Defect #35949: Several Critical CVEs - Redmine

Actions

Copy link

Defect #35949

closed

Several Critical CVEs

Added by Marcelo Simas over 2 years ago. Updated over 2 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Security

Target version:

Start date:

Due date:

% Done:

Estimated time:

Resolution:

Invalid

Affected version:

4.2.2

Description

We use redmine 4.2.2 through a container and the scanner which runs in our DTR has recently identified several critical CVEs. We wanted to make you aware of that.

CVE-2021-23440
Critical
9.8
set-value
2.0.1
4.0.1
No

CVE-2017-6519
Critical
9.1
libavahi-client3
0.7-4+deb10u1
No

CVE-2017-6519
Critical
9.1
libavahi-common-data
0.7-4+deb10u1
No

CVE-2017-6519
Critical
9.1
libavahi-common3
0.7-4+deb10u1
No

CVE-2019-1010022
Critical
9.8
libc-bin
2.28-10
No

CVE-2021-33574
Critical
9.8
libc-bin
2.28-10
No

CVE-2021-35942
Critical
9.1
libc-bin
2.28-10
No

CVE-2019-1010022
Critical
9.8
libc-dev-bin
2.28-10
No

CVE-2021-33574
Critical
9.8
libc-dev-bin
2.28-10
No

CVE-2021-35942
Critical
9.1
libc-dev-bin
2.28-10
No

CVE-2019-1010022
Critical
9.8
libc6
2.28-10
No

CVE-2021-33574
Critical
9.8
libc6
2.28-10
No

CVE-2021-35942
Critical
9.1
libc6
2.28-10
No

CVE-2019-1010022
Critical
9.8
libc6-dev
2.28-10
No

CVE-2021-33574
Critical
9.8
libc6-dev
2.28-10
No

CVE-2021-35942
Critical
9.1
libc6-dev
2.28-10
No

CVE-2020-12268
Critical
9.8
libjbig2dec0
0.16-1
No

CVE-2017-17479
Critical
9.8
libopenjp2-7
2.3.0-2+deb10u2
No

CVE-2018-7648
Critical
9.8
libopenjp2-7
2.3.0-2+deb10u2
No

CVE-2021-3177
Critical
5.9
libpython2.7
2.7.16-2+deb10u1
No

CVE-2021-3177
Critical
9.8
libpython2.7-minimal
2.7.16-2+deb10u1
No

CVE-2021-3177
Critical
5.9
libpython2.7-stdlib
2.7.16-2+deb10u1
No

CVE-2019-9893
Critical
9.8
libseccomp2
2.3.3-4
No

CVE-2020-11656
Critical
9.8
libsqlite3-0
3.27.2-3+deb10u1
No

CVE-2017-9117
Critical
9.8
libtiff5
4.1.0+git191117-2~deb10u2

CVE-2019-25032
Critical
9.8
libunbound8
1.9.0-2+deb10u2
No

CVE-2019-25033
Critical
9.8
libunbound8
1.9.0-2+deb10u2
No

CVE-2019-25034
Critical
9.8
libunbound8
1.9.0-2+deb10u2
No

CVE-2019-25035
Critical
9.8
libunbound8
1.9.0-2+deb10u2
No

CVE-2019-25038
Critical
9.8
libunbound8
1.9.0-2+deb10u2
No

CVE-2019-25039
Critical
9.8
libunbound8
1.9.0-2+deb10u2
No

CVE-2019-25042
Critical
9.8
libunbound8
1.9.0-2+deb10u2
No

CVE-2021-3177
Critical
9.8
python2.7
2.7.16-2+deb10u1
No

CVE-2021-3177
Critical
9.8
python2.7-minimal
2.7.16-2+deb10u1
No

CVE-2020-8165
Critical
9.8
activesupport
5.2.3
6.0.3.1, 5.2.4.3
No

CVE-2019-5477
Critical
9.8
nokogiri
1.10.3
1.10.4
No

CVE-2021-31597
Critical
9.4
xmlhttprequest-ssl
1.5.5
1.6.1
No

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Redmine

Custom queries

Defect #35949

Several Critical CVEs

Updated by Marius BĂLTEANU over 2 years ago

Updated by Marcelo Simas over 2 years ago

Updated by Holger Just over 2 years ago

Updated by Marcelo Simas over 2 years ago