Skip to content

v2.11.0 Security vulnerability report images

System bot edited this page Sep 27, 2024 · 73 revisions

Present Vulnerabilities (docker image audit) in version: v2.11.0

SUBSCRIPTIONID RESOURCEGROUP VULNID IDENTIFICATIONDATE CATEGORY CVE CVSS SEVERITY DISPLAYNAME RESOURCEID RESOURCEID_SINGLE AKTIV HOST OSDETAILS
- - CVE-2024-2398 2024-03-27T08:15:41.283Z docker image audit CVE-2024-2398 HIGH curl: HTTP/2 push headers memory-leak frontend-v2.11.0 frontend-v2.11.0 Yes package: curl, status: fixed, fixedVersion: 8.7.1-r0
- - CVE-2024-2398 2024-03-27T08:15:41.283Z docker image audit CVE-2024-2398 HIGH curl: HTTP/2 push headers memory-leak blockchain-v2.11.0 blockchain-v2.11.0 Yes package: curl, status: fixed, fixedVersion: 8.7.1-r0
- - CVE-2024-2398 2024-03-27T08:15:41.283Z docker image audit CVE-2024-2398 HIGH curl: HTTP/2 push headers memory-leak e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: curl, status: fixed, fixedVersion: 8.7.1-r0
- - CVE-2024-6197 2024-07-24T08:15:03.34Z docker image audit CVE-2024-6197 HIGH curl: freeing stack buffer in utf8asn1str frontend-v2.11.0 frontend-v2.11.0 Yes package: curl, status: fixed, fixedVersion: 8.9.0-r0
- - CVE-2024-45490 2024-08-30T03:15:03.757Z docker image audit CVE-2024-45490 CRITICAL libexpat: Negative Length Parsing Vulnerability in libexpat frontend-v2.11.0 frontend-v2.11.0 Yes package: libexpat, status: fixed, fixedVersion: 2.6.3-r0
- - CVE-2024-45490 2024-08-30T03:15:03.757Z docker image audit CVE-2024-45490 CRITICAL libexpat: Negative Length Parsing Vulnerability in libexpat e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libexpat, status: fixed, fixedVersion: 2.6.3-r0
- - CVE-2024-45491 2024-08-30T03:15:03.85Z docker image audit CVE-2024-45491 CRITICAL libexpat: Integer Overflow or Wraparound frontend-v2.11.0 frontend-v2.11.0 Yes package: libexpat, status: fixed, fixedVersion: 2.6.3-r0
- - CVE-2024-45491 2024-08-30T03:15:03.85Z docker image audit CVE-2024-45491 CRITICAL libexpat: Integer Overflow or Wraparound e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libexpat, status: fixed, fixedVersion: 2.6.3-r0
- - CVE-2024-45492 2024-08-30T03:15:03.93Z docker image audit CVE-2024-45492 CRITICAL libexpat: integer overflow frontend-v2.11.0 frontend-v2.11.0 Yes package: libexpat, status: fixed, fixedVersion: 2.6.3-r0
- - CVE-2024-45492 2024-08-30T03:15:03.93Z docker image audit CVE-2024-45492 CRITICAL libexpat: integer overflow e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libexpat, status: fixed, fixedVersion: 2.6.3-r0
- - CVE-2023-50387 2024-02-14T16:15:45.3Z docker image audit CVE-2023-50387 HIGH bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator api-v2.11.0 api-v2.11.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2023-50387 2024-02-14T16:15:45.3Z docker image audit CVE-2023-50387 HIGH bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator blockchain-v2.11.0 blockchain-v2.11.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2023-50387 2024-02-14T16:15:45.3Z docker image audit CVE-2023-50387 HIGH bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2023-50868 2024-02-14T16:15:45.377Z docker image audit CVE-2023-50868 HIGH bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources api-v2.11.0 api-v2.11.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2023-50868 2024-02-14T16:15:45.377Z docker image audit CVE-2023-50868 HIGH bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources blockchain-v2.11.0 blockchain-v2.11.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2023-50868 2024-02-14T16:15:45.377Z docker image audit CVE-2023-50868 HIGH bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2024-37371 2024-06-28T23:15:11.603Z docker image audit CVE-2024-37371 CRITICAL krb5: GSS message token handling blockchain-v2.11.0 blockchain-v2.11.0 Yes package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2
- - CVE-2024-37371 2024-06-28T23:15:11.603Z docker image audit CVE-2024-37371 CRITICAL krb5: GSS message token handling e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2
- - CVE-2024-37370 2024-06-28T22:15:02.293Z docker image audit CVE-2024-37370 HIGH krb5: GSS message token handling blockchain-v2.11.0 blockchain-v2.11.0 Yes package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2
- - CVE-2024-37370 2024-06-28T22:15:02.293Z docker image audit CVE-2024-37370 HIGH krb5: GSS message token handling e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2
- - CVE-2024-32002 2024-05-14T19:15:10.81Z docker image audit CVE-2024-32002 CRITICAL git: Recursive clones RCE e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2019-1387 2019-12-18T21:15:13.82Z docker image audit CVE-2019-1387 HIGH git: Remote code execution in recursive clones with nested submodules e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2023-25652 2023-04-25T20:15:09.933Z docker image audit CVE-2023-25652 HIGH git: by feeding specially crafted input to , a path outside the working tree can be overwritten with partially controlled contents e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2023-29007 2023-04-25T21:15:10.403Z docker image audit CVE-2023-29007 HIGH git: arbitrary configuration injection when renaming or deleting a section from a configuration file e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2024-32004 2024-05-14T19:15:11.377Z docker image audit CVE-2024-32004 HIGH git: RCE while cloning local repos e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2024-32465 2024-05-14T20:15:14.54Z docker image audit CVE-2024-32465 HIGH git: additional local RCE e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2024-6655 2024-07-16T15:15:12.597Z docker image audit CVE-2024-6655 HIGH gtk3: gtk2: Library injection from CWD e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: gtk-update-icon-cache, status: fixed, fixedVersion: 3.24.24-4+deb11u4
- - CVE-2024-2961 2024-04-17T18:15:15.833Z docker image audit CVE-2024-2961 HIGH glibc: Out of bounds write in iconv may lead to remote code execution e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libc-bin, status: fixed, fixedVersion: 2.31-13+deb11u9
- - CVE-2024-33599 2024-05-06T20:15:11.437Z docker image audit CVE-2024-33599 HIGH glibc: stack-based buffer overflow in netgroup cache e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libc-bin, status: fixed, fixedVersion: 2.31-13+deb11u10
- - CVE-2023-52425 2024-02-04T20:15:46.063Z docker image audit CVE-2023-52425 HIGH expat: parsing large tokens can trigger a denial of service e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libexpat1, status: fixed, fixedVersion: 2.2.10-2+deb11u6
- - CVE-2022-48622 2024-01-26T09:15:07.57Z docker image audit CVE-2022-48622 HIGH gnome: heap memory corruption on gdk-pixbuf e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libgdk-pixbuf-2.0-0, status: fixed, fixedVersion: 2.42.2+dfsg-1+deb11u2
- - CVE-2024-0553 2024-01-16T12:15:45.557Z docker image audit CVE-2024-0553 HIGH gnutls: incomplete fix for CVE-2023-5981 e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libgnutls30, status: fixed, fixedVersion: 3.7.1-5+deb11u5
- - CVE-2024-0567 2024-01-16T14:15:48.527Z docker image audit CVE-2024-0567 HIGH gnutls: rejects certificate chain with distributed trust e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libgnutls30, status: fixed, fixedVersion: 3.7.1-5+deb11u5
- - CVE-2020-22218 2023-08-22T19:16:19.12Z docker image audit CVE-2020-22218 HIGH libssh2: use-of-uninitialized-value in _libssh2_transport_read e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libssh2-1, status: fixed, fixedVersion: 1.9.0-2+deb11u1
- - CVE-2022-2309 2022-07-05T10:15:08.763Z docker image audit CVE-2022-2309 HIGH lxml: NULL Pointer Dereference in lxml e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: libxml2, status: fixed, fixedVersion: 2.9.10+dfsg-6.7+deb11u5
- - CVE-2024-31080 2024-04-04T14:15:10.33Z docker image audit CVE-2024-31080 HIGH xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13
- - CVE-2024-31081 2024-04-04T14:15:10.593Z docker image audit CVE-2024-31081 HIGH xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13
- - CVE-2024-31083 2024-04-05T12:15:37.577Z docker image audit CVE-2024-31083 HIGH xorg-x11-server: Use-after-free in ProcRenderAddGlyphs e2e-test-v2.11.0 e2e-test-v2.11.0 Yes package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13

Last scan date: 2024-9-27 6:33:17