Security vulnerabilities on dremio/dremio-oss image

While doing a scan on the image dremio/dremio-oss image using the open-source version of clair, following vulnerabilities were found. Are there any plans to remediate these? At least the High vulnerabilities?

Blockquote
Analysing 8 layers

Found 14 vulnerabilities

CVE-2017-12424: [High]

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.

https://security-tracker.debian.org/tracker/CVE-2017-12424


CVE-2017-10989: [High]

The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.

https://security-tracker.debian.org/tracker/CVE-2017-10989


Negligible: 8

Low: 1

Medium: 3

High: 2
I cannot list the other vulnerabilities here. I am a new user and am restricted to only 2 links.

As part of our release process, the latest version for openjdk:8-jdkbase image would be used, in order to pick the most recent security fixes. It looks a new version might have been released recently (https://github.com/docker-library/openjdk/issues/185) so future versions of the image should be okay.

As for these specific security issues, they might not be relevant in a Docker context which might make them less critical.

From dremio/dremio-oss:19.1.0

A lot of vulnerabilities are found, including the recent Log4J 0-day vulnerability. Please upgrade dependent packages.

NAME                               INSTALLED                                   FIXED-IN      VULNERABILITY        SEVERITY
apt                                2.2.4                                                     CVE-2011-3374        Negligible
avatica-core                       1.18.0                                                    CVE-2020-13955       Medium
avatica-metrics                    1.18.0                                                    CVE-2020-13955       Medium
calcite-core                       1.16.0-202110140531410732-6a46ce2e          1.26.0        GHSA-hxp5-8pgq-mgv9  Medium
calcite-core                       1.16.0-202110140531410732-6a46ce2e                        CVE-2020-13955       Medium
calcite-linq4j                     1.16.0-202110140531410732-6a46ce2e                        CVE-2020-13955       Medium
commons-compress                   1.20                                        1.21          GHSA-7hfm-57qf-j43q  High
commons-compress                   1.20                                        1.21          GHSA-crv7-7245-f45f  High
commons-compress                   1.20                                        1.21          GHSA-mc84-pj99-q6hh  High
commons-compress                   1.20                                        1.21          GHSA-xqfj-vm6h-2x34  High
commons-compress                   1.20                                                      CVE-2021-35515       High
commons-compress                   1.20                                                      CVE-2021-35516       High
commons-compress                   1.20                                                      CVE-2021-35517       High
commons-compress                   1.20                                                      CVE-2021-36090       High
commons-io                         2.5                                         2.7           GHSA-gwrp-pvrq-jmwv  Medium
commons-io                         2.5                                                       CVE-2021-29425       Medium
commons-io                         2.4                                         2.7           GHSA-gwrp-pvrq-jmwv  Medium
commons-io                         2.4                                                       CVE-2021-29425       Medium
coreutils                          8.32-4+b1                                   (won't fix)   CVE-2016-2781        Low
coreutils                          8.32-4+b1                                                 CVE-2017-18018       Negligible
curl                               7.74.0-1.3+b1                               (won't fix)   CVE-2021-22924       Low
curl                               7.74.0-1.3+b1                               (won't fix)   CVE-2021-22945       Critical
curl                               7.74.0-1.3+b1                               (won't fix)   CVE-2021-22946       High
curl                               7.74.0-1.3+b1                               (won't fix)   CVE-2021-22947       Medium
curl                               7.74.0-1.3+b1                               (won't fix)   CVE-2021-22898       Low
curl                               7.74.0-1.3+b1                                             CVE-2021-22922       Negligible
curl                               7.74.0-1.3+b1                                             CVE-2021-22923       Negligible
elasticsearch                      5.5.3                                                     CVE-2019-7611        High
elasticsearch                      5.5.3                                                     CVE-2019-7614        Medium
elasticsearch                      5.5.3                                                     CVE-2020-7019        Medium
elasticsearch                      5.5.3                                                     CVE-2020-7020        Low
elasticsearch                      5.5.3                                                     CVE-2020-7021        Medium
elasticsearch                      5.5.3                                                     CVE-2021-22135       Medium
elasticsearch                      5.5.3                                                     CVE-2021-22137       Medium
elasticsearch                      5.5.3                                                     CVE-2021-22144       Medium
elasticsearch                      5.5.3                                                     CVE-2021-22147       Medium
flatbuffers-java                   1.9.0                                                     CVE-2020-35864       High
git                                1:2.30.2-1                                                CVE-2018-1000021     Negligible
git-man                            1:2.30.2-1                                                CVE-2018-1000021     Negligible
guava                              13.0.1                                      24.1.1        GHSA-mvr2-9pj6-7w5j  Medium
guava                              13.0.1                                      30.0-jre      GHSA-5mg8-w23w-74h3  Low
guava                              13.0.1                                                    CVE-2018-10237       Medium
guava                              13.0.1                                                    CVE-2020-8908        Low
guava                              28.0-jre                                    30.0-jre      GHSA-5mg8-w23w-74h3  Low
guava                              28.0-jre                                                  CVE-2020-8908        Low
guava                              14.0.1                                      24.1.1        GHSA-mvr2-9pj6-7w5j  Medium
guava                              14.0.1                                      30.0-jre      GHSA-5mg8-w23w-74h3  Low
guava                              14.0.1                                                    CVE-2018-10237       Medium
guava                              14.0.1                                                    CVE-2020-8908        Low
guava                              28.1-jre                                    30.0-jre      GHSA-5mg8-w23w-74h3  Low
guava                              28.1-jre                                                  CVE-2020-8908        Low
hadoop-annotations                 2.8.5                                                     CVE-2018-11765       High
hadoop-annotations                 2.8.5                                                     CVE-2020-9492        High
hadoop-annotations                 3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-auth                        3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-auth                        2.8.5                                                     CVE-2018-11765       High
hadoop-auth                        2.8.5                                                     CVE-2020-9492        High
hadoop-aws                         3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-aws                         2.8.5                                                     CVE-2018-11765       High
hadoop-aws                         2.8.5                                                     CVE-2020-9492        High
hadoop-azure                       3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-azure                       2.8.5-dremio-r2-202106241733540604-acdda22                CVE-2018-11765       High
hadoop-azure                       2.8.5-dremio-r2-202106241733540604-acdda22                CVE-2020-9492        High
hadoop-azure-datalake              3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-azure-datalake              2.8.5                                                     CVE-2018-11765       High
hadoop-azure-datalake              2.8.5                                                     CVE-2020-9492        High
hadoop-client                      2.8.5                                                     CVE-2018-11765       High
hadoop-client                      2.8.5                                                     CVE-2020-9492        High
hadoop-client                      3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-common                      3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-common                      2.8.5                                                     CVE-2018-11765       High
hadoop-common                      2.8.5                                                     CVE-2020-9492        High
hadoop-hdfs                        2.8.5                                                     CVE-2018-11765       High
hadoop-hdfs                        2.8.5                                                     CVE-2020-9492        High
hadoop-hdfs                        3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-hdfs-client                 3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-hdfs-client                 2.8.5                                                     CVE-2018-11765       High
hadoop-hdfs-client                 2.8.5                                                     CVE-2020-9492        High
hadoop-mapreduce-client-app        2.8.5                                                     CVE-2018-11765       High
hadoop-mapreduce-client-app        2.8.5                                                     CVE-2020-9492        High
hadoop-mapreduce-client-common     3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-mapreduce-client-common     2.8.5                                                     CVE-2018-11765       High
hadoop-mapreduce-client-common     2.8.5                                                     CVE-2020-9492        High
hadoop-mapreduce-client-core       2.8.5                                                     CVE-2018-11765       High
hadoop-mapreduce-client-core       2.8.5                                                     CVE-2020-9492        High
hadoop-mapreduce-client-core       3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-mapreduce-client-jobclient  3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-mapreduce-client-jobclient  2.8.5                                                     CVE-2018-11765       High
hadoop-mapreduce-client-jobclient  2.8.5                                                     CVE-2020-9492        High
hadoop-mapreduce-client-shuffle    2.8.5                                                     CVE-2018-11765       High
hadoop-mapreduce-client-shuffle    2.8.5                                                     CVE-2020-9492        High
hadoop-yarn-api                    3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-yarn-api                    2.8.5                                                     CVE-2018-11765       High
hadoop-yarn-api                    2.8.5                                                     CVE-2020-9492        High
hadoop-yarn-client                 2.8.5                                                     CVE-2018-11765       High
hadoop-yarn-client                 2.8.5                                                     CVE-2020-9492        High
hadoop-yarn-client                 3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-yarn-common                 2.8.5                                                     CVE-2018-11765       High
hadoop-yarn-common                 2.8.5                                                     CVE-2020-9492        High
hadoop-yarn-common                 3.2.1-dremio-202107061151520241-a2c072f                   CVE-2020-9492        High
hadoop-yarn-server-common          2.8.5                                                     CVE-2018-11765       High
hadoop-yarn-server-common          2.8.5                                                     CVE-2020-9492        High
hbase-annotations                  1.1.13                                                    CVE-2018-8025        High
hbase-client                       1.1.13                                                    CVE-2018-8025        High
hbase-common                       1.1.13                                                    CVE-2018-8025        High
hbase-hadoop-compat                1.1.13                                                    CVE-2018-8025        High
hbase-hadoop2-compat               1.1.13                                                    CVE-2018-8025        High
hbase-protocol                     1.1.13                                                    CVE-2018-8025        High
hbase-server                       1.1.13                                                    CVE-2018-8025        High
hive-common                        3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-common                        2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-common                        2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-common                        2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-common                        2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-common                        2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-common                        2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-common                        2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-contrib                       3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-contrib                       2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-contrib                       2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-contrib                       2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-contrib                       2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-contrib                       2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-contrib                       2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-contrib                       2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-exec                          2.1.1-dremio-202111110700250786-bf21359     2.1.2         GHSA-2g9q-chq2-w8qw  Medium
