localhost/twistlock/private

defender_20_12_541

b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d

2021-02-11 18:19:21.529

true

ciImage

redhat-RHEL8

avivd-rhel-test

CVE-2019-25013

46

OS

important

glibc

2.28-127.el8

LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ and GPLv2+ with exceptions and BSD and Inner-Net and ISC and Public Domain and GFDL

4.8

affected

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.

2021-01-04 18:15:00.000

localhost/twistlock/private

defender_20_12_541

b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d

2021-02-11 18:19:21.529

true

ciImage

redhat-RHEL8

avivd-rhel-test

CVE-2021-3326

46

OS

moderate

glibc

2.28-127.el8

LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ and GPLv2+ with exceptions and BSD and Inner-Net and ISC and Public Domain and GFDL

7.5

affected

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

2021-01-27 20:15:00.000

localhost/twistlock/private

defender_20_12_541

b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d

2021-02-11 18:19:21.529

true

ciImage

redhat-RHEL8

avivd-rhel-test

CVE-2020-29361

46

OS

moderate

p11-kit

0.23.14-5.el8_0

BSD

7.5

affected

An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.

2020-12-16 14:15:00.000

localhost/twistlock/private

defender_20_12_541

b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d

2021-02-11 18:19:21.529

true

ciImage

redhat-RHEL8

avivd-rhel-test

CVE-2020-29363

46

OS

moderate

p11-kit

0.23.14-5.el8_0

BSD

7.5

affected

An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.

2020-12-16 14:15:00.000

localhost/twistlock/private

defender_20_12_541

b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d

2021-02-11 18:19:21.529

true

ciImage

redhat-RHEL8

avivd-rhel-test

CVE-2020-29362

46

OS

moderate

p11-kit

0.23.14-5.el8_0

BSD

5.3

affected

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.

2020-12-16 14:15:00.000

localhost/twistlock/private

defender_20_12_541

b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d

2021-02-11 18:19:21.529

true

ciImage

redhat-RHEL8

avivd-rhel-test

CVE-2020-8927

46

OS

moderate

brotli

1.0.6-2.el8

MIT

6.5

affected

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a \"one-shot\" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the \"streaming\" API as opposed to the \"one-shot\" API, and impose chunk size limits.

2020-09-15 10:15:00.000

localhost/twistlock/private

defender_20_12_541

b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d

2021-02-11 18:19:21.529

true

ciImage

redhat-RHEL8

avivd-rhel-test

CVE-2020-8284

46

OS

moderate

curl

7.61.1-14.el8_3.1

MIT

3.1

affected

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.

2020-12-14 20:15:00.000

localhost/twistlock/private

defender_20_12_541

b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d

2021-02-11 18:19:21.529

true

ciImage

redhat-RHEL8

avivd-rhel-test

CVE-2020-8285

46

OS

moderate

curl

7.61.1-14.el8_3.1

MIT

6.5

affected

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

2020-12-14 20:15:00.000

localhost/twistlock/private

defender_20_12_541

b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d

2021-02-11 18:19:21.529

true

ciImage

redhat-RHEL8

avivd-rhel-test

CVE-2020-8286

46

OS

moderate

curl

7.61.1-14.el8_3.1

MIT

7.4

affected

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

2020-12-14 20:15:00.000

localhost/twistlock/private

defender_20_12_541

b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d

2021-02-11 18:19:21.529

true

ciImage

redhat-RHEL8

avivd-rhel-test

CVE-2020-8231

46

OS

low

curl

7.61.1-14.el8_3.1

MIT

3.7

affected

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.

2020-12-14 20:15:00.000