-
Notifications
You must be signed in to change notification settings - Fork 41
v2.10.0 Security vulnerability report images
System bot edited this page Sep 18, 2024
·
71 revisions
| SUBSCRIPTIONID | RESOURCEGROUP | VULNID | IDENTIFICATIONDATE | CATEGORY | CVE | CVSS | SEVERITY | DISPLAYNAME | RESOURCEID | RESOURCEID_SINGLE | AKTIV | HOST | OSDETAILS |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| - | - | CVE-2024-2398 | 2024-03-27T08:15:41.283Z | docker image audit | CVE-2024-2398 | HIGH | curl: HTTP/2 push headers memory-leak | frontend-v2.10.0 | frontend-v2.10.0 | Yes | package: curl, status: fixed, fixedVersion: 8.7.1-r0 | ||
| - | - | CVE-2024-2398 | 2024-03-27T08:15:41.283Z | docker image audit | CVE-2024-2398 | HIGH | curl: HTTP/2 push headers memory-leak | blockchain-v2.10.0 | blockchain-v2.10.0 | Yes | package: curl, status: fixed, fixedVersion: 8.7.1-r0 | ||
| - | - | CVE-2024-2398 | 2024-03-27T08:15:41.283Z | docker image audit | CVE-2024-2398 | HIGH | curl: HTTP/2 push headers memory-leak | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: curl, status: fixed, fixedVersion: 8.7.1-r0 | ||
| - | - | CVE-2024-6197 | 2024-07-24T08:15:03.34Z | docker image audit | CVE-2024-6197 | HIGH | curl: freeing stack buffer in utf8asn1str | frontend-v2.10.0 | frontend-v2.10.0 | Yes | package: curl, status: fixed, fixedVersion: 8.9.0-r0 | ||
| - | - | CVE-2024-45490 | 2024-08-30T03:15:03.757Z | docker image audit | CVE-2024-45490 | CRITICAL | libexpat: Negative Length Parsing Vulnerability in libexpat | frontend-v2.10.0 | frontend-v2.10.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-45490 | 2024-08-30T03:15:03.757Z | docker image audit | CVE-2024-45490 | CRITICAL | libexpat: Negative Length Parsing Vulnerability in libexpat | api-v2.10.0 | api-v2.10.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-45491 | 2024-08-30T03:15:03.85Z | docker image audit | CVE-2024-45491 | CRITICAL | libexpat: Integer Overflow or Wraparound | frontend-v2.10.0 | frontend-v2.10.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-45491 | 2024-08-30T03:15:03.85Z | docker image audit | CVE-2024-45491 | CRITICAL | libexpat: Integer Overflow or Wraparound | api-v2.10.0 | api-v2.10.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-45492 | 2024-08-30T03:15:03.93Z | docker image audit | CVE-2024-45492 | CRITICAL | libexpat: integer overflow | frontend-v2.10.0 | frontend-v2.10.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-45492 | 2024-08-30T03:15:03.93Z | docker image audit | CVE-2024-45492 | CRITICAL | libexpat: integer overflow | api-v2.10.0 | api-v2.10.0 | Yes | package: libexpat, status: fixed, fixedVersion: 2.6.3-r0 | ||
| - | - | CVE-2024-37371 | 2024-06-28T23:15:11.603Z | docker image audit | CVE-2024-37371 | CRITICAL | krb5: GSS message token handling | api-v2.10.0 | api-v2.10.0 | Yes | package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2 | ||
| - | - | CVE-2024-37371 | 2024-06-28T23:15:11.603Z | docker image audit | CVE-2024-37371 | CRITICAL | krb5: GSS message token handling | blockchain-v2.10.0 | blockchain-v2.10.0 | Yes | package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2 | ||
| - | - | CVE-2024-37371 | 2024-06-28T23:15:11.603Z | docker image audit | CVE-2024-37371 | CRITICAL | krb5: GSS message token handling | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2 | ||
| - | - | CVE-2024-37370 | 2024-06-28T22:15:02.293Z | docker image audit | CVE-2024-37370 | HIGH | krb5: GSS message token handling | api-v2.10.0 | api-v2.10.0 | Yes | package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2 | ||
| - | - | CVE-2024-37370 | 2024-06-28T22:15:02.293Z | docker image audit | CVE-2024-37370 | HIGH | krb5: GSS message token handling | blockchain-v2.10.0 | blockchain-v2.10.0 | Yes | package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2 | ||
| - | - | CVE-2024-37370 | 2024-06-28T22:15:02.293Z | docker image audit | CVE-2024-37370 | HIGH | krb5: GSS message token handling | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2 | ||
| - | - | CVE-2024-5171 | 2024-06-05T20:15:13.8Z | docker image audit | CVE-2024-5171 | CRITICAL | libaom: Integer overflow in internal function img_alloc_helper | api-v2.10.0 | api-v2.10.0 | Yes | package: libaom3, status: fixed, fixedVersion: 3.6.0-1+deb12u1 | ||
| - | - | CVE-2024-33599 | 2024-05-06T20:15:11.437Z | docker image audit | CVE-2024-33599 | HIGH | glibc: stack-based buffer overflow in netgroup cache | api-v2.10.0 | api-v2.10.0 | Yes | package: libc-bin, status: fixed, fixedVersion: 2.36-9+deb12u7 | ||
| - | - | CVE-2024-33599 | 2024-05-06T20:15:11.437Z | docker image audit | CVE-2024-33599 | HIGH | glibc: stack-based buffer overflow in netgroup cache | blockchain-v2.10.0 | blockchain-v2.10.0 | Yes | package: libc-bin, status: fixed, fixedVersion: 2.36-9+deb12u7 | ||
| - | - | CVE-2024-33599 | 2024-05-06T20:15:11.437Z | docker image audit | CVE-2024-33599 | HIGH | glibc: stack-based buffer overflow in netgroup cache | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: libc-bin, status: fixed, fixedVersion: 2.36-9+deb12u7 | ||
| - | - | CVE-2023-50387 | 2024-02-14T16:15:45.3Z | docker image audit | CVE-2023-50387 | HIGH | bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator | api-v2.10.0 | api-v2.10.0 | Yes | package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1 | ||
| - | - | CVE-2023-50387 | 2024-02-14T16:15:45.3Z | docker image audit | CVE-2023-50387 | HIGH | bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator | blockchain-v2.10.0 | blockchain-v2.10.0 | Yes | package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1 | ||
| - | - | CVE-2023-50387 | 2024-02-14T16:15:45.3Z | docker image audit | CVE-2023-50387 | HIGH | bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1 | ||
| - | - | CVE-2023-50868 | 2024-02-14T16:15:45.377Z | docker image audit | CVE-2023-50868 | HIGH | bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources | api-v2.10.0 | api-v2.10.0 | Yes | package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1 | ||
| - | - | CVE-2023-50868 | 2024-02-14T16:15:45.377Z | docker image audit | CVE-2023-50868 | HIGH | bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources | blockchain-v2.10.0 | blockchain-v2.10.0 | Yes | package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1 | ||
| - | - | CVE-2023-50868 | 2024-02-14T16:15:45.377Z | docker image audit | CVE-2023-50868 | HIGH | bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1 | ||
| - | - | CVE-2024-42154 | 2024-07-30T08:15:06.933Z | docker image audit | CVE-2024-42154 | CRITICAL | kernel: tcp_metrics: validate source addr length | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2023-52760 | 2024-05-21T16:15:15.41Z | docker image audit | CVE-2023-52760 | HIGH | kernel: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-26923 | 2024-04-25T06:15:57.16Z | docker image audit | CVE-2024-26923 | HIGH | kernel: af_unix: Fix garbage collector racing against connect() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.90-1 | ||
| - | - | CVE-2024-26925 | 2024-04-25T06:15:57.59Z | docker image audit | CVE-2024-26925 | HIGH | kernel: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.90-1 | ||
| - | - | CVE-2024-27018 | 2024-05-01T06:15:20.6Z | docker image audit | CVE-2024-27018 | HIGH | kernel: netfilter: br_netfilter: skip conntrack input hook for promisc packets | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.90-1 | ||
| - | - | CVE-2024-27020 | 2024-05-01T06:15:20.84Z | docker image audit | CVE-2024-27020 | HIGH | kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.90-1 | ||
| - | - | CVE-2024-27022 | 2024-05-01T06:15:21.11Z | docker image audit | CVE-2024-27022 | HIGH | kernel: fork: defer linking file vma until vma is fully initialized | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.90-1 | ||
| - | - | CVE-2024-27397 | 2024-05-14T15:12:28.24Z | docker image audit | CVE-2024-27397 | HIGH | kernel: netfilter: nf_tables: use timestamp to check for set element timeout | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-36883 | 2024-05-30T16:15:11.9Z | docker image audit | CVE-2024-36883 | HIGH | kernel: net: fix out-of-bounds access in ops_init | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-36886 | 2024-05-30T16:15:12.15Z | docker image audit | CVE-2024-36886 | HIGH | kernel: TIPC message reassembly use-after-free remote code execution vulnerability | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-36904 | 2024-05-30T16:15:13.947Z | docker image audit | CVE-2024-36904 | HIGH | kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-36946 | 2024-05-30T16:15:17.57Z | docker image audit | CVE-2024-36946 | HIGH | kernel: phonet: fix rtm_phonet_notify() skb allocation | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-36960 | 2024-06-03T08:15:09.557Z | docker image audit | CVE-2024-36960 | HIGH | kernel: drm/vmwgfx: Fix invalid reads in fence signaled events | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-36971 | 2024-06-10T09:15:09.127Z | docker image audit | CVE-2024-36971 | HIGH | kernel: net: kernel: UAF in network route management | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-36978 | 2024-06-19T07:15:46.437Z | docker image audit | CVE-2024-36978 | HIGH | kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-36979 | 2024-06-19T14:15:13.62Z | docker image audit | CVE-2024-36979 | HIGH | kernel: net: bridge: mst: fix vlan use-after-free | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38381 | 2024-06-21T11:15:10.757Z | docker image audit | CVE-2024-38381 | HIGH | kernel: nfc: nci: Fix uninit-value in nci_rx_work | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38538 | 2024-06-19T14:15:14.107Z | docker image audit | CVE-2024-38538 | HIGH | kernel: net: bridge: xmit: make sure we have at least eth header len bytes | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38545 | 2024-06-19T14:15:14.787Z | docker image audit | CVE-2024-38545 | HIGH | kernel: RDMA/hns: Fix UAF for cq async event | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38552 | 2024-06-19T14:15:15.45Z | docker image audit | CVE-2024-38552 | HIGH | kernel: drm/amd/display: Fix potential index out of bounds in color transformation function | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38555 | 2024-06-19T14:15:15.72Z | docker image audit | CVE-2024-38555 | HIGH | kernel: net/mlx5: Discard command completions in internal error | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38561 | 2024-06-19T14:15:16.313Z | docker image audit | CVE-2024-38561 | HIGH | kernel: kunit: Fix kthread reference | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38577 | 2024-06-19T14:15:17.787Z | docker image audit | CVE-2024-38577 | HIGH | kernel: rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38581 | 2024-06-19T14:15:18.15Z | docker image audit | CVE-2024-38581 | HIGH | kernel: drm/amdgpu/mes: fix use-after-free issue | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38583 | 2024-06-19T14:15:18.397Z | docker image audit | CVE-2024-38583 | HIGH | kernel: nilfs2: fix use-after-free of timer for log writer thread | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38627 | 2024-06-21T11:15:11.583Z | docker image audit | CVE-2024-38627 | HIGH | kernel: stm class: Fix a double free in stm_register_device() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-38667 | 2024-06-24T14:15:12.79Z | docker image audit | CVE-2024-38667 | HIGH | kernel: riscv: prevent pt_regs corruption for secondary idle threads | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-39277 | 2024-06-21T12:15:11.33Z | docker image audit | CVE-2024-39277 | HIGH | kernel: dma-mapping: benchmark: handle NUMA_NO_NODE correctly | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-39463 | 2024-06-25T15:15:14.76Z | docker image audit | CVE-2024-39463 | HIGH | kernel: 9p: add missing locking around taking dentry fid list | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-39471 | 2024-06-25T15:15:15.49Z | docker image audit | CVE-2024-39471 | HIGH | kernel: drm/amdgpu: add error handle to avoid out-of-bounds | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-39480 | 2024-07-05T07:15:10.59Z | docker image audit | CVE-2024-39480 | HIGH | kernel: kdb: Fix buffer overflow during tab-complete | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-39487 | 2024-07-09T10:15:04.597Z | docker image audit | CVE-2024-39487 | HIGH | kernel: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-39494 | 2024-07-12T13:15:12.113Z | docker image audit | CVE-2024-39494 | HIGH | kernel: ima: Fix use-after-free on a dentry's dname.name | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-39495 | 2024-07-12T13:15:12.183Z | docker image audit | CVE-2024-39495 | HIGH | kernel: greybus: Fix use-after-free bug in gb_interface_release due to race condition | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-39496 | 2024-07-12T13:15:12.253Z | docker image audit | CVE-2024-39496 | HIGH | kernel: btrfs: zoned: fix use-after-free due to race with dev replace | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-39510 | 2024-07-12T13:15:13.283Z | docker image audit | CVE-2024-39510 | HIGH | kernel: cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-40899 | 2024-07-12T13:15:13.357Z | docker image audit | CVE-2024-40899 | HIGH | kernel: cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-40902 | 2024-07-12T13:15:13.583Z | docker image audit | CVE-2024-40902 | HIGH | kernel: jfs: xattr: fix buffer overflow for invalid xattr | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-40903 | 2024-07-12T13:15:13.66Z | docker image audit | CVE-2024-40903 | HIGH | kernel: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-40906 | 2024-07-12T13:15:13.92Z | docker image audit | CVE-2024-40906 | HIGH | kernel: net/mlx5: Always stop health timer during driver removal | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-40954 | 2024-07-12T13:15:17.627Z | docker image audit | CVE-2024-40954 | HIGH | kernel: net: do not leave a dangling sk pointer, when socket creation fails | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-40956 | 2024-07-12T13:15:17.76Z | docker image audit | CVE-2024-40956 | HIGH | kernel: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-40958 | 2024-07-12T13:15:17.883Z | docker image audit | CVE-2024-40958 | HIGH | kernel: netns: Make get_net_ns() handle zero refcount net | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-40994 | 2024-07-12T13:15:20.62Z | docker image audit | CVE-2024-40994 | HIGH | kernel: ptp: fix integer overflow in max_vclocks_store | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-40996 | 2024-07-12T13:15:20.74Z | docker image audit | CVE-2024-40996 | HIGH | kernel: bpf: Avoid splat in pskb_pull_reason | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-41000 | 2024-07-12T13:15:20.987Z | docker image audit | CVE-2024-41000 | HIGH | kernel: block/ioctl: prefer different overflow check | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1 | ||
| - | - | CVE-2024-41011 | 2024-07-18T07:15:02.07Z | docker image audit | CVE-2024-41011 | HIGH | kernel: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1 | ||
| - | - | CVE-2024-41019 | 2024-07-29T07:15:07.023Z | docker image audit | CVE-2024-41019 | HIGH | kernel: fs/ntfs3: Validate ff offset | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41030 | 2024-07-29T15:15:11.697Z | docker image audit | CVE-2024-41030 | HIGH | kernel: ksmbd: discard write access to the directory open | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41039 | 2024-07-29T15:15:12.393Z | docker image audit | CVE-2024-41039 | HIGH | kernel: firmware: cs_dsp: Fix overflow checking of wmfw header | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41040 | 2024-07-29T15:15:12.473Z | docker image audit | CVE-2024-41040 | HIGH | kernel: net/sched: Fix UAF when resolving a clash | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41046 | 2024-07-29T15:15:12.943Z | docker image audit | CVE-2024-41046 | HIGH | kernel: net: ethernet: lantiq_etop: fix double free in detach | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41049 | 2024-07-29T15:15:13.177Z | docker image audit | CVE-2024-41049 | HIGH | kernel: filelock: fix potential use-after-free in posix_lock_inode | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41057 | 2024-07-29T15:15:13.773Z | docker image audit | CVE-2024-41057 | HIGH | kernel: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41058 | 2024-07-29T15:15:13.847Z | docker image audit | CVE-2024-41058 | HIGH | kernel: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41059 | 2024-07-29T15:15:13.927Z | docker image audit | CVE-2024-41059 | HIGH | kernel: hfsplus: fix uninit-value in copy_name | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41070 | 2024-07-29T15:15:14.787Z | docker image audit | CVE-2024-41070 | HIGH | kernel: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41073 | 2024-07-29T15:15:15.02Z | docker image audit | CVE-2024-41073 | HIGH | In the Linux kernel, the following vulnerability has been resolved: n ... | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41087 | 