-
Notifications
You must be signed in to change notification settings - Fork 41
v2.14.0 Security vulnerability report images
System bot edited this page Oct 7, 2024
·
9 revisions
| SUBSCRIPTIONID | RESOURCEGROUP | VULNID | IDENTIFICATIONDATE | CATEGORY | CVE | CVSS | SEVERITY | DISPLAYNAME | RESOURCEID | RESOURCEID_SINGLE | AKTIV | HOST | OSDETAILS |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| - | - | CVE-2024-2398 | 2024-03-27T08:15:41.283Z | docker image audit | CVE-2024-2398 | HIGH | curl: HTTP/2 push headers memory-leak | frontend-v2.14.0 | frontend-v2.14.0 | Yes | package: curl, status: fixed, fixedVersion: 8.7.1-r0 | ||
| - | - | CVE-2024-2398 | 2024-03-27T08:15:41.283Z | docker image audit | CVE-2024-2398 | HIGH | curl: HTTP/2 push headers memory-leak | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: curl, status: fixed, fixedVersion: 8.7.1-r0 | ||
| - | - | CVE-2024-6197 | 2024-07-24T08:15:03.34Z | docker image audit | CVE-2024-6197 | HIGH | curl: freeing stack buffer in utf8asn1str | frontend-v2.14.0 | frontend-v2.14.0 | Yes | package: curl, status: fixed, fixedVersion: 8.9.0-r0 | ||
| - | - | CVE-2024-45490 | 2024-08-30T03:15:03.757Z | docker image audit | CVE-2024-45490 | CRITICAL | libexpat: Negative Length Parsing Vulnerability in libexpat | frontend-v2.14.0 | frontend-v2.14.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-45490 | 2024-08-30T03:15:03.757Z | docker image audit | CVE-2024-45490 | CRITICAL | libexpat: Negative Length Parsing Vulnerability in libexpat | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-45491 | 2024-08-30T03:15:03.85Z | docker image audit | CVE-2024-45491 | CRITICAL | libexpat: Integer Overflow or Wraparound | frontend-v2.14.0 | frontend-v2.14.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-45491 | 2024-08-30T03:15:03.85Z | docker image audit | CVE-2024-45491 | CRITICAL | libexpat: Integer Overflow or Wraparound | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-45492 | 2024-08-30T03:15:03.93Z | docker image audit | CVE-2024-45492 | CRITICAL | libexpat: integer overflow | frontend-v2.14.0 | frontend-v2.14.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-45492 | 2024-08-30T03:15:03.93Z | docker image audit | CVE-2024-45492 | CRITICAL | libexpat: integer overflow | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2022-1304 | 2022-04-14T21:15:08.49Z | docker image audit | CVE-2022-1304 | HIGH | e2fsprogs: out-of-bounds read/write via crafted filesystem | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: e2fsprogs, status: fixed, fixedVersion: 1.46.2-2+deb11u1 | ||
| - | - | CVE-2024-32002 | 2024-05-14T19:15:10.81Z | docker image audit | CVE-2024-32002 | CRITICAL | git: Recursive clones RCE | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2019-1387 | 2019-12-18T21:15:13.82Z | docker image audit | CVE-2019-1387 | HIGH | git: Remote code execution in recursive clones with nested submodules | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2023-25652 | 2023-04-25T20:15:09.933Z | docker image audit | CVE-2023-25652 | HIGH | git: by feeding specially crafted input to , a path outside the working tree can be overwritten with partially controlled contents | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2023-29007 | 2023-04-25T21:15:10.403Z | docker image audit | CVE-2023-29007 | HIGH | git: arbitrary configuration injection when renaming or deleting a section from a configuration file | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2024-32004 | 2024-05-14T19:15:11.377Z | docker image audit | CVE-2024-32004 | HIGH | git: RCE while cloning local repos | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2024-32465 | 2024-05-14T20:15:14.54Z | docker image audit | CVE-2024-32465 | HIGH | git: additional local RCE | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2024-6655 | 2024-07-16T15:15:12.597Z | docker image audit | CVE-2024-6655 | HIGH | gtk3: gtk2: Library injection from CWD | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: gtk-update-icon-cache, status: fixed, fixedVersion: 3.24.24-4+deb11u4 | ||
| - | - | CVE-2024-2961 | 2024-04-17T18:15:15.833Z | docker image audit | CVE-2024-2961 | HIGH | glibc: Out of bounds write in iconv may lead to remote code execution | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libc-bin, status: fixed, fixedVersion: 2.31-13+deb11u9 | ||
