Last active
January 14, 2022 16:14
-
-
Save hiddeco/db9676e8fe548e9ef9c6fc8e879ebca0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ trivy gcr.io/distroless/base | |
2021-12-13T17:18:06.684+0100 INFO Need to update DB | |
2021-12-13T17:18:06.684+0100 INFO Downloading DB... | |
25.18 MiB / 25.18 MiB [---------------------------------------------------------------------------------------------------------------------] 100.00% 24.09 MiB p/s 1s | |
2021-12-13T17:18:08.693+0100 INFO Detected OS: debian | |
2021-12-13T17:18:08.693+0100 INFO Detecting Debian vulnerabilities... | |
2021-12-13T17:18:08.696+0100 INFO Number of language-specific files: 0 | |
gcr.io/distroless/base (debian 10.10) | |
===================================== | |
Total: 23 (UNKNOWN: 0, LOW: 15, MEDIUM: 3, HIGH: 3, CRITICAL: 2) | |
+-----------+------------------+----------+-------------------+---------------+-----------------------------------------+ | |
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | | |
+-----------+------------------+----------+-------------------+---------------+-----------------------------------------+ | |
| libc6 | CVE-2021-33574 | CRITICAL | 2.28-10 | | glibc: mq_notify does | | |
| | | | | | not handle separately | | |
| | | | | | allocated thread attributes | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 | | |
+ +------------------+----------+ +---------------+-----------------------------------------+ | |
| | CVE-2020-1751 | HIGH | | | glibc: array overflow in | | |
| | | | | | backtrace functions for powerpc | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() | | |
| | | | | | function when expanding ~user | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2021-3326 | | | | glibc: Assertion failure in | | |
| | | | | | ISO-2022-JP-3 gconv module | | |
| | | | | | related to combining characters | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 | | |
+ +------------------+----------+ +---------------+-----------------------------------------+ | |
| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in | | |
| | | | | | iconv when processing invalid | | |
| | | | | | multi-byte input sequences in... | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2020-10029 | | | | glibc: stack corruption | | |
| | | | | | from crafted input in cosl, | | |
| | | | | | sinl, sincosl, and tanl... | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2020-27618 | | | | glibc: iconv when processing | | |
| | | | | | invalid multi-byte input | | |
| | | | | | sequences fails to advance the... | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 | | |
+ +------------------+----------+ +---------------+-----------------------------------------+ | |
| | CVE-2010-4756 | LOW | | | glibc: glob implementation | | |
| | | | | | can cause excessive CPU and | | |
| | | | | | memory consumption due to... | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2016-10228 | | | | glibc: iconv program can hang | | |
| | | | | | when invoked with the -c option | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in | | |
| | | | | | function check_dst_limits_calc_pos_1 | | |
| | | | | | in posix/regexec.c | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF | | |
| | | | | | leads to code execution because of... | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using | | |
| | | | | | cache of thread stack and heap | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap | | |
| | | | | | addresses of pthread_created thread | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC | | |
| | | | | | not ignored in setuid binaries | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in | | |
| | | | | | function check_dst_limits_calc_pos_1 | | |
| | | | | | in posix/regexec.c | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2020-6096 | | | | glibc: signed comparison | | |
| | | | | | vulnerability in the | | |
| | | | | | ARMv7 memcpy function | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2021-27645 | | | | glibc: Use-after-free in | | |
| | | | | | addgetnetgrentX function | | |
| | | | | | in netgroupcache.c | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 | | |
+-----------+------------------+ +-------------------+---------------+-----------------------------------------+ | |
| libssl1.1 | CVE-2007-6755 | | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo | | |
| | | | | | random number generator | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | | |
+-----------+------------------+ + +---------------+-----------------------------------------+ | |
| openssl | CVE-2007-6755 | | | | Dual_EC_DRBG: weak pseudo | | |
| | | | | | random number generator | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 | | |
+ +------------------+ + +---------------+-----------------------------------------+ | |
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness | | |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 | | |
+-----------+------------------+----------+-------------------+---------------+-----------------------------------------+ | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment