Defender vulnerabilities
Registry | Repository | Tag | Id | Scan Time | Pass | Type | Distro | Hostname | Layer | CVE ID | Compliance ID | Type | Severity | Packages | Source Package | Package Version | Package License | CVSS | Fix Status | Fix Date | Grace Days | Vulnerability Tags | Description | Cause | Published | Custom Labels |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
localhost/twistlock/private |
defender_20_12_541 |
b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d |
2021-02-11 18:19:21.529 |
true |
ciImage |
redhat-RHEL8 |
avivd-rhel-test |
CVE-2019-25013 |
46 |
OS |
important |
glibc |
2.28-127.el8 |
LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ and GPLv2+ with exceptions and BSD and Inner-Net and ISC and Public Domain and GFDL |
4.8 |
affected |
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. |
2021-01-04 18:15:00.000 |
||||||||
localhost/twistlock/private |
defender_20_12_541 |
b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d |
2021-02-11 18:19:21.529 |
true |
ciImage |
redhat-RHEL8 |
avivd-rhel-test |
CVE-2021-3326 |
46 |
OS |
moderate |
glibc |
2.28-127.el8 |
LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ and GPLv2+ with exceptions and BSD and Inner-Net and ISC and Public Domain and GFDL |
7.5 |
affected |
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. |
2021-01-27 20:15:00.000 |
||||||||
localhost/twistlock/private |
defender_20_12_541 |
b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d |
2021-02-11 18:19:21.529 |
true |
ciImage |
redhat-RHEL8 |
avivd-rhel-test |
CVE-2020-29361 |
46 |
OS |
moderate |
p11-kit |
0.23.14-5.el8_0 |
BSD |
7.5 |
affected |
An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc. |
2020-12-16 14:15:00.000 |
||||||||
localhost/twistlock/private |
defender_20_12_541 |
b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d |
2021-02-11 18:19:21.529 |
true |
ciImage |
redhat-RHEL8 |
avivd-rhel-test |
CVE-2020-29363 |
46 |
OS |
moderate |
p11-kit |
0.23.14-5.el8_0 |
BSD |
7.5 |
affected |
An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value. |
2020-12-16 14:15:00.000 |
||||||||
localhost/twistlock/private |
defender_20_12_541 |
b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d |
2021-02-11 18:19:21.529 |
true |
ciImage |
redhat-RHEL8 |
avivd-rhel-test |
CVE-2020-29362 |
46 |
OS |
moderate |
p11-kit |
0.23.14-5.el8_0 |
BSD |
5.3 |
affected |
An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation. |
2020-12-16 14:15:00.000 |
||||||||
localhost/twistlock/private |
defender_20_12_541 |
b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d |
2021-02-11 18:19:21.529 |
true |
ciImage |
redhat-RHEL8 |
avivd-rhel-test |
CVE-2020-8927 |
46 |
OS |
moderate |
brotli |
1.0.6-2.el8 |
MIT |
6.5 |
affected |
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a \"one-shot\" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the \"streaming\" API as opposed to the \"one-shot\" API, and impose chunk size limits. |
2020-09-15 10:15:00.000 |
||||||||
localhost/twistlock/private |
defender_20_12_541 |
b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d |
2021-02-11 18:19:21.529 |
true |
ciImage |
redhat-RHEL8 |
avivd-rhel-test |
CVE-2020-8284 |
46 |
OS |
moderate |
curl |
7.61.1-14.el8_3.1 |
MIT |
3.1 |
affected |
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. |
2020-12-14 20:15:00.000 |
||||||||
localhost/twistlock/private |
defender_20_12_541 |
b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d |
2021-02-11 18:19:21.529 |
true |
ciImage |
redhat-RHEL8 |
avivd-rhel-test |
CVE-2020-8285 |
46 |
OS |
moderate |
curl |
7.61.1-14.el8_3.1 |
MIT |
6.5 |
affected |
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. |
2020-12-14 20:15:00.000 |
||||||||
localhost/twistlock/private |
defender_20_12_541 |
b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d |
2021-02-11 18:19:21.529 |
true |
ciImage |
redhat-RHEL8 |
avivd-rhel-test |
CVE-2020-8286 |
46 |
OS |
moderate |
curl |
7.61.1-14.el8_3.1 |
MIT |
7.4 |
affected |
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. |
2020-12-14 20:15:00.000 |
||||||||
localhost/twistlock/private |
defender_20_12_541 |
b6551cc1031f77ac12d1fa79e09dd0af7ed5157eb3b6e63ce4db42cdfdab706d |
2021-02-11 18:19:21.529 |
true |
ciImage |
redhat-RHEL8 |
avivd-rhel-test |
CVE-2020-8231 |
46 |
OS |
low |
curl |
7.61.1-14.el8_3.1 |
MIT |
3.7 |
affected |
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. |
2020-12-14 20:15:00.000 |