| - | - | CVE-2024-33599 | 2024-05-06T20:15:11.437Z | docker image audit | CVE-2024-33599 | HIGH | glibc: stack-based buffer overflow in netgroup cache | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libc-bin, status: fixed, fixedVersion: 2.31-13+deb11u10 | ||
| - | - | CVE-2024-47175 | 2024-09-26T22:15:04.283Z | docker image audit | CVE-2024-47175 | HIGH | cups: libppd: remote command injection via attacker controlled data in PPD file | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libcups2, status: fixed, fixedVersion: 2.3.3op2-3+deb11u9 | ||
| - | - | CVE-2023-52425 | 2024-02-04T20:15:46.063Z | docker image audit | CVE-2023-52425 | HIGH | expat: parsing large tokens can trigger a denial of service | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libexpat1, status: fixed, fixedVersion: 2.2.10-2+deb11u6 | ||
| - | - | CVE-2022-48622 | 2024-01-26T09:15:07.57Z | docker image audit | CVE-2022-48622 | HIGH | gnome: heap memory corruption on gdk-pixbuf | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libgdk-pixbuf-2.0-0, status: fixed, fixedVersion: 2.42.2+dfsg-1+deb11u2 | ||
| - | - | CVE-2024-0553 | 2024-01-16T12:15:45.557Z | docker image audit | CVE-2024-0553 | HIGH | gnutls: incomplete fix for CVE-2023-5981 | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libgnutls30, status: fixed, fixedVersion: 3.7.1-5+deb11u5 | ||
| - | - | CVE-2024-0567 | 2024-01-16T14:15:48.527Z | docker image audit | CVE-2024-0567 | HIGH | gnutls: rejects certificate chain with distributed trust | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libgnutls30, status: fixed, fixedVersion: 3.7.1-5+deb11u5 | ||
| - | - | CVE-2024-37371 | 2024-06-28T23:15:11.603Z | docker image audit | CVE-2024-37371 | CRITICAL | krb5: GSS message token handling | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libgssapi-krb5-2, status: fixed, fixedVersion: 1.18.3-6+deb11u5 | ||
| - | - | CVE-2024-37370 | 2024-06-28T22:15:02.293Z | docker image audit | CVE-2024-37370 | HIGH | krb5: GSS message token handling | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libgssapi-krb5-2, status: fixed, fixedVersion: 1.18.3-6+deb11u5 | ||
| - | - | CVE-2023-50387 | 2024-02-14T16:15:45.3Z | docker image audit | CVE-2023-50387 | HIGH | bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libpam-systemd, status: fixed, fixedVersion: 247.3-7+deb11u6 | ||
| - | - | CVE-2023-50868 | 2024-02-14T16:15:45.377Z | docker image audit | CVE-2023-50868 | HIGH | bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libpam-systemd, status: fixed, fixedVersion: 247.3-7+deb11u6 | ||
| - | - | CVE-2021-36690 | 2021-08-24T14:15:09.797Z | docker image audit | CVE-2021-36690 | HIGH | A segmentation fault can occur in the sqlite3.exe command-line compone ... | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libsqlite3-0, status: fixed, fixedVersion: 3.34.1-3+deb11u1 | ||
| - | - | CVE-2023-7104 | 2023-12-29T10:15:13.89Z | docker image audit | CVE-2023-7104 | HIGH | sqlite: heap-buffer-overflow at sessionfuzz | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libsqlite3-0, status: fixed, fixedVersion: 3.34.1-3+deb11u1 | ||
| - | - | CVE-2020-22218 | 2023-08-22T19:16:19.12Z | docker image audit | CVE-2020-22218 | HIGH | libssh2: use-of-uninitialized-value in _libssh2_transport_read | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libssh2-1, status: fixed, fixedVersion: 1.9.0-2+deb11u1 | ||
| - | - | CVE-2022-2309 | 2022-07-05T10:15:08.763Z | docker image audit | CVE-2022-2309 | HIGH | lxml: NULL Pointer Dereference in lxml | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: libxml2, status: fixed, fixedVersion: 2.9.10+dfsg-6.7+deb11u5 | ||
| - | - | CVE-2024-31080 | 2024-04-04T14:15:10.33Z | docker image audit | CVE-2024-31080 | HIGH | xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13 | ||
| - | - | CVE-2024-31081 | 2024-04-04T14:15:10.593Z | docker image audit | CVE-2024-31081 | HIGH | xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13 | ||
| - | - | CVE-2024-31083 | 2024-04-05T12:15:37.577Z | docker image audit | CVE-2024-31083 | HIGH | xorg-x11-server: Use-after-free in ProcRenderAddGlyphs | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13 |
Last scan date: 2024-10-7 6:33:19