Skip to content

Instantly share code, notes, and snippets.

@sozercan

sozercan/gist:45a6b8b5e6bba6a98c0c19c1394f49ad

Created October 20, 2021 16:34
Show Gist options
  • Save sozercan/45a6b8b5e6bba6a98c0c19c1394f49ad to your computer and use it in GitHub Desktop.
Save sozercan/45a6b8b5e6bba6a98c0c19c1394f49ad to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
2021-10-20T16:34:40.203Z INFO Detected OS: debian
2021-10-20T16:34:40.203Z INFO Detecting Debian vulnerabilities...
2021-10-20T16:34:40.216Z INFO Number of language-specific files: 0
mcr.microsoft.com/oss/openservicemesh/osm-crds:v0.11.0 (debian 10.10)
=====================================================================
Total: 153 (UNKNOWN: 0, LOW: 111, MEDIUM: 16, HIGH: 22, CRITICAL: 4)
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| bash | CVE-2019-18276 | | 5.0-4 | | bash: when effective UID is not |
| | | | | | equal to its real UID the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-18276 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| bsdutils | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| coreutils | CVE-2016-2781 | | 8.30-3 | | coreutils: Non-privileged |
| | | | | | session can escape to the |
| | | | | | parent session in chroot |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2017-18018 | | | | coreutils: race condition |
| | | | | | vulnerability in chown and chgrp |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| curl | CVE-2021-22946 | HIGH | 7.64.0-4+deb10u2 | | curl: Requirement to use |
| | | | | | TLS not properly enforced |
| | | | | | for IMAP, POP3, and... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2021-22947 | MEDIUM | | | curl: Server responses |
| | | | | | received before STARTTLS |
| | | | | | processed after TLS handshake |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2021-22898 | LOW | | | curl: TELNET stack |
| | | | | | contents disclosure |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-22922 | | | | curl: Content not matching hash |
| | | | | | in Metalink is not being discarded |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-22923 | | | | curl: Metalink download |
| | | | | | sends credentials |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-22924 | | | | curl: Bad connection reuse |
| | | | | | due to flawed path name checks |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| fdisk | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| gpgv | CVE-2019-14855 | LOW | 2.2.12-1+deb10u1 | | gnupg2: OpenPGP Key Certification |
| | | | | | Forgeries with SHA-1 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-14855 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libapt-pkg5.0 | CVE-2011-3374 | | 1.8.2.3 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libblkid1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libc-bin | CVE-2021-33574 | CRITICAL | 2.28-10 | | glibc: mq_notify does |
| | | | | | not handle separately |
| | | | | | allocated thread attributes |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2020-1751 | HIGH | | | glibc: array overflow in |
| | | | | | backtrace functions for powerpc |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() |
| | | | | | function when expanding ~user |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-3326 | | | | glibc: Assertion failure in |
| | | | | | ISO-2022-JP-3 gconv module |
| | | | | | related to combining characters |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in |
| | | | | | iconv when processing invalid |
| | | | | | multi-byte input sequences in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-10029 | | | | glibc: stack corruption |
| | | | | | from crafted input in cosl, |
| | | | | | sinl, sincosl, and tanl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2010-4756 | LOW | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can hang |
| | | | | | when invoked with the -c option |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC |
| | | | | | not ignored in setuid binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-6096 | | | | glibc: signed comparison |
| | | | | | vulnerability in the |
| | | | | | ARMv7 memcpy function |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-27645 | | | | glibc: Use-after-free in |
| | | | | | addgetnetgrentX function |
| | | | | | in netgroupcache.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 |
+------------------+------------------+----------+ +----------------+--------------------------------------------------------------+
| libc6 | CVE-2021-33574 | CRITICAL | | | glibc: mq_notify does |
| | | | | | not handle separately |
| | | | | | allocated thread attributes |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2020-1751 | HIGH | | | glibc: array overflow in |
| | | | | | backtrace functions for powerpc |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() |
| | | | | | function when expanding ~user |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-3326 | | | | glibc: Assertion failure in |
| | | | | | ISO-2022-JP-3 gconv module |
| | | | | | related to combining characters |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in |
| | | | | | iconv when processing invalid |
| | | | | | multi-byte input sequences in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-10029 | | | | glibc: stack corruption |
| | | | | | from crafted input in cosl, |
| | | | | | sinl, sincosl, and tanl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2010-4756 | LOW | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can hang |
| | | | | | when invoked with the -c option |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC |
| | | | | | not ignored in setuid binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-6096 | | | | glibc: signed comparison |
| | | | | | vulnerability in the |
| | | | | | ARMv7 memcpy function |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-27645 | | | | glibc: Use-after-free in |
| | | | | | addgetnetgrentX function |
| | | | | | in netgroupcache.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libcurl4 | CVE-2021-22946 | HIGH | 7.64.0-4+deb10u2 | | curl: Requirement to use |
| | | | | | TLS not properly enforced |
| | | | | | for IMAP, POP3, and... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2021-22947 | MEDIUM | | | curl: Server responses |
| | | | | | received before STARTTLS |
| | | | | | processed after TLS handshake |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2021-22898 | LOW | | | curl: TELNET stack |
| | | | | | contents disclosure |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-22922 | | | | curl: Content not matching hash |
| | | | | | in Metalink is not being discarded |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-22923 | | | | curl: Metalink download |
| | | | | | sends credentials |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-22924 | | | | curl: Bad connection reuse |
| | | | | | due to flawed path name checks |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libfdisk1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libgcc1 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libgcrypt20 | CVE-2019-13627 | MEDIUM | 1.8.4-5+deb10u1 | | libgcrypt: ECDSA timing attack |
| | | | | | allowing private key leak |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13627 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-40528 | | | | libgcrypt: ElGamal implementation |
| | | | | | allows plaintext recovery |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-40528 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2018-6829 | LOW | | | libgcrypt: ElGamal implementation |
| | | | | | doesn't have semantic security due |
| | | | | | to incorrectly encoded plaintexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libgnutls30 | CVE-2011-3389 | | 3.6.7-4+deb10u7 | | HTTPS: block-wise chosen-plaintext |
| | | | | | attack against SSL/TLS (BEAST) |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libgssapi-krb5-2 | CVE-2021-37750 | MEDIUM | 1.17-3+deb10u2 | 1.17-3+deb10u3 | krb5: NULL pointer dereference |
| | | | | | in process_tgs_req() in |
| | | | | | kdc/do_tgs_req.c via a FAST inner... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37750 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2004-0971 | LOW | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2018-5709 | | | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libidn2-0 | CVE-2019-12290 | HIGH | 2.0.5-1+deb10u1 | | GNU libidn2 before 2.2.0 |
| | | | | | fails to perform the roundtrip |
| | | | | | checks specified in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-12290 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libk5crypto3 | CVE-2021-37750 | MEDIUM | 1.17-3+deb10u2 | 1.17-3+deb10u3 | krb5: NULL pointer dereference |
| | | | | | in process_tgs_req() in |
| | | | | | kdc/do_tgs_req.c via a FAST inner... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37750 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2004-0971 | LOW | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2018-5709 | | | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+------------------+------------------+----------+ +----------------+--------------------------------------------------------------+
| libkrb5-3 | CVE-2021-37750 | MEDIUM | | 1.17-3+deb10u3 | krb5: NULL pointer dereference |
| | | | | | in process_tgs_req() in |
| | | | | | kdc/do_tgs_req.c via a FAST inner... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37750 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2004-0971 | LOW | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2018-5709 | | | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+------------------+------------------+----------+ +----------------+--------------------------------------------------------------+
| libkrb5support0 | CVE-2021-37750 | MEDIUM | | 1.17-3+deb10u3 | krb5: NULL pointer dereference |
| | | | | | in process_tgs_req() in |
| | | | | | kdc/do_tgs_req.c via a FAST inner... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37750 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2004-0971 | LOW | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2018-5709 | | | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libldap-2.4-2 | CVE-2015-3276 | | 2.4.47+dfsg-3+deb10u6 | | openldap: incorrect multi-keyword |
| | | | | | mode cipherstring parsing |
| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2017-14159 | | | | openldap: Privilege escalation |
| | | | | | via PID file manipulation |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2017-17740 | | | | openldap: |
| | | | | | contrib/slapd-modules/nops/nops.c |
| | | | | | attempts to free stack buffer |
| | | | | | allowing remote attackers to cause... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-15719 | | | | openldap: Certificate |
