Skip to content

Instantly share code, notes, and snippets.

@userbradley

userbradley/Nginx Latest

Created November 22, 2021 02:32
Show Gist options
  • Save userbradley/a75b45b1fd655495440345c10d4c5a59 to your computer and use it in GitHub Desktop.
Save userbradley/a75b45b1fd655495440345c10d4c5a59 to your computer and use it in GitHub Desktop.
Download ZIP
Nginx Latest
Raw
Nginx Latest
nginx:latest (debian 10.11)
===========================
Total: 172 (UNKNOWN: 0, LOW: 23, MEDIUM: 75, HIGH: 66, CRITICAL: 8)
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| apt | CVE-2011-3374 | LOW | 1.8.2.3 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| bash | CVE-2019-18276 | HIGH | 5.0-4 | | bash: when effective UID is not |
| | | | | | equal to its real UID the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-18276 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| bsdutils | CVE-2021-37600 | MEDIUM | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| coreutils | CVE-2016-2781 | | 8.30-3 | | coreutils: Non-privileged |
| | | | | | session can escape to the |
| | | | | | parent session in chroot |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2017-18018 | | | | coreutils: race condition |
| | | | | | vulnerability in chown and chgrp |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| curl | CVE-2021-22946 | HIGH | 7.64.0-4+deb10u2 | | curl: Requirement to use |
| | | | | | TLS not properly enforced |
| | | | | | for IMAP, POP3, and... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2021-22922 | MEDIUM | | | curl: Content not matching hash |
| | | | | | in Metalink is not being discarded |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-22923 | | | | curl: Metalink download |
| | | | | | sends credentials |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-22947 | | | | curl: Server responses |
| | | | | | received before STARTTLS |
| | | | | | processed after TLS handshake |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2021-22898 | LOW | | | curl: TELNET stack |
| | | | | | contents disclosure |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-22924 | | | | curl: Bad connection reuse |
| | | | | | due to flawed path name checks |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| fdisk | CVE-2021-37600 | MEDIUM | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| gpgv | CVE-2019-14855 | | 2.2.12-1+deb10u1 | | gnupg2: OpenPGP Key Certification |
| | | | | | Forgeries with SHA-1 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-14855 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libapt-pkg5.0 | CVE-2011-3374 | LOW | 1.8.2.3 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libblkid1 | CVE-2021-37600 | MEDIUM | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libc-bin | CVE-2019-1010022 | CRITICAL | 2.28-10 | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-33574 | | | | glibc: mq_notify does |
| | | | | | not handle separately |
| | | | | | allocated thread attributes |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2018-20796 | HIGH | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-1751 | | | | glibc: array overflow in |
| | | | | | backtrace functions for powerpc |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() |
| | | | | | function when expanding ~user |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-6096 | | | | glibc: signed comparison |
| | | | | | vulnerability in the |
| | | | | | ARMv7 memcpy function |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-3326 | | | | glibc: Assertion failure in |
| | | | | | ISO-2022-JP-3 gconv module |
| | | | | | related to combining characters |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2010-4756 | MEDIUM | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can hang |
| | | | | | when invoked with the -c option |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-25013 | | | | glibc: buffer over-read in |
| | | | | | iconv when processing invalid |
| | | | | | multi-byte input sequences in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-10029 | | | | glibc: stack corruption |
| | | | | | from crafted input in cosl, |
| | | | | | sinl, sincosl, and tanl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2019-19126 | LOW | | | glibc: LD_PREFER_MAP_32BIT_EXEC |
| | | | | | not ignored in setuid binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-27645 | | | | glibc: Use-after-free in |
| | | | | | addgetnetgrentX function |
| | | | | | in netgroupcache.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 |
+------------------+------------------+----------+ +---------------+--------------------------------------------------------------+
| libc6 | CVE-2019-1010022 | CRITICAL | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-33574 | | | | glibc: mq_notify does |
| | | | | | not handle separately |
| | | | | | allocated thread attributes |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-33574 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-35942 | | | | glibc: Arbitrary read in wordexp() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-35942 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2018-20796 | HIGH | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-1751 | | | | glibc: array overflow in |
| | | | | | backtrace functions for powerpc |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() |
| | | | | | function when expanding ~user |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-6096 | | | | glibc: signed comparison |
| | | | | | vulnerability in the |
| | | | | | ARMv7 memcpy function |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-3326 | | | | glibc: Assertion failure in |
| | | | | | ISO-2022-JP-3 gconv module |
| | | | | | related to combining characters |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2010-4756 | MEDIUM | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can hang |
| | | | | | when invoked with the -c option |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-25013 | | | | glibc: buffer over-read in |
| | | | | | iconv when processing invalid |
| | | | | | multi-byte input sequences in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-10029 | | | | glibc: stack corruption |
| | | | | | from crafted input in cosl, |
| | | | | | sinl, sincosl, and tanl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2019-19126 | LOW | | | glibc: LD_PREFER_MAP_32BIT_EXEC |
| | | | | | not ignored in setuid binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-27645 | | | | glibc: Use-after-free in |
| | | | | | addgetnetgrentX function |
| | | | | | in netgroupcache.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libcurl4 | CVE-2021-22946 | HIGH | 7.64.0-4+deb10u2 | | curl: Requirement to use |
| | | | | | TLS not properly enforced |
| | | | | | for IMAP, POP3, and... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22946 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2021-22922 | MEDIUM | | | curl: Content not matching hash |
| | | | | | in Metalink is not being discarded |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22922 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-22923 | | | | curl: Metalink download |
| | | | | | sends credentials |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22923 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-22947 | | | | curl: Server responses |
| | | | | | received before STARTTLS |
| | | | | | processed after TLS handshake |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22947 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2021-22898 | LOW | | | curl: TELNET stack |
| | | | | | contents disclosure |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22898 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-22924 | | | | curl: Bad connection reuse |
| | | | | | due to flawed path name checks |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-22924 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libexpat1 | CVE-2013-0340 | MEDIUM | 2.2.6-2+deb10u1 | | expat: internal entity expansion |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-0340 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| libfdisk1 | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libgcc1 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| libgcrypt20 | CVE-2018-6829 | | 1.8.4-5+deb10u1 | | libgcrypt: ElGamal implementation |
| | | | | | doesn't have semantic security due |
| | | | | | to incorrectly encoded plaintexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2019-13627 | MEDIUM | | | libgcrypt: ECDSA timing attack |
| | | | | | allowing private key leak |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13627 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-40528 | | | | libgcrypt: ElGamal implementation |
| | | | | | allows plaintext recovery |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-40528 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libgd3 | CVE-2017-6363 | HIGH | 2.2.5-5.2 | | ** DISPUTED ** In the |
| | | | | | GD Graphics Library (aka |
| | | | | | LibGD) through 2.2.5,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-6363 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2018-14553 | | | | gd: NULL pointer |
| | | | | | dereference in gdImageClone |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-14553 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-40145 | | | | ** DISPUTED ** gdImageGd2Ptr |
| | | | | | in gd_gd2.c in the GD |
| | | | | | Graphics Library (aka... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-40145 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2021-38115 | MEDIUM | | | read_header_tga in gd_tga.c |
| | | | | | in the GD Graphics Library |
| | | | | | (aka LibGD) through 2.3.2... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-38115 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-40812 | | | | The GD Graphics Library (aka |
| | | | | | LibGD) through 2.3.2 has |
| | | | | | an out-of-bounds read... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-40812 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| libgnutls30 | CVE-2011-3389 | | 3.6.7-4+deb10u7 | | HTTPS: block-wise chosen-plaintext |
| | | | | | attack against SSL/TLS (BEAST) |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libgssapi-krb5-2 | CVE-2018-5709 | HIGH | 1.17-3+deb10u3 | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2004-0971 | LOW | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libicu63 | CVE-2021-30535 | HIGH | 63.1-6+deb10u1 | | Double free in ICU in Google Chrome |
| | | | | | prior to 91.0.4472.77 allowed a... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-30535 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2020-21913 | MEDIUM | | | icu: Use after free in |
| | | | | | pkg_createWithAssemblyCode function |
| | | | | | in tools/pkgdata/pkgdata.cpp |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-21913 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libidn2-0 | CVE-2019-12290 | HIGH | 2.0.5-1+deb10u1 | | GNU libidn2 before 2.2.0 |
| | | | | | fails to perform the roundtrip |
| | | | | | checks specified in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-12290 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libjbig0 | CVE-2017-9937 | MEDIUM | 2.1-3.1 | | libtiff: memory malloc failure |
| | | | | | in tif_jbig.c could cause DOS. |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-9937 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libjpeg62-turbo | CVE-2018-11813 | HIGH | 1:1.5.2-2+deb10u1 | | libjpeg: "cjpeg" utility |
| | | | | | large loop because read_pixel |
| | | | | | in rdtarga.c mishandles EOF |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-11813 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-17541 | | | | libjpeg-turbo: Stack-based buffer |
| | | | | | overflow in the "transform" component |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-17541 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2017-15232 | MEDIUM | | | libjpeg-turbo: NULL |
| | | | | | pointer dereference in |
| | | | | | jdpostct.c and jquant1.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-15232 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libk5crypto3 | CVE-2018-5709 | HIGH | 1.17-3+deb10u3 | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2004-0971 | LOW | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+------------------+------------------+----------+ +---------------+--------------------------------------------------------------+
| libkrb5-3 | CVE-2018-5709 | HIGH | | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2004-0971 | LOW | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+------------------+------------------+----------+ +---------------+--------------------------------------------------------------+
| libkrb5support0 | CVE-2018-5709 | HIGH | | | krb5: integer overflow |
| | | | | | in dbentry->n_key_data |
| | | | | | in kadmin/dbutil/dump.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-5709 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2004-0971 | LOW | | | security flaw |
| | | | | | -->avd.aquasec.com/nvd/cve-2004-0971 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libldap-2.4-2 | CVE-2017-17740 | HIGH | 2.4.47+dfsg-3+deb10u6 | | openldap: |
| | | | | | contrib/slapd-modules/nops/nops.c |
| | | | | | attempts to free stack buffer |
| | | | | | allowing remote attackers to cause... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2015-3276 | MEDIUM | | | openldap: incorrect multi-keyword |
| | | | | | mode cipherstring parsing |
| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2017-14159 | | | | openldap: Privilege escalation |
| | | | | | via PID file manipulation |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-15719 | | | | openldap: Certificate |
| | | | | | validation incorrectly |
| | | | | | matches name against CN-ID |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 |
+------------------+------------------+----------+ +---------------+--------------------------------------------------------------+
| libldap-common | CVE-2017-17740 | HIGH | | | openldap: |
| | | | | | contrib/slapd-modules/nops/nops.c |
| | | | | | attempts to free stack buffer |
| | | | | | allowing remote attackers to cause... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-17740 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2015-3276 | MEDIUM | | | openldap: incorrect multi-keyword |
| | | | | | mode cipherstring parsing |
| | | | | | -->avd.aquasec.com/nvd/cve-2015-3276 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2017-14159 | | | | openldap: Privilege escalation |
| | | | | | via PID file manipulation |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-14159 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-15719 | | | | openldap: Certificate |
| | | | | | validation incorrectly |
| | | | | | matches name against CN-ID |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-15719 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| liblz4-1 | CVE-2019-17543 | HIGH | 1.8.3-1+deb10u1 | | lz4: heap-based buffer |
| | | | | | overflow in LZ4_write32 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17543 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libmount1 | CVE-2021-37600 | MEDIUM | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libncursesw6 | CVE-2021-39537 | HIGH | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow |
| | | | | | in _nc_captoinfo() in captoinfo.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| libnghttp2-14 | CVE-2020-11080 | | 1.36.0-2+deb10u1 | | nghttp2: overly large SETTINGS |
| | | | | | frames can lead to DoS |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-11080 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| libpcre3 | CVE-2017-11164 | | 2:8.39-12 | | pcre: OP_KETRMAX feature in the |
| | | | | | match function in pcre_exec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-20838 | | | | pcre: buffer over-read in |
| | | | | | JIT when UTF is disabled |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2017-16231 | MEDIUM | | | pcre: self-recursive call |
| | | | | | in match() in pcre_exec.c |
| | | | | | leads to denial of service... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-14155 | | | | pcre: integer overflow in libpcre |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-14155 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libpng16-16 | CVE-2018-14550 | HIGH | 1.6.36-6 | | libpng: Stack-based buffer overflow in |
| | | | | | contrib/pngminus/pnm2png.c:get_token() |
| | | | | | potentially leading to |
| | | | | | arbitrary code execution... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-14550 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2018-14048 | MEDIUM | | | libpng: Segmentation fault in |
| | | | | | png.c:png_free_data function |
| | | | | | causing denial of service |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-14048 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-6129 | | | | libpng: memory leak of |
| | | | | | png_info struct in pngcp.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-6129 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libseccomp2 | CVE-2019-9893 | CRITICAL | 2.3.3-4 | | libseccomp: incorrect generation |
| | | | | | of syscall filters in libseccomp |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9893 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libsepol1 | CVE-2021-36084 | LOW | 2.8-1 | | libsepol: use-after-free in |
| | | | | | __cil_verify_classperms() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36084 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-36085 | | | | libsepol: use-after-free in |
| | | | | | __cil_verify_classperms() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36085 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-36086 | | | | libsepol: use-after-free in |
| | | | | | cil_reset_classpermission() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36086 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-36087 | | | | libsepol: heap-based buffer |
| | | | | | overflow in ebitmap_match_any() |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-36087 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libsmartcols1 | CVE-2021-37600 | MEDIUM | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libssh2-1 | CVE-2019-13115 | HIGH | 1.8.0-2.1 | | libssh2: integer overflow in |
| | | | | | kex_method_diffie_hellman_group_exchange_sha256_key_exchange |
| | | | | | in kex.c leads to out-of-bounds write |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13115 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-17498 | | | | libssh2: integer overflow in |
| | | | | | SSH_MSG_DISCONNECT logic in packet.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17498 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libssl1.1 | CVE-2007-6755 | MEDIUM | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libstdc++6 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| libsystemd0 | CVE-2019-3843 | | 241-7~deb10u8 | | systemd: services with DynamicUser |
| | | | | | can create SUID/SGID binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-3844 | | | | systemd: services with DynamicUser |
| | | | | | can get new privileges and |
| | | | | | create SGID binaries... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2020-13529 | MEDIUM | | | systemd: DHCP FORCERENEW |
| | | | | | authentication not implemented |
| | | | | | can cause a system running the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-13776 | | | | systemd: Mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-20386 | | | | systemd: memory leak in button_open() |
| | | | | | in login/logind-button.c when |
| | | | | | udev events are received... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libtasn1-6 | CVE-2018-1000654 | MEDIUM | 4.13-3 | | libtasn1: Infinite loop in |
| | | | | | _asn1_expand_object_id(ptree) |
| | | | | | leads to memory exhaustion |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000654 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libtiff5 | CVE-2017-9117 | CRITICAL | 4.1.0+git191117-2~deb10u2 | | libtiff: Heap-based buffer |
| | | | | | over-read in bmp2tiff |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-9117 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2017-16232 | HIGH | | | libtiff: Memory leaks in |
| | | | | | tif_open.c, tif_lzw.c, and tif_aux.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-16232 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2017-17973 | | | | libtiff: heap-based use after |
| | | | | | free in tiff2pdf.c:t2p_writeproc |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-17973 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2017-5563 | | | | libtiff: Heap-buffer overflow |
| | | | | | in LZWEncode tif_lzw.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-5563 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2014-8130 | MEDIUM | | | libtiff: divide by zero |
| | | | | | in the tiffdither tool |
| | | | | | -->avd.aquasec.com/nvd/cve-2014-8130 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2018-10126 | | | | libtiff: NULL pointer dereference |
| | | | | | in the jpeg_fdct_16x16 |
| | | | | | function in jfdctint.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-10126 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-19143 | | | | libtiff: buffer overflow in |
| | | | | | TIFFVGetField() in libtiff/tif_dir.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-19143 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-35521 | | | | libtiff: Memory allocation |
| | | | | | failure in tiff2rgba |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-35521 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-35522 | | | | libtiff: Memory allocation |
| | | | | | failure in tiff2rgba |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-35522 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libtinfo6 | CVE-2021-39537 | HIGH | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow |
| | | | | | in _nc_captoinfo() in captoinfo.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| libudev1 | CVE-2019-3843 | | 241-7~deb10u8 | | systemd: services with DynamicUser |
| | | | | | can create SUID/SGID binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-3844 | | | | systemd: services with DynamicUser |
| | | | | | can get new privileges and |
| | | | | | create SGID binaries... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2020-13529 | MEDIUM | | | systemd: DHCP FORCERENEW |
| | | | | | authentication not implemented |
| | | | | | can cause a system running the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13529 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-13776 | | | | systemd: Mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-20386 | | | | systemd: memory leak in button_open() |
| | | | | | in login/logind-button.c when |
| | | | | | udev events are received... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libuuid1 | CVE-2021-37600 | MEDIUM | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libwebp6 | CVE-2016-9085 | LOW | 0.6.1-2+deb10u1 | | libwebp: Several integer overflows |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-9085 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| libxml2 | CVE-2017-16932 | HIGH | 2.9.4+dfsg1-7+deb10u2 | | libxml2: Infinite recursion |
| | | | | | in parameter entities |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-16932 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2016-9318 | MEDIUM | | | libxml2: XML External |
| | | | | | Entity vulnerability |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-9318 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| libxslt1.1 | CVE-2015-9019 | | 1.1.32-2.2~deb10u1 | | libxslt: math.random() in |
| | | | | | xslt uses unseeded randomness |
| | | | | | -->avd.aquasec.com/nvd/cve-2015-9019 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| login | CVE-2019-19882 | HIGH | 1:4.5-1.1 | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2007-5686 | MEDIUM | | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2018-7169 | | | | shadow-utils: newgidmap |
| | | | | | allows unprivileged user to |
| | | | | | drop supplementary groups |
| | | | | | potentially allowing privilege... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| mount | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| ncurses-base | CVE-2021-39537 | HIGH | 6.1+20181013-2+deb10u2 | | ncurses: heap-based buffer overflow |
| | | | | | in _nc_captoinfo() in captoinfo.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-39537 |
+------------------+ + + +---------------+ +
| ncurses-bin | | | | | |
| | | | | | |
| | | | | | |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| nginx | CVE-2013-0337 | | 1.21.3-1~buster | | The default configuration of nginx, |
| | | | | | possibly 1.3.13 and earlier, uses |
| | | | | | world-readable permissions... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-0337 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2021-3618 | | | | ALPACA: Application Layer |
| | | | | | Protocol Confusion - Analyzing |
| | | | | | and Mitigating Cracks in TLS... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3618 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2009-4487 | MEDIUM | | | nginx: Absent sanitation of |
| | | | | | escape sequences in web server log |
| | | | | | -->avd.aquasec.com/nvd/cve-2009-4487 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2020-36309 | | | | ngx_http_lua_module (aka |
| | | | | | lua-nginx-module) before |
| | | | | | 0.10.16 in OpenResty allows |
| | | | | | unsafe characters in an... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-36309 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| openssl | CVE-2007-6755 | | 1.1.1d-0+deb10u7 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| passwd | CVE-2019-19882 | HIGH | 1:4.5-1.1 | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2007-5686 | MEDIUM | | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2018-7169 | | | | shadow-utils: newgidmap |
| | | | | | allows unprivileged user to |
| | | | | | drop supplementary groups |
| | | | | | potentially allowing privilege... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
| perl-base | CVE-2011-4116 | HIGH | 5.28.1-6+deb10u1 | | perl: File::Temp insecure |
| | | | | | temporary file handling |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| tar | CVE-2005-2541 | | 1.30+dfsg-6 | | tar: does not properly warn the user |
| | | | | | when extracting setuid or setgid... |
| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 |
+ +------------------+ + +---------------+--------------------------------------------------------------+
| | CVE-2019-9923 | | | | tar: null-pointer dereference |
| | | | | | in pax_decode_header in sparse.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9923 |
+ +------------------+----------+ +---------------+--------------------------------------------------------------+
| | CVE-2021-20193 | MEDIUM | | | tar: Memory leak in |
| | | | | | read_header() in list.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20193 |
+------------------+------------------+ +---------------------------+---------------+--------------------------------------------------------------+
| util-linux | CVE-2021-37600 | | 2.33.1-0.1 | | util-linux: integer overflow |
| | | | | | can lead to buffer overflow |
| | | | | | in get_sem_elements() in |
| | | | | | sys-utils/ipcutils.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-37600 |
+------------------+------------------+----------+---------------------------+---------------+--------------------------------------------------------------+
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment