gitimages.expertflow.com/cim/unified-agent:4.4 (alpine 3.12.2) ============================================================== Total: 86 (UNKNOWN: 0, LOW: 8, MEDIUM: 23, HIGH: 48, CRITICAL: 7) +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | apk-tools | CVE-2021-36159 | CRITICAL | 2.10.5-r1 | 2.10.7-r0 | libfetch: an out of | | | | | | | boundary read while libfetch | | | | | | | uses strtol to parse... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-36159 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-30139 | HIGH | | 2.10.6-r0 | In Alpine Linux apk-tools | | | | | | | before 2.12.5, the tarball | | | | | | | parser allows a buffer... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-30139 | +-----------------------+------------------+ +-------------------+------------------+---------------------------------------+ | busybox | CVE-2021-28831 | | 1.31.1-r19 | 1.31.1-r20 | busybox: invalid free or segmentation | | | | | | | fault via malformed gzip data | | | | | | | -->avd.aquasec.com/nvd/cve-2021-28831 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-42378 | | | 1.31.1-r21 | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42378 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42379 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42379 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42380 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42380 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42381 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42381 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42382 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42382 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42383 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42383 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42384 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42384 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42385 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42385 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42386 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42386 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2022-28391 | | | 1.31.1-r22 | busybox: remote attackers may execute | | | | | | | arbitrary code if netstat is used | | | | | | | -->avd.aquasec.com/nvd/cve-2022-28391 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-42374 | MEDIUM | | 1.31.1-r21 | busybox: out-of-bounds read | | | | | | | in unlzma applet leads to | | | | | | | information leak and denial... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42374 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | curl | CVE-2021-22945 | CRITICAL | 7.69.1-r3 | 7.79.0-r0 | curl: use-after-free and | | | | | | | double-free in MQTT sending | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22945 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-22901 | HIGH | | 7.77.0-r0 | curl: Use-after-free in | | | | | | | TLS session handling when | | | | | | | using OpenSSL TLS backend | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22901 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22946 | | | 7.79.0-r0 | curl: Requirement to use | | | | | | | TLS not properly enforced | | | | | | | for IMAP, POP3, and... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2022-22576 | | | 7.79.1-r1 | curl: OAUTH2 bearer bypass | | | | | | | in connection re-use | | | | | | | -->avd.aquasec.com/nvd/cve-2022-22576 | + +------------------+ + + +---------------------------------------+ | | CVE-2022-27775 | | | | curl: bad local IPv6 connection reuse | | | | | | | -->avd.aquasec.com/nvd/cve-2022-27775 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-22876 | MEDIUM | | 7.76.0-r0 | curl: Leak of authentication | | | | | | | credentials in URL | | | | | | | via automatic Referer | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22876 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22922 | | | 7.78.0-r0 | curl: Content not matching hash | | | | | | | in Metalink is not being discarded | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-22923 | | | | curl: Metalink download | | | | | | | sends credentials | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-22925 | | | | curl: Incorrect fix for | | | | | | | CVE-2021-22898 TELNET | | | | | | | stack contents disclosure | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22925 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22947 | | | 7.79.0-r0 | curl: Server responses | | | | | | | received before STARTTLS | | | | | | | processed after TLS handshake | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2022-27774 | | | 7.79.1-r1 | curl: credential leak on redirect | | | | | | | -->avd.aquasec.com/nvd/cve-2022-27774 | + +------------------+ + + +---------------------------------------+ | | CVE-2022-27776 | | | | curl: auth/cookie leak on redirect | | | | | | | -->avd.aquasec.com/nvd/cve-2022-27776 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2020-8284 | LOW | | 7.74.0-r0 | curl: FTP PASV command | | | | | | | response can cause curl | | | | | | | to connect to arbitrary... | | | | | | | -->avd.aquasec.com/nvd/cve-2020-8284 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22890 | | | 7.76.0-r0 | curl: TLS 1.3 session ticket | | | | | | | mix-up with HTTPS proxy host | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22890 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22898 | | | 7.77.0-r0 | curl: TELNET stack | | | | | | | contents disclosure | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22924 | | | 7.78.0-r0 | curl: Bad connection reuse | | | | | | | due to flawed path name checks | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | freetype | CVE-2022-27404 | CRITICAL | 2.10.4-r0 | 2.10.4-r1 | FreeType: Buffer overflow | | | | | | | in sfnt_init_face | | | | | | | -->avd.aquasec.com/nvd/cve-2022-27404 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2022-27405 | HIGH | | 2.10.4-r2 | FreeType: Segmentation | | | | | | | violation via FNT_Size_Request | | | | | | | -->avd.aquasec.com/nvd/cve-2022-27405 | + +------------------+ + + +---------------------------------------+ | | CVE-2022-27406 | | | | Freetype: Segmentation | | | | | | | violation via FT_Request_Size | | | | | | | -->avd.aquasec.com/nvd/cve-2022-27406 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | libcrypto1.1 | CVE-2021-3711 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | openssl: SM2 Decryption | | | | | | | Buffer Overflow | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3711 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-3450 | HIGH | | 1.1.1k-r0 | openssl: CA certificate check | | | | | | | bypass with X509_V_FLAG_X509_STRICT | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3450 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-3712 | | | 1.1.1l-r0 | openssl: Read buffer overruns | | | | | | | processing ASN.1 strings | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3712 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2022-0778 | | | 1.1.1n-r0 | openssl: Infinite loop in | | | | | | | BN_mod_sqrt() reachable | | | | | | | when parsing certificates | | | | | | | -->avd.aquasec.com/nvd/cve-2022-0778 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-3449 | MEDIUM | | 1.1.1k-r0 | openssl: NULL pointer dereference | | | | | | | in signature_algorithms processing | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3449 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | libcurl | CVE-2021-22945 | CRITICAL | 7.69.1-r3 | 7.79.0-r0 | curl: use-after-free and | | | | | | | double-free in MQTT sending | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22945 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-22901 | HIGH | | 7.77.0-r0 | curl: Use-after-free in | | | | | | | TLS session handling when | | | | | | | using OpenSSL TLS backend | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22901 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22946 | | | 7.79.0-r0 | curl: Requirement to use | | | | | | | TLS not properly enforced | | | | | | | for IMAP, POP3, and... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2022-22576 | | | 7.79.1-r1 | curl: OAUTH2 bearer bypass | | | | | | | in connection re-use | | | | | | | -->avd.aquasec.com/nvd/cve-2022-22576 | + +------------------+ + + +---------------------------------------+ | | CVE-2022-27775 | | | | curl: bad local IPv6 connection reuse | | | | | | | -->avd.aquasec.com/nvd/cve-2022-27775 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-22876 | MEDIUM | | 7.76.0-r0 | curl: Leak of authentication | | | | | | | credentials in URL | | | | | | | via automatic Referer | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22876 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22922 | | | 7.78.0-r0 | curl: Content not matching hash | | | | | | | in Metalink is not being discarded | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-22923 | | | | curl: Metalink download | | | | | | | sends credentials | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-22925 | | | | curl: Incorrect fix for | | | | | | | CVE-2021-22898 TELNET | | | | | | | stack contents disclosure | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22925 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22947 | | | 7.79.0-r0 | curl: Server responses | | | | | | | received before STARTTLS | | | | | | | processed after TLS handshake | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2022-27774 | | | 7.79.1-r1 | curl: credential leak on redirect | | | | | | | -->avd.aquasec.com/nvd/cve-2022-27774 | + +------------------+ + + +---------------------------------------+ | | CVE-2022-27776 | | | | curl: auth/cookie leak on redirect | | | | | | | -->avd.aquasec.com/nvd/cve-2022-27776 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2020-8284 | LOW | | 7.74.0-r0 | curl: FTP PASV command | | | | | | | response can cause curl | | | | | | | to connect to arbitrary... | | | | | | | -->avd.aquasec.com/nvd/cve-2020-8284 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22890 | | | 7.76.0-r0 | curl: TLS 1.3 session ticket | | | | | | | mix-up with HTTPS proxy host | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22890 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22898 | | | 7.77.0-r0 | curl: TELNET stack | | | | | | | contents disclosure | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-22924 | | | 7.78.0-r0 | curl: Bad connection reuse | | | | | | | due to flawed path name checks | | | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | libgcrypt | CVE-2021-33560 | HIGH | 1.8.5-r0 | 1.8.8-r0 | libgcrypt: mishandles ElGamal | | | | | | | encryption because it lacks | | | | | | | exponent blinding to address a... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-33560 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-40528 | MEDIUM | | 1.8.8-r1 | libgcrypt: ElGamal implementation | | | | | | | allows plaintext recovery | | | | | | | -->avd.aquasec.com/nvd/cve-2021-40528 | +-----------------------+------------------+ +-------------------+------------------+---------------------------------------+ | libjpeg-turbo | CVE-2021-20205 | | 2.0.5-r0 | 2.1.0-r0 | libjpeg-turbo: DoS | | | | | | | via open crafted GIF | | | | | | | -->avd.aquasec.com/nvd/cve-2021-20205 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | libssl1.1 | CVE-2021-3711 | CRITICAL | 1.1.1j-r0 | 1.1.1l-r0 | openssl: SM2 Decryption | | | | | | | Buffer Overflow | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3711 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-3450 | HIGH | | 1.1.1k-r0 | openssl: CA certificate check | | | | | | | bypass with X509_V_FLAG_X509_STRICT | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3450 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-3712 | | | 1.1.1l-r0 | openssl: Read buffer overruns | | | | | | | processing ASN.1 strings | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3712 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2022-0778 | | | 1.1.1n-r0 | openssl: Infinite loop in | | | | | | | BN_mod_sqrt() reachable | | | | | | | when parsing certificates | | | | | | | -->avd.aquasec.com/nvd/cve-2022-0778 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-3449 | MEDIUM | | 1.1.1k-r0 | openssl: NULL pointer dereference | | | | | | | in signature_algorithms processing | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3449 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | libxml2 | CVE-2021-3517 | HIGH | 2.9.10-r5 | 2.9.10-r6 | libxml2: Heap-based buffer overflow | | | | | | | in xmlEncodeEntitiesInternal() | | | | | | | in entities.c | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3517 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-3518 | | | | libxml2: Use-after-free in | | | | | | | xmlXIncludeDoProcess() in xinclude.c | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3518 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2022-23308 | | | 2.9.13-r0 | libxml2: Use-after-free | | | | | | | of ID and IDREF attributes | | | | | | | -->avd.aquasec.com/nvd/cve-2022-23308 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-3537 | MEDIUM | | 2.9.10-r6 | libxml2: NULL pointer dereference | | | | | | | when post-validating mixed | | | | | | | content parsed in recovery mode... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3537 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-3541 | | | 2.9.12-r0 | libxml2: Exponential entity | | | | | | | expansion attack bypasses all | | | | | | | existing protection mechanisms | | | | | | | -->avd.aquasec.com/nvd/cve-2021-3541 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2022-29824 | | | 2.9.14-r0 | libxml2: integer overflows | | | | | | | in xmlBuf and xmlBuffer | | | | | | | lead to out-of-bounds write | | | | | | | -->avd.aquasec.com/nvd/cve-2022-29824 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | libxslt | CVE-2021-30560 | HIGH | 1.1.34-r0 | 1.1.35-r0 | Use after free in Blink | | | | | | | XSLT in Google Chrome | | | | | | | prior to 91.0.4472.164... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-30560 | +-----------------------+------------------+ +-------------------+------------------+---------------------------------------+ | ncurses-libs | CVE-2021-39537 | | 6.2_p20200523-r0 | 6.2_p20200523-r1 | ncurses: heap-based buffer overflow | | | | | | | in _nc_captoinfo() in captoinfo.c | | | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 | +-----------------------+ + + + + + | ncurses-terminfo-base | | | | | | | | | | | | | | | | | | | | +-----------------------+------------------+ +-------------------+------------------+---------------------------------------+ | ssl_client | CVE-2021-28831 | | 1.31.1-r19 | 1.31.1-r20 | busybox: invalid free or segmentation | | | | | | | fault via malformed gzip data | | | | | | | -->avd.aquasec.com/nvd/cve-2021-28831 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2021-42378 | | | 1.31.1-r21 | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42378 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42379 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42379 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42380 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42380 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42381 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42381 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42382 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42382 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42383 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42383 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42384 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42384 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42385 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42385 | + +------------------+ + + +---------------------------------------+ | | CVE-2021-42386 | | | | busybox: use-after-free in | | | | | | | awk applet leads to denial | | | | | | | of service and possibly... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42386 | + +------------------+ + +------------------+---------------------------------------+ | | CVE-2022-28391 | | | 1.31.1-r22 | busybox: remote attackers may execute | | | | | | | arbitrary code if netstat is used | | | | | | | -->avd.aquasec.com/nvd/cve-2022-28391 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2021-42374 | MEDIUM | | 1.31.1-r21 | busybox: out-of-bounds read | | | | | | | in unlzma applet leads to | | | | | | | information leak and denial... | | | | | | | -->avd.aquasec.com/nvd/cve-2021-42374 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | xz-libs | CVE-2022-1271 | HIGH | 5.2.5-r0 | 5.2.5-r1 | gzip: arbitrary-file-write | | | | | | | vulnerability | | | | | | | -->avd.aquasec.com/nvd/cve-2022-1271 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+ | zlib | CVE-2022-37434 | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | zlib: heap-based buffer | | | | | | | over-read and overflow in | | | | | | | inflate() in inflate.c via a... | | | | | | | -->avd.aquasec.com/nvd/cve-2022-37434 | + +------------------+----------+ +------------------+---------------------------------------+ | | CVE-2018-25032 | HIGH | | 1.2.12-r0 | zlib: A flaw found in | | | | | | | zlib when compressing (not | | | | | | | decompressing) certain inputs... | | | | | | | -->avd.aquasec.com/nvd/cve-2018-25032 | +-----------------------+------------------+----------+-------------------+------------------+---------------------------------------+