n\n### Impact\n\nThis is an exposure of information vulnerability. It affects anyone using the `actix-files::Files` library that mounts a non-existing folder for any reason.", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "V40Score": 6.3 } }, "References": [ "https://github.com/actix/actix-web", "https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L104", "https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L38", "https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/files.rs#L98", "https://github.com/actix/actix-web/blob/fba766b4beb92278665d58815c94d336015225c5/actix-files/src/service.rs#L136", "https://github.com/actix/actix-web/security/advisories/GHSA-8v2v-wjwg-vx6r" ], "PublishedDate": "2026-02-06T18:56:20Z", "LastModifiedDate": "2026-02-06T18:56:20Z" }, { "VulnerabilityID": "GHSA-gcqf-3g44-vc9p", "PkgID": "actix-files@0.6.9", "PkgName": "actix-files", "PkgIdentifier": { "PURL": "pkg:cargo/actix-files@0.6.9", "UID": "9755dfda483da25", "BOMRef": "pkg:cargo/actix-files@0.6.9" }, "InstalledVersion": "0.6.9", "FixedVersion": "0.6.10", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-gcqf-3g44-vc9p", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:b2ebced5bf592869b78d3df47128f3e8ae84c553bceb3b84f1803bd01d24655d", "Title": "[actix-files] Panic triggered by empty Range header in GET request for static file", "Description": "### Summary\nA GET request for a static file served by `actix-files` with an empty `Range` header triggers a panic. With `panic = \"abort\"`, a remote user may crash the process on-demand.\n\n### Details\n`actix-files` assumes that `HttpRange::parse()`, when `Ok`, always returns a vector with at least one element. When `parse()` is called on an empty string, it returns `Ok(vec![])`. This can cause a panic at named.rs:534 when handling an HTTP request with an empty `Range:` header. This shouldn't significantly impact programs built with the default `panic = \"unwind\"`, as the only effect is that the connection is closed when the worker thread panics and new threads are spooled up on demand. Programs built with `panic = \"abort\"` are vulnerable to being crashed on-demand by any user with permissions to perform a `GET` request for a static file served by `actix-files`.\nhttps://github.com/actix/actix-web/blob/0383f4bdd1210e726143ca1ebcf01169b67a4b6c/actix-files/src/named.rs#L530-L535\n\n### PoC\n\u003cdetails\u003e\n\u003csummary\u003eMinimal reproduction\u003c/summary\u003e\n\n`Cargo.toml`:\n```toml\n[package]\nname = \"example\"\nversion = \"0.1.0\"\nedition = \"2021\"\n\n[dependencies]\nactix-web = \"=4.5.1\"\nactix-files = \"=0.6.5\"\n\n[profile.dev]\npanic = \"abort\"\n```\n`src/main.rs`:\n```rust\nuse actix_files::NamedFile;\nuse actix_web::{get, Responder};\n\n#[get(\"/\")]\nasync fn index() -\u003e impl Responder {\n NamedFile::open(\"test_file\")\n}\n\n#[actix_web::main]\nasync fn main() -\u003e std::io::Result\u003c()\u003e {\n use actix_web::{App, HttpServer};\n\n HttpServer::new(|| App::new().service(index))\n .bind((\"127.0.0.1\", 8080))?\n .run()\n .await\n}\n```\n`test.sh`:\n```sh\n#!/bin/bash\n\necho foo \u003e test_file\ncargo b\ncargo r\u0026\nsleep 1\nnc 127.0.0.1 8080 \u003c\u003c EOF\nGET / HTTP/1.1\nRange:\n\nEOF\nkill %1\n```\n\nCreate these files, then run `chmod +x test.sh \u0026\u0026 ./test.sh`. The server should start, then crash upon receiving the `GET` request from `netcat`.\n\nThis assumes a reasonably UNIX-like system with Rust, `bash` and `netcat` installed.\n\u003c/details\u003e\n\n### Impact\nIt is believed that only programs compiled with panic = \"abort\" are affected significantly. The only potential impact that can be seen is Denial of Service, though an attacker able to repeatedly send GET requests without those requests getting blocked by rate limiting, DDoS protection, etc. would be able to keep a server down indefinitely. As only a single unblocked request is needed to trigger the panic, merely having a rate limiter may not be enough to prevent this.