Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Report: Image Vulnerabilities #91

Open
github-actions bot opened this issue Dec 18, 2023 · 0 comments
Open

Security Report: Image Vulnerabilities #91

github-actions bot opened this issue Dec 18, 2023 · 0 comments
Labels
security

Comments

@github-actions
Copy link

github-actions bot commented Dec 18, 2023
edited
Loading

Last scan date

2/17/2024

Present Vulnerabilities

Vulnerability IDPkgNameTitleSeverityStatusFixed VersionPublished DateAffectsLinks
CVE-2022-4450libcrypto1.1openssl: double free after calling PEM_read_bio_exHIGHfixed1.1.1t-r02023-02-08T20:15:00Z
  • logging-service
    CVE-2023-0215libcrypto1.1openssl: use-after-free following BIO_new_NDEFHIGHfixed1.1.1t-r02023-02-08T20:15:00Z
    • logging-service
      CVE-2023-0286libcrypto1.1openssl: X.400 address type confusion in X.509 GeneralNameHIGHfixed1.1.1t-r02023-02-08T20:15:00Z
      • logging-service
      CVE-2023-0464libcrypto1.1openssl: Denial of service by excessive resource usage in verifying X509 policy constraintsHIGHfixed1.1.1t-r22023-03-22T17:15:00Z
      • logging-service
        CVE-2022-37434zlibzlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra fieldCRITICALfixed1.2.12-r22022-08-05T07:15:00Z
        • logging-service
          CVE-2022-30065busyboxbusybox: A use-after-free in Busybox's awk applet leads to denial of serviceHIGHfixed1.35.0-r152022-05-18T15:15:00Z
          • logging-service
            CVE-2023-6816xserver-commonxorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointerHIGHfixed2:1.20.11-1+deb11u112024-01-18T05:15:08.607Z
            • e2e-test
            • e2e-test
              CVE-2024-0229xserver-commonxorg-x11-server: reattaching to different master device may lead to out-of-bounds memory accessHIGHfixed2:1.20.11-1+deb11u11-
              • e2e-test
              • e2e-test
                CVE-2024-0409xserver-commonxorg-x11-server: SELinux context corruptionHIGHfixed2:1.20.11-1+deb11u112024-01-18T16:15:08.593Z
                • e2e-test
                • e2e-test
                  CVE-2024-21885xserver-commonxorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEventHIGHfixed2:1.20.11-1+deb11u11-
                  • e2e-test
                  • e2e-test
                    CVE-2024-21886xserver-commonxorg-x11-server: heap buffer overflow in DisableDeviceHIGHfixed2:1.20.11-1+deb11u11-
                    • e2e-test
                    • e2e-test
                      CVE-2023-6246libc-binglibc: heap-based buffer overflow in __vsyslog_internal()HIGHfixed2.36-9+deb12u42024-01-31T14:15:48.42Z
                      • blockchain
                      • blockchain
                        CVE-2023-6779libc-binglibc: off-by-one heap-based buffer overflow in __vsyslog_internal()HIGHfixed2.36-9+deb12u42024-01-31T14:15:48.7Z
                        • blockchain
                        • blockchain
                          CVE-2023-52425libexpatexpat: parsing large tokens can trigger a denial of serviceHIGHfixed2.6.0-r02024-02-04T20:15:46.063Z
                          • frontend
                            CVE-2023-49465libde265-0Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vuln ...HIGHfixed1.0.11-1+deb12u22023-12-07T20:15:38.37Z
                            • api
                              CVE-2023-49467libde265-0Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vuln ...HIGHfixed1.0.11-1+deb12u22023-12-07T20:15:38.427Z
                              • api
                                CVE-2023-49468libde265-0Libde265 v1.0.14 was discovered to contain a global buffer overflow vu ...HIGHfixed1.0.11-1+deb12u22023-12-07T20:15:38.477Z
                                • api
                                  CVE-2024-0553libgnutls30gnutls: incomplete fix for CVE-2023-5981HIGHfixed3.7.9-2+deb12u22024-01-16T12:15:45.557Z
                                  • api
                                  • blockchain
                                    CVE-2024-0567libgnutls30gnutls: rejects certificate chain with distributed trustHIGHfixed3.7.9-2+deb12u22024-01-16T14:15:48.527Z
                                    • api
                                    • blockchain
                                    • e2e-test
                                      CVE-2023-46838linux-libc-devTransmit requests in Xen's virtual network protocol can consist of mul ...HIGHfixed6.1.76-12024-01-29T11:15:07.933Z
                                      • api
                                        CVE-2023-5633linux-libc-devkernel: vmwgfx: reference count issue leads to use-after-free in surface handlingHIGHfixed6.1.76-12023-10-23T22:15:09.43Z
                                        • api
                                          CVE-2023-6606linux-libc-devkernel: Out-Of-Bounds Read vulnerability in smbCalcSizeHIGHfixed6.1.76-12023-12-08T17:15:07.733Z
                                          • api
                                            CVE-2024-1085linux-libc-devkernel: nf_tables: use-after-free vulnerability in the nft_setelem_catchall_deactivate() functionHIGHfixed6.1.76-12024-01-31T13:15:10.63Z
                                            • api
                                              CVE-2024-1086linux-libc-devkernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() functionHIGHfixed6.1.76-12024-01-31T13:15:10.827Z
                                              • api
                                                CVE-2024-22705linux-libc-devkernel: out-of-bounds access smb2_get_data_area_lenHIGHfixed6.1.76-12024-01-23T11:15:09.327Z
                                                • api
                                                  CVE-2023-29499libglib2.0-0glib: GVariant offset table entry size is not checked in is_normal()HIGHfixed2.66.8-1+deb11u12023-09-14T20:15:09.42Z
                                                  • e2e-test
                                                    CVE-2023-47038libperl5.32perl: Write past buffer end via illegal user-defined Unicode propertyHIGHfixed5.32.1-4+deb11u32023-12-18T14:15:08.933Z
                                                    • e2e-test
                                                    • e2e-test
                                                    • e2e-test
                                                    • e2e-test
                                                      CVE-2024-25062libxml2libxml2: use-after-free in XMLReaderHIGHfixed2.11.7-r02024-02-04T16:15:45.12Z
                                                      • frontend
                                                        Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
                                                        Assignees
                                                        No one assigned
                                                        Labels
                                                        security
                                                        Projects
                                                        None yet
                                                        Milestone
                                                        No milestone
                                                        Development

                                                        No branches or pull requests
                                                        0 participants