Findings for Container Security, High, [TheRedHatter/javagoof:Dockerfile]:Integer Underflow
Created by: armorcodegithubpreprod[bot]
Findings for Container Security, High, [TheRedHatter/javagoof:Dockerfile]:Integer Underflow
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): ><2.4.44+dfsg-5+deb9u7
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream openldap package.
See How to fix? for Debian:9 relevant versions.
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.
References
- ADVISORY
- CONFIRM
- CONFIRM
- CONFIRM
- CONFIRM
- DEBIAN
- FULLDISC
- FULLDISC
- FULLDISC
- MISC
- MISC
- MISC
- MLIST
- MLIST
- MLIST
Origin : null Type : null Image Id : null
Snyk Project Status: Active
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): ><2.4.44+dfsg-5+deb9u7
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream openldap package.
See How to fix? for Debian:9 relevant versions.
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
References
- ADVISORY
- CONFIRM
- CONFIRM
- CONFIRM
- CONFIRM
- DEBIAN
- FULLDISC
- FULLDISC
- FULLDISC
- MISC
- MISC
- MISC
- MISC
- MISC
- MLIST
- MLIST
- MLIST
Origin : null Type : null Image Id : null
Snyk Project Status: Active
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): ><2.36.5-2+deb9u2
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream gdk-pixbuf package.
See How to fix? for Debian:9 relevant versions.
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.
References
- Debian Security Tracker
- FEDORA
- FEDORA
- Gentoo Security Advisory
- http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
- https://bugzilla.gnome.org/show_bug.cgi?id=779016
- MLIST
- OSS security Advisory
- OSS security Advisory
- Security Focus
- Ubuntu CVE Tracker
Origin : null Type : null Image Id : null
Snyk Project Status: Active