hive-exec                          2.1.1-dremio-202111110700250786-bf21359     2.3.3         GHSA-p639-xxv5-j383  Low
hive-exec                          2.1.1-dremio-202111110700250786-bf21359     2.3.4         GHSA-rrfq-g5fq-fc9c  High
hive-exec                          2.1.1-dremio-202111110700250786-bf21359     2.3.3         GHSA-rxmr-c9jm-7mm8  Low
hive-exec                          2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-exec                          2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-exec                          2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-exec                          2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-exec                          2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-exec                          2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-exec                          2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-exec                          3.1.1-dremio-202108260418420981-22681bb     3.1.1         GHSA-rrfq-g5fq-fc9c  High
hive-exec                          3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-hbase-handler                 2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-hbase-handler                 2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-hbase-handler                 2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-hbase-handler                 2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-hbase-handler                 2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-hbase-handler                 2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-hbase-handler                 2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-hbase-handler                 3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-llap-client                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-llap-client                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-llap-client                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-llap-client                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-llap-client                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-llap-client                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-llap-client                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-llap-client                   3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-llap-common                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-llap-common                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-llap-common                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-llap-common                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-llap-common                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-llap-common                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-llap-common                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-llap-common                   3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-metastore                     2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-metastore                     2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-metastore                     2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-metastore                     2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-metastore                     2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-metastore                     2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-metastore                     2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-metastore                     3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-orc                           2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-orc                           2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-orc                           2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-orc                           2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-orc                           2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-orc                           2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-orc                           2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-serde                         2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-serde                         2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-serde                         2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-serde                         2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-serde                         2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-serde                         2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-serde                         2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-serde                         3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-service-rpc                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-service-rpc                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-service-rpc                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-service-rpc                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-service-rpc                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-service-rpc                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-service-rpc                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-service-rpc                   3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-shims-0.23                    2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-shims-0.23                    2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-shims-0.23                    2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-shims-0.23                    2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-shims-0.23                    2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-shims-0.23                    2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-shims-0.23                    2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-shims-0.23                    3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-shims-common                  2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-shims-common                  2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-shims-common                  2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-shims-common                  2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-shims-common                  2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-shims-common                  2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-shims-common                  2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-shims-common                  3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-spark-client                  3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-standalone-metastore          3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
hive-storage-api                   2.7.0                                                     CVE-2020-13949       High
hive-storage-api                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-11777       High
hive-storage-api                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1282        Critical
hive-storage-api                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1284        Low
hive-storage-api                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1314        Medium
hive-storage-api                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2018-1315        Low
hive-storage-api                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-13949       High
hive-storage-api                   2.1.1-dremio-202111110700250786-bf21359                   CVE-2020-1926        Medium
hive-upgrade-acid                  3.1.1-dremio-202108260418420981-22681bb                   CVE-2020-13949       High
jackson-databind                   2.9.9                                       2.9.10        GHSA-cf6r-3wgc-h863  High
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-fqwf-pjwf-7vqv  Medium
jackson-databind                   2.9.9                                       2.9.10        GHSA-qmqc-x3r4-6v39  High
jackson-databind                   2.9.9                                       2.9.10        GHSA-f3j5-rmmp-3fc5  Critical
jackson-databind                   2.9.9                                       2.9.10.5      GHSA-j823-4qch-3rgm  High
jackson-databind                   2.9.9                                       2.9.10.5      GHSA-c265-37vj-cwcc  High
jackson-databind                   2.9.9                                       2.9.10.5      GHSA-c2q3-4qrh-fm48  High
jackson-databind                   2.9.9                                       2.9.10        GHSA-h822-r4r5-v8jg  Critical
jackson-databind                   2.9.9                                       2.9.10        GHSA-85cw-hj65-qqv9  Critical
jackson-databind                   2.9.9                                       2.9.10.7      GHSA-5949-rw7g-wx7w  High
jackson-databind                   2.9.9                                       2.9.10.7      GHSA-288c-cq4h-88gq  High
jackson-databind                   2.9.9                                       2.9.9.2       GHSA-gwp4-hfv6-p7hw  High
jackson-databind                   2.9.9                                       2.9.9.1       GHSA-cmfg-87vq-g5g4  Medium
jackson-databind                   2.9.9                                       2.9.9.1       GHSA-mph4-vhrx-mv67  Medium
jackson-databind                   2.9.9                                       2.9.9.2       GHSA-6fpp-rgj9-8rwc  Critical
jackson-databind                   2.9.9                                       2.9.10.1      GHSA-mx7p-6679-8g3q  Critical
jackson-databind                   2.9.9                                       2.9.10.5      GHSA-mc6h-4qgp-37qh  High
jackson-databind                   2.9.9                                       2.9.10.1      GHSA-fmmc-742q-jg75  Critical
jackson-databind                   2.9.9                                       2.9.10.1      GHSA-gjmw-vf9h-g25v  Critical
jackson-databind                   2.9.9                                       2.9.10.2      GHSA-gww7-p5w4-wrfv  Critical
jackson-databind                   2.9.9                                       2.9.10.3      GHSA-4w82-r329-3q67  Critical
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-q93h-jc49-78gg  Critical
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-h4rc-386g-6m85  High
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-p43x-xfjf-5jhr  Critical
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-5p34-5m6p-p58g  Critical
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-758m-v56v-grj4  High
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-rf6r-2c4q-2vwg  High
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-v3xw-c963-f5hc  High
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-9vvp-fxw6-jcxr  High
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-27xj-rqx5-2255  High
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-58pp-9c76-5625  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-v585-23hc-c647  High
jackson-databind                   2.9.9                                       2.9.10.6      GHSA-h3cw-g4mq-c5x2  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-wh8g-3j2c-rqj5  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-r3gr-cxrf-hg25  High
jackson-databind                   2.9.9                                       2.9.10.6      GHSA-qjw2-hr98-qgfh  Critical
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-89qr-369f-5m5x  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-9gph-22xh-8x98  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-8w26-6f25-cm9x  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-cvm9-fjm9-3572  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-8c4j-34r4-xr8g  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-m6x4-97wx-4q27  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-9m6f-7xcq-8vf8  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-f9xh-2qgp-cq57  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-r695-7vr9-jgc2  High
jackson-databind                   2.9.9                                       2.9.10.8      GHSA-vfqx-33qm-g869  High
jackson-databind                   2.9.9                                       2.9.10.4      GHSA-95cm-88f5-f2c7  High
jackson-databind                   2.9.9                                                     CVE-2019-12384       Medium
jackson-databind                   2.9.9                                                     CVE-2019-12814       Medium
jackson-databind                   2.9.9                                                     CVE-2019-14379       Critical
jackson-databind                   2.9.9                                                     CVE-2019-14439       High
jackson-databind                   2.9.9                                                     CVE-2019-14540       Critical
jackson-databind                   2.9.9                                                     CVE-2019-14892       Critical
jackson-databind                   2.9.9                                                     CVE-2019-14893       Critical
jackson-databind                   2.9.9                                                     CVE-2019-16335       Critical
jackson-databind                   2.9.9                                                     CVE-2019-16942       Critical
jackson-databind                   2.9.9                                                     CVE-2019-16943       Critical
jackson-databind                   2.9.9                                                     CVE-2019-17267       Critical
jackson-databind                   2.9.9                                                     CVE-2019-17531       Critical
jackson-databind                   2.9.9                                                     CVE-2019-20330       Critical
jackson-databind                   2.9.9                                                     CVE-2020-10672       High
jackson-databind                   2.9.9                                                     CVE-2020-10673       High
jackson-databind                   2.9.9                                                     CVE-2020-10968       High
jackson-databind                   2.9.9                                                     CVE-2020-10969       High
jackson-databind                   2.9.9                                                     CVE-2020-11111       High
jackson-databind                   2.9.9                                                     CVE-2020-11112       High
jackson-databind                   2.9.9                                                     CVE-2020-11113       High
jackson-databind                   2.9.9                                                     CVE-2020-11619       High
jackson-databind                   2.9.9                                                     CVE-2020-11620       High
jackson-databind                   2.9.9                                                     CVE-2020-14060       High
jackson-databind                   2.9.9                                                     CVE-2020-14061       High
jackson-databind                   2.9.9                                                     CVE-2020-14062       High
jackson-databind                   2.9.9                                                     CVE-2020-14195       High
jackson-databind                   2.9.9                                                     CVE-2020-24616       High
jackson-databind                   2.9.9                                                     CVE-2020-24750       High
jackson-databind                   2.9.9                                                     CVE-2020-25649       High
jackson-databind                   2.9.9                                                     CVE-2020-35490       High
jackson-databind                   2.9.9                                                     CVE-2020-35491       High
jackson-databind                   2.9.9                                                     CVE-2020-35728       High
jackson-databind                   2.9.9                                                     CVE-2020-36179       High
jackson-databind                   2.9.9                                                     CVE-2020-36180       High
jackson-databind                   2.9.9                                                     CVE-2020-36181       High
jackson-databind                   2.9.9                                                     CVE-2020-36182       High
jackson-databind                   2.9.9                                                     CVE-2020-36183       High
jackson-databind                   2.9.9                                                     CVE-2020-36184       High
jackson-databind                   2.9.9                                                     CVE-2020-36185       High
jackson-databind                   2.9.9                                                     CVE-2020-36186       High
jackson-databind                   2.9.9                                                     CVE-2020-36187       High
jackson-databind                   2.9.9                                                     CVE-2020-36188       High
jackson-databind                   2.9.9                                                     CVE-2020-36189       High
jackson-databind                   2.9.9                                                     CVE-2020-8840        Critical
jackson-databind                   2.9.9                                                     CVE-2020-9546        Critical
jackson-databind                   2.9.9                                                     CVE-2020-9547        Critical
jackson-databind                   2.9.9                                                     CVE-2020-9548        Critical
jackson-databind                   2.9.9                                                     CVE-2021-20190       High
jackson-databind                   2.4.0                                       2.6.7.3       GHSA-cf6r-3wgc-h863  High
jackson-databind                   2.4.0                                       2.9.10.4      GHSA-fqwf-pjwf-7vqv  Medium
jackson-databind                   2.4.0                                       2.9.10        GHSA-f3j5-rmmp-3fc5  Critical
jackson-databind                   2.4.0                                       2.8.11        GHSA-w3f4-3q6j-rh82  High
jackson-databind                   2.4.0                                       2.9.10        GHSA-h822-r4r5-v8jg  Critical
jackson-databind                   2.4.0                                       2.9.10        GHSA-85cw-hj65-qqv9  Critical
jackson-databind                   2.4.0                                       2.9.10.7      GHSA-5949-rw7g-wx7w  High
jackson-databind                   2.4.0                                       2.6.7.4       GHSA-288c-cq4h-88gq  High
jackson-databind                   2.4.0                                       2.9.9.2       GHSA-gwp4-hfv6-p7hw  High
jackson-databind                   2.4.0                                       2.9.9.1       GHSA-cmfg-87vq-g5g4  Medium
jackson-databind                   2.4.0                                       2.9.9.1       GHSA-mph4-vhrx-mv67  Medium
jackson-databind                   2.4.0                                       2.7.9.4       GHSA-qr7j-h6gg-jmgc  Critical
jackson-databind                   2.4.0                                       2.8.11        GHSA-h592-38cm-4ggp  Critical
jackson-databind                   2.4.0                                       2.8.11.1      GHSA-cggj-fvv3-cqwv  Critical
jackson-databind                   2.4.0                                       2.7.9.5       GHSA-4gq5-ch57-c2mg  Critical
jackson-databind                   2.4.0                                       2.7.9.5       GHSA-645p-88qh-w398  Critical
jackson-databind                   2.4.0                                       2.7.9.4       GHSA-cjjf-94ff-43w7  High
jackson-databind                   2.4.0                                       2.9.9         GHSA-5ww9-j83m-q7qx  High
jackson-databind                   2.4.0                                       2.9.9.2       GHSA-6fpp-rgj9-8rwc  Critical
jackson-databind                   2.4.0                                       2.9.10.1      GHSA-mx7p-6679-8g3q  Critical
jackson-databind                   2.4.0                                       2.9.10.1      GHSA-fmmc-742q-jg75  Critical
jackson-databind                   2.4.0                                       2.9.10.1      GHSA-gjmw-vf9h-g25v  Critical
jackson-databind                   2.4.0                                                     GHSA-gww7-p5w4-wrfv  Critical
jackson-databind                   2.4.0                                                     GHSA-4w82-r329-3q67  Critical
jackson-databind                   2.4.0                                       2.9.10.4      GHSA-q93h-jc49-78gg  Critical
jackson-databind                   2.4.0                                       2.9.10.4      GHSA-p43x-xfjf-5jhr  Critical
jackson-databind                   2.4.0                                       2.8.11        GHSA-rfx6-vp9g-rh7v  Critical
jackson-databind                   2.4.0                                       2.6.7.1       GHSA-qxxx-2pp7-5hmx  Critical
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-v585-23hc-c647  High
jackson-databind                   2.4.0                                       2.9.10.6      GHSA-h3cw-g4mq-c5x2  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-wh8g-3j2c-rqj5  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-r3gr-cxrf-hg25  High
jackson-databind                   2.4.0                                       2.9.10.6      GHSA-qjw2-hr98-qgfh  Critical
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-89qr-369f-5m5x  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-9gph-22xh-8x98  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-8w26-6f25-cm9x  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-cvm9-fjm9-3572  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-8c4j-34r4-xr8g  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-m6x4-97wx-4q27  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-9m6f-7xcq-8vf8  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-f9xh-2qgp-cq57  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-r695-7vr9-jgc2  High
jackson-databind                   2.4.0                                       2.9.10.8      GHSA-vfqx-33qm-g869  High
jackson-databind                   2.4.0                                                     CVE-2018-7489        Critical
jackson-databind                   2.4.0                                                     CVE-2020-35490       High
jackson-databind                   2.4.0                                                     CVE-2020-35491       High
jersey-common                      2.30                                        2.34          GHSA-c43q-5hpj-4crv  Medium
jetty                              6.1.26                                                    CVE-2009-1523        Medium
jetty                              6.1.26                                                    CVE-2011-4461        Medium
jetty-sslengine                    6.1.26                                                    CVE-2009-1523        Medium
jetty-sslengine                    6.1.26                                                    CVE-2011-4461        Medium
jetty-util                         6.1.26                                                    CVE-2009-1523        Medium
jetty-util                         6.1.26                                                    CVE-2011-4461        Medium
json-smart                         1.3.1                                       1.3.2         GHSA-v528-7hrm-frqp  Critical
libapt-pkg6.0                      2.2.4                                                     CVE-2011-3374        Negligible
libc-bin                           2.31-13+deb11u2                                           CVE-2021-43396       Negligible
libc-bin                           2.31-13+deb11u2                                           CVE-2010-4756        Negligible
libc-bin                           2.31-13+deb11u2                                           CVE-2018-20796       Negligible
libc-bin                           2.31-13+deb11u2                                           CVE-2019-1010022     Negligible
libc-bin                           2.31-13+deb11u2                                           CVE-2019-1010023     Negligible
libc-bin                           2.31-13+deb11u2                                           CVE-2019-1010024     Negligible
libc-bin                           2.31-13+deb11u2                                           CVE-2019-1010025     Negligible
libc-bin                           2.31-13+deb11u2                                           CVE-2019-9192        Negligible
libc-bin                           2.31-13+deb11u2                             (won't fix)   CVE-2021-33574       Critical
libc6                              2.31-13+deb11u2                                           CVE-2021-43396       Negligible
libc6                              2.31-13+deb11u2                                           CVE-2010-4756        Negligible
libc6                              2.31-13+deb11u2                                           CVE-2018-20796       Negligible
libc6                              2.31-13+deb11u2                                           CVE-2019-1010022     Negligible
libc6                              2.31-13+deb11u2                                           CVE-2019-1010023     Negligible
libc6                              2.31-13+deb11u2                                           CVE-2019-1010024     Negligible
libc6                              2.31-13+deb11u2                                           CVE-2019-1010025     Negligible
libc6                              2.31-13+deb11u2                                           CVE-2019-9192        Negligible
libc6                              2.31-13+deb11u2                             (won't fix)   CVE-2021-33574       Critical
libcurl3-gnutls                    7.74.0-1.3+b1                               (won't fix)   CVE-2021-22924       Low
libcurl3-gnutls                    7.74.0-1.3+b1                               (won't fix)   CVE-2021-22945       Critical
libcurl3-gnutls                    7.74.0-1.3+b1                               (won't fix)   CVE-2021-22946       High
libcurl3-gnutls                    7.74.0-1.3+b1                               (won't fix)   CVE-2021-22947       Medium
libcurl3-gnutls                    7.74.0-1.3+b1                               (won't fix)   CVE-2021-22898       Low
libcurl3-gnutls                    7.74.0-1.3+b1                                             CVE-2021-22922       Negligible
libcurl3-gnutls                    7.74.0-1.3+b1                                             CVE-2021-22923       Negligible
libcurl4                           7.74.0-1.3+b1                               (won't fix)   CVE-2021-22924       Low
libcurl4                           7.74.0-1.3+b1                               (won't fix)   CVE-2021-22945       Critical
libcurl4                           7.74.0-1.3+b1                               (won't fix)   CVE-2021-22946       High
libcurl4                           7.74.0-1.3+b1                               (won't fix)   CVE-2021-22947       Medium
libcurl4                           7.74.0-1.3+b1                               (won't fix)   CVE-2021-22898       Low
libcurl4                           7.74.0-1.3+b1                                             CVE-2021-22922       Negligible
libcurl4                           7.74.0-1.3+b1                                             CVE-2021-22923       Negligible
libexpat1                          2.2.10-2                                                  CVE-2013-0340        Negligible
libgcrypt20                        1.8.7-6                                     (won't fix)   CVE-2021-33560       High
libgcrypt20                        1.8.7-6                                                   CVE-2018-6829        Negligible
libgmp10                           2:6.2.1+dfsg-1                              (won't fix)   CVE-2021-43618       High
libgnutls30                        3.7.1-5                                                   CVE-2011-3389        Medium
libgssapi-krb5-2                   1.18.3-6+deb11u1                                          CVE-2004-0971        Negligible
libgssapi-krb5-2                   1.18.3-6+deb11u1                                          CVE-2018-5709        Negligible
libk5crypto3                       1.18.3-6+deb11u1                                          CVE-2004-0971        Negligible
libk5crypto3                       1.18.3-6+deb11u1                                          CVE-2018-5709        Negligible
libkrb5-3                          1.18.3-6+deb11u1                                          CVE-2004-0971        Negligible
libkrb5-3                          1.18.3-6+deb11u1                                          CVE-2018-5709        Negligible
libkrb5support0                    1.18.3-6+deb11u1                                          CVE-2004-0971        Negligible
libkrb5support0                    1.18.3-6+deb11u1                                          CVE-2018-5709        Negligible
libldap-2.4-2                      2.4.57+dfsg-3                                             CVE-2015-3276        Negligible
libldap-2.4-2                      2.4.57+dfsg-3                                             CVE-2017-14159       Negligible
libldap-2.4-2                      2.4.57+dfsg-3                                             CVE-2017-17740       Negligible
libldap-2.4-2                      2.4.57+dfsg-3                                             CVE-2020-15719       Negligible
libncurses6                        6.2+20201114-2                                            CVE-2021-39537       Negligible
libncursesw6                       6.2+20201114-2                                            CVE-2021-39537       Negligible
libpcre3                           2:8.39-13                                                 CVE-2017-11164       Negligible
libpcre3                           2:8.39-13                                                 CVE-2017-16231       Negligible
libpcre3                           2:8.39-13                                                 CVE-2017-7245        Negligible
libpcre3                           2:8.39-13                                                 CVE-2017-7246        Negligible
libpcre3                           2:8.39-13                                                 CVE-2019-20838       Negligible
libperl5.32                        5.32.1-4+deb11u2                                          CVE-2011-4116        Negligible
libperl5.32                        5.32.1-4+deb11u2                            (won't fix)   CVE-2020-16156       Unknown
libpng16-16                        1.6.37-3                                                  CVE-2019-6129        Negligible
libpython3.9-minimal               3.9.2-1                                     (won't fix)   CVE-2021-3426        Medium
libpython3.9-minimal               3.9.2-1                                                   CVE-2020-27619       Negligible
libpython3.9-minimal               3.9.2-1                                     (won't fix)   CVE-2021-3733        Unknown
libpython3.9-minimal               3.9.2-1                                     (won't fix)   CVE-2021-29921       Critical
libpython3.9-minimal               3.9.2-1                                     (won't fix)   CVE-2021-3737        Unknown
libpython3.9-stdlib                3.9.2-1                                     (won't fix)   CVE-2021-3426        Medium
libpython3.9-stdlib                3.9.2-1                                                   CVE-2020-27619       Negligible
libpython3.9-stdlib                3.9.2-1                                     (won't fix)   CVE-2021-3733        Unknown
libpython3.9-stdlib                3.9.2-1                                     (won't fix)   CVE-2021-29921       Critical
libpython3.9-stdlib                3.9.2-1                                     (won't fix)   CVE-2021-3737        Unknown
libsepol1                          3.1-1                                       (won't fix)   CVE-2021-36084       Low
libsepol1                          3.1-1                                       (won't fix)   CVE-2021-36085       Low
libsepol1                          3.1-1                                       (won't fix)   CVE-2021-36086       Low
libsepol1                          3.1-1                                       (won't fix)   CVE-2021-36087       Low
libsqlite3-0                       3.34.1-3                                                  CVE-2021-36690       Negligible
libssl1.1                          1.1.1k-1+deb11u1                                          CVE-2007-6755        Negligible
libssl1.1                          1.1.1k-1+deb11u1                                          CVE-2010-0928        Negligible
libsystemd0                        247.3-6                                                   CVE-2013-4392        Negligible
libsystemd0                        247.3-6                                                   CVE-2020-13529       Negligible
libthrift                          0.13.0                                                    CVE-2020-13949       High
libtinfo6                          6.2+20201114-2                                            CVE-2021-39537       Negligible
libudev1                           247.3-6                                                   CVE-2013-4392        Negligible
libudev1                           247.3-6                                                   CVE-2020-13529       Negligible
log4j-api                          2.13.3                                      2.15.0        GHSA-jfh8-c2jp-5v3q  Critical
log4j-api                          2.13.3                                      2.16.0        GHSA-7rjr-3q55-vv33  Medium
log4j-api                          2.13.3                                                    CVE-2021-44228       Critical
log4j-api                          2.13.3                                                    CVE-2021-45046       Low
log4j-over-slf4j                   1.7.28                                                    CVE-2020-9488        Low
log4j-to-slf4j                     2.13.3                                                    CVE-2021-44228       Critical
log4j-to-slf4j                     2.13.3                                                    CVE-2021-45046       Low
login                              1:4.8.1-1                                                 CVE-2007-5686        Negligible
login                              1:4.8.1-1                                                 CVE-2013-4235        Negligible
login                              1:4.8.1-1                                                 CVE-2019-19882       Negligible
ncurses-base                       6.2+20201114-2                                            CVE-2021-39537       Negligible
ncurses-bin                        6.2+20201114-2                                            CVE-2021-39537       Negligible
netty                              3.10.6.Final                                              CVE-2019-16869       High
netty                              3.10.6.Final                                              CVE-2019-20444       Critical
netty                              3.10.6.Final                                              CVE-2019-20445       Critical
netty                              3.10.6.Final                                              CVE-2021-21290       Medium
netty                              3.10.6.Final                                              CVE-2021-21295       Medium
netty                              3.10.6.Final                                              CVE-2021-21409       Medium
netty                              3.10.6.Final                                              CVE-2021-37136       High
netty                              3.10.6.Final                                              CVE-2021-37137       High
netty                              3.10.6.Final                                              CVE-2021-43797       Medium
netty-all                          4.1.34.Final                                4.1.42        GHSA-p979-4mfw-53vg  Medium
netty-codec                        4.1.52.Final                                4.1.68.Final  GHSA-grg4-wf29-r9vv  Medium
netty-codec                        4.1.52.Final                                4.1.68.Final  GHSA-9vjp-v76f-g363  Medium
netty-codec                        4.1.48.Final                                4.1.68.Final  GHSA-grg4-wf29-r9vv  Medium
netty-codec                        4.1.48.Final                                4.1.68.Final  GHSA-9vjp-v76f-g363  Medium
netty-codec-http                   4.1.52.Final                                4.1.59.Final  GHSA-5mcr-gq6c-3hq2  Medium
netty-codec-http                   4.1.52.Final                                4.1.71.Final  GHSA-wx5j-54mm-rqqq  Medium
netty-codec-http                   4.1.48.Final                                4.1.59.Final  GHSA-5mcr-gq6c-3hq2  Medium
netty-codec-http                   4.1.48.Final                                4.1.71.Final  GHSA-wx5j-54mm-rqqq  Medium
netty-codec-http2                  4.1.52.Final                                4.1.60.Final  GHSA-wm47-8v5p-wjpj  Medium
netty-codec-http2                  4.1.52.Final                                4.1.61.Final  GHSA-f256-j965-7f32  Medium
netty-codec-http2                  4.1.48.Final                                4.1.60.Final  GHSA-wm47-8v5p-wjpj  Medium
netty-codec-http2                  4.1.48.Final                                4.1.61.Final  GHSA-f256-j965-7f32  Medium
netty-reactive-streams             2.0.0                                                     CVE-2014-3488        Medium
netty-reactive-streams             2.0.0                                                     CVE-2015-2156        High
netty-reactive-streams             2.0.0                                                     CVE-2019-16869       High
netty-reactive-streams             2.0.0                                                     CVE-2019-20444       Critical
netty-reactive-streams             2.0.0                                                     CVE-2019-20445       Critical
netty-reactive-streams             2.0.0                                                     CVE-2021-21290       Medium
netty-reactive-streams             2.0.0                                                     CVE-2021-21295       Medium
netty-reactive-streams             2.0.0                                                     CVE-2021-21409       Medium
netty-reactive-streams             2.0.0                                                     CVE-2021-37136       High
netty-reactive-streams             2.0.0                                                     CVE-2021-37137       High
netty-reactive-streams             2.0.0                                                     CVE-2021-43797       Medium
netty-reactive-streams-http        2.0.5                                                     CVE-2014-3488        Medium
netty-reactive-streams-http        2.0.5                                                     CVE-2015-2156        High
netty-reactive-streams-http        2.0.5                                                     CVE-2019-16869       High
netty-reactive-streams-http        2.0.5                                                     CVE-2019-20444       Critical
netty-reactive-streams-http        2.0.5                                                     CVE-2019-20445       Critical
netty-reactive-streams-http        2.0.5                                                     CVE-2021-21290       Medium
netty-reactive-streams-http        2.0.5                                                     CVE-2021-21295       Medium
netty-reactive-streams-http        2.0.5                                                     CVE-2021-21409       Medium
netty-reactive-streams-http        2.0.5                                                     CVE-2021-37136       High
netty-reactive-streams-http        2.0.5                                                     CVE-2021-37137       High
netty-reactive-streams-http        2.0.5                                                     CVE-2021-43797       Medium
openssh-client                     1:8.4p1-5                                                 CVE-2007-2243        Negligible
openssh-client                     1:8.4p1-5                                                 CVE-2007-2768        Negligible
openssh-client                     1:8.4p1-5                                                 CVE-2008-3234        Negligible
openssh-client                     1:8.4p1-5                                                 CVE-2018-15919       Negligible
openssh-client                     1:8.4p1-5                                                 CVE-2019-6110        Negligible
openssh-client                     1:8.4p1-5                                                 CVE-2020-14145       Negligible
openssh-client                     1:8.4p1-5                                                 CVE-2020-15778       Negligible
openssh-client                     1:8.4p1-5                                                 CVE-2016-20012       Negligible
openssh-client                     1:8.4p1-5                                   (won't fix)   CVE-2021-41617       High
openssl                            1.1.1k-1+deb11u1                                          CVE-2007-6755        Negligible
openssl                            1.1.1k-1+deb11u1                                          CVE-2010-0928        Negligible
passwd                             1:4.8.1-1                                                 CVE-2007-5686        Negligible
passwd                             1:4.8.1-1                                                 CVE-2013-4235        Negligible
passwd                             1:4.8.1-1                                                 CVE-2019-19882       Negligible
perl                               5.32.1-4+deb11u2                                          CVE-2011-4116        Negligible
perl                               5.32.1-4+deb11u2                            (won't fix)   CVE-2020-16156       Unknown
perl-base                          5.32.1-4+deb11u2                                          CVE-2011-4116        Negligible
perl-base                          5.32.1-4+deb11u2                            (won't fix)   CVE-2020-16156       Unknown
perl-modules-5.32                  5.32.1-4+deb11u2                                          CVE-2011-4116        Negligible
perl-modules-5.32                  5.32.1-4+deb11u2                            (won't fix)   CVE-2020-16156       Unknown
postgresql                         42.2.18                                                   CVE-2017-8806        Medium
protobuf-java                      2.5.0                                                     CVE-2015-5237        High
python3.9                          3.9.2-1                                     (won't fix)   CVE-2021-3426        Medium
python3.9                          3.9.2-1                                                   CVE-2020-27619       Negligible
python3.9                          3.9.2-1                                     (won't fix)   CVE-2021-3733        Unknown
python3.9                          3.9.2-1                                     (won't fix)   CVE-2021-29921       Critical
python3.9                          3.9.2-1                                     (won't fix)   CVE-2021-3737        Unknown
python3.9-minimal                  3.9.2-1                                     (won't fix)   CVE-2021-3426        Medium
python3.9-minimal                  3.9.2-1                                                   CVE-2020-27619       Negligible
python3.9-minimal                  3.9.2-1                                     (won't fix)   CVE-2021-3733        Unknown
python3.9-minimal                  3.9.2-1                                     (won't fix)   CVE-2021-29921       Critical
python3.9-minimal                  3.9.2-1                                     (won't fix)   CVE-2021-3737        Unknown
tar                                1.34+dfsg-1                                               CVE-2005-2541        Negligible
wget                               1.21-1+b1                                   (won't fix)   CVE-2021-31879       Medium