\n\nThough the impact in the worst case is significant, the real-world risk of this vulnerability appears to be limited, as it would be expected that anyone for whom uptime is a significant concern would not compile their program with panic = \"abort\".", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.9 } }, "References": [ "https://github.com/actix/actix-web", "https://github.com/actix/actix-web/blob/0383f4bdd1210e726143ca1ebcf01169b67a4b6c/actix-files/src/named.rs#L530-L535", "https://github.com/actix/actix-web/security/advisories/GHSA-gcqf-3g44-vc9p" ], "PublishedDate": "2026-02-06T19:00:12Z", "LastModifiedDate": "2026-02-06T19:00:13Z" }, { "VulnerabilityID": "CVE-2026-25541", "VendorIDs": [ "GHSA-434x-w66g-qw3r" ], "PkgID": "bytes@1.10.1", "PkgName": "bytes", "PkgIdentifier": { "PURL": "pkg:cargo/bytes@1.10.1", "UID": "faaee59a172a8031", "BOMRef": "pkg:cargo/bytes@1.10.1" }, "InstalledVersion": "1.10.1", "FixedVersion": "1.11.1", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25541", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:581822a40bffb16ff638fe13466c6fb04f63eec0f62b7e9ed1947a02ab4a2802", "Title": "Bytes is a utility library for working with bytes. From version 1.2.1 ...", "Description": "Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition \"v_capacity \u003e= new_cap + offset\" uses an unchecked addition. When new_cap + offset overflows usize in release builds, this condition may incorrectly pass, causing self.cap to be set to a value that exceeds the actual allocated capacity. Subsequent APIs such as spare_capacity_mut() then trust this corrupted cap value and may create out-of-bounds slices, leading to UB. This behavior is observable in release builds (integer overflow wraps), whereas debug builds panic due to overflow checks. This issue has been patched in version 1.11.1.", "Severity": "MEDIUM", "CweIDs": [ "CWE-680" ], "VendorSeverity": { "azure": 2, "cbl-mariner": 2, "ghsa": 2, "nvd": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P", "V40Score": 5.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://github.com/tokio-rs/bytes", "https://github.com/tokio-rs/bytes/commit/d0293b0e35838123c51ca5dfdf468ecafee4398f", "https://github.com/tokio-rs/bytes/releases/tag/v1.11.1", "https://github.com/tokio-rs/bytes/security/advisories/GHSA-434x-w66g-qw3r", "https://nvd.nist.gov/vuln/detail/CVE-2026-25541", "https://rustsec.org/advisories/RUSTSEC-2026-0007.html" ], "PublishedDate": "2026-02-04T22:16:00.383Z", "LastModifiedDate": "2026-02-27T20:13:28.537Z" }, { "VulnerabilityID": "CVE-2026-25537", "VendorIDs": [ "GHSA-h395-gr6q-cpjc" ], "PkgID": "jsonwebtoken@10.0.0", "PkgName": "jsonwebtoken", "PkgIdentifier": { "PURL": "pkg:cargo/jsonwebtoken@10.0.0", "UID": "b796168a175b8c", "BOMRef": "pkg:cargo/jsonwebtoken@10.0.0" }, "InstalledVersion": "10.0.0", "FixedVersion": "10.3.0", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25537", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:8847295f41cbb82146b440f12ab512ed5262c6d396a2bc6df04b24908abef73b", "Title": "jsonwebtoken: jsonwebtoken has Type Confusion that leads to potential authorization bypass", "Description": "jsonwebtoken is a JWT lib in rust. Prior to version 10.3.0, there is a Type Confusion vulnerability in jsonwebtoken, specifically, in its claim validation logic. When a standard claim (such as nbf or exp) is provided with an incorrect JSON type (Like a String instead of a Number), the library’s internal parsing mechanism marks the claim as “FailedToParse”. Crucially, the validation logic treats this “FailedToParse” state identically to “NotPresent”. This means that if a check is enabled (like: validate_nbf = true), but the claim is not explicitly marked as required in required_spec_claims, the library will skip the validation check entirely for the malformed claim, treating it as if it were not there. This allows attackers to bypass critical time-based security restrictions (like “Not Before” checks) and commit potential authentication and authorization bypasses. This issue has been patched in version 10.3.0.", "Severity": "MEDIUM", "CweIDs": [ "CWE-843" ], "VendorSeverity": { "ghsa": 2, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P", "V40Score": 5.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-25537", "https://github.com/Keats/jsonwebtoken", "https://github.com/Keats/jsonwebtoken/commit/abbc3076742c4161347bc6b8bf4aa5eb86e1dc01", "https://github.com/Keats/jsonwebtoken/security/advisories/GHSA-h395-gr6q-cpjc", "https://nvd.nist.gov/vuln/detail/CVE-2026-25537", "https://www.cve.org/CVERecord?id=CVE-2026-25537" ], "PublishedDate": "2026-02-04T22:15:59.807Z", "LastModifiedDate": "2026-02-11T19:13:47.607Z" }, { "VulnerabilityID": "CVE-2026-32829", "VendorIDs": [ "GHSA-vvp9-7p8x-rfvv" ], "PkgID": "lz4_flex@0.12.0", "PkgName": "lz4_flex", "PkgIdentifier": { "PURL": "pkg:cargo/lz4_flex@0.12.0", "UID": "e70fa3e164610cfd", "BOMRef": "pkg:cargo/lz4_flex@0.12.0" }, "InstalledVersion": "0.12.0", "FixedVersion": "0.11.6, 0.12.1", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-32829", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:b5509bb457423a5bd9e5b0e8a92d1d8d577660d7d72fb4a6d3d8fc72854801c9", "Title": "lz4_flex: lz4_flex's decompression can leak information from uninitialized memory or reused output buffer", "Description": "lz4_flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values during LZ4 \"match copy operations,\" allowing out-of-bounds reads from the output buffer. The block-based API functions (`decompress_into`, `decompress_into_with_dict`, and others when `safe-decode` is disabled) are affected, while all frame APIs are unaffected. The impact is potential exposure of sensitive data and secrets through crafted or malformed LZ4 input. This issue has been fixed in versions 0.11.6 and 0.12.1.", "Severity": "HIGH", "CweIDs": [ "CWE-201", "CWE-823" ], "VendorSeverity": { "amazon": 2, "ghsa": 3, "nvd": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-32829", "https://github.com/PSeitz/lz4_flex", "https://github.com/PSeitz/lz4_flex/commit/055502ee5d297ecd6bf448ac91c055c7f6df9b6d", "https://github.com/PSeitz/lz4_flex/security/advisories/GHSA-vvp9-7p8x-rfvv", "https://nvd.nist.gov/vuln/detail/CVE-2026-32829", "https://rustsec.org/advisories/RUSTSEC-2026-0041.html", "https://www.cve.org/CVERecord?id=CVE-2026-32829" ], "PublishedDate": "2026-03-20T01:15:56.277Z", "LastModifiedDate": "2026-03-30T15:05:23.41Z" }, { "VulnerabilityID": "CVE-2025-53605", "VendorIDs": [ "GHSA-2gh3-rmm4-6rq5" ], "PkgID": "protobuf@2.28.0", "PkgName": "protobuf", "PkgIdentifier": { "PURL": "pkg:cargo/protobuf@2.28.0", "UID": "cb13b734e6e40a80", "BOMRef": "pkg:cargo/protobuf@2.28.0" }, "InstalledVersion": "2.28.0", "FixedVersion": "3.7.2", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-53605", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:ae182f1145da1bd8287ea39ac3595421359c1be6a82c768630bfa2e84ef0b3ac", "Title": "protobuf: Protobuf: Uncontrolled Recursion Vulnerability", "Description": "The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U", "V40Score": 6.6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-53605", "https://crates.io/crates/protobuf", "https://github.com/stepancheg/rust-protobuf", "https://github.com/stepancheg/rust-protobuf/commit/f06992f46771c0a092593b9ebf7afd48740b3ed6", "https://github.com/stepancheg/rust-protobuf/issues/749", "https://nvd.nist.gov/vuln/detail/CVE-2025-53605", "https://rustsec.org/advisories/RUSTSEC-2024-0437", "https://rustsec.org/advisories/RUSTSEC-2024-0437.html", "https://www.cve.org/CVERecord?id=CVE-2025-53605" ], "PublishedDate": "2025-07-05T01:15:28.523Z", "LastModifiedDate": "2025-07-08T16:18:53.607Z" }, { "VulnerabilityID": "CVE-2026-31812", "VendorIDs": [ "GHSA-6xvm-j4wr-6v98" ], "PkgID": "quinn-proto@0.11.8", "PkgName": "quinn-proto", "PkgIdentifier": { "PURL": "pkg:cargo/quinn-proto@0.11.8", "UID": "9718fabcc5ba1c38", "BOMRef": "pkg:cargo/quinn-proto@0.11.8" }, "InstalledVersion": "0.11.8", "FixedVersion": "0.11.14", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31812", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:e8785f33dd33c76160bfe2b8fa551a93fc44575215040a613b5aaddb939c886c", "Title": "quinn-proto: quinn-proto: Denial of Service via crafted QUIC Initial packet", "Description": "Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quic_transport_parameters. In quinn-proto parsing logic, attacker-controlled varints are decoded with unwrap(), so truncated encodings cause Err(UnexpectedEnd) and panic. This is reachable over the network with a single packet and no prior trust or authentication. This vulnerability is fixed in 0.11.14.", "Severity": "HIGH", "CweIDs": [ "CWE-248" ], "VendorSeverity": { "ghsa": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 8.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31812", "https://github.com/quinn-rs/quinn", "https://github.com/quinn-rs/quinn/pull/2559", "https://github.com/quinn-rs/quinn/security/advisories/GHSA-6xvm-j4wr-6v98", "https://nvd.nist.gov/vuln/detail/CVE-2026-31812", "https://rustsec.org/advisories/RUSTSEC-2026-0037.html", "https://www.cve.org/CVERecord?id=CVE-2026-31812" ], "PublishedDate": "2026-03-10T22:16:18.84Z", "LastModifiedDate": "2026-03-11T13:52:47.683Z" }, { "VulnerabilityID": "CVE-2026-21895", "VendorIDs": [ "GHSA-9c48-w39g-hm26" ], "PkgID": "rsa@0.9.8", "PkgName": "rsa", "PkgIdentifier": { "PURL": "pkg:cargo/rsa@0.9.8", "UID": "da5fb982f0fd977", "BOMRef": "pkg:cargo/rsa@0.9.8" }, "InstalledVersion": "0.9.8", "FixedVersion": "0.9.10", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-21895", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:ed579d81013200818fdd5307a15573a31da19e46bf60ddc511ea686c48d85d28", "Title": "RSA: RSA crate: Denial of Service due to malformed prime in private key generation", "Description": "The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue.", "Severity": "LOW", "CweIDs": [ "CWE-703" ], "VendorSeverity": { "ghsa": 1, "nvd": 2, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-21895", "https://github.com/RustCrypto/RSA", "https://github.com/RustCrypto/RSA/commit/2926c91bef7cb14a7ccd42220a698cf4b1b692f7", "https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26", "https://nvd.nist.gov/vuln/detail/CVE-2026-21895", "https://www.cve.org/CVERecord?id=CVE-2026-21895" ], "PublishedDate": "2026-01-08T14:15:57.72Z", "LastModifiedDate": "2026-03-12T19:27:31.327Z" }, { "VulnerabilityID": "GHSA-pwjx-qhcg-rvj4", "PkgID": "rustls-webpki@0.102.8", "PkgName": "rustls-webpki", "PkgIdentifier": { "PURL": "pkg:cargo/rustls-webpki@0.102.8", "UID": "33b662da95ae7c62", "BOMRef": "pkg:cargo/rustls-webpki@0.102.8" }, "InstalledVersion": "0.102.8", "FixedVersion": "0.103.10, 0.104.0-alpha.5", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-pwjx-qhcg-rvj4", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:06fd67f61f08b6f2230c517054a0bd28df1dc90adbddf30a08f369d33a353a23", "Title": "webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic", "Description": "If a certificate had more than one `distributionPoint`, then only the first `distributionPoint` would be considered against each CRL's `IssuingDistributionPoint` `distributionPoint`, and then the certificate's subsequent `distributionPoint`s would be ignored.\n\nThe impact was that correct provided CRLs would not be consulted to check revocation. With `UnknownStatusPolicy::Deny` (the default) this would lead to incorrect but safe `Error::UnknownRevocationStatus`. With `UnknownStatusPolicy::Allow` this would lead to inappropriate acceptance of revoked certificates.\n\nThis vulnerability is thought to be of limited impact. This is because both the certificate and CRL are signed -- an attacker would need to compromise a trusted issuing authority to trigger this bug. An attacker with such capabilities could likely bypass revocation checking through other more impactful means (such as publishing a valid, empty CRL.)\n\nMore likely, this bug would be latent in normal use, and an attacker could leverage faulty revocation checking to continue using a revoked credential.", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", "V3Score": 4.4 } }, "References": [ "https://github.com/rustls/webpki", "https://github.com/rustls/webpki/security/advisories/GHSA-pwjx-qhcg-rvj4", "https://rustsec.org/advisories/RUSTSEC-2026-0049.html" ], "PublishedDate": "2026-03-20T21:51:17Z", "LastModifiedDate": "2026-03-25T19:56:38Z" }, { "VulnerabilityID": "GHSA-pwjx-qhcg-rvj4", "PkgID": "rustls-webpki@0.103.6", "PkgName": "rustls-webpki", "PkgIdentifier": { "PURL": "pkg:cargo/rustls-webpki@0.103.6", "UID": "1a6b1df4a483fef5", "BOMRef": "pkg:cargo/rustls-webpki@0.103.6" }, "InstalledVersion": "0.103.6", "FixedVersion": "0.103.10, 0.104.0-alpha.5", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-pwjx-qhcg-rvj4", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:078af7bd94abeb1c92dcdf858fcfba7f732935c410febe6b51951650c9f2ae64", "Title": "webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic", "Description": "If a certificate had more than one `distributionPoint`, then only the first `distributionPoint` would be considered against each CRL's `IssuingDistributionPoint` `distributionPoint`, and then the certificate's subsequent `distributionPoint`s would be ignored.\n\nThe impact was that correct provided CRLs would not be consulted to check revocation. With `UnknownStatusPolicy::Deny` (the default) this would lead to incorrect but safe `Error::UnknownRevocationStatus`. With `UnknownStatusPolicy::Allow` this would lead to inappropriate acceptance of revoked certificates.\n\nThis vulnerability is thought to be of limited impact. This is because both the certificate and CRL are signed -- an attacker would need to compromise a trusted issuing authority to trigger this bug. An attacker with such capabilities could likely bypass revocation checking through other more impactful means (such as publishing a valid, empty CRL.)\n\nMore likely, this bug would be latent in normal use, and an attacker could leverage faulty revocation checking to continue using a revoked credential.", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", "V3Score": 4.4 } }, "References": [ "https://github.com/rustls/webpki", "https://github.com/rustls/webpki/security/advisories/GHSA-pwjx-qhcg-rvj4", "https://rustsec.org/advisories/RUSTSEC-2026-0049.html" ], "PublishedDate": "2026-03-20T21:51:17Z", "LastModifiedDate": "2026-03-25T19:56:38Z" }, { "VulnerabilityID": "CVE-2026-25727", "VendorIDs": [ "GHSA-r6v5-fh4h-64xc" ], "PkgID": "time@0.3.17", "PkgName": "time", "PkgIdentifier": { "PURL": "pkg:cargo/time@0.3.17", "UID": "80f7e14d1536a5de", "BOMRef": "pkg:cargo/time@0.3.17" }, "InstalledVersion": "0.3.17", "FixedVersion": "0.3.47", "Status": "fixed", "Layer": { "Digest": "sha256:3fd1fdcf06b911d8ec8189a202a81ea9a03d5e1ab5cb3d24546575f4ec108fb6", "DiffID": "sha256:b09c77df678467205996af33a371b5b3dd63a924947880b1d689762384ae0c05" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25727", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory Rust", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust" }, "Fingerprint": "sha256:6dd1ba774744967c470eec79e6164b39e15a10825e3b4025108075030b25029d", "Title": "time: time affected by a stack exhaustion denial of service attack", "Description": "time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary, non-malicious input will never encounter this scenario. A limit to the depth of recursion was added in v0.3.47. From this version, an error will be returned rather than exhausting the stack.", "Severity": "MEDIUM", "CweIDs": [ "CWE-121" ], "VendorSeverity": { "amazon": 2, "azure": 2, "cbl-mariner": 2, "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", "V40Score": 6.8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-25727", "https://github.com/time-rs/time", "https://github.com/time-rs/time/blob/main/CHANGELOG.md#0347-2026-02-05", "https://github.com/time-rs/time/commit/1c63dc7985b8fa26bd8c689423cc56b7a03841ee", "https://github.com/time-rs/time/releases/tag/v0.3.47", "https://github.com/time-rs/time/security/advisories/GHSA-r6v5-fh4h-64xc", "https://nvd.nist.gov/vuln/detail/CVE-2026-25727", "https://rustsec.org/advisories/RUSTSEC-2026-0009.html", "https://www.cve.org/CVERecord?id=CVE-2026-25727" ], "PublishedDate": "2026-02-06T20:16:11.86Z", "LastModifiedDate": "2026-02-24T15:23:35.563Z" } ] } ] }