Findings for Container Security, High, [TheRedHatter/javagoof:Dockerfile]:Improper Certificate Validation
Created by: armorcodegithubpreprod[bot]
Findings for Container Security, High, [TheRedHatter/javagoof:Dockerfile]:Improper Certificate Validation
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): ><2:3.26.2-1.1+deb9u2
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream nss package.
See How to fix? for Debian:9 relevant versions.
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
References
Origin : null Type : null Image Id : null
Snyk Project Status: Active
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): ><7.52.1-5+deb9u13
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream curl package.
See How to fix? for Debian:9 relevant versions.
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.
References
- ADVISORY
- CONFIRM
- CONFIRM
- CONFIRM
- CONFIRM
- CONFIRM
- DEBIAN
- FEDORA
- FEDORA
- FULLDISC
- FULLDISC
- FULLDISC
- GENTOO
- MISC
- MISC
- MISC
- MLIST
Origin : null Type : null Image Id : null
Snyk Project Status: Active