Skip to content

v2.10.0 Security vulnerability report images

Jump to bottom
System bot edited this page Sep 14, 2024 · 71 revisions

Present Vulnerabilities (docker image audit) in version: v2.10.0

SUBSCRIPTIONID RESOURCEGROUP VULNID IDENTIFICATIONDATE CATEGORY CVE CVSS SEVERITY DISPLAYNAME RESOURCEID RESOURCEID_SINGLE AKTIV HOST OSDETAILS
- - CVE-2024-2398 2024-03-27T08:15:41.283Z docker image audit CVE-2024-2398 HIGH curl: HTTP/2 push headers memory-leak frontend-v2.10.0 frontend-v2.10.0 Yes package: curl, status: fixed, fixedVersion: 8.7.1-r0
- - CVE-2024-2398 2024-03-27T08:15:41.283Z docker image audit CVE-2024-2398 HIGH curl: HTTP/2 push headers memory-leak blockchain-v2.10.0 blockchain-v2.10.0 Yes package: curl, status: fixed, fixedVersion: 8.7.1-r0
- - CVE-2024-2398 2024-03-27T08:15:41.283Z docker image audit CVE-2024-2398 HIGH curl: HTTP/2 push headers memory-leak e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: curl, status: fixed, fixedVersion: 8.7.1-r0
- - CVE-2024-6197 2024-07-24T08:15:03.34Z docker image audit CVE-2024-6197 HIGH curl: freeing stack buffer in utf8asn1str frontend-v2.10.0 frontend-v2.10.0 Yes package: curl, status: fixed, fixedVersion: 8.9.0-r0
- - CVE-2024-45490 2024-08-30T03:15:03.757Z docker image audit CVE-2024-45490 CRITICAL libexpat: Negative Length Parsing Vulnerability in libexpat frontend-v2.10.0 frontend-v2.10.0 Yes package: libexpat, status: fixed, fixedVersion: 2.6.3-r0
- - CVE-2024-45491 2024-08-30T03:15:03.85Z docker image audit CVE-2024-45491 CRITICAL libexpat: Integer Overflow or Wraparound frontend-v2.10.0 frontend-v2.10.0 Yes package: libexpat, status: fixed, fixedVersion: 2.6.3-r0
- - CVE-2024-45492 2024-08-30T03:15:03.93Z docker image audit CVE-2024-45492 CRITICAL libexpat: integer overflow frontend-v2.10.0 frontend-v2.10.0 Yes package: libexpat, status: fixed, fixedVersion: 2.6.3-r0
- - CVE-2024-37371 2024-06-28T23:15:11.603Z docker image audit CVE-2024-37371 CRITICAL krb5: GSS message token handling api-v2.10.0 api-v2.10.0 Yes package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2
- - CVE-2024-37371 2024-06-28T23:15:11.603Z docker image audit CVE-2024-37371 CRITICAL krb5: GSS message token handling blockchain-v2.10.0 blockchain-v2.10.0 Yes package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2
- - CVE-2024-37371 2024-06-28T23:15:11.603Z docker image audit CVE-2024-37371 CRITICAL krb5: GSS message token handling e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2
- - CVE-2024-37370 2024-06-28T22:15:02.293Z docker image audit CVE-2024-37370 HIGH krb5: GSS message token handling api-v2.10.0 api-v2.10.0 Yes package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2
- - CVE-2024-37370 2024-06-28T22:15:02.293Z docker image audit CVE-2024-37370 HIGH krb5: GSS message token handling blockchain-v2.10.0 blockchain-v2.10.0 Yes package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2
- - CVE-2024-37370 2024-06-28T22:15:02.293Z docker image audit CVE-2024-37370 HIGH krb5: GSS message token handling e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: krb5-locales, status: fixed, fixedVersion: 1.20.1-2+deb12u2
- - CVE-2024-5171 2024-06-05T20:15:13.8Z docker image audit CVE-2024-5171 CRITICAL libaom: Integer overflow in internal function img_alloc_helper api-v2.10.0 api-v2.10.0 Yes package: libaom3, status: fixed, fixedVersion: 3.6.0-1+deb12u1
- - CVE-2024-33599 2024-05-06T20:15:11.437Z docker image audit CVE-2024-33599 HIGH glibc: stack-based buffer overflow in netgroup cache api-v2.10.0 api-v2.10.0 Yes package: libc-bin, status: fixed, fixedVersion: 2.36-9+deb12u7
- - CVE-2024-33599 2024-05-06T20:15:11.437Z docker image audit CVE-2024-33599 HIGH glibc: stack-based buffer overflow in netgroup cache blockchain-v2.10.0 blockchain-v2.10.0 Yes package: libc-bin, status: fixed, fixedVersion: 2.36-9+deb12u7
- - CVE-2024-33599 2024-05-06T20:15:11.437Z docker image audit CVE-2024-33599 HIGH glibc: stack-based buffer overflow in netgroup cache e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: libc-bin, status: fixed, fixedVersion: 2.36-9+deb12u7
- - CVE-2023-50387 2024-02-14T16:15:45.3Z docker image audit CVE-2023-50387 HIGH bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator api-v2.10.0 api-v2.10.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2023-50387 2024-02-14T16:15:45.3Z docker image audit CVE-2023-50387 HIGH bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator blockchain-v2.10.0 blockchain-v2.10.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2023-50387 2024-02-14T16:15:45.3Z docker image audit CVE-2023-50387 HIGH bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2023-50868 2024-02-14T16:15:45.377Z docker image audit CVE-2023-50868 HIGH bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources api-v2.10.0 api-v2.10.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2023-50868 2024-02-14T16:15:45.377Z docker image audit CVE-2023-50868 HIGH bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources blockchain-v2.10.0 blockchain-v2.10.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2023-50868 2024-02-14T16:15:45.377Z docker image audit CVE-2023-50868 HIGH bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: libsystemd0, status: fixed, fixedVersion: 252.23-1~deb12u1
- - CVE-2024-42154 2024-07-30T08:15:06.933Z docker image audit CVE-2024-42154 CRITICAL kernel: tcp_metrics: validate source addr length api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2023-52760 2024-05-21T16:15:15.41Z docker image audit CVE-2023-52760 HIGH kernel: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-26923 2024-04-25T06:15:57.16Z docker image audit CVE-2024-26923 HIGH kernel: af_unix: Fix garbage collector racing against connect() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.90-1
- - CVE-2024-26925 2024-04-25T06:15:57.59Z docker image audit CVE-2024-26925 HIGH kernel: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.90-1
- - CVE-2024-27018 2024-05-01T06:15:20.6Z docker image audit CVE-2024-27018 HIGH kernel: netfilter: br_netfilter: skip conntrack input hook for promisc packets api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.90-1
- - CVE-2024-27020 2024-05-01T06:15:20.84Z docker image audit CVE-2024-27020 HIGH kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.90-1
- - CVE-2024-27022 2024-05-01T06:15:21.11Z docker image audit CVE-2024-27022 HIGH kernel: fork: defer linking file vma until vma is fully initialized api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.90-1
- - CVE-2024-27397 2024-05-14T15:12:28.24Z docker image audit CVE-2024-27397 HIGH kernel: netfilter: nf_tables: use timestamp to check for set element timeout api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-36883 2024-05-30T16:15:11.9Z docker image audit CVE-2024-36883 HIGH kernel: net: fix out-of-bounds access in ops_init api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-36886 2024-05-30T16:15:12.15Z docker image audit CVE-2024-36886 HIGH kernel: TIPC message reassembly use-after-free remote code execution vulnerability api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-36904 2024-05-30T16:15:13.947Z docker image audit CVE-2024-36904 HIGH kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-36946 2024-05-30T16:15:17.57Z docker image audit CVE-2024-36946 HIGH kernel: phonet: fix rtm_phonet_notify() skb allocation api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-36960 2024-06-03T08:15:09.557Z docker image audit CVE-2024-36960 HIGH kernel: drm/vmwgfx: Fix invalid reads in fence signaled events api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-36971 2024-06-10T09:15:09.127Z docker image audit CVE-2024-36971 HIGH kernel: net: kernel: UAF in network route management api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-36978 2024-06-19T07:15:46.437Z docker image audit CVE-2024-36978 HIGH kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-36979 2024-06-19T14:15:13.62Z docker image audit CVE-2024-36979 HIGH kernel: net: bridge: mst: fix vlan use-after-free api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38381 2024-06-21T11:15:10.757Z docker image audit CVE-2024-38381 HIGH kernel: nfc: nci: Fix uninit-value in nci_rx_work api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38538 2024-06-19T14:15:14.107Z docker image audit CVE-2024-38538 HIGH kernel: net: bridge: xmit: make sure we have at least eth header len bytes api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38545 2024-06-19T14:15:14.787Z docker image audit CVE-2024-38545 HIGH kernel: RDMA/hns: Fix UAF for cq async event api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38552 2024-06-19T14:15:15.45Z docker image audit CVE-2024-38552 HIGH kernel: drm/amd/display: Fix potential index out of bounds in color transformation function api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38555 2024-06-19T14:15:15.72Z docker image audit CVE-2024-38555 HIGH kernel: net/mlx5: Discard command completions in internal error api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38561 2024-06-19T14:15:16.313Z docker image audit CVE-2024-38561 HIGH kernel: kunit: Fix kthread reference api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38577 2024-06-19T14:15:17.787Z docker image audit CVE-2024-38577 HIGH kernel: rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38581 2024-06-19T14:15:18.15Z docker image audit CVE-2024-38581 HIGH kernel: drm/amdgpu/mes: fix use-after-free issue api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38583 2024-06-19T14:15:18.397Z docker image audit CVE-2024-38583 HIGH kernel: nilfs2: fix use-after-free of timer for log writer thread api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38627 2024-06-21T11:15:11.583Z docker image audit CVE-2024-38627 HIGH kernel: stm class: Fix a double free in stm_register_device() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-38667 2024-06-24T14:15:12.79Z docker image audit CVE-2024-38667 HIGH kernel: riscv: prevent pt_regs corruption for secondary idle threads api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-39277 2024-06-21T12:15:11.33Z docker image audit CVE-2024-39277 HIGH kernel: dma-mapping: benchmark: handle NUMA_NO_NODE correctly api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-39463 2024-06-25T15:15:14.76Z docker image audit CVE-2024-39463 HIGH kernel: 9p: add missing locking around taking dentry fid list api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-39471 2024-06-25T15:15:15.49Z docker image audit CVE-2024-39471 HIGH kernel: drm/amdgpu: add error handle to avoid out-of-bounds api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-39480 2024-07-05T07:15:10.59Z docker image audit CVE-2024-39480 HIGH kernel: kdb: Fix buffer overflow during tab-complete api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-39487 2024-07-09T10:15:04.597Z docker image audit CVE-2024-39487 HIGH kernel: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-39494 2024-07-12T13:15:12.113Z docker image audit CVE-2024-39494 HIGH kernel: ima: Fix use-after-free on a dentry's dname.name api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-39495 2024-07-12T13:15:12.183Z docker image audit CVE-2024-39495 HIGH kernel: greybus: Fix use-after-free bug in gb_interface_release due to race condition api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-39496 2024-07-12T13:15:12.253Z docker image audit CVE-2024-39496 HIGH kernel: btrfs: zoned: fix use-after-free due to race with dev replace api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-39510 2024-07-12T13:15:13.283Z docker image audit CVE-2024-39510 HIGH kernel: cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-40899 2024-07-12T13:15:13.357Z docker image audit CVE-2024-40899 HIGH kernel: cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-40902 2024-07-12T13:15:13.583Z docker image audit CVE-2024-40902 HIGH kernel: jfs: xattr: fix buffer overflow for invalid xattr api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-40903 2024-07-12T13:15:13.66Z docker image audit CVE-2024-40903 HIGH kernel: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-40906 2024-07-12T13:15:13.92Z docker image audit CVE-2024-40906 HIGH kernel: net/mlx5: Always stop health timer during driver removal api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-40954 2024-07-12T13:15:17.627Z docker image audit CVE-2024-40954 HIGH kernel: net: do not leave a dangling sk pointer, when socket creation fails api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-40956 2024-07-12T13:15:17.76Z docker image audit CVE-2024-40956 HIGH kernel: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-40958 2024-07-12T13:15:17.883Z docker image audit CVE-2024-40958 HIGH kernel: netns: Make get_net_ns() handle zero refcount net api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-40994 2024-07-12T13:15:20.62Z docker image audit CVE-2024-40994 HIGH kernel: ptp: fix integer overflow in max_vclocks_store api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-40996 2024-07-12T13:15:20.74Z docker image audit CVE-2024-40996 HIGH kernel: bpf: Avoid splat in pskb_pull_reason api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-41000 2024-07-12T13:15:20.987Z docker image audit CVE-2024-41000 HIGH kernel: block/ioctl: prefer different overflow check api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.99-1
- - CVE-2024-41011 2024-07-18T07:15:02.07Z docker image audit CVE-2024-41011 HIGH kernel: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.94-1