2024-07-29T16:15:04.12Z | docker image audit | CVE-2024-41087 | HIGH | kernel: ata: libata-core: Fix double free on error | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-41090 | 2024-07-29T07:15:07.287Z | docker image audit | CVE-2024-41090 | HIGH | kernel: virtio-net: tap: mlx5_core short frame denial of service | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41091 | 2024-07-29T07:15:07.553Z | docker image audit | CVE-2024-41091 | HIGH | kernel: virtio-net: tun: mlx5_core short frame denial of service | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-41092 | 2024-07-29T16:15:04.383Z | docker image audit | CVE-2024-41092 | HIGH | kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42093 | 2024-07-29T18:15:11.833Z | docker image audit | CVE-2024-42093 | HIGH | kernel: net/dpaa2: Avoid explicit cpumask var allocation on stack | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42094 | 2024-07-29T18:15:11.917Z | docker image audit | CVE-2024-42094 | HIGH | kernel: net/iucv: Avoid explicit cpumask var allocation on stack | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42104 | 2024-07-30T08:15:02.9Z | docker image audit | CVE-2024-42104 | HIGH | kernel: nilfs2: add missing check for inode numbers on directory entries | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42136 | 2024-07-30T08:15:05.507Z | docker image audit | CVE-2024-42136 | HIGH | kernel: cdrom: rearrange last_media_change check to avoid unintentional overflow | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42148 | 2024-07-30T08:15:06.453Z | docker image audit | CVE-2024-42148 | HIGH | kernel: bnx2x: Fix multiple UBSAN array-index-out-of-bounds | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42159 | 2024-07-30T08:15:07.3Z | docker image audit | CVE-2024-42159 | HIGH | kernel: scsi: mpi3mr: Sanitise num_phys | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42160 | 2024-07-30T08:15:07.37Z | docker image audit | CVE-2024-42160 | HIGH | kernel: f2fs: check validation of fault attrs in f2fs_build_fault_attr() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42161 | 2024-07-30T08:15:07.447Z | docker image audit | CVE-2024-42161 | HIGH | kernel: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42224 | 2024-07-30T08:15:07.667Z | docker image audit | CVE-2024-42224 | HIGH | kernel: net: dsa: mv88e6xxx: Correct check for empty list | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42225 | 2024-07-30T08:15:07.747Z | docker image audit | CVE-2024-42225 | HIGH | kernel: wifi: mt76: replace skb_put with skb_put_zero | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1 | ||
| - | - | CVE-2024-42271 | 2024-08-17T09:15:08.307Z | docker image audit | CVE-2024-42271 | HIGH | kernel: net/iucv: fix use after free in iucv_sock_close() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-42280 | 2024-08-17T09:15:08.943Z | docker image audit | CVE-2024-42280 | HIGH | kernel: mISDN: Fix a use after free in hfcmulti_tx() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-42284 | 2024-08-17T09:15:09.233Z | docker image audit | CVE-2024-42284 | HIGH | kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-42285 | 2024-08-17T09:15:09.3Z | docker image audit | CVE-2024-42285 | HIGH | kernel: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-42301 | 2024-08-17T09:15:10.423Z | docker image audit | CVE-2024-42301 | HIGH | kernel: dev/parport: fix the array out-of-bounds risk | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-42302 | 2024-08-17T09:15:10.487Z | docker image audit | CVE-2024-42302 | HIGH | kernel: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-42313 | 2024-08-17T09:15:11.32Z | docker image audit | CVE-2024-42313 | HIGH | kernel: media: venus: fix use after free in vdec_close | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-43858 | 2024-08-17T10:15:10.75Z | docker image audit | CVE-2024-43858 | HIGH | kernel: jfs: Fix array-index-out-of-bounds in diFree | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-43873 | 2024-08-21T01:15:11.79Z | docker image audit | CVE-2024-43873 | HIGH | kernel: vhost/vsock: always initialize seqpacket_allow | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-43882 | 2024-08-21T01:15:12.34Z | docker image audit | CVE-2024-43882 | HIGH | kernel: exec: Fix ToCToU between perm check and set-uid/gid usage | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-43900 | 2024-08-26T11:15:04.613Z | docker image audit | CVE-2024-43900 | HIGH | kernel: media: xc2028: avoid use-after-free in load_firmware_cb() | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-44934 | 2024-08-26T11:15:05.593Z | docker image audit | CVE-2024-44934 | HIGH | kernel: net: bridge: mcast: wait for previous gc cycles when removing port | api-v2.10.0 | api-v2.10.0 | Yes | package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1 | ||
| - | - | CVE-2024-32002 | 2024-05-14T19:15:10.81Z | docker image audit | CVE-2024-32002 | CRITICAL | git: Recursive clones RCE | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2019-1387 | 2019-12-18T21:15:13.82Z | docker image audit | CVE-2019-1387 | HIGH | git: Remote code execution in recursive clones with nested submodules | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2023-25652 | 2023-04-25T20:15:09.933Z | docker image audit | CVE-2023-25652 | HIGH | git: by feeding specially crafted input to , a path outside the working tree can be overwritten with partially controlled contents | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2023-29007 | 2023-04-25T21:15:10.403Z | docker image audit | CVE-2023-29007 | HIGH | git: arbitrary configuration injection when renaming or deleting a section from a configuration file | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2024-32004 | 2024-05-14T19:15:11.377Z | docker image audit | CVE-2024-32004 | HIGH | git: RCE while cloning local repos | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2024-32465 | 2024-05-14T20:15:14.54Z | docker image audit | CVE-2024-32465 | HIGH | git: additional local RCE | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3 | ||
| - | - | CVE-2024-6655 | 2024-07-16T15:15:12.597Z | docker image audit | CVE-2024-6655 | HIGH | gtk3: gtk2: Library injection from CWD | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: gtk-update-icon-cache, status: fixed, fixedVersion: 3.24.24-4+deb11u4 | ||
| - | - | CVE-2024-2961 | 2024-04-17T18:15:15.833Z | docker image audit | CVE-2024-2961 | HIGH | glibc: Out of bounds write in iconv may lead to remote code execution | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: libc-bin, status: fixed, fixedVersion: 2.31-13+deb11u9 | ||
| - | - | CVE-2022-48622 | 2024-01-26T09:15:07.57Z | docker image audit | CVE-2022-48622 | HIGH | gnome: heap memory corruption on gdk-pixbuf | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: libgdk-pixbuf-2.0-0, status: fixed, fixedVersion: 2.42.2+dfsg-1+deb11u2 | ||
| - | - | CVE-2024-0553 | 2024-01-16T12:15:45.557Z | docker image audit | CVE-2024-0553 | HIGH | gnutls: incomplete fix for CVE-2023-5981 | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: libgnutls30, status: fixed, fixedVersion: 3.7.1-5+deb11u5 | ||
| - | - | CVE-2024-0567 | 2024-01-16T14:15:48.527Z | docker image audit | CVE-2024-0567 | HIGH | gnutls: rejects certificate chain with distributed trust | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: libgnutls30, status: fixed, fixedVersion: 3.7.1-5+deb11u5 | ||
| - | - | CVE-2020-22218 | 2023-08-22T19:16:19.12Z | docker image audit | CVE-2020-22218 | HIGH | libssh2: use-of-uninitialized-value in _libssh2_transport_read | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: libssh2-1, status: fixed, fixedVersion: 1.9.0-2+deb11u1 | ||
| - | - | CVE-2022-2309 | 2022-07-05T10:15:08.763Z | docker image audit | CVE-2022-2309 | HIGH | lxml: NULL Pointer Dereference in lxml | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: libxml2, status: fixed, fixedVersion: 2.9.10+dfsg-6.7+deb11u5 | ||
| - | - | CVE-2024-31080 | 2024-04-04T14:15:10.33Z | docker image audit | CVE-2024-31080 | HIGH | xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13 | ||
| - | - | CVE-2024-31081 | 2024-04-04T14:15:10.593Z | docker image audit | CVE-2024-31081 | HIGH | xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13 | ||
| - | - | CVE-2024-31083 | 2024-04-05T12:15:37.577Z | docker image audit | CVE-2024-31083 | HIGH | xorg-x11-server: Use-after-free in ProcRenderAddGlyphs | e2e-test-v2.10.0 | e2e-test-v2.10.0 | Yes | package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13 |
Last scan date: 2024-9-18 6:32:33