-
Notifications
You must be signed in to change notification settings - Fork 0
dockerhub.hi.inet evolved 5g fogusnetapp fogusnetapp netapppostgres
Evolved5G edited this page Feb 28, 2024
·
5 revisions
| Severity | Number of vulnerabilities |
|---|---|
| CRITICAL | 3 |
| HIGH | 37 |
| MEDIUM | 16 |
| LOW | 48 |
| Severity | ID | Title | PkgName | InstalledVersion | FixedVersion |
|---|---|---|---|---|---|
| CRITICAL | CVE-2019-12900 | bzip2: out-of-bounds write in function BZ2_decompress | libbz2-1.0 | 1.0.6-8.1 | |
| CRITICAL | CVE-2019-8457 | heap out-of-bound read in function rtreenode() | libdb5.3 | 5.3.28-12+deb9u1 | |
| CRITICAL | CVE-2019-8457 | heap out-of-bound read in function rtreenode() | libsqlite3-0 | 3.16.2-5+deb9u3 | |
| HIGH | CVE-2016-2779 | util-linux: runuser tty hijack via TIOCSTI ioctl | bsdutils | 1:2.29.2-1+deb9u1 | |
| HIGH | CVE-2018-1000858 | gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of se | dirmngr | 2.1.18-8~deb9u4 | |
| HIGH | CVE-2022-1304 | e2fsprogs: out-of-bounds read/write via crafted filesystem | e2fslibs | 1.43.4-2+deb9u2 | |
| HIGH | CVE-2022-1304 | e2fsprogs: out-of-bounds read/write via crafted filesystem | e2fsprogs | 1.43.4-2+deb9u2 | |
| HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | gcc-6-base | 6.3.0-18+deb9u1 | |
| HIGH | CVE-2018-1000858 | gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of se | gnupg | 2.1.18-8~deb9u4 | |
| HIGH | CVE-2018-1000858 | gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of se | gnupg-agent | 2.1.18-8~deb9u4 | |
| HIGH | CVE-2018-1000858 | gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of se | gpgv | 2.1.18-8~deb9u4 | |
| HIGH | CVE-2016-2779 | util-linux: runuser tty hijack via TIOCSTI ioctl | libblkid1 | 2.29.2-1+deb9u1 | |
| HIGH | CVE-2022-1304 | e2fsprogs: out-of-bounds read/write via crafted filesystem | libcomerr2 | 1.43.4-2+deb9u2 | |
| HIGH | CVE-2016-2779 | util-linux: runuser tty hijack via TIOCSTI ioctl | libfdisk1 | 2.29.2-1+deb9u1 | |
| HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libgcc1 | 1:6.3.0-18+deb9u1 | |
| HIGH | CVE-2021-33560 | mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack ag | libgcrypt20 | 1.7.6-2+deb9u4 | |
| HIGH | CVE-2016-2779 | util-linux: runuser tty hijack via TIOCSTI ioctl | libmount1 | 2.29.2-1+deb9u1 | |
| HIGH | CVE-2022-29458 | segfaulting OOB read | libncurses5 | 6.0+20161126-1+deb9u2 | |
| HIGH | CVE-2022-29458 | segfaulting OOB read | libncursesw5 | 6.0+20161126-1+deb9u2 | |
| HIGH | CVE-2020-16156 | perl-CPAN: Bypass of verification of signatures in CHECKSUMS files | libperl5.24 | 5.24.1-3+deb9u7 | |
| HIGH | CVE-2016-2779 | util-linux: runuser tty hijack via TIOCSTI ioctl | libsmartcols1 | 2.29.2-1+deb9u1 | |
| HIGH | CVE-2022-1304 | e2fsprogs: out-of-bounds read/write via crafted filesystem | libss2 | 1.43.4-2+deb9u2 | |
| HIGH | CVE-2018-12886 | gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow prot | libstdc++6 | 6.3.0-18+deb9u1 | |
| HIGH | CVE-2019-3843 | systemd: services with DynamicUser can create SUID/SGID binaries | libsystemd0 | 232-25+deb9u13 | |
| HIGH | CVE-2019-3844 | systemd: services with DynamicUser can get new privileges and create SGID binaries | libsystemd0 | 232-25+deb9u13 | |
| HIGH | CVE-2020-1712 | systemd: use-after-free when asynchronous polkit queries are performed | libsystemd0 | 232-25+deb9u13 | 232-25+deb9u14 |
| HIGH | CVE-2022-29458 | segfaulting OOB read | libtinfo5 | 6.0+20161126-1+deb9u2 | |
| HIGH | CVE-2019-3843 | systemd: services with DynamicUser can create SUID/SGID binaries | libudev1 | 232-25+deb9u13 | |
| HIGH | CVE-2019-3844 | systemd: services with DynamicUser can get new privileges and create SGID binaries | libudev1 | 232-25+deb9u13 | |
| HIGH | CVE-2020-1712 | systemd: use-after-free when asynchronous polkit queries are performed | libudev1 | 232-25+deb9u13 | 232-25+deb9u14 |
| HIGH | CVE-2016-2779 | util-linux: runuser tty hijack via TIOCSTI ioctl | libuuid1 | 2.29.2-1+deb9u1 | |
| HIGH | CVE-2016-2779 | util-linux: runuser tty hijack via TIOCSTI ioctl | mount | 2.29.2-1+deb9u1 | |
| HIGH | CVE-2022-29458 | segfaulting OOB read | ncurses-base | 6.0+20161126-1+deb9u2 | |
| HIGH | CVE-2022-29458 | segfaulting OOB read | ncurses-bin | 6.0+20161126-1+deb9u2 | |
| HIGH | CVE-2020-16156 | perl-CPAN: Bypass of verification of signatures in CHECKSUMS files | perl | 5.24.1-3+deb9u7 | |
| HIGH | CVE-2020-16156 | perl-CPAN: Bypass of verification of signatures in CHECKSUMS files | perl-base | 5.24.1-3+deb9u7 | |
| HIGH | CVE-2020-16156 | perl-CPAN: Bypass of verification of signatures in CHECKSUMS files | perl-modules-5.24 | 5.24.1-3+deb9u7 | |
| HIGH | CVE-2016-2779 | util-linux: runuser tty hijack via TIOCSTI ioctl | util-linux | 2.29.2-1+deb9u1 | |
| HIGH | CVE-2023-27561 | runc: volume mount race condition (regression of CVE-2019-19921) | github.com/opencontainers/runc | v1.0.1 | 1.1.5 |
| HIGH | CVE-2024-21626 | runc: file descriptor leak | github.com/opencontainers/runc | v1.0.1 | 1.1.12 |
| MEDIUM | CVE-2019-13627 | ECDSA timing attack allowing private key leak | libgcrypt20 | 1.7.6-2+deb9u4 | |
| MEDIUM | CVE-2018-16868 | gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle veri | libgnutls30 | 3.5.8-5+deb9u6 | |
| MEDIUM | CVE-2021-4209 | GnuTLS: Null pointer dereference in MD_UPDATE | libgnutls30 | 3.5.8-5+deb9u6 | |
| MEDIUM | CVE-2018-16869 | nettle: Leaky data conversion exposing a manager oracle | libhogweed4 | 3.3-1+deb9u1 | |
| MEDIUM | CVE-2018-16869 | nettle: Leaky data conversion exposing a manager oracle | libnettle6 | 3.3-1+deb9u1 | |
| MEDIUM | CVE-2020-14155 | pcre: Integer overflow when parsing callout numeric arguments | libpcre3 | 2:8.39-3 | |
| MEDIUM | CVE-2019-19645 | sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TAB | libsqlite3-0 | 3.16.2-5+deb9u3 | |
| MEDIUM | CVE-2020-13631 | sqlite: Virtual table can be renamed into the name of one of its shadow tables | libsqlite3-0 | 3.16.2-5+deb9u3 | |
| MEDIUM | CVE-2021-4160 | openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure | libssl1.1 | 1.1.0l-1~deb9u6 | |
| MEDIUM | CVE-2021-3997 | Uncontrolled recursion in systemd-tmpfiles when removing files | libsystemd0 | 232-25+deb9u13 | |
| MEDIUM | CVE-2021-3997 | Uncontrolled recursion in systemd-tmpfiles when removing files | libudev1 | 232-25+deb9u13 | |
| MEDIUM | CVE-2021-4160 | openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure | openssl | 1.1.0l-1~deb9u6 | |
| MEDIUM | CVE-2021-43784 | runc: integer overflow in netlink bytemsg length field allows attacker to override netlink-based con | github.com/opencontainers/runc | v1.0.1 | 1.0.3 |
| MEDIUM | CVE-2022-29162 | runc: incorrect handling of inheritable capabilities | github.com/opencontainers/runc | v1.0.1 | 1.1.2 |
| MEDIUM | CVE-2023-28642 | runc: AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount |
github.com/opencontainers/runc | v1.0.1 | 1.1.5 |
| MEDIUM | CVE-2022-29526 | golang: syscall: faccessat checks wrong group | golang.org/x/sys | v0.0.0-20210817142637-7d9622a276b7 | 0.0.0-20220412211240-33da011f77ad |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | bsdutils | 1:2.29.2-1+deb9u1 | |
| LOW | CVE-2016-2781 | coreutils: Non-privileged session can escape to the parent session in chroot | coreutils | 8.26-3 | |
| LOW | CVE-2018-9234 | GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signin | dirmngr | 2.1.18-8~deb9u4 | |
| LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | dirmngr | 2.1.18-8~deb9u4 | |
| LOW | CVE-2018-9234 | GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signin | gnupg | 2.1.18-8~deb9u4 | |
| LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gnupg | 2.1.18-8~deb9u4 | |
| LOW | CVE-2018-9234 | GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signin | gnupg-agent | 2.1.18-8~deb9u4 | |
| LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gnupg-agent | 2.1.18-8~deb9u4 | |
| LOW | CVE-2018-9234 | GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signin | gpgv | 2.1.18-8~deb9u4 | |
| LOW | CVE-2019-14855 | gnupg2: OpenPGP Key Certification Forgeries with SHA-1 | gpgv | 2.1.18-8~deb9u4 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libblkid1 | 2.29.2-1+deb9u1 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libfdisk1 | 2.29.2-1+deb9u1 | |
| LOW | CVE-2017-11462 | krb5: Automatic sec context deletion could lead to double-free | libgssapi-krb5-2 | 1.15-1+deb9u3 | |
| LOW | CVE-2017-11462 | krb5: Automatic sec context deletion could lead to double-free | libk5crypto3 | 1.15-1+deb9u3 | |
| LOW | CVE-2017-11462 | krb5: Automatic sec context deletion could lead to double-free | libkrb5-3 | 1.15-1+deb9u3 | |
| LOW | CVE-2017-11462 | krb5: Automatic sec context deletion could lead to double-free | libkrb5support0 | 1.15-1+deb9u3 | |
| LOW | CVE-2019-17543 | lz4: heap-based buffer overflow in LZ4_write32 | liblz4-1 | 0.0~r131-2+deb9u1 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libmount1 | 2.29.2-1+deb9u1 | |
| LOW | CVE-2018-19211 | ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c | libncurses5 | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2019-17594 | heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c | libncurses5 | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2019-17595 | heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c | libncurses5 | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2018-19211 | ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c | libncursesw5 | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2019-17594 | heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c | libncursesw5 | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2019-17595 | heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c | libncursesw5 | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2021-36084 | libsepol: use-after-free in __cil_verify_classperms() | libsepol1 | 2.6-2 | |
| LOW | CVE-2021-36085 | libsepol: use-after-free in __cil_verify_classperms() | libsepol1 | 2.6-2 | |
| LOW | CVE-2021-36086 | use-after-free in cil_reset_classpermission() | libsepol1 | 2.6-2 | |
| LOW | CVE-2021-36087 | libsepol: heap-based buffer overflow in ebitmap_match_any() | libsepol1 | 2.6-2 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libsmartcols1 | 2.29.2-1+deb9u1 | |
| LOW | CVE-2018-16888 | systemd: kills privileged process if unprivileged PIDFile was tampered | libsystemd0 | 232-25+deb9u13 | |
| LOW | CVE-2018-6954 | Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files | libsystemd0 | 232-25+deb9u13 | |
| LOW | CVE-2018-19211 | ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c | libtinfo5 | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2019-17594 | heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c | libtinfo5 | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2019-17595 | heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c | libtinfo5 | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2018-16888 | systemd: kills privileged process if unprivileged PIDFile was tampered | libudev1 | 232-25+deb9u13 | |
| LOW | CVE-2018-6954 | Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files | libudev1 | 232-25+deb9u13 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | libuuid1 | 2.29.2-1+deb9u1 | |
| LOW | CVE-2018-7169 | shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p | login | 1:4.4-4.1+deb9u1 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | mount | 2.29.2-1+deb9u1 | |
| LOW | CVE-2018-19211 | ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c | ncurses-base | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2019-17594 | heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c | ncurses-base | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2019-17595 | heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c | ncurses-base | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2018-19211 | ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c | ncurses-bin | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2019-17594 | heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c | ncurses-bin | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2019-17595 | heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c | ncurses-bin | 6.0+20161126-1+deb9u2 | |
| LOW | CVE-2018-7169 | shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p | passwd | 1:4.4-4.1+deb9u1 | |
| LOW | CVE-2021-37600 | util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils | util-linux | 2.29.2-1+deb9u1 | |
| LOW | CVE-2023-25809 | runc: Rootless runc makes /sys/fs/cgroup writable |
github.com/opencontainers/runc | v1.0.1 | 1.1.5 |
Date: 2024-02-28