- - CVE-2024-41019 2024-07-29T07:15:07.023Z docker image audit CVE-2024-41019 HIGH kernel: fs/ntfs3: Validate ff offset api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41030 2024-07-29T15:15:11.697Z docker image audit CVE-2024-41030 HIGH kernel: ksmbd: discard write access to the directory open api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41039 2024-07-29T15:15:12.393Z docker image audit CVE-2024-41039 HIGH kernel: firmware: cs_dsp: Fix overflow checking of wmfw header api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41040 2024-07-29T15:15:12.473Z docker image audit CVE-2024-41040 HIGH kernel: net/sched: Fix UAF when resolving a clash api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41046 2024-07-29T15:15:12.943Z docker image audit CVE-2024-41046 HIGH kernel: net: ethernet: lantiq_etop: fix double free in detach api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41049 2024-07-29T15:15:13.177Z docker image audit CVE-2024-41049 HIGH kernel: filelock: fix potential use-after-free in posix_lock_inode api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41057 2024-07-29T15:15:13.773Z docker image audit CVE-2024-41057 HIGH kernel: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41058 2024-07-29T15:15:13.847Z docker image audit CVE-2024-41058 HIGH kernel: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41059 2024-07-29T15:15:13.927Z docker image audit CVE-2024-41059 HIGH kernel: hfsplus: fix uninit-value in copy_name api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41070 2024-07-29T15:15:14.787Z docker image audit CVE-2024-41070 HIGH kernel: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41073 2024-07-29T15:15:15.02Z docker image audit CVE-2024-41073 HIGH In the Linux kernel, the following vulnerability has been resolved: n ... api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41087 2024-07-29T16:15:04.12Z docker image audit CVE-2024-41087 HIGH kernel: ata: libata-core: Fix double free on error api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-41090 2024-07-29T07:15:07.287Z docker image audit CVE-2024-41090 HIGH kernel: virtio-net: tap: mlx5_core short frame denial of service api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41091 2024-07-29T07:15:07.553Z docker image audit CVE-2024-41091 HIGH kernel: virtio-net: tun: mlx5_core short frame denial of service api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-41092 2024-07-29T16:15:04.383Z docker image audit CVE-2024-41092 HIGH kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-42093 2024-07-29T18:15:11.833Z docker image audit CVE-2024-42093 HIGH kernel: net/dpaa2: Avoid explicit cpumask var allocation on stack api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-42094 2024-07-29T18:15:11.917Z docker image audit CVE-2024-42094 HIGH kernel: net/iucv: Avoid explicit cpumask var allocation on stack api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-42104 2024-07-30T08:15:02.9Z docker image audit CVE-2024-42104 HIGH kernel: nilfs2: add missing check for inode numbers on directory entries api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-42148 2024-07-30T08:15:06.453Z docker image audit CVE-2024-42148 HIGH kernel: bnx2x: Fix multiple UBSAN array-index-out-of-bounds api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-42159 2024-07-30T08:15:07.3Z docker image audit CVE-2024-42159 HIGH kernel: scsi: mpi3mr: Sanitise num_phys api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-42160 2024-07-30T08:15:07.37Z docker image audit CVE-2024-42160 HIGH kernel: f2fs: check validation of fault attrs in f2fs_build_fault_attr() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-42161 2024-07-30T08:15:07.447Z docker image audit CVE-2024-42161 HIGH kernel: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-42224 2024-07-30T08:15:07.667Z docker image audit CVE-2024-42224 HIGH kernel: net: dsa: mv88e6xxx: Correct check for empty list api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-42225 2024-07-30T08:15:07.747Z docker image audit CVE-2024-42225 HIGH kernel: wifi: mt76: replace skb_put with skb_put_zero api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.98-1
- - CVE-2024-42271 2024-08-17T09:15:08.307Z docker image audit CVE-2024-42271 HIGH kernel: net/iucv: fix use after free in iucv_sock_close() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-42280 2024-08-17T09:15:08.943Z docker image audit CVE-2024-42280 HIGH kernel: mISDN: Fix a use after free in hfcmulti_tx() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-42284 2024-08-17T09:15:09.233Z docker image audit CVE-2024-42284 HIGH kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-42285 2024-08-17T09:15:09.3Z docker image audit CVE-2024-42285 HIGH kernel: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-42301 2024-08-17T09:15:10.423Z docker image audit CVE-2024-42301 HIGH kernel: dev/parport: fix the array out-of-bounds risk api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-42302 2024-08-17T09:15:10.487Z docker image audit CVE-2024-42302 HIGH kernel: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-42313 2024-08-17T09:15:11.32Z docker image audit CVE-2024-42313 HIGH kernel: media: venus: fix use after free in vdec_close api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-43858 2024-08-17T10:15:10.75Z docker image audit CVE-2024-43858 HIGH kernel: jfs: Fix array-index-out-of-bounds in diFree api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-43873 2024-08-21T01:15:11.79Z docker image audit CVE-2024-43873 HIGH kernel: vhost/vsock: always initialize seqpacket_allow api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-43882 2024-08-21T01:15:12.34Z docker image audit CVE-2024-43882 HIGH kernel: exec: Fix ToCToU between perm check and set-uid/gid usage api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-43900 2024-08-26T11:15:04.613Z docker image audit CVE-2024-43900 HIGH kernel: media: xc2028: avoid use-after-free in load_firmware_cb() api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-44934 2024-08-26T11:15:05.593Z docker image audit CVE-2024-44934 HIGH kernel: net: bridge: mcast: wait for previous gc cycles when removing port api-v2.10.0 api-v2.10.0 Yes package: linux-libc-dev, status: fixed, fixedVersion: 6.1.106-1
- - CVE-2024-32002 2024-05-14T19:15:10.81Z docker image audit CVE-2024-32002 CRITICAL git: Recursive clones RCE e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2019-1387 2019-12-18T21:15:13.82Z docker image audit CVE-2019-1387 HIGH git: Remote code execution in recursive clones with nested submodules e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2023-25652 2023-04-25T20:15:09.933Z docker image audit CVE-2023-25652 HIGH git: by feeding specially crafted input to , a path outside the working tree can be overwritten with partially controlled contents e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2023-29007 2023-04-25T21:15:10.403Z docker image audit CVE-2023-29007 HIGH git: arbitrary configuration injection when renaming or deleting a section from a configuration file e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2024-32004 2024-05-14T19:15:11.377Z docker image audit CVE-2024-32004 HIGH git: RCE while cloning local repos e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2024-32465 2024-05-14T20:15:14.54Z docker image audit CVE-2024-32465 HIGH git: additional local RCE e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: git, status: fixed, fixedVersion: 1:2.30.2-1+deb11u3
- - CVE-2024-6655 2024-07-16T15:15:12.597Z docker image audit CVE-2024-6655 HIGH gtk3: gtk2: Library injection from CWD e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: gtk-update-icon-cache, status: fixed, fixedVersion: 3.24.24-4+deb11u4
- - CVE-2024-2961 2024-04-17T18:15:15.833Z docker image audit CVE-2024-2961 HIGH glibc: Out of bounds write in iconv may lead to remote code execution e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: libc-bin, status: fixed, fixedVersion: 2.31-13+deb11u9
- - CVE-2022-48622 2024-01-26T09:15:07.57Z docker image audit CVE-2022-48622 HIGH gnome: heap memory corruption on gdk-pixbuf e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: libgdk-pixbuf-2.0-0, status: fixed, fixedVersion: 2.42.2+dfsg-1+deb11u2
- - CVE-2024-0553 2024-01-16T12:15:45.557Z docker image audit CVE-2024-0553 HIGH gnutls: incomplete fix for CVE-2023-5981 e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: libgnutls30, status: fixed, fixedVersion: 3.7.1-5+deb11u5
- - CVE-2024-0567 2024-01-16T14:15:48.527Z docker image audit CVE-2024-0567 HIGH gnutls: rejects certificate chain with distributed trust e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: libgnutls30, status: fixed, fixedVersion: 3.7.1-5+deb11u5
- - CVE-2020-22218 2023-08-22T19:16:19.12Z docker image audit CVE-2020-22218 HIGH libssh2: use-of-uninitialized-value in _libssh2_transport_read e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: libssh2-1, status: fixed, fixedVersion: 1.9.0-2+deb11u1
- - CVE-2022-2309 2022-07-05T10:15:08.763Z docker image audit CVE-2022-2309 HIGH lxml: NULL Pointer Dereference in lxml e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: libxml2, status: fixed, fixedVersion: 2.9.10+dfsg-6.7+deb11u5
- - CVE-2024-31080 2024-04-04T14:15:10.33Z docker image audit CVE-2024-31080 HIGH xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13
- - CVE-2024-31081 2024-04-04T14:15:10.593Z docker image audit CVE-2024-31081 HIGH xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13
- - CVE-2024-31083 2024-04-05T12:15:37.577Z docker image audit CVE-2024-31083 HIGH xorg-x11-server: Use-after-free in ProcRenderAddGlyphs e2e-test-v2.10.0 e2e-test-v2.10.0 Yes package: xserver-common, status: fixed, fixedVersion: 2:1.20.11-1+deb11u13

Last scan date: 2024-9-14 6:30:35

Clone this wiki locally