Skip to content

Instantly share code, notes, and snippets.

@afdesk
Created December 8, 2021 12:28
Show Gist options
  • Save afdesk/95992aac64b0aadd2fecd3fd81e6e685 to your computer and use it in GitHub Desktop.
Save afdesk/95992aac64b0aadd2fecd3fd81e6e685 to your computer and use it in GitHub Desktop.
python:3.9-slim (debian 11.1)
=============================
Total: 66 (UNKNOWN: 0, LOW: 61, MEDIUM: 1, HIGH: 2, CRITICAL: 2)
+------------------+------------------+----------+-------------------+---------------+-----------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+------------------+------------------+----------+-------------------+---------------+-----------------------------------------+
| apt | CVE-2011-3374 | LOW | 2.2.4 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| coreutils | CVE-2016-2781 | | 8.32-4 | | coreutils: Non-privileged |
| | | | | | session can escape to the |
| | | | | | parent session in chroot |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2017-18018 | | | | coreutils: race condition |
| | | | | | vulnerability in chown and chgrp |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libapt-pkg6.0 | CVE-2011-3374 | | 2.2.4 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+------------------+------------------+----------+-------------------+---------------+-----------------------------------------+
| libc-bin | CVE-2021-33574 | CRITICAL | 2.31-13+deb11u2 | | glibc: mq_notify does |
| | | | | | not handle separately |
| | | | | | allocated thread attributes |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2010-4756 | LOW | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2021-43396 | | | | glibc: conversion from |
| | | | | | ISO-2022-JP-3 with iconv may |
| | | | | | emit spurious NUL character on... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-43396 |
+------------------+------------------+----------+ +---------------+-----------------------------------------+
| libc6 | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does |
| | | | | | not handle separately |
| | | | | | allocated thread attributes |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2010-4756 | LOW | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2021-43396 | | | | glibc: conversion from |
| | | | | | ISO-2022-JP-3 with iconv may |
| | | | | | emit spurious NUL character on... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-43396 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libexpat1 | CVE-2013-0340 | | 2.2.10-2 | | expat: internal entity expansion |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-0340 |
+------------------+------------------+----------+-------------------+---------------+-----------------------------------------+
| libgcrypt20 | CVE-2021-33560 | HIGH | 1.8.7-6 | | libgcrypt: mishandles ElGamal |
| | | | | | encryption because it lacks |
| | | | | | exponent blinding to address a... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-33560 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2018-6829 | LOW | | | libgcrypt: ElGamal implementation |
| | | | | | doesn't have semantic security due |
| | | | | | to incorrectly encoded plaintexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 |
+------------------+------------------+----------+-------------------+---------------+-----------------------------------------+
| libgmp10 | CVE-2021-43618 | HIGH | 2:6.2.1+dfsg-1 | | gmp: Integer overflow and resultant |
| | | | | | buffer overflow via crafted input |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-43618 |
+------------------+------------------+----------+-------------------+---------------+-----------------------------------------+
| libgnutls30 | CVE-2011-3389 | LOW | 3.7.1-5 | | HTTPS: block-wise chosen-plaintext |
| | | | | | attack against SSL/TLS (BEAST) |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libgssapi-krb5-2 | CVE-2004-0971 | | 1.18.3-6+deb11u1 | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-5709 | | | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+------------------+------------------+ + +---------------+-----------------------------------------+
| libk5crypto3 | CVE-2004-0971 | | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-5709 | | | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+------------------+------------------+ + +---------------+-----------------------------------------+
| libkrb5-3 | CVE-2004-0971 | | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-5709 | | | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+------------------+------------------+ + +---------------+-----------------------------------------+
| libkrb5support0 | CVE-2004-0971 | | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-5709 | | | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libncursesw6 | CVE-2021-39537 | | 6.2+20201114-2 | | ncurses: heap-based buffer overflow |
| | | | | | in _nc_captoinfo() in captoinfo.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libpcre3 | CVE-2017-11164 | | 2:8.39-13 | | pcre: OP_KETRMAX feature in the |
| | | | | | match function in pcre_exec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2017-16231 | | | | pcre: self-recursive call |
| | | | | | in match() in pcre_exec.c |
| | | | | | leads to denial of service... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-20838 | | | | pcre: Buffer over-read in JIT |
| | | | | | when UTF is disabled and \X or... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libsepol1 | CVE-2021-36084 | | 3.1-1 | | libsepol: use-after-free in |
| | | | | | __cil_verify_classperms() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36084 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2021-36085 | | | | libsepol: use-after-free in |
| | | | | | __cil_verify_classperms() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36085 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2021-36086 | | | | libsepol: use-after-free in |
| | | | | | cil_reset_classpermission() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36086 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2021-36087 | | | | libsepol: heap-based buffer |
| | | | | | overflow in ebitmap_match_any() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36087 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libsqlite3-0 | CVE-2021-36690 | | 3.34.1-3 | | ** DISPUTED ** A segmentation |
| | | | | | fault can occur in the |
| | | | | | sqlite3.exe command-line... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36690 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libssl1.1 | CVE-2007-6755 | | 1.1.1k-1+deb11u1 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libsystemd0 | CVE-2013-4392 | | 247.3-6 | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW |
| | | | | | authentication not implemented |
| | | | | | can cause a system running the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libtinfo6 | CVE-2021-39537 | | 6.2+20201114-2 | | ncurses: heap-based buffer overflow |
| | | | | | in _nc_captoinfo() in captoinfo.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| libudev1 | CVE-2013-4392 | | 247.3-6 | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW |
| | | | | | authentication not implemented |
| | | | | | can cause a system running the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| login | CVE-2007-5686 | | 1:4.8.1-1 | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-19882 | | | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| ncurses-base | CVE-2021-39537 | | 6.2+20201114-2 | | ncurses: heap-based buffer overflow |
| | | | | | in _nc_captoinfo() in captoinfo.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 |
+------------------+ + + +---------------+ +
| ncurses-bin | | | | | |
| | | | | | |
| | | | | | |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| openssl | CVE-2007-6755 | | 1.1.1k-1+deb11u1 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| passwd | CVE-2007-5686 | | 1:4.8.1-1 | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-19882 | | | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+------------------+------------------+----------+-------------------+---------------+-----------------------------------------+
| perl-base | CVE-2020-16156 | MEDIUM | 5.32.1-4+deb11u2 | | [Signature Verification Bypass] |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-16156 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2011-4116 | LOW | | | perl: File::Temp insecure |
| | | | | | temporary file handling |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 |
+------------------+------------------+ +-------------------+---------------+-----------------------------------------+
| tar | CVE-2005-2541 | | 1.34+dfsg-1 | | tar: does not properly warn the user |
| | | | | | when extracting setuid or setgid... |
| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 |
+------------------+------------------+----------+-------------------+---------------+-----------------------------------------+
Python (python-pkg)
===================
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment