Skip to content

Instantly share code, notes, and snippets.

@kevthehermit

kevthehermit/CVE-2023-49103-tags.csv

Last active December 2, 2023 14:08
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save kevthehermit/d7d5734c4f0848c53a15b867dc0c812e to your computer and use it in GitHub Desktop.
Save kevthehermit/d7d5734c4f0848c53a15b867dc0c812e to your computer and use it in GitHub Desktop.
Download ZIP
CVE-2023-49103 Docker Tags
Raw
CVE-2023-49103-tags.csv
Docker Tag Version PHP Info Response
owncloud/server:10.13.3 10.13.3 False
owncloud/server:10 10 False
owncloud/server:10.13 10.13 False
owncloud/server:10.12.2 10.12.2 False
owncloud/server:10.12 10.12 False
owncloud/server:10.13.3-rc.2 10.13.3-rc.2 False
owncloud/server:10.13.2 10.13.2 False
owncloud/server:10.13.3-rc.2-amd64 10.13.3-rc.2-amd64 False
owncloud/server:10.13.2-amd64 10.13.2-amd64 False
owncloud/server:10.12.2-amd64 10.12.2-amd64 False
owncloud/server:10.13.3-rc.2-arm64v8 10.13.3-rc.2-arm64v8 False
owncloud/server:10.13.2-arm64v8 10.13.2-arm64v8 False
owncloud/server:10.12.2-arm64v8 10.12.2-arm64v8 False
owncloud/server:10.13.1 10.13.1 False
owncloud/server:10.13.1-amd64 10.13.1-amd64 False
owncloud/server:10.13.1-arm64v8 10.13.1-arm64v8 False
owncloud/server:10.13.1-rc.1 10.13.1-rc.1 False
owncloud/server:10.13.1-rc.1-amd64 10.13.1-rc.1-amd64 False
owncloud/server:10.13.0 10.13.0 False
owncloud/server:10.13.0-amd64 10.13.0-amd64 False
owncloud/server:10.13.1-rc.1-arm64v8 10.13.1-rc.1-arm64v8 False
owncloud/server:10.13.0-arm64v8 10.13.0-arm64v8 False
owncloud/server:10.11 10.11 False
owncloud/server:10.11.0 10.11.0 False
owncloud/server:10.11.0-amd64 10.11.0-amd64 False
owncloud/server:10.13.0-rc.2 10.13.0-rc.2 True
owncloud/server:10.13.0-rc.2-amd64 10.13.0-rc.2-amd64 True
owncloud/server:10.11.0-arm64v8 10.11.0-arm64v8 False
owncloud/server:10.13.0-rc.2-arm64v8 10.13.0-rc.2-arm64v8 True
owncloud/server:10.13.0-rc.1 10.13.0-rc.1 True
owncloud/server:10.13.0-rc.1-amd64 10.13.0-rc.1-amd64 True
owncloud/server:10.13.0-rc.1-arm64v8 10.13.0-rc.1-arm64v8 True
owncloud/server:10.13.0-beta.1 10.13.0-beta.1 True
owncloud/server:10.13.0-beta.1-amd64 10.13.0-beta.1-amd64 True
owncloud/server:10.13.0-beta.1-arm64v8 10.13.0-beta.1-arm64v8 True
owncloud/server:10.12.1 10.12.1 True
owncloud/server:10.12.1-amd64 10.12.1-amd64 True
owncloud/server:10.12.2-rc.1 10.12.2-rc.1 True
owncloud/server:10.12.2-rc.1-amd64 10.12.2-rc.1-amd64 True
owncloud/server:10.12.2-rc.1-arm64v8 10.12.2-rc.1-arm64v8 True
owncloud/server:10.12.1-arm64v8 10.12.1-arm64v8 True
owncloud/server:10.12.0 10.12.0 True
owncloud/server:10.12.0-amd64 10.12.0-amd64 True
owncloud/server:10.12.1-rc.3 10.12.1-rc.3 True
owncloud/server:10.12.1-rc.3-amd64 10.12.1-rc.3-amd64 True
owncloud/server:10.12.1-rc.3-arm64v8 10.12.1-rc.3-arm64v8 True
owncloud/server:10.12.0-arm64v8 10.12.0-arm64v8 True
owncloud/server:10.12.1-rc.2 10.12.1-rc.2 True
owncloud/server:10.12.1-rc.2-amd64 10.12.1-rc.2-amd64 True
owncloud/server:10.12.1-rc.2-arm64v8 10.12.1-rc.2-arm64v8 True
owncloud/server:10.10 10.10 False
owncloud/server:10.10.0 10.10.0 False
owncloud/server:10.10.0-amd64 10.10.0-amd64 False
owncloud/server:10.12.0-rc3 10.12.0-rc3 True
owncloud/server:10.12.0-rc3-amd64 10.12.0-rc3-amd64 True
owncloud/server:10.10.0-arm64v8 10.10.0-arm64v8 False
owncloud/server:10.12.0-rc3-arm64v8 10.12.0-rc3-arm64v8 True
owncloud/server:10.12.0-rc2 10.12.0-rc2 True
owncloud/server:10.12.0-rc2-amd64 10.12.0-rc2-amd64 True
owncloud/server:10.12.0-rc2-arm64v8 10.12.0-rc2-arm64v8 True
owncloud/server:10.11.0-arm32v7 10.11.0-arm32v7 False
owncloud/server:10.10.0-arm32v7 10.10.0-arm32v7 False
owncloud/server:10.9 10.9 False
owncloud/server:10.9.1 10.9.1 False
owncloud/server:10.11.0-rc.2 10.11.0-rc.2 False
owncloud/server:10.9.1-amd64 10.9.1-amd64 False
owncloud/server:10.11.0-rc.2-amd64 10.11.0-rc.2-amd64 False
owncloud/server:10.11.0-rc.2-arm32v7 10.11.0-rc.2-arm32v7 False
owncloud/server:10.11.0-rc.2-arm64v8 10.11.0-rc.2-arm64v8 False
owncloud/server:10.9.1-arm32v7 10.9.1-arm32v7 False
owncloud/server:10.9.1-arm64v8 10.9.1-arm64v8 False
owncloud/server:10.11.0-rc.1 10.11.0-rc.1 False
owncloud/server:10.11.0-rc.1-amd64 10.11.0-rc.1-amd64 False
owncloud/server:10.11.0-rc.1-arm32v7 10.11.0-rc.1-arm32v7 False
owncloud/server:10.11.0-rc.1-arm64v8 10.11.0-rc.1-arm64v8 False
owncloud/server:10.8 10.8 False
owncloud/server:10.8.0 10.8.0 False
owncloud/server:10.8.0-amd64 10.8.0-amd64 False
owncloud/server:10.8.0-arm32v7 10.8.0-arm32v7 False
owncloud/server:10.8.0-arm64v8 10.8.0-arm64v8 False
@kevthehermit
Copy link
Author

Note that these versions were all tested with a GET to http://127.0.0.1:8080/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/.css and checked for the presence of phpinfo() in the response

@kevthehermit
Copy link
Author

I stopped running containers at 10.8 Nothing here should be vulnerable, and if you are running a two-year-old tag you probably have bigger issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment