Findings for Container Security, High, [TheRedHatter/javagoof:Dockerfile]:Missing Release of Resource after Effective Lifetime
Created by: armorcodegithubpreprod[bot]
Findings for Container Security, High, [TheRedHatter/javagoof:Dockerfile]:Missing Release of Resource after Effective Lifetime
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): ><2.24-11+deb9u4
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream glibc
package.
See How to fix?
for Debian:9
relevant versions.
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
References
- Debian Security Tracker
- Exploit DB
- Netapp Security Advisory
- Oss-Sec Mailing List
- OSS security Advisory
- OSS security Advisory
- OSS security Advisory
- Ubuntu CVE Tracker
Origin : null Type : null Image Id : null
Snyk Project Status: Active
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): ><2.9.4+dfsg1-2.2+deb9u3
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream libxml2
package.
See How to fix?
for Debian:9
relevant versions.
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
References
- CONFIRM
- CONFIRM
- Debian Security Announcement
- Debian Security Tracker
- FEDORA
- FEDORA
- MISC
- MISC
- MLIST
- Netapp Security Advisory
- SUSE
- SUSE
- UBUNTU
- Ubuntu CVE Tracker
Origin : null Type : null Image Id : null
Snyk Project Status: Active