| | | | | | validation incorrectly |
| | | | | | matches name against CN-ID |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 |
+------------------+------------------+ + +----------------+--------------------------------------------------------------+
| libldap-common | CVE-2015-3276 | | | | openldap: incorrect multi-keyword |
| | | | | | mode cipherstring parsing |
| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2017-14159 | | | | openldap: Privilege escalation |
| | | | | | via PID file manipulation |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2017-17740 | | | | openldap: |
| | | | | | contrib/slapd-modules/nops/nops.c |
| | | | | | attempts to free stack buffer |
| | | | | | allowing remote attackers to cause... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-15719 | | | | openldap: Certificate |
| | | | | | validation incorrectly |
| | | | | | matches name against CN-ID |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| liblz4-1 | CVE-2019-17543 | | 1.8.3-1+deb10u1 | | lz4: heap-based buffer |
| | | | | | overflow in LZ4_write32 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17543 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libmount1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libncurses6 | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow |
| | | | | | in _nc_captoinfo() in captoinfo.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 |
+------------------+ + + +----------------+ +
| libncursesw6 | | | | | |
| | | | | | |
| | | | | | |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libnghttp2-14 | CVE-2020-11080 | HIGH | 1.36.0-2+deb10u1 | | nghttp2: overly large SETTINGS |
| | | | | | frames can lead to DoS |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-11080 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libonig5 | CVE-2019-13224 | LOW | 6.9.1-1 | | oniguruma: Use-after-free in |
| | | | | | onig_new_deluxe() in regext.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13224 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-13225 | | | | oniguruma: NULL pointer dereference |
| | | | | | in match_at() in regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13225 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-16163 | | | | oniguruma: Stack exhaustion |
| | | | | | in regcomp.c because of |
| | | | | | recursion in regparse.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-16163 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-19012 | | | | oniguruma: integer overflow in |
| | | | | | search_in_range function in regexec.c |
| | | | | | leads to out-of-bounds read... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19012 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-19203 | | | | oniguruma: Heap-based |
| | | | | | buffer over-read in function |
| | | | | | gb18030_mbc_enc_len in file gb18030.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19203 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-19204 | | | | oniguruma: Heap-based |
| | | | | | buffer over-read in function |
| | | | | | fetch_interval_quantifier |
| | | | | | in regparse.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19204 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-19246 | | | | oniguruma: Heap-based buffer overflow |
| | | | | | in str_lower_case_match in regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19246 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libpcre2-8-0 | CVE-2019-20454 | HIGH | 10.32-5 | | pcre: Out of bounds read in |
| | | | | | JIT mode when \X is used... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20454 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libpcre3 | CVE-2020-14155 | MEDIUM | 2:8.39-12 | | pcre: integer overflow in libpcre |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-14155 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2017-11164 | LOW | | | pcre: OP_KETRMAX feature in the |
| | | | | | match function in pcre_exec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2017-16231 | | | | pcre: self-recursive call |
| | | | | | in match() in pcre_exec.c |
| | | | | | leads to denial of service... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-20838 | | | | pcre: buffer over-read in |
| | | | | | JIT when UTF is disabled |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libseccomp2 | CVE-2019-9893 | | 2.3.3-4 | | libseccomp: incorrect generation |
| | | | | | of syscall filters in libseccomp |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9893 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libsepol1 | CVE-2021-36084 | | 2.8-1 | | libsepol: use-after-free in |
| | | | | | __cil_verify_classperms() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36084 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-36085 | | | | libsepol: use-after-free in |
| | | | | | __cil_verify_classperms() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36085 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-36086 | | | | libsepol: use-after-free in |
| | | | | | cil_reset_classpermission() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36086 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-36087 | | | | libsepol: heap-based buffer |
| | | | | | overflow in ebitmap_match_any() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36087 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libsmartcols1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libssh2-1 | CVE-2019-13115 | HIGH | 1.8.0-2.1 | | libssh2: integer overflow in |
| | | | | | kex_method_diffie_hellman_group_exchange_sha256_key_exchange |
| | | | | | in kex.c leads to out-of-bounds write |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13115 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2019-17498 | LOW | | | libssh2: integer overflow in |
| | | | | | SSH_MSG_DISCONNECT logic in packet.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17498 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libssl1.1 | CVE-2007-6755 | | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libstdc++6 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libsystemd0 | CVE-2019-3843 | | 241-7~deb10u8 | | systemd: services with DynamicUser |
| | | | | | can create SUID/SGID binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-3844 | | | | systemd: services with DynamicUser |
| | | | | | can get new privileges and |
| | | | | | create SGID binaries... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-20386 | | | | systemd: memory leak in button_open() |
| | | | | | in login/logind-button.c when |
| | | | | | udev events are received... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW |
| | | | | | authentication not implemented |
| | | | | | can cause a system running the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-13776 | | | | systemd: Mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libtasn1-6 | CVE-2018-1000654 | | 4.13-3 | | libtasn1: Infinite loop in |
| | | | | | _asn1_expand_object_id(ptree) |
| | | | | | leads to memory exhaustion |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000654 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libtinfo6 | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow |
| | | | | | in _nc_captoinfo() in captoinfo.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| libudev1 | CVE-2019-3843 | HIGH | 241-7~deb10u8 | | systemd: services with DynamicUser |
| | | | | | can create SUID/SGID binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-3844 | | | | systemd: services with DynamicUser |
| | | | | | can get new privileges and |
| | | | | | create SGID binaries... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 |
+ +------------------+----------+ +----------------+--------------------------------------------------------------+
| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-20386 | | | | systemd: memory leak in button_open() |
| | | | | | in login/logind-button.c when |
| | | | | | udev events are received... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-13529 | | | | systemd: DHCP FORCERENEW |
| | | | | | authentication not implemented |
| | | | | | can cause a system running the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2020-13776 | | | | systemd: Mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| libuuid1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| login | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2018-7169 | | | | shadow-utils: newgidmap |
| | | | | | allows unprivileged user to |
| | | | | | drop supplementary groups |
| | | | | | potentially allowing privilege... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-19882 | | | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| mount | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| ncurses-base | CVE-2021-39537 | | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow |
| | | | | | in _nc_captoinfo() in captoinfo.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| openssl | CVE-2007-6755 | | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| passwd | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2018-7169 | | | | shadow-utils: newgidmap |
| | | | | | allows unprivileged user to |
| | | | | | drop supplementary groups |
| | | | | | potentially allowing privilege... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-19882 | | | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| perl-base | CVE-2011-4116 | | 5.28.1-6+deb10u1 | | perl: File::Temp insecure |
| | | | | | temporary file handling |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| tar | CVE-2005-2541 | | 1.30+dfsg-6 | | tar: does not properly warn the user |
| | | | | | when extracting setuid or setgid... |
| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2019-9923 | | | | tar: null-pointer dereference |
| | | | | | in pax_decode_header in sparse.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9923 |
+ +------------------+ + +----------------+--------------------------------------------------------------+
| | CVE-2021-20193 | | | | tar: Memory leak in |
| | | | | | read_header() in list.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20193 |
+------------------+------------------+ +------------------------+----------------+--------------------------------------------------------------+
| util-linux | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
| wget | CVE-2021-31879 | MEDIUM | 1.20.1-1.1 | | wget: authorization header |
| | | | | | disclosure on redirect |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-31879 |
+------------------+------------------+----------+------------------------+----------------+--------------------------------------------------------------+
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment