[jira] [Commented] (GUACAMOLE-1368) Latest docker image fails security scans with High severity vulnerabilities.

[Mike Jumper (Jira)]

    [ 
https://issues.apache.org/jira/browse/GUACAMOLE-1368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17365596#comment-17365596
 ] 

Mike Jumper commented on GUACAMOLE-1368:
----------------------------------------

We do not currently produce continuously-updated Docker images. If you want to 
update the packages _within_ the Docker images tied to a release, you will need 
to either (1) use the package managed within the image to update those packages 
or (2) rebuild the image from the Dockerfile in the release source .tar.gz.

See: GUACAMOLE-1229

As for the issues noted in your description:

# Going forward, if you have any concerns that you believe have security 
implications, the place to post those would be the 
secur...@guacamole.apache.org list, which is private. Please do not post such 
things to JIRA.
# The majority of items flagged above are false positives, dealing with 
software that happens to be part of the Debian image but is not actually ever 
used (curl, subversion, git, the command-line OpenSSH client, systemd, ...).
# Of the items that remain, all but those related to OpenSSL share the 
following common note in the Snyk advisory: "There is no fixed version for 
Debian:10 ..."

If you are overall just looking for more consistently up-to-date images, please 
follow GUACAMOLE-1229. If you have specific concerns regarding specific 
findings from your automated scanner, you will need to follow things on the 
Debian side, as there are really no updates to be pulled in even if the Docker 
images were continuously updated. An updated image would not affect the results 
of your scan.

> Latest docker image fails security scans with High severity vulnerabilities.
> ----------------------------------------------------------------------------
>
>                 Key: GUACAMOLE-1368
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1368
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole
>    Affects Versions: 1.3.0
>         Environment: Docker
>            Reporter: Tom Gates
>            Priority: Critical
>
> tgates@MacBook-Pro ~
>  % docker pull guacamole/guacamole:1.3.0
>  1.3.0: Pulling from guacamole/guacamole
>  Digest: 
> sha256:739cb6820ae884827ceaaa87b45b8802769649c848d737584aea79d999177dc3
>  Status: Downloaded newer image for guacamole/guacamole:1.3.0
>  docker.io/guacamole/guacamole:1.3.0
> tgates@MacBook-Pro ~
>  % docker scan guacamole/guacamole:1.3.0
> Testing guacamole/guacamole:1.3.0...
> ✗ Low severity vulnerability found in tar
>  Description: Out-of-bounds Read
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-TAR-1063001]
>  Introduced through: meta-common-packages@meta
>  From: meta-common-packages@meta > tar@1.30+dfsg-6
> ✗ Low severity vulnerability found in tar
>  Description: CVE-2005-2541
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-TAR-312331]
>  Introduced through: meta-common-packages@meta
>  From: meta-common-packages@meta > tar@1.30+dfsg-6
> ✗ Low severity vulnerability found in tar
>  Description: NULL Pointer Dereference
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-TAR-341203]
>  Introduced through: meta-common-packages@meta
>  From: meta-common-packages@meta > tar@1.30+dfsg-6
> ✗ Low severity vulnerability found in systemd/libsystemd0
>  Description: Authentication Bypass
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-1291056]
>  Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, 
> util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
>  From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > 
> systemd/libsystemd0@241-7~deb10u5
>  From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > 
> systemd/libsystemd0@241-7~deb10u5
>  and 4 more...
> ✗ Low severity vulnerability found in systemd/libsystemd0
>  Description: Link Following
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-305144]
>  Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, 
> util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
>  From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > 
> systemd/libsystemd0@241-7~deb10u5
>  From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > 
> systemd/libsystemd0@241-7~deb10u5
>  and 4 more...
> ✗ Low severity vulnerability found in systemd/libsystemd0
>  Description: Missing Release of Resource after Effective Lifetime
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-542807]
>  Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, 
> util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
>  From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > 
> systemd/libsystemd0@241-7~deb10u5
>  From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > 
> systemd/libsystemd0@241-7~deb10u5
>  and 4 more...
> ✗ Low severity vulnerability found in systemd/libsystemd0
>  Description: Improper Input Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-570991]
>  Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, 
> util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
>  From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > 
> systemd/libsystemd0@241-7~deb10u5
>  From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > 
> systemd/libsystemd0@241-7~deb10u5
>  and 4 more...
> ✗ Low severity vulnerability found in sqlite3/libsqlite3-0
>  Description: Improper Input Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-535712]
>  Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, 
> subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
> ✗ Low severity vulnerability found in sqlite3/libsqlite3-0
>  Description: Use After Free
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-565214]
>  Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, 
> subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
> ✗ Low severity vulnerability found in shadow/passwd
>  Description: Time-of-check Time-of-use (TOCTOU)
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306205]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2, 
> gnupg2/dirmngr@2.2.12-1+deb10u1, shadow/login@1:4.5-1.1, 
> util-linux/mount@2.33.1-0.1
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > shadow/passwd@1:4.5-1.1
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > adduser@3.118 > 
> shadow/passwd@1:4.5-1.1
>  From: shadow/login@1:4.5-1.1
>  and 1 more...
> ✗ Low severity vulnerability found in shadow/passwd
>  Description: Incorrect Permission Assignment for Critical Resource
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306230]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2, 
> gnupg2/dirmngr@2.2.12-1+deb10u1, shadow/login@1:4.5-1.1, 
> util-linux/mount@2.33.1-0.1
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > shadow/passwd@1:4.5-1.1
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > adduser@3.118 > 
> shadow/passwd@1:4.5-1.1
>  From: shadow/login@1:4.5-1.1
>  and 1 more...
> ✗ Low severity vulnerability found in shadow/passwd
>  Description: Access Restriction Bypass
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306250]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2, 
> gnupg2/dirmngr@2.2.12-1+deb10u1, shadow/login@1:4.5-1.1, 
> util-linux/mount@2.33.1-0.1
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > shadow/passwd@1:4.5-1.1
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > adduser@3.118 > 
> shadow/passwd@1:4.5-1.1
>  From: shadow/login@1:4.5-1.1
>  and 1 more...
> ✗ Low severity vulnerability found in shadow/passwd
>  Description: Incorrect Permission Assignment for Critical Resource
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SHADOW-539852]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2, 
> gnupg2/dirmngr@2.2.12-1+deb10u1, shadow/login@1:4.5-1.1, 
> util-linux/mount@2.33.1-0.1
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > shadow/passwd@1:4.5-1.1
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > adduser@3.118 > 
> shadow/passwd@1:4.5-1.1
>  From: shadow/login@1:4.5-1.1
>  and 1 more...
> ✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
>  Description: Cryptographic Issues
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-306560]
>  Introduced through: mercurial@4.8.2-1+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python-defaults/libpython2-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  and 7 more...
> ✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
>  Description: Arbitrary Code Injection
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-306596]
>  Introduced through: mercurial@4.8.2-1+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python-defaults/libpython2-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  and 7 more...
> ✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
>  Description: Arbitrary Code Injection
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-474393]
>  Introduced through: mercurial@4.8.2-1+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python-defaults/libpython2-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  and 7 more...
> ✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
>  Description: Resource Exhaustion
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-543815]
>  Introduced through: mercurial@4.8.2-1+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python-defaults/libpython2-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  and 7 more...
> ✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
>  Description: Resource Exhaustion
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-546420]
>  Introduced through: mercurial@4.8.2-1+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python-defaults/libpython2-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  and 7 more...
> ✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
>  Description: Improper Input Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-584372]
>  Introduced through: mercurial@4.8.2-1+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python-defaults/libpython2-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  and 7 more...
> ✗ Low severity vulnerability found in python-defaults/libpython2-stdlib
>  Description: Link Following
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PYTHONDEFAULTS-269278]
>  Introduced through: mercurial@4.8.2-1+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python-defaults/libpython2-stdlib@2.7.16-1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/python2@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1
>  and 5 more...
> ✗ Low severity vulnerability found in perl
>  Description: Link Following
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PERL-327793]
>  Introduced through: git@1:2.20.1-2+deb10u3, meta-common-packages@meta
>  From: git@1:2.20.1-2+deb10u3 > perl@5.28.1-6+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > liberror-perl@0.17027-2 > 
> perl@5.28.1-6+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > perl@5.28.1-6+deb10u1 > 
> perl/perl-modules-5.28@5.28.1-6+deb10u1
>  and 3 more...
> ✗ Low severity vulnerability found in pcre3/libpcre3
>  Description: Out-of-Bounds
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345321]
>  Introduced through: meta-common-packages@meta
>  From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
> ✗ Low severity vulnerability found in pcre3/libpcre3
>  Description: Out-of-Bounds
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345353]
>  Introduced through: meta-common-packages@meta
>  From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
> ✗ Low severity vulnerability found in pcre3/libpcre3
>  Description: Uncontrolled Recursion
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345502]
>  Introduced through: meta-common-packages@meta
>  From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
> ✗ Low severity vulnerability found in pcre3/libpcre3
>  Description: Out-of-Bounds
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345530]
>  Introduced through: meta-common-packages@meta
>  From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
> ✗ Low severity vulnerability found in pcre3/libpcre3
>  Description: Out-of-bounds Read
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572368]
>  Introduced through: meta-common-packages@meta
>  From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
> ✗ Low severity vulnerability found in openssl/libssl1.1
>  Description: Cryptographic Issues
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-374709]
>  Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, 
> openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, 
> curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  and 6 more...
> ✗ Low severity vulnerability found in openssl/libssl1.1
>  Description: Cryptographic Issues
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-374996]
>  Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, 
> openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, 
> curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  and 6 more...
> ✗ Low severity vulnerability found in openssh/openssh-client
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-368617]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2
> ✗ Low severity vulnerability found in openssh/openssh-client
>  Description: Access Restriction Bypass
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-368833]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2
> ✗ Low severity vulnerability found in openssh/openssh-client
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-368925]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2
> ✗ Low severity vulnerability found in openssh/openssh-client
>  Description: Improper Authentication
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-369016]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2
> ✗ Low severity vulnerability found in openssh/openssh-client
>  Description: Inappropriate Encoding for Output Context
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-369020]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2
> ✗ Low severity vulnerability found in openssh/openssh-client
>  Description: Integer Overflow or Wraparound
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-472477]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2
> ✗ Low severity vulnerability found in openssh/openssh-client
>  Description: Improper Input Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-570880]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2
> ✗ Low severity vulnerability found in openssh/openssh-client
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-574764]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2
> ✗ Low severity vulnerability found in openssh/openssh-client
>  Description: OS Command Injection
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-590144]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2
> ✗ Low severity vulnerability found in openldap/libldap-common
>  Description: Improper Initialization
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-304601]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
> ✗ Low severity vulnerability found in openldap/libldap-common
>  Description: Cryptographic Issues
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-304654]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
> ✗ Low severity vulnerability found in openldap/libldap-common
>  Description: Out-of-Bounds
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-304666]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
> ✗ Low severity vulnerability found in openldap/libldap-common
>  Description: Improper Certificate Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-584924]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
> ✗ Low severity vulnerability found in nettle/libnettle6
>  Description: CVE-2021-3580
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-NETTLE-1301269]
>  Introduced through: iputils/iputils-ping@3:20180629-2+deb10u1, 
> wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
>  From: iputils/iputils-ping@3:20180629-2+deb10u1 > nettle/libnettle6@3.4.1-1
>  From: wget@1.20.1-1.1 > nettle/libnettle6@3.4.1-1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1 > 
> nettle/libnettle6@3.4.1-1
>  and 5 more...
> ✗ Low severity vulnerability found in lz4/liblz4-1
>  Description: Buffer Overflow
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LZ4-473072]
>  Introduced through: apt@1.8.2.2, subversion@1.10.4-1+deb10u1, 
> procps@2:3.3.15-2
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > lz4/liblz4-1@1.8.3-1
>  From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > 
> lz4/liblz4-1@1.8.3-1
>  From: procps@2:3.3.15-2 > procps/libprocps7@2:3.3.15-2 > 
> systemd/libsystemd0@241-7~deb10u5 > lz4/liblz4-1@1.8.3-1
> ✗ Low severity vulnerability found in libtasn1-6
>  Description: Resource Management Errors
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-339585]
>  Introduced through: p11-kit@0.23.15-2, curl@7.64.0-4+deb10u1
>  From: p11-kit@0.23.15-2 > libtasn1-6@4.13-3
>  From: p11-kit@0.23.15-2 > p11-kit/p11-kit-modules@0.23.15-2 > 
> libtasn1-6@4.13-3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> gnutls28/libgnutls30@3.6.7-4+deb10u5 > libtasn1-6@4.13-3
> ✗ Low severity vulnerability found in libssh2/libssh2-1
>  Description: Integer Overflow or Wraparound
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBSSH2-474372]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> libssh2/libssh2-1@1.8.0-2.1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1 > 
> libssh2/libssh2-1@1.8.0-2.1
> ✗ Low severity vulnerability found in libseccomp/libseccomp2
>  Description: Access Restriction Bypass
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBSECCOMP-341044]
>  Introduced through: libseccomp/libseccomp2@2.3.3-4, apt@1.8.2.2
>  From: libseccomp/libseccomp2@2.3.3-4
>  From: apt@1.8.2.2 > libseccomp/libseccomp2@2.3.3-4
> ✗ Low severity vulnerability found in libpng1.6/libpng16-16
>  Description: Resource Management Errors
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBPNG16-296440]
>  Introduced through: fontconfig@2.13.1-2
>  From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > 
> freetype/libfreetype6@2.9.1-3+deb10u2 > libpng1.6/libpng16-16@1.6.36-6
> ✗ Low severity vulnerability found in libpng1.6/libpng16-16
>  Description: Memory Leak
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBPNG16-296468]
>  Introduced through: fontconfig@2.13.1-2
>  From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > 
> freetype/libfreetype6@2.9.1-3+deb10u2 > libpng1.6/libpng16-16@1.6.36-6
> ✗ Low severity vulnerability found in libpng1.6/libpng16-16
>  Description: Out-of-bounds Write
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBPNG16-296471]
>  Introduced through: fontconfig@2.13.1-2
>  From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > 
> freetype/libfreetype6@2.9.1-3+deb10u2 > libpng1.6/libpng16-16@1.6.36-6
> ✗ Low severity vulnerability found in libgcrypt20
>  Description: Use of a Broken or Risky Cryptographic Algorithm
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-391902]
>  Introduced through: gnupg2/dirmngr@2.2.12-1+deb10u1, 
> gnupg2/gnupg@2.2.12-1+deb10u1, procps@2:3.3.15-2, curl@7.64.0-4+deb10u1
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
>  From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpgv@2.2.12-1+deb10u1 > 
> libgcrypt20@1.8.4-5
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnupg2/gpgconf@2.2.12-1+deb10u1 > 
> libgcrypt20@1.8.4-5
>  and 8 more...
> ✗ Low severity vulnerability found in krb5/libkrb5support0
>  Description: CVE-2004-0971
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-KRB5-395883]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3, 
> openssh/openssh-client@1:7.9p1-10+deb10u2, subversion@1.10.4-1+deb10u1
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libkrb5support0@1.17-3+deb10u1
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libk5crypto3@1.17-3+deb10u1 > 
> krb5/libkrb5support0@1.17-3+deb10u1
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libkrb5-3@1.17-3+deb10u1 > 
> krb5/libkrb5support0@1.17-3+deb10u1
>  and 11 more...
> ✗ Low severity vulnerability found in krb5/libkrb5support0
>  Description: Integer Overflow or Wraparound
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-KRB5-395955]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3, 
> openssh/openssh-client@1:7.9p1-10+deb10u2, subversion@1.10.4-1+deb10u1
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libkrb5support0@1.17-3+deb10u1
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libk5crypto3@1.17-3+deb10u1 > 
> krb5/libkrb5support0@1.17-3+deb10u1
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libkrb5-3@1.17-3+deb10u1 > 
> krb5/libkrb5support0@1.17-3+deb10u1
>  and 11 more...
> ✗ Low severity vulnerability found in iptables/libxtables12
>  Description: Improper Input Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-IPTABLES-287323]
>  Introduced through: iproute2@4.20.0-2
>  From: iproute2@4.20.0-2 > iptables/libxtables12@1.8.2-4
> ✗ Low severity vulnerability found in iptables/libxtables12
>  Description: Out-of-Bounds
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-IPTABLES-451768]
>  Introduced through: iproute2@4.20.0-2
>  From: iproute2@4.20.0-2 > iptables/libxtables12@1.8.2-4
> ✗ Low severity vulnerability found in gnutls28/libgnutls30
>  Description: Improper Input Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-340755]
>  Introduced through: apt@1.8.2.2, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
>  From: apt@1.8.2.2 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  From: wget@1.20.1-1.1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  and 3 more...
> ✗ Low severity vulnerability found in gnupg2/gpgv
>  Description: Use of a Broken or Risky Cryptographic Algorithm
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-535553]
>  Introduced through: apt@1.8.2.2, gnupg2/gnupg@2.2.12-1+deb10u1, 
> gnupg2/dirmngr@2.2.12-1+deb10u1
>  From: apt@1.8.2.2 > gnupg2/gpgv@2.2.12-1+deb10u1
>  From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpgv@2.2.12-1+deb10u1
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnupg2/gpgconf@2.2.12-1+deb10u1
>  and 18 more...
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Double Free
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-1078993]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Uncontrolled Recursion
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338106]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Uncontrolled Recursion
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338163]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Improper Input Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356371]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Resource Management Errors
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356671]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Resource Management Errors
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356735]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: CVE-2010-4051
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356875]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Out-of-Bounds
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452228]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Access Restriction Bypass
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452267]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Use of Insufficiently Random Values
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453375]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453640]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-534995]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in glibc/libc-bin
>  Description: Integer Underflow
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-564233]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Low severity vulnerability found in git/git-man
>  Description: Improper Input Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GIT-340854]
>  Introduced through: git@1:2.20.1-2+deb10u3
>  From: git@1:2.20.1-2+deb10u3 > git/git-man@1:2.20.1-2+deb10u3
>  From: git@1:2.20.1-2+deb10u3
> ✗ Low severity vulnerability found in expat/libexpat1
>  Description: XML External Entity (XXE) Injection
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-EXPAT-358079]
>  Introduced through: git@1:2.20.1-2+deb10u3, fontconfig@2.13.1-2, 
> subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > expat/libexpat1@2.2.6-2+deb10u1
>  From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > 
> expat/libexpat1@2.2.6-2+deb10u1
>  From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > 
> expat/libexpat1@2.2.6-2+deb10u1
>  and 2 more...
> ✗ Low severity vulnerability found in curl/libcurl4
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1049501]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
>  From: curl@7.64.0-4+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
>  Fixed in: 7.64.0-4+deb10u2
> ✗ Low severity vulnerability found in curl/libcurl4
>  Description: Authentication Bypass
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1089958]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
>  From: curl@7.64.0-4+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
>  Fixed in: 7.64.0-4+deb10u2
> ✗ Low severity vulnerability found in curl/libcurl4
>  Description: CVE-2021-22898
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1296892]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
>  From: curl@7.64.0-4+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
> ✗ Low severity vulnerability found in coreutils
>  Description: Improper Input Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317465]
>  Introduced through: fontconfig@2.13.1-2
>  From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > 
> fontconfig/fontconfig-config@2.13.1-2 > ucf@3.0038+nmu1 > coreutils@8.30-3
> ✗ Low severity vulnerability found in coreutils
>  Description: Race Condition
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317494]
>  Introduced through: fontconfig@2.13.1-2
>  From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > 
> fontconfig/fontconfig-config@2.13.1-2 > ucf@3.0038+nmu1 > coreutils@8.30-3
> ✗ Low severity vulnerability found in bash
>  Description: Improper Check for Dropped Privileges
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-BASH-536280]
>  Introduced through: bash@5.0-4
>  From: bash@5.0-4
> ✗ Low severity vulnerability found in apt/libapt-pkg5.0
>  Description: Improper Verification of Cryptographic Signature
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-APT-407502]
>  Introduced through: apt/libapt-pkg5.0@1.8.2.2, apt@1.8.2.2
>  From: apt/libapt-pkg5.0@1.8.2.2
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2
>  From: apt@1.8.2.2
> ✗ Medium severity vulnerability found in wget
>  Description: Open Redirect
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-WGET-1277612]
>  Introduced through: wget@1.20.1-1.1
>  From: wget@1.20.1-1.1
> ✗ Medium severity vulnerability found in sqlite3/libsqlite3-0
>  Description: Uncontrolled Recursion
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-537251]
>  Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, 
> subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
> ✗ Medium severity vulnerability found in sqlite3/libsqlite3-0
>  Description: Improper Handling of Exceptional Conditions
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-539769]
>  Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, 
> subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
> ✗ Medium severity vulnerability found in sqlite3/libsqlite3-0
>  Description: CVE-2020-13631
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-570487]
>  Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, 
> subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
> ✗ Medium severity vulnerability found in python2.7/libpython2.7-stdlib
>  Description: HTTP Request Smuggling
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-1085863]
>  Introduced through: mercurial@4.8.2-1+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python-defaults/libpython2-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  and 7 more...
> ✗ Medium severity vulnerability found in pcre3/libpcre3
>  Description: Integer Overflow or Wraparound
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572367]
>  Introduced through: meta-common-packages@meta
>  From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
> ✗ Medium severity vulnerability found in p11-kit/libp11-kit0
>  Description: Out-of-bounds Read
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-P11KIT-1050832]
>  Introduced through: p11-kit@0.23.15-2, curl@7.64.0-4+deb10u1
>  From: p11-kit@0.23.15-2 > p11-kit/libp11-kit0@0.23.15-2
>  From: p11-kit@0.23.15-2 > p11-kit/p11-kit-modules@0.23.15-2 > 
> p11-kit/libp11-kit0@0.23.15-2
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> gnutls28/libgnutls30@3.6.7-4+deb10u5 > p11-kit/libp11-kit0@0.23.15-2
>  and 2 more...
>  Fixed in: 0.23.15-2+deb10u1
> ✗ Medium severity vulnerability found in openssl/libssl1.1
>  Description: Integer Overflow or Wraparound
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1075330]
>  Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, 
> openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, 
> curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  and 6 more...
>  Fixed in: 1.1.1d-0+deb10u5
> ✗ Medium severity vulnerability found in openssl/libssl1.1
>  Description: NULL Pointer Dereference
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1089177]
>  Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, 
> openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, 
> curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  and 6 more...
>  Fixed in: 1.1.1d-0+deb10u6
> ✗ Medium severity vulnerability found in openssl/libssl1.1
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-536856]
>  Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, 
> openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, 
> curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  and 6 more...
>  Fixed in: 1.1.1d-0+deb10u5
> ✗ Medium severity vulnerability found in libzstd/libzstd1
>  Description: Incorrect Default Permissions
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBZSTD-1080893]
>  Introduced through: libzstd/libzstd1@1.3.8+dfsg-3, apt@1.8.2.2
>  From: libzstd/libzstd1@1.3.8+dfsg-3
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > libzstd/libzstd1@1.3.8+dfsg-3
>  Fixed in: 1.3.8+dfsg-3+deb10u1
> ✗ Medium severity vulnerability found in libzstd/libzstd1
>  Description: Incorrect Default Permissions
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBZSTD-1080899]
>  Introduced through: libzstd/libzstd1@1.3.8+dfsg-3, apt@1.8.2.2
>  From: libzstd/libzstd1@1.3.8+dfsg-3
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > libzstd/libzstd1@1.3.8+dfsg-3
>  Fixed in: 1.3.8+dfsg-3+deb10u2
> ✗ Medium severity vulnerability found in libgcrypt20
>  Description: Race Condition
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-460489]
>  Introduced through: gnupg2/dirmngr@2.2.12-1+deb10u1, 
> gnupg2/gnupg@2.2.12-1+deb10u1, procps@2:3.3.15-2, curl@7.64.0-4+deb10u1
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
>  From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpgv@2.2.12-1+deb10u1 > 
> libgcrypt20@1.8.4-5
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnupg2/gpgconf@2.2.12-1+deb10u1 > 
> libgcrypt20@1.8.4-5
>  and 8 more...
> ✗ Medium severity vulnerability found in iproute2
>  Description: Use After Free
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-IPROUTE2-568742]
>  Introduced through: iproute2@4.20.0-2
>  From: iproute2@4.20.0-2
> ✗ Medium severity vulnerability found in glibc/libc-bin
>  Description: Loop with Unreachable Exit Condition ('Infinite Loop')
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-1035462]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Medium severity vulnerability found in glibc/libc-bin
>  Description: Out-of-bounds Read
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-1055403]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Medium severity vulnerability found in glibc/libc-bin
>  Description: Out-of-Bounds
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559181]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ Medium severity vulnerability found in curl/libcurl4
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1089952]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
>  From: curl@7.64.0-4+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
>  Fixed in: 7.64.0-4+deb10u2
> ✗ High severity vulnerability found in systemd/libsystemd0
>  Description: Privilege Chaining
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345386]
>  Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, 
> util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
>  From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > 
> systemd/libsystemd0@241-7~deb10u5
>  From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > 
> systemd/libsystemd0@241-7~deb10u5
>  and 4 more...
> ✗ High severity vulnerability found in systemd/libsystemd0
>  Description: Incorrect Privilege Assignment
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345391]
>  Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, 
> util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
>  From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > 
> systemd/libsystemd0@241-7~deb10u5
>  From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > 
> systemd/libsystemd0@241-7~deb10u5
>  and 4 more...
> ✗ High severity vulnerability found in subversion/libsvn1
>  Description: NULL Pointer Dereference
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SUBVERSION-1071814]
>  Introduced through: subversion@1.10.4-1+deb10u1
>  From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1
>  From: subversion@1.10.4-1+deb10u1
>  Fixed in: 1.10.4-1+deb10u2
> ✗ High severity vulnerability found in sqlite3/libsqlite3-0
>  Description: CVE-2019-19603
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-537598]
>  Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, 
> subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > 
> sqlite3/libsqlite3-0@3.27.2-3+deb10u1
> ✗ High severity vulnerability found in python2.7/libpython2.7-stdlib
>  Description: Buffer Overflow
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-1063178]
>  Introduced through: mercurial@4.8.2-1+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > 
> python-defaults/libpython-stdlib@2.7.16-1 > 
> python-defaults/libpython2-stdlib@2.7.16-1 > 
> python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
>  and 7 more...
> ✗ High severity vulnerability found in pcre2/libpcre2-8-0
>  Description: Out-of-bounds Read
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-PCRE2-548863]
>  Introduced through: git@1:2.20.1-2+deb10u3, wget@1.20.1-1.1
>  From: git@1:2.20.1-2+deb10u3 > pcre2/libpcre2-8-0@10.32-5
>  From: wget@1.20.1-1.1 > pcre2/libpcre2-8-0@10.32-5
> ✗ High severity vulnerability found in p11-kit/libp11-kit0
>  Description: Out-of-bounds Write
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-P11KIT-1050833]
>  Introduced through: p11-kit@0.23.15-2, curl@7.64.0-4+deb10u1
>  From: p11-kit@0.23.15-2 > p11-kit/libp11-kit0@0.23.15-2
>  From: p11-kit@0.23.15-2 > p11-kit/p11-kit-modules@0.23.15-2 > 
> p11-kit/libp11-kit0@0.23.15-2
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> gnutls28/libgnutls30@3.6.7-4+deb10u5 > p11-kit/libp11-kit0@0.23.15-2
>  and 2 more...
>  Fixed in: 0.23.15-2+deb10u1
> ✗ High severity vulnerability found in p11-kit/libp11-kit0
>  Description: Integer Overflow or Wraparound
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-P11KIT-1050836]
>  Introduced through: p11-kit@0.23.15-2, curl@7.64.0-4+deb10u1
>  From: p11-kit@0.23.15-2 > p11-kit/libp11-kit0@0.23.15-2
>  From: p11-kit@0.23.15-2 > p11-kit/p11-kit-modules@0.23.15-2 > 
> p11-kit/libp11-kit0@0.23.15-2
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> gnutls28/libgnutls30@3.6.7-4+deb10u5 > p11-kit/libp11-kit0@0.23.15-2
>  and 2 more...
>  Fixed in: 0.23.15-2+deb10u1
> ✗ High severity vulnerability found in openssl/libssl1.1
>  Description: Integer Overflow or Wraparound
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1075326]
>  Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, 
> openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, 
> curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
>  From: openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > 
> openssl/libssl1.1@1.1.1d-0+deb10u4
>  and 6 more...
>  Fixed in: 1.1.1d-0+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: Reachable Assertion
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064721]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: Out-of-bounds Read
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064724]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: Integer Underflow
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064726]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: Release of Invalid Pointer or Reference
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064733]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: Double Free
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064737]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: Loop with Unreachable Exit Condition ('Infinite Loop')
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064742]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: CVE-2020-36226
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064744]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: Integer Underflow
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064746]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: Access of Resource Using Incompatible Type ('Type Confusion')
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064752]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: Reachable Assertion
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064754]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u5
> ✗ High severity vulnerability found in openldap/libldap-common
>  Description: Reachable Assertion
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1074919]
>  Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > 
> openldap/libldap-common@2.4.47+dfsg-3+deb10u4
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
>  and 1 more...
>  Fixed in: 2.4.47+dfsg-3+deb10u6
> ✗ High severity vulnerability found in nettle/libnettle6
>  Description: Use of a Broken or Risky Cryptographic Algorithm
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-NETTLE-1090205]
>  Introduced through: iputils/iputils-ping@3:20180629-2+deb10u1, 
> wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
>  From: iputils/iputils-ping@3:20180629-2+deb10u1 > nettle/libnettle6@3.4.1-1
>  From: wget@1.20.1-1.1 > nettle/libnettle6@3.4.1-1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1 > 
> nettle/libnettle6@3.4.1-1
>  and 5 more...
> ✗ High severity vulnerability found in lz4/liblz4-1
>  Description: Out-of-bounds Write
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LZ4-1277601]
>  Introduced through: apt@1.8.2.2, subversion@1.10.4-1+deb10u1, 
> procps@2:3.3.15-2
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > lz4/liblz4-1@1.8.3-1
>  From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > 
> lz4/liblz4-1@1.8.3-1
>  From: procps@2:3.3.15-2 > procps/libprocps7@2:3.3.15-2 > 
> systemd/libsystemd0@241-7~deb10u5 > lz4/liblz4-1@1.8.3-1
>  Fixed in: 1.8.3-1+deb10u1
> ✗ High severity vulnerability found in libssh2/libssh2-1
>  Description: Out-of-bounds Read
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBSSH2-452460]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> libssh2/libssh2-1@1.8.0-2.1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1 > 
> libssh2/libssh2-1@1.8.0-2.1
> ✗ High severity vulnerability found in libidn2/libidn2-0
>  Description: Improper Input Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBIDN2-474100]
>  Introduced through: iputils/iputils-ping@3:20180629-2+deb10u1, 
> wget@1.20.1-1.1, curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: iputils/iputils-ping@3:20180629-2+deb10u1 > 
> libidn2/libidn2-0@2.0.5-1+deb10u1
>  From: wget@1.20.1-1.1 > libidn2/libidn2-0@2.0.5-1+deb10u1
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > 
> libidn2/libidn2-0@2.0.5-1+deb10u1
>  and 3 more...
> ✗ High severity vulnerability found in libgcrypt20
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-1297893]
>  Introduced through: gnupg2/dirmngr@2.2.12-1+deb10u1, 
> gnupg2/gnupg@2.2.12-1+deb10u1, procps@2:3.3.15-2, curl@7.64.0-4+deb10u1
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
>  From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpgv@2.2.12-1+deb10u1 > 
> libgcrypt20@1.8.4-5
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnupg2/gpgconf@2.2.12-1+deb10u1 > 
> libgcrypt20@1.8.4-5
>  and 8 more...
> ✗ High severity vulnerability found in libbsd/libbsd0
>  Description: Out-of-bounds Read
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-LIBBSD-541041]
>  Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
>  From: openssh/openssh-client@1:7.9p1-10+deb10u2 > 
> libedit/libedit2@3.1-20181209-1 > libbsd/libbsd0@0.9.1-2
>  Fixed in: 0.9.1-2+deb10u1
> ✗ High severity vulnerability found in gnutls28/libgnutls30
>  Description: Use After Free
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-1085094]
>  Introduced through: apt@1.8.2.2, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
>  From: apt@1.8.2.2 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  From: wget@1.20.1-1.1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  and 3 more...
> ✗ High severity vulnerability found in gnutls28/libgnutls30
>  Description: Use After Free
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-1085097]
>  Introduced through: apt@1.8.2.2, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
>  From: apt@1.8.2.2 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  From: wget@1.20.1-1.1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  and 3 more...
> ✗ High severity vulnerability found in gnutls28/libgnutls30
>  Description: Out-of-bounds Write
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-609778]
>  Introduced through: apt@1.8.2.2, gnupg2/dirmngr@2.2.12-1+deb10u1, 
> wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
>  From: apt@1.8.2.2 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  From: wget@1.20.1-1.1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
>  and 3 more...
> ✗ High severity vulnerability found in glibc/libc-bin
>  Description: Reachable Assertion
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-1065768]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ High severity vulnerability found in glibc/libc-bin
>  Description: Use After Free
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-1296899]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ High severity vulnerability found in glibc/libc-bin
>  Description: Out-of-bounds Write
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559488]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ High severity vulnerability found in glibc/libc-bin
>  Description: Use After Free
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559493]
>  Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
>  From: glibc/libc-bin@2.28-10
>  From: meta-common-packages@meta > glibc/libc6@2.28-10
> ✗ High severity vulnerability found in git/git-man
>  Description: Link Following
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GIT-1083853]
>  Introduced through: git@1:2.20.1-2+deb10u3
>  From: git@1:2.20.1-2+deb10u3 > git/git-man@1:2.20.1-2+deb10u3
>  From: git@1:2.20.1-2+deb10u3
> ✗ High severity vulnerability found in gcc-8/libstdc++6
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GCC8-347558]
>  Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.2, 
> meta-common-packages@meta
>  From: gcc-8/libstdc++6@8.3.0-6
>  From: apt@1.8.2.2 > gcc-8/libstdc++6@8.3.0-6
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > gcc-8/libstdc++6@8.3.0-6
>  and 2 more...
> ✗ High severity vulnerability found in gcc-8/libstdc++6
>  Description: Insufficient Entropy
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-GCC8-469413]
>  Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.2, 
> meta-common-packages@meta
>  From: gcc-8/libstdc++6@8.3.0-6
>  From: apt@1.8.2.2 > gcc-8/libstdc++6@8.3.0-6
>  From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > gcc-8/libstdc++6@8.3.0-6
>  and 2 more...
> ✗ High severity vulnerability found in curl/libcurl4
>  Description: Out-of-bounds Write
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1049502]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
>  From: curl@7.64.0-4+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
>  Fixed in: 7.64.0-4+deb10u2
> ✗ High severity vulnerability found in curl/libcurl4
>  Description: Improper Certificate Validation
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1049506]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
>  From: curl@7.64.0-4+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
>  Fixed in: 7.64.0-4+deb10u2
> ✗ High severity vulnerability found in curl/libcurl4
>  Description: Arbitrary Code Injection
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-CURL-573151]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
>  From: curl@7.64.0-4+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
>  Fixed in: 7.64.0-4+deb10u2
> ✗ High severity vulnerability found in curl/libcurl4
>  Description: Information Exposure
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-CURL-573153]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
>  From: curl@7.64.0-4+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
>  Fixed in: 7.64.0-4+deb10u2
> ✗ High severity vulnerability found in curl/libcurl4
>  Description: Use After Free
>  Info: [https://snyk.io/vuln/SNYK-DEBIAN10-CURL-608200]
>  Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
>  From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
>  From: curl@7.64.0-4+deb10u1
>  From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
>  Fixed in: 7.64.0-4+deb10u2
>  
> Package manager: deb
>  Project name: docker-image|guacamole/guacamole
>  Docker image: guacamole/guacamole:1.3.0
>  Platform: linux/amd64
> Tested 179 dependencies for known vulnerabilities, found 137 vulnerabilities.
> For more free scans that keep your images secure, sign up to Snyk at 
> [https://dockr.ly/3ePqVcp]
> tgates@MacBook-Pro ~



--
This message was sent by Atlassian Jira
(v8.3.